Garden Linux [link | Role: Developer]:
Garden Linux is a Debian GNU/Linux derivate that aims to provide small and auditable Linux images for most cloud providers (e.g. Ali, AWS, Azure, GCP etc.) and bare-metal systems. Garden Linux is the best Linux for Gardener nodes to increase you cloud platform and replaces the legacy and discontinued CoreOS system. Garden Linux provides great possibilities for customizing and provides a great feature set to fit your needs and is fully Open-source (MIT licensed).

By the given feature set it is possible to build Garden Linux with different features (options) like CIS, FedRAMP, ReadOnly mode, etc. Next to this, all features allow full customization to fit the operator's needs.

In default, Garden Linux already provides an awesome stack of features like:

* Repeatable and auditable builds
* Great test framework (PyTest based)
* Purely systemd based (network, fstab etc.)
* Aiming to always integrate the latest LTS Kernel
* Dracut generated initramfs
* Supporting all major platforms out-of-the-box
* OpenSSL 3

Garden Linux is easy to build and use. While only Python3 and a container runtime like Podman or Docker will be needed the whole process, including the test framework, will be done within containers without involving the host system. Garden Linux aims to be the perfect match for cloud host and node systems. A short introduction of Garden Linux was given in 2021 at the MiniDebConfRegensburg (Debian Event). A recording of this presentation in English can be found here.

BoxyBSD [link | Role: Project Lead, Developer]:
BoxyBSD is a non-profit project dedicated to providing free virtual machine (VM) hosting on IPv6, with a particular emphasis on BSD-based systems such as FreeBSD, NetBSD, and OpenBSD. The project's primary objective is to contribute back value to the open-source community by offering a platform where beginners and newcomers can learn and educate themselves using real systems.

By offering free virtual machine hosting, BoxyBSD aims to remove financial barriers that often deter individuals from gaining hands-on experience with BSD-based systems. This initiative allows users to explore, experiment, and learn about these systems in a practical and interactive manner.

BoxyBSD's focus on BSD-based systems ensures that users have access to a diverse range of operating environments, enabling them to familiarize themselves with different BSD distributions and their respective features. This approach not only promotes knowledge and understanding within the community but also encourages collaboration and innovation among enthusiasts, students, and professionals alike.

Overall, BoxyBSD serves as a valuable resource for individuals seeking to deepen their understanding of BSD-based systems and contribute to the broader open-source community. Through its free virtual machine hosting services and commitment to education, BoxyBSD provides a welcoming environment for newcomers to gain valuable skills and experience in the world of open-source technology. Together with BSD based community like the BSD Cafe or the BSD Network this might be a great point to start with BSD systems. My hope relies in providing valuable content for the community to get on track which might be very difficult, especially at the beginning. More details about BoxyBSD can also be found on my initial blog post.

QualvoSec [link | Role: Project Lead, Developer]:
QualvoSec is a robust open-source (based on GPLv3) security patch management tool designed for unattended upgrades on a variety of systems, encompassing mainstream Linux distributions (like Debian, Ubuntu, Garden Linux, RedHat, CentOS, RockyLinux etc.) and BSD-based systems like FreeBSD. This tool empowers operators to exercise control over client systems' patch integration, offering flexibility in managing updates, particularly for crucial components like kernels or glibc.

Unlike bloated solutions like Spacewalk or Landscape, this framework of QualvoSec is characterized by its minimalistic design, ensuring simplicity and ease of use. It operates entirely in Python, utilizing only a handful of imports to streamline the user experience. This simplicity makes QualvoSec accessible even to users with limited programming knowledge.

QualvoSec operates on a pull-based model, where client systems proactively poll the server at regular intervals to retrieve information about their designated security patch windows from the server's metadata. This approach not only ensures a more controlled and efficient update process but also helps prevent unnecessary strain on the server by avoiding constant metadata requests. To optimize performance, QualvoSec intelligently caches metadata, minimizing redundant queries and enhancing overall responsiveness.

More details about QualvoSec can be found on my initial blog post or on the project's website.

manpageblog [link | Role: Project Lead, Developer]:
manpageblog is a small, lightweight blog engine written in Python and offers several advantages in a look of a man page (Unix like manual page). Firstly, it provides simplicity and ease of use, making it accessible even for users with limited technical knowledge. The lightweight nature ensures quick installation and minimal resource consumption, making it suitable for various hosting environments. No database is needed at all.

Python's readability and straightforward syntax make the blog engine easy to customize and extend, allowing users to tailor it to their specific needs. Additionally, being Python-based means leveraging a vast ecosystem of libraries and frameworks, enhancing the blog's functionality without unnecessary complexity. Posts and pages are written in Markdown or HTML while the blog engine generates the whole website. While using only flat files, this offers great possibilities in maintaining the content. Given this approach, you can manage your whole blog in git.

The lightweight nature also contributes to faster loading times, improving user experience and search engine rankings. Overall, a small, lightweight blog engine in Python combines simplicity, flexibility, and efficiency, making it an ideal choice for those prioritizing a streamlined and customizable blogging experience.

To support this small and lightweight expression of the blog engine the default theme represents a man page (manual page or also known as handbook) design which provides all needed information in a simple document. A live demo is available at

Changelog Fragments Generator [link | Role: Project Lead, Developer]:
Changelog Fragments Creator may be used in development setups where working on a single file might result in ongoing merge conflicts due to too many changes on the same file. This is where Changelog Fragments Creator steps in to solve this by creating YAML based files for each PR according to its planned release version.

The output format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Collection of Vagrant Boxes and Images [link | Role: Developer]:
Apple Silicon's hardware architecture is based on ARM64 (AARCH64) which is incompatible with the AMD64 (x86_64) hardware architecture. To support common operating systems for Vagrant on ARM64 based system, dedicated boxes and images are needed and must be maintained. This implies that all images must be recreated on this architecture. This collection provides the most common Linux- & BSD systems in different flavours. All ones can be found on Vagrant and my blog.

Ansible [link | Role: Contributor, Developer]:
Ansible contains the community.general Ansible Collection. The collection is a part of the Ansible package and includes many modules and plugins supported by Ansible community which are not part of more specialized community collections. More contributions and module plugins can be found on GitHub and here.

NTP Pool [link | Role: Sysadmin, Hoster]:
The project is a big virtual cluster of timeservers providing reliable easy to use NTP service for millions of clients.
The pool is being used by hundreds of millions of systems around the world. It's the default "time server" for most of the major Linux distributions and many networked appliances. The states of my systems can be found on the NTP Pool project site, as well on my blog.