<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Home on Aaron Warwick</title><link>https://aaronwarwick.com/</link><description>Recent content in Home on Aaron Warwick</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Thu, 30 Apr 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://aaronwarwick.com/index.xml" rel="self" type="application/rss+xml"/><item><title>Stacking Microsoft Certifications Fast: Why It’s a Power Move for Your Tech Career</title><link>https://aaronwarwick.com/posts/certifications/</link><pubDate>Thu, 30 Apr 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/posts/certifications/</guid><description>&lt;hr&gt;
&lt;h2 id="from-ms-900-to-az-305-in-weeks--not-years"&gt;From MS-900 to AZ-305 in Weeks — Not Years&lt;/h2&gt;
&lt;p&gt;Most people treat certifications like a slow grind.&lt;/p&gt;
&lt;p&gt;I am doing the opposite.&lt;/p&gt;
&lt;p&gt;I have already completed MS-900, I am about to pass AZ-900, and I am lining up AI-102, AZ-204, and AZ-305 within a matter of weeks.&lt;/p&gt;
&lt;p&gt;That is not just momentum. That is strategy.&lt;/p&gt;
&lt;p&gt;And if you are wondering whether stacking certifications this quickly is actually worth it, the answer is yes, but not for the reasons most people think.&lt;/p&gt;</description></item><item><title>How I Am Learning Azure and Earning the AZ-900 Certification Without Wasting Money</title><link>https://aaronwarwick.com/posts/my-az-900-learning-journey/</link><pubDate>Mon, 27 Apr 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/posts/my-az-900-learning-journey/</guid><description>&lt;p&gt;Certifications matter in IT. They validate knowledge, open doors, and give clients and employers a standardized reference point for your skill set. But certification preparation can be expensive, unfocused, and easy to abandon when life gets busy. This post covers the exact approach I am taking to earn the Microsoft Azure Fundamentals AZ-900 certification, structured, budget-conscious, and grounded in real hands-on work.&lt;/p&gt;
&lt;p&gt;If you are an IT professional looking to break into cloud or add Azure to your resume, this approach will save you time and money while making the knowledge actually stick.&lt;/p&gt;</description></item><item><title>RDP on an Entra-Joined Machine: The Two Problems Nobody Warns You About</title><link>https://aaronwarwick.com/posts/rdp-on-azure-joined-pcs/</link><pubDate>Tue, 21 Apr 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/posts/rdp-on-azure-joined-pcs/</guid><description>&lt;p&gt;I have been remoting into Windows machines for over a decade. Domain-joined, workgroup, across VPNs, across the internet. RDP is one of those things that just works once you flip the toggle and open port 3389. Until it does not.&lt;/p&gt;
&lt;p&gt;This week I spent hours chasing an RDP failure on an Entra-joined machine. The machine was on the same subnet, on the same switch, plugged into the same network as the source machine. Everything about it should have been a two-minute connection. Instead, I ended up knee-deep in packet captures, NIC driver investigations, certificate stores, and registry edits before I found the actual problem.&lt;/p&gt;</description></item><item><title>Transforming Wazuh into an AI-Powered XDR Platform with Ollama</title><link>https://aaronwarwick.com/posts/transforming-wazuh-into-an-ai-powered-xdr-platform-with-ollama/</link><pubDate>Thu, 16 Apr 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/posts/transforming-wazuh-into-an-ai-powered-xdr-platform-with-ollama/</guid><description>&lt;p&gt;I have been running Wazuh for a while, but it was mostly doing vulnerability scanning and basic log collection. This week I went through the process of turning it into a proper XDR platform with file integrity monitoring, rootkit detection, active response, and &amp;ndash; the part I am most interested in &amp;ndash; AI-powered alert analysis using my local Ollama server.&lt;/p&gt;
