RidgwaySystems/rs_website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Lots of changes to the website

Browse Source
This commit is contained in:
Blake Ridgway
2026-03-27 07:57:13 -05:00
parent 617624c179
commit 7e7480ecf9
33 changed files with 1539 additions and 184 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
templates/about.html
View File

@@ -1,5 +1,5 @@
{{define "title"}}About — Ridgway Systems{{end}}
{{define "meta-desc"}}About Ridgway Systems — a personal OpenBSD homelab project.{{end}}
{{define "meta-desc"}}About Ridgway Systems — a personal FreeBSD homelab project.{{end}}
{{define "content"}}
<div class="about-header">
@@ -11,24 +11,24 @@
<div class="prose">
<p>
Ridgway Systems is a personal homelab project built entirely on OpenBSD. The goal is to self-host
Ridgway Systems is a personal homelab project built entirely on FreeBSD. The goal is to self-host
as many services as practical on owned hardware, with a focus on simplicity, security, and
understanding every layer of the stack.
</p>
<p>
This site documents the build — hardware choices, configuration decisions, and things learned
along the way. If you're setting up your own homelab or migrating to OpenBSD, hopefully something
along the way. If you're setting up your own homelab or migrating to FreeBSD, hopefully something
here is useful.
</p>
<h2>Why OpenBSD?</h2>
<h2>Why FreeBSD?</h2>
<ul>
<li>Security-first design. <code>pledge(2)</code> and <code>unveil(2)</code> are excellent.</li>
<li>Clean, minimal base system. No surprises.</li>
<li>ZFS in the base system. First-class, not bolted on.</li>
<li>Jails for lightweight, auditable service isolation.</li>
<li><code>pf(4)</code> is the best firewall I've used.</li>
<li>Documentation is thorough and accurate. The man pages are genuinely good.</li>
<li>Deliberate, careful development. The OpenBSD team doesn't chase hype.</li>
<li>Clean base system separate from ports and packages. No surprises.</li>
<li>Documentation is thorough and accurate. The Handbook and man pages are genuinely good.</li>
</ul>
<h2>What's Running</h2>

46
templates/admin/changelog-editor.html Normal file
View File

@@ -0,0 +1,46 @@
{{define "title"}}{{if .IsNew}}New Entry{{else}}Edit Entry{{end}} &mdash; Changelog Admin{{end}}
{{define "content"}}
<div class="admin-wrap">
<div class="admin-header">
<h1>{{if .IsNew}}New Changelog Entry{{else}}Edit Entry{{end}}</h1>
<div class="admin-actions">
<a href="/admin/changelog" class="btn btn-outline">Back</a>
</div>
</div>
{{if .Error}}<p class="form-error">{{.Error}}</p>{{end}}
<form method="POST" action="{{if .IsNew}}/admin/changelog/new{{else}}/admin/changelog/edit/{{.Entry.ID}}{{end}}">
<div class="form-row">
<label for="date">Date</label>
<input type="date" id="date" name="date" value="{{.Entry.Date}}" required class="form-input">
</div>
<div class="form-row">
<label for="category">Category</label>
<select id="category" name="category" class="form-input">
{{range .Categories}}
<option value="{{.}}" {{if eq . $.Entry.Category}}selected{{end}}>{{.}}</option>
{{end}}
</select>
</div>
<div class="form-row">
<label for="title">Title</label>
<input type="text" id="title" name="title" value="{{.Entry.Title}}" required
placeholder="e.g. Migrated fw01 from OpenBSD to OPNsense" class="form-input">
</div>
<div class="form-row">
<label for="description">Description <span class="label-optional">(optional)</span></label>
<textarea id="description" name="description" rows="4"
placeholder="Additional details about the change…" class="form-input">{{.Entry.Description}}</textarea>
</div>
<div class="editor-footer">
<button type="submit" class="btn">{{if .IsNew}}Create{{else}}Save{{end}}</button>
</div>
</form>
</div>
{{end}}

