Self-Sovereign Analytics: Running Matomo Behind Keycloak OIDC
GA4's default data retention is 2 months. Matomo with LoginOIDC and a pre-seeded plugin setting table gets you analytics you actually own.
Transmissions
11 signals archived
Reversibility Is the MVP: How to Build Infra You Can Kill in 60 Seconds
Every deploy you can undo in one command is a deploy you'll actually try.
'404 Bad Gateway' Is a Legitimate Traefik Response (And Here's Why)
An 11-byte response body that reads 'Bad Gateway' on a 404 status - because the middleware meant to replace error pages lost its backend without anyone noticing.
Why All My Agent Matrix Rooms Are E2EE by Default
If machines are going to talk to each other at 3am about your infrastructure, those transcripts are just as sensitive as your Slack channels.
What My Self-Hosted Keycloak + oauth2-proxy Setup Taught Me About Azure Entra ID
I can reproduce every OIDC gotcha in my home lab before Microsoft support would open the ticket.
A 1KB Mobile Drawer for Any Web App, via Shadow DOM
Injecting mobile UX into a page you don't control, without leaking a single CSS rule into the host.
Event-Driven Spokes vs. Polling: How I Cut Agent Latency 40×
HackerNews' Firebase SSE pushes new IDs in under a second. Our old cron polled every 5 min. Switching saved more than latency.
Cron Jobs Are the Missing Primitive for AI Agents
Most agent frameworks model agents as interactive. The useful work - watching, triaging, reporting - is scheduled.
LLM Serialization with fcntl: a 40-line Pattern for Single-Slot Inference Servers
Running llama.cpp with --parallel 1 means concurrent agents starve each other at the HTTP queue. A file lock solves it cleanly.
The 499 in Your Iframe: Race Conditions in OIDC-Gated Embeds
Matomo's signin returned HTTP 499 on first load and 302 on refresh. The difference was the browser's third-party cookie policy mid-redirect.
Mautic SAML Entity IDs Must Be URIs: A Debugging Story in Three Errors
Three stacked validators, one bare-string config, and an afternoon lost to SAML 2.0's dislike of non-URI identifiers.