&lt;p&gt;Everything runs on Proxmox LXC containers. No cloud services involved. All security telemetry stays on my infrastructure.&lt;/p&gt;</description></item><item><title>Why Every Hypervisor Needs Three Votes for High Availability</title><link>https://aaronwarwick.com/writeups/split-brain-hypervisor/</link><pubDate>Sat, 28 Mar 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/writeups/split-brain-hypervisor/</guid><description>&lt;p&gt;I posted about Proxmox requiring three nodes for High Availability and got a reply explaining the split-brain problem. It is worth writing up because this is one of the most misunderstood topics in virtualization, especially for anyone running two-server clusters and calling them &amp;ldquo;HA.&amp;rdquo;&lt;/p&gt;
&lt;p&gt;The short version: &lt;strong&gt;every hypervisor requires three votes to do proper HA.&lt;/strong&gt; The difference is how each platform provides that third vote.&lt;/p&gt;
&lt;h2 id="the-split-brain-problem"&gt;The Split-Brain Problem&lt;/h2&gt;
&lt;p&gt;In a two-node cluster, if the network link between nodes drops, each node sees the other as failed. Both attempt to take ownership of the same VMs. Two hosts writing to the same virtual disks simultaneously causes filesystem corruption and data loss.&lt;/p&gt;</description></item><item><title>DNS: The Invisible Backbone of Your Network and Why Securing It Changes Everything</title><link>https://aaronwarwick.com/projects/dns-security-pfsense-nist-guide/</link><pubDate>Sun, 22 Mar 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/projects/dns-security-pfsense-nist-guide/</guid><description>&lt;p&gt;Every time you open a browser, send an email, stream a video, or check the weather on your phone, something happens before nearly any of that traffic moves across the wire. A query fires off to a system so fundamental to the internet that most people never think about it. That system is the Domain Name System, and it is still one of the most critical pieces of infrastructure on any network.&lt;/p&gt;</description></item><item><title>DNS: The Invisible Backbone of Your Network and Why Securing It Changes Everything - Non Technical</title><link>https://aaronwarwick.com/writeups/dns-security-pfsense-nist-guide/</link><pubDate>Sun, 22 Mar 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/writeups/dns-security-pfsense-nist-guide/</guid><description>&lt;p&gt;Every time you open a browser, send an email, stream a video, or check the weather on your phone, something happens before nearly any of that traffic moves across the wire. A query fires off to a system so fundamental to the internet that most people never think about it. That system is the Domain Name System, and it remains one of the most critical pieces of infrastructure on any network.&lt;/p&gt;</description></item><item><title>How I Maintain a Multi-Site Proxmox Homelab Without Losing My Mind</title><link>https://aaronwarwick.com/writeups/proxmox-maint/</link><pubDate>Sun, 22 Mar 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/writeups/proxmox-maint/</guid><description>&lt;p&gt;I run five Proxmox nodes spread across two physical sites connected by a WireGuard site-to-site VPN. One site is a cluster. Between the two sites, I manage around 50 virtual machines and containers, two Proxmox Backup Servers, two TrueNAS instances, GPU passthrough for local AI workloads, and Veeam Agent backups for Windows workstations.&lt;/p&gt;
&lt;p&gt;It sounds like a lot. It is a lot. But after a recent multi-day deep dive into every node, every ZFS pool, every backup job, and every SMART report, I built a maintenance workflow that keeps things healthy in about 15-20 minutes per week.&lt;/p&gt;</description></item><item><title>Step-by-Step: Install and Configure Pi-hole with the Proxmox Community Script</title><link>https://aaronwarwick.com/writeups/networking/npm-https_writeup/pi-hole/</link><pubDate>Mon, 16 Mar 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/writeups/networking/npm-https_writeup/pi-hole/</guid><description>&lt;h1 id="step-by-step-install-and-configure-pi-hole-with-the-proxmox-community-script"&gt;Step-by-Step: Install and Configure Pi-hole with the Proxmox Community Script&lt;/h1&gt;