47
templates/admin/changelog.html Normal file
View File

@@ -0,0 +1,47 @@
{{define "title"}}Changelog &mdash; Admin{{end}}
{{define "content"}}
<div class="admin-wrap">
<div class="admin-header">
<h1>Changelog</h1>
<div class="admin-actions">
<a href="/admin" class="btn btn-outline">Back</a>
<a href="/changelog" class="btn btn-outline">View Page</a>
<a href="/admin/changelog/new" class="btn">New Entry</a>
</div>
</div>
{{if .Flash}}<p class="flash-msg">{{.Flash}}</p>{{end}}
{{if and .Log .Log.Entries}}
<table class="hw-table">
<thead>
<tr>
<th>Date</th>
<th>Category</th>
<th>Title</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
{{range .Log.Entries}}
<tr>
<td class="hw-spec">{{.Date}}</td>
<td><span class="changelog-category changelog-category-{{.Category}}">{{.Category}}</span></td>
<td>{{.Title}}</td>
<td class="admin-row-actions">
<a href="/admin/changelog/edit/{{.ID}}" class="btn btn-outline btn-sm">Edit</a>
<form method="POST" action="/admin/changelog/delete/{{.ID}}" style="display:inline">
<button type="submit" class="btn btn-danger btn-sm"
onclick="return confirm('Delete this entry?')">Delete</button>
</form>
</td>
</tr>
{{end}}
</tbody>
</table>
{{else}}
<p class="empty-state">No entries yet. <a href="/admin/changelog/new">Create one.</a></p>
{{end}}
</div>
{{end}}

44
templates/admin/status.html
View File

@@ -3,7 +3,7 @@
{{define "content"}}
<div class="admin-wrap">
<div class="admin-header">
<h1>Edit Service Status</h1>
<h1>Service Status</h1>
<div class="admin-actions">
<a href="/admin" class="btn btn-outline">Back</a>
<a href="/status" class="btn btn-outline">View Status Page</a>
@@ -18,16 +18,46 @@
<p class="form-error">{{.Error}}</p>
{{end}}
<p class="page-desc">
Edit the raw JSON below. Valid status values: <code>up</code>, <code>degraded</code>,
<code>down</code>, <code>unknown</code>.
</p>
{{if .Page}}
<form method="POST" action="/admin/status">
<textarea name="json" class="json-editor" rows="30" spellcheck="false">{{.JSON}}</textarea>
<table class="hw-table status-editor-table">
<thead>
<tr>
<th>Service</th>
<th>Status</th>
<th>Note</th>
</tr>
</thead>
<tbody>
{{range $i, $s := .Page.Services}}
<tr>
<td>
<span class="status-editor-name">{{$s.Name}}</span>
{{if $s.Description}}<span class="hw-spec">{{$s.Description}}</span>{{end}}
</td>
<td>
<select name="status_{{$i}}" class="status-select status-select-{{$s.Status}}">
<option value="up" {{if eq $s.Status "up"}}selected{{end}}>up</option>
<option value="degraded" {{if eq $s.Status "degraded"}}selected{{end}}>degraded</option>
<option value="down" {{if eq $s.Status "down"}}selected{{end}}>down</option>
<option value="unknown" {{if eq $s.Status "unknown"}}selected{{end}}>unknown</option>
</select>
</td>
<td>
<input type="text" name="note_{{$i}}" value="{{$s.Note}}" placeholder="Optional note&hellip;" class="status-note-input">
</td>
</tr>
{{end}}
</tbody>
</table>
<div class="editor-footer">
<button type="submit" class="btn">Save</button>
{{if .Page.LastChecked}}
<span class="status-last-checked">Last auto-checked: {{.Page.LastChecked.Format "2006-01-02 15:04 UTC"}}</span>
{{end}}
</div>
</form>
{{end}}
</div>
{{end}}

