Hey👋 I’m Oscar

If you have worked with TLS certificates, you may have encountered files with the extensions .pem, .crt, and .key. You might be wondering what they are, what differences they have, and how to use them effectively. The good news is that these formats aren’t as complicated as they seem once you understand the basics: PEM, CRT, and KEY are not different certificate types — they are different ways of packaging the same data. ...

Setting up a local HTTPS environment is essential for developers wanting to test web applications under conditions that closely resemble production settings. This guide will help you establish a local Nginx reverse proxy using Docker Compose without the need for a domain or public IP, focusing specifically on Portainer as a sample application. Why You Want a Local Nginx Setup for Debugging When developing or debugging services like web dashboards or APIs, having an environment that closely mimics production is critical. A local Nginx reverse proxy enables you to: ...

Introduction For many Go developers, a recurring challenge has been: “What is the right way to handle multiple errors?” Whether it’s running several cleanup steps, processing batches of data, or validating various inputs, ensuring errors are handled correctly and efficiently has been crucial. Before Go 1.20, developers did not have a unified approach; each team created its own solution, often leading to awkward, unidiomatic, or even incorrect patterns. With Go 1.20, we now have a standard, pragmatic solution: errors.Join. This article will explore why older techniques were problematic, how the Go team designed a better approach, and how to apply this new solution effectively in your code. ...

Introduction If you work with Docker long enough, you will eventually face this situation: You want to migrate data to a new server You want to back up a Docker volume before a risky change You are decommissioning a container but need to keep its data You need to inspect or recover files from a broken container You want to move data out of Docker into the host filesystem Docker volumes are intentionally abstracted away from the host. This is good for portability and safety, but it also means: ...

1. Introduction If you use Traefik as the reverse proxy in a Docker Swarm cluster, and your application is server-side rendered (SSR), you may encounter the following issue: You can log in successfully But when you refresh the page or navigate to another page, you are suddenly logged out The behavior feels random: sometimes it works, sometimes it doesn’t This issue usually does not appear: when running the app locally when using only one container before scaling the service in Docker Swarm Once you add multiple replicas, the problem starts to show up. This post will explore the reasons behind this behavior and how to effectively address it. ...

Authentication on the web often feels confusing not because it is complicated, but because its core ideas are rarely explained in a clean order. This post builds that order. We will start from the nature of the web itself, explain cookies and server-side sessions as a single coherent model, then expand outward to JWT and why it fits modern distributed systems. The goal is not to overwhelm you, but to give you a mental model you can reuse. ...

Setting up a Kubernetes cluster can seem like a mountain to climb, especially when you’re just starting out. However, having a local Kubernetes cluster is a fantastic way to get hands-on experience without worrying about cloud expenses. If you have a spare laptop sitting at home, this guide will help you turn it into a useful part of your Kubernetes home lab using k3s. Whether you’re using Linux, macOS, or Windows, this guide has got your back. ...

If you’re working on a macOS and trying to set up GPG keys for your GitHub repositories, you might encounter an error that looks like this: error: gpg failed to sign the data: [GNUPG:] KEY_CONSIDERED 8EBBC19D30CD94DAC81EFEDC2A703231B997AC90 2 [GNUPG:] BEGIN_SIGNING H8 [GNUPG:] PINENTRY_LAUNCHED 55465 curses 1.3.2 - xterm-256color - - 501/20 0 gpg: signing failed: Inappropriate ioctl for device [GNUPG:] FAILURE sign 83918950 gpg: signing failed: Inappropriate ioctl for device This is a surprisingly common issue, and it often points to a problem with the pinentry UI - the program that prompts you for your GPG passphrase. ...

Introduction Self-hosting a CI/CD system is still a common requirement when you want more control over your build environment, runners, and infrastructure. In this post, I’ll walk through how I set up DroneCI to work with GitHub repositories, using Docker Compose. Rather than covering every click in detail, the focus is on the key steps that actually matter during setup and the small but critical details that are easy to miss. ...

When you bind mount a file into a Docker container, you expect that updating the file on the host will immediately update the file inside the container. Yet many developers observe the opposite: the file content inside the container stays frozen at the old version. Interestingly, bind mounting a directory does not have this problem. The directory version updates correctly. This post explains why file bind mounts behave differently, why the issue occurs, and how Linux inode behavior is the root cause. ...