&lt;p&gt;This guide covers a full technical setup for &lt;strong&gt;Pi-hole on Proxmox&lt;/strong&gt; using the &lt;strong&gt;Community Scripts&lt;/strong&gt; installer.&lt;/p&gt;
&lt;p&gt;It includes:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;creating the Pi-hole LXC&lt;/li&gt;
&lt;li&gt;assigning a static IP&lt;/li&gt;
&lt;li&gt;verifying DNS is working&lt;/li&gt;
&lt;li&gt;configuring your &lt;strong&gt;router, ISP modem, or firewall DHCP server&lt;/strong&gt; to hand out Pi-hole as DNS&lt;/li&gt;
&lt;li&gt;fallback options when your ISP equipment does not allow custom DNS&lt;/li&gt;
&lt;li&gt;post-install Pi-hole configuration&lt;/li&gt;
&lt;li&gt;basic validation and troubleshooting&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="what-this-guide-assumes"&gt;What this guide assumes&lt;/h2&gt;
&lt;p&gt;You have:&lt;/p&gt;</description></item><item><title>Why Home Assistant Is the Ultimate Smart Home Platform (And How to Build It the Right Way)</title><link>https://aaronwarwick.com/posts/home-assistant/</link><pubDate>Sat, 07 Mar 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/posts/home-assistant/</guid><description>&lt;h1 id="why-home-assistant-is-the-ultimate-smart-home-platform-and-how-to-build-it-the-right-way"&gt;Why Home Assistant Is the Ultimate Smart Home Platform (And How to Build It the Right Way)&lt;/h1&gt;
&lt;p&gt;Most “smart homes” today aren&amp;rsquo;t actually smart.&lt;/p&gt;
&lt;p&gt;They&amp;rsquo;re &lt;strong&gt;cloud-dependent, subscription-driven, and locked into a single vendor ecosystem&lt;/strong&gt;. If the internet goes down, half your house stops working. If the company changes its pricing or kills a product line, you&amp;rsquo;re stuck replacing devices.&lt;/p&gt;
&lt;p&gt;That’s not automation. That’s &lt;strong&gt;renting control of your own house&lt;/strong&gt;.&lt;/p&gt;
&lt;p&gt;This is where &lt;strong&gt;Home Assistant&lt;/strong&gt; changes everything.&lt;/p&gt;</description></item><item><title>Why Many Home Lab Builders Are Moving from UniFi Cameras to Reolink + Blue Iris</title><link>https://aaronwarwick.com/posts/reolink-blueiris/reolink-blueiris/</link><pubDate>Sat, 07 Mar 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/posts/reolink-blueiris/reolink-blueiris/</guid><description>&lt;h1 id="why-many-home-lab-builders-are-moving-from-unifi-cameras-to-reolink--blue-iris"&gt;Why Many Home Lab Builders Are Moving from UniFi Cameras to Reolink + Blue Iris&lt;/h1&gt;
&lt;p&gt;For years, &lt;strong&gt;UniFi Protect&lt;/strong&gt; has been one of the most popular surveillance systems for home lab enthusiasts and small businesses.&lt;/p&gt;
&lt;p&gt;It looks great.&lt;br&gt;
The interface is polished.&lt;br&gt;
And the integration with UniFi networking gear is seamless.&lt;/p&gt;
&lt;p&gt;But over the past few years, a noticeable shift has started happening in the home lab and self-hosted communities.&lt;/p&gt;</description></item><item><title>Part 2: Deploy Nginx Proxy Manager on Proxmox + Cloudflare</title><link>https://aaronwarwick.com/writeups/networking/npm-https_writeup/npm/</link><pubDate>Wed, 04 Mar 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/writeups/networking/npm-https_writeup/npm/</guid><description>&lt;h2 id="part-2-set-up-nginx-proxy-manager-on-proxmox-with-cloudflare-dns--pfsense"&gt;Part 2: Set Up Nginx Proxy Manager on Proxmox with Cloudflare DNS &amp;amp; pfSense&lt;/h2&gt;
&lt;p&gt;In &lt;strong&gt;Part 2&lt;/strong&gt; of this series, we&amp;rsquo;re setting up &lt;strong&gt;Nginx Proxy Manager (NPM)&lt;/strong&gt; inside &lt;strong&gt;Proxmox&lt;/strong&gt; so we can start exposing our local services with &lt;strong&gt;clean HTTPS URLs&lt;/strong&gt; and &lt;strong&gt;valid SSL certificates&lt;/strong&gt;.&lt;/p&gt;
