Code & Automation – Jean's Blog

Nginx Dynamic Modules: Automating Recompilation with APT Hooks

If you’ve ever dealt with Nginx and its dynamic modules, you know the drill. An Nginx package update hits, and suddenly your custom modules – like ModSecurity or GeoIP2 – are no longer compatible. The whole process is a headache: you have to stop Nginx, recompile your modules against the new version, copy the files, and restart the service.

Audiobookshelf Storage: Using Rclone Volume Plugin vs. Host Mounts

Audiobookshelf is an excellent self-hosted server for audiobooks, podcasts, and ebooks. I decided to integrate this service with S3 as the primary storage layer, as I centralized all my data in Object Storage long ago.

KeyDB Performance: Switching from Redis to a Multi-Threaded Drop-in Alternative

I just read a few pages with benchmarks about Redis vs. KeyDB, and my curiosity was piqued. KeyDB, a multi-threaded fork of Redis, promised significant performance and memory usage improvements. This guide shows how I switched three different Redis use cases to KeyDB.

Container Storage Architecture: Deploying Rclone S3 Mounts via Docker Volume Plugin

I rely on S3 for central storage. Since some tools do not support native S3 yet, I use rclone. This article details how I implement a persistent S3 mount directly into a Docker container (paperless-ngx) using the rclone Docker Volume Plugin, which is a superior method to traditional host-level mounts.

Docker Update Automation: Advanced Bash Pipelining. paperless-ngx

This article documents a reliable update script for the Paperless-NGX stack, which minimizes the risk of container failures during automated maintenance. The focus here is not just on simple automation, but on ensuring the integrity of the process—especially handling logs and exit codes within complex Bash pipelines.

Paperless-NGX Maintenance: Routine Updates and Major Stack Upgrades

This article documents the process for updating and upgrading the Paperless-NGX stack. This covers everything from simple container image updates to complex major version upgrades of backend services like PostgreSQL.

Automating Security Patching: Debian Unattended Upgrades

If you follow current IT security vulnerabilities, you’ll agree that keeping systems up to date is critical. Unattended Upgrades for Debian/Ubuntu offers a simple yet powerful way to automate this process, securing your infrastructure with minimal manual intervention.

Paperless-NGX Setup: Installation, Security, and NGINX Integration

When I read about paperless-ngx, I was immediately drawn to the idea of having all my documents indexed (via OCR) and centrally stored. With a proper tagging system, exporting my documents for my annual tax declaration should only take seconds.

Suricata Alert Analysis: Tuning Rules and Promoting Detection to Prevention

This is a follow-up to my last post in which I set up Suricata as an IPS. This article demonstrates how to effectively work with the Suricata engine—specifically, how I analyze its log output, silence unnecessary alerts, and promote specific detection rules to prevention rules.

Suricata IPS: Building a Transparent Network Defense Layer with AF-Packet Bridging

Suricata functions as a powerful engine for Network Intrusion Detection and Prevention (IDS/IPS). This guide demonstrates how to set up Suricata as a transparent Intrusion Prevention System (IPS) within a KVM environment by replacing the kernel bridge with the high-performance AF-Packet mechanism.