A Trusted Certificate for your Homelab Sites
Posted on December 14, 2025
(Last modified on January 4, 2026)
| 4 minutes
| 670 words
| Roel M. Hogervorst
In this post I will describe how you can set up services in kubernetes that will listen for new ingress, create a certificate, get it signed by letsencrypt and presented on the correct website. It will also automatically update DNS records.
In my previous post I described how you can create .local websites on your homelab, and how you can use mDNS to have the sites working without extra configuration. But mDNS is served over http, and many browsers feel slower with http compared to https.
[Read More]Making your Homelab Apps Available under a .local Domain
A touch of Traefik, externalDNS
Posted on December 13, 2025
| 3 minutes
| 427 words
| Roel M. Hogervorst
I created a few applications on my homelab, one of those is music-assistant. Music-assistant is an awesome project that plays all your local and remote music over all your speakers. It can play Spotify, ripped cds, webradio stations etc., and it will play them over smart and dumb speakers. It also integrates with home-assistant. Anyways, what I want to talk about today is making services available on your home network.
[Read More]Hacking `/etc/ssl/certs/` with Containers in Corporate Networks
Posted on August 2, 2025
(Last modified on January 4, 2026)
| 6 minutes
| 1100 words
| Roel M. Hogervorst
As a consultant I come into different organizations, usually of the larger size.
Making my custom applications work in those orgs, often revolves around TLS certificates.
This post explains how you can add custom certificates, but also how you can skip that part by injecting certificates into a pod.
Self-signed certificates in large orgs If you work in open environments you never have to think about this, but companies of a certain size start to build a large (internal) intRAnet with custom pages and custom domains.
[Read More]A (Semantic) Search Engine will not Make you Organized
Maybe this time it will work?
Posted on July 6, 2025
| 3 minutes
| 578 words
| Roel M. Hogervorst
Ah it is so alluring! With this search engine you will finally be able to find the documents of your organization! This vendor even has a large language model so you can search on ‘meaning’ not only actual words! Alas one million dollars later you still can’t find your shit.
I think the main reason you can’t find shit in your company is because you don’t organize your documents. As a messy person I empathize, but you need to get your shit together.
[Read More]Test for Tags in Dagster
How to enforce a style in your organization.
Posted on November 19, 2024
| 2 minutes
| 323 words
| Roel M. Hogervorst
Dagster assets can be labelled with owners, tags, kinds and metadata. This is super useful but if you want to enforce a particular style on every merge request you will mess up eventually. But, you can use pytest to enforce this.
testing for components You can find the file in the github linked below, but here it is in steps.
import pytest from dagster import AssetSpec, AssetsDefinition # Import all the assets from your project as one list.
[Read More]Many Small Models for Speed
Posted on November 10, 2024
| 3 minutes
| 496 words
| Roel M. Hogervorst
LLMs are pretty cool, but they are massive! If you want to run those for yourself you need a hefty GPU and quite a lot of engineering. But the world of machine learning is so much bigger then LLMs. In organizations all over the world, there are models forecasting time-series, predicting prices, creating embeddings, classifying categories and what not.
If you have several prediction/classification steps that combine into one end- result, you could consider training one bigger model that does all of the things.
[Read More]Dagster: all the Ways you can Differentiate Assets
tags, kinds, metadata, and more
Posted on November 7, 2024
(Last modified on November 10, 2024)
| 2 minutes
| 364 words
| Roel M. Hogervorst
When you have more than 10 assets in dagster, you might want to be able to quickly identify them. Here are all the ways (I think) you can differentiate assets.
naming convention: This might not be for everyone but with a strong naming convention you can easily identify the asset. You could use a schema like <type>_<source>__<additional_context> (the dbt docs have excellent naming suggestions) prefixes: it is possible to add a prefix to an asset (I don’t really like this), but it would be like groupingsname/assetname groups: you can group multiple related assets together.
[Read More]Logging for Machine Learning
How and what should you log in machine learning
Posted on November 3, 2024
| 8 minutes
| 1506 words
| Roel M. Hogervorst
How and what should you log in machine learning? The python logging system is
really powerful but not a lot of machine learning practitioners use it, and that
is a shame. Here are some of my thoughts on logging for your Machine learning (ML) projects.
[Read More]A Model not in Production is a Waste of Money and Time
Posted on November 2, 2024
(Last modified on October 31, 2024)
| 2 minutes
| 401 words
| Roel M. Hogervorst
I always push on people to make their ML project reach production. Even if it is not that good yet and even if you could eke out a bit more performance.
I’ve been inspired by the dev-ops and lean movements and I hope you will be too. ML products have many ways to improve, you can always tweak more. But ML is high risk, with a possible high reward and relatively expensive compared to ‘normal code’.
[Read More]Your Machine Learning Model is not the Product
Posted on November 1, 2024
(Last modified on October 31, 2024)
| 2 minutes
| 253 words
| Roel M. Hogervorst
I’m so sorry. Your precious AI model, with handcrafted beautiful perfect features, with awesome hyper parameters, is not the product. Listen, it is awesome work, not a lot of people can do it, but a good ML model is not the end-product1.
I want to talk about value. In the jobs I’ve worked the machine learning model was part of a larger system. And only when all the components come together you create value.
[Read More]