&lt;p&gt;This is where the home lab starts feeling &lt;em&gt;real&lt;/em&gt;.&lt;/p&gt;
&lt;p&gt;Instead of accessing Home Assistant with something like:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;code&gt;http://192.168.1.20:8123&lt;/code&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;&amp;hellip;we&amp;rsquo;ll be able to use:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;code&gt;https://ha.domain.com&lt;/code&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;And because we&amp;rsquo;re using &lt;strong&gt;Cloudflare DNS validation&lt;/strong&gt;, we can issue a &lt;strong&gt;wildcard certificate&lt;/strong&gt; for our domain and keep everything secure and polished.&lt;/p&gt;</description></item><item><title>Why Proxmox Is One of the Best Hypervisors You Can Run in a Home Lab</title><link>https://aaronwarwick.com/writeups/networking/proxmox/</link><pubDate>Wed, 04 Mar 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/writeups/networking/proxmox/</guid><description>&lt;h1 id="why-proxmox-is-one-of-the-best-hypervisors-you-can-run-in-a-home-lab"&gt;Why Proxmox Is One of the Best Hypervisors You Can Run in a Home Lab&lt;/h1&gt;
&lt;p&gt;There’s something incredibly satisfying about owning your infrastructure.&lt;/p&gt;
&lt;p&gt;Not renting it.&lt;br&gt;
Not trusting it to some mysterious black box.&lt;br&gt;
&lt;strong&gt;Actually owning it.&lt;/strong&gt;&lt;/p&gt;
&lt;p&gt;That’s the spirit behind home labs, and it’s exactly why &lt;strong&gt;Proxmox VE&lt;/strong&gt; has become one of the most powerful hypervisors available to builders, tinkerers, and serious self-hosters.&lt;/p&gt;
&lt;p&gt;It’s fast.&lt;br&gt;
It’s powerful.&lt;br&gt;
It’s ridiculously flexible.&lt;/p&gt;</description></item><item><title>Installing pfSense CE on Bare Metal</title><link>https://aaronwarwick.com/writeups/networking/pfsense-installation/</link><pubDate>Sun, 01 Mar 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/writeups/networking/pfsense-installation/</guid><description>&lt;h1 id="from-zero-to-segmented-installing-pfsense-ce-the-right-way-with-vlans-that-actually-teach-you-networking"&gt;From Zero to Segmented: Installing pfSense CE the Right Way (With VLANs That Actually Teach You Networking)&lt;/h1&gt;
&lt;p&gt;Most home networks are flat.&lt;/p&gt;
&lt;p&gt;One LAN. One WiFi. Everything trusts everything.&lt;/p&gt;
&lt;p&gt;Your laptop can talk to your smart bulbs. Your TV can talk to your NAS. Your IoT camera can reach your workstation.&lt;/p&gt;
&lt;p&gt;That’s not a lab. That’s a liability.&lt;/p&gt;
&lt;p&gt;If you want a home lab that actually teaches real networking, segmentation, routing, firewall policy, and security boundaries, you need a real firewall.&lt;/p&gt;</description></item><item><title>Building the Foundation: Where a Real Home Lab Actually Begins</title><link>https://aaronwarwick.com/posts/building-the-foundation-homelab-begins/</link><pubDate>Wed, 18 Feb 2026 00:00:00 +0000</pubDate><guid>https://aaronwarwick.com/posts/building-the-foundation-homelab-begins/</guid><description>&lt;h1 id="building-the-foundation-where-a-real-home-lab-actually-begins"&gt;Building the Foundation: Where a Real Home Lab Actually Begins&lt;/h1&gt;
&lt;p&gt;Key principle:&lt;/p&gt;
&lt;p&gt;Terminate TLS at a single reverse proxy.&lt;br&gt;
Expose one entry point.&lt;br&gt;
Keep everything else internal.&lt;/p&gt;
&lt;p&gt;That’s discipline.&lt;/p&gt;
&lt;hr&gt;
&lt;h1 id="the-real-reason-to-do-it-this-way"&gt;The Real Reason to Do It This Way&lt;/h1&gt;
&lt;p&gt;This isn’t about running Plex on better hardware.&lt;/p&gt;
&lt;p&gt;This is about understanding:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;How packets move&lt;/li&gt;
&lt;li&gt;How identity works&lt;/li&gt;
&lt;li&gt;How segmentation reduces risk&lt;/li&gt;
&lt;li&gt;How public DNS interacts with private services&lt;/li&gt;
&lt;li&gt;How virtualization abstracts hardware&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;You can buy ecosystems.&lt;/p&gt;</description></item><item><title>Deploying a Local Hugo Site to Azure Static Web Apps</title><link>https://aaronwarwick.com/writeups/hugo/deploying-hugo-to-azure-static-web-apps/</link><pubDate>Tue, 03 Feb 2026 14:00:00 -0600</pubDate><guid>https://aaronwarwick.com/writeups/hugo/deploying-hugo-to-azure-static-web-apps/</guid><description>&lt;h1 id="deploy-hugo-to-azure-for-free"&gt;Deploy Hugo to Azure for Free!!!&lt;/h1&gt;
&lt;h2 id="overview"&gt;Overview&lt;/h2&gt;
&lt;p&gt;This guide walks through moving a &lt;strong&gt;locally developed Hugo site&lt;/strong&gt; to &lt;strong&gt;Azure Static Web Apps (SWA)&lt;/strong&gt; using &lt;strong&gt;GitHub Actions&lt;/strong&gt;.&lt;/p&gt;
&lt;p&gt;The goal is a workflow where:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;You develop and preview locally&lt;/li&gt;
&lt;li&gt;GitHub Actions builds the site&lt;/li&gt;
&lt;li&gt;Azure Static Web Apps deploys it globally&lt;/li&gt;
&lt;li&gt;No servers are managed manually&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;This assumes:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;You already have a working Hugo site locally&lt;/li&gt;
&lt;li&gt;You are using GitHub&lt;/li&gt;
&lt;li&gt;You want reproducible, CI-based deployments&lt;/li&gt;
&lt;/ul&gt;
&lt;hr&gt;
&lt;h2 id="prerequisites"&gt;Prerequisites&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;A local Hugo site (&lt;code&gt;hugo server&lt;/code&gt; works)&lt;/li&gt;
&lt;li&gt;Hugo &lt;strong&gt;extended&lt;/strong&gt; edition (recommended)&lt;/li&gt;
&lt;li&gt;A GitHub repository&lt;/li&gt;
&lt;li&gt;An Azure subscription&lt;/li&gt;
&lt;li&gt;Git installed locally&lt;/li&gt;
&lt;/ul&gt;
&lt;hr&gt;
&lt;h2 id="1-verify-local-hugo-build"&gt;1. Verify Local Hugo Build&lt;/h2&gt;
&lt;p&gt;From your site root:&lt;/p&gt;</description></item><item><title>Creating a post</title><link>https://aaronwarwick.com/writeups/hugo/creating-a-post/</link><pubDate>Tue, 03 Feb 2026 13:00:00 -0600</pubDate><guid>https://aaronwarwick.com/writeups/hugo/creating-a-post/</guid><description>&lt;h1 id="posting-to-hugo-is-easy"&gt;Posting to Hugo is easy&lt;/h1&gt;
&lt;p&gt;So now the site exists. The theme is wired up. The local server is humming along on &lt;code&gt;localhost:1313&lt;/code&gt;.&lt;/p&gt;
&lt;p&gt;And then you hit the real question:&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;How do you actually post something?&lt;/strong&gt;&lt;/p&gt;
&lt;p&gt;This is where Hugo stops being “a static site generator” and starts being a habit. Writing posts is the entire point, so let’s document that workflow while it’s still fresh in my head.&lt;/p&gt;
&lt;p&gt;No cloud, no deployment pipelines, no polish. Just creating content and seeing it live on a locally hosted Hugo site.&lt;/p&gt;</description></item><item><title>Hugo Odyssey</title><link>https://aaronwarwick.com/posts/hugo-odyssey/</link><pubDate>Tue, 03 Feb 2026 12:00:00 -0600</pubDate><guid>https://aaronwarwick.com/posts/hugo-odyssey/</guid><description>&lt;h1 id="this-is-how-it-all-starts-documenting-my-hugo-odyssey"&gt;This is How It All Starts: Documenting My Hugo Odyssey&lt;/h1&gt;
&lt;p&gt;Hey there, fellow tinkerer. If you&amp;rsquo;re anything like me, a developer who&amp;rsquo;s spent too many late nights wrestling with bloated CMSes, you know the thrill of stripping things back to basics. Static sites? They&amp;rsquo;re the minimalist&amp;rsquo;s dream: fast, secure, and zero server-side drama. Today, I finally carved out time to dip my toes into Hugo, the Go-powered static site generator that&amp;rsquo;s been on my radar for years. No more excuses. This post is my raw, unfiltered log of the setup process. Think of it as a breadcrumb trail for anyone following in my footsteps. Let&amp;rsquo;s break it down, step by step, because if I&amp;rsquo;m doing this once, I might as well make it repeatable.&lt;/p&gt;</description></item></channel></rss>