18
templates/base.html
View File

@@ -4,17 +4,17 @@
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>{{block "title" .}}Ridgway Systems{{end}}</title>
<meta name="description" content="{{block "meta-desc" .}}A homelab built on OpenBSD from firewall to git server.{{end}}">
<meta name="description" content="{{block "meta-desc" .}}A homelab built on FreeBSD from firewall to git server.{{end}}">
<!-- OpenGraph -->
<meta property="og:site_name" content="Ridgway Systems">
<meta property="og:title" content="{{block "og-title" .}}Ridgway Systems{{end}}">
<meta property="og:description" content="{{block "og-desc" .}}A homelab built on OpenBSD from firewall to git server.{{end}}">
<meta property="og:description" content="{{block "og-desc" .}}A homelab built on FreeBSD from firewall to git server.{{end}}">
<meta property="og:type" content="{{block "og-type" .}}website{{end}}">
<meta property="og:url" content="{{block "og-url" .}}https://ridgwaysystems.org{{end}}">
<!-- Twitter/X card -->
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="{{block "tw-title" .}}Ridgway Systems{{end}}">
<meta name="twitter:description" content="{{block "tw-desc" .}}A homelab built on OpenBSD from firewall to git server.{{end}}">
<meta name="twitter:description" content="{{block "tw-desc" .}}A homelab built on FreeBSD from firewall to git server.{{end}}">
<link rel="icon" type="image/svg+xml" href="/static/favicon.svg">
<meta property="og:image" content="{{block "og-image" .}}https://ridgwaysystems.org/static/img/avatar.svg{{end}}">
<meta name="twitter:image" content="{{block "tw-image" .}}https://ridgwaysystems.org/static/img/avatar.svg{{end}}">
@@ -28,6 +28,7 @@
<a href="/" class="nav-brand">ridgwaysystems.org</a>
<ul class="nav-links">
<li><a href="/blog">blog</a></li>
<li><a href="/changelog">changelog</a></li>
<li><a href="/infrastructure">infrastructure</a></li>
<li><a href="/status">status</a></li>
<li><a href="/about">about</a></li>
@@ -36,14 +37,21 @@
</nav>
</header>
{{if .Banner}}
<div class="banner banner-{{.Banner.Level}}">
<a href="/status">{{.Banner.Message}} View status page &rarr;</a>
</div>
{{end}}
<main class="main-content">
{{block "content" .}}{{end}}
{{block "content" .Inner}}{{end}}
</main>
<footer class="site-footer">
<p>
<a href="/">ridgwaysystems.org</a> &mdash;
running OpenBSD &mdash;
running FreeBSD &mdash;
<a href="/changelog">changelog</a> &mdash;
<a href="/blog/feed.xml">RSS</a> &mdash;
<a href="https://git.ridgwaysystems.org">gitea</a> &mdash;
<a href="/hire">hire me</a>

4
templates/blog.html
View File

@@ -1,10 +1,10 @@
{{define "title"}}Build Log &mdash; Ridgway Systems{{end}}
{{define "meta-desc"}}OpenBSD homelab build log — documenting decisions, problems, and solutions.{{end}}
{{define "meta-desc"}}FreeBSD homelab build log — documenting decisions, problems, and solutions.{{end}}
{{define "content"}}
<div class="page-header">
<h1>Build Log</h1>
<p class="page-desc">Documenting the OpenBSD homelab migration: what was built, how, and why.</p>
<p class="page-desc">Documenting the FreeBSD homelab migration: what was built, how, and why.</p>
</div>
<div class="blog-controls">

28
templates/changelog.html Normal file
View File

@@ -0,0 +1,28 @@
{{define "title"}}Changelog &mdash; Ridgway Systems{{end}}
{{define "meta-desc"}}Infrastructure changelog — a running log of hardware, network, software, and migration changes.{{end}}
{{define "content"}}
<div class="page-header">
<h1>Changelog</h1>
<p class="page-desc">A running log of infrastructure changes.</p>
</div>
{{if and .Log .Log.Entries}}
<div class="changelog-list">
{{range .Log.Entries}}
<div class="changelog-entry">
<div class="changelog-meta">
<time class="changelog-date">{{.Date}}</time>
<span class="changelog-category changelog-category-{{.Category}}">{{.Category}}</span>
</div>
<div class="changelog-body">
<h3 class="changelog-title">{{.Title}}</h3>
{{if .Description}}<p class="changelog-desc">{{.Description}}</p>{{end}}
</div>
</div>
{{end}}
</div>
{{else}}
<p class="empty-state">No changelog entries yet.</p>
{{end}}
{{end}}

8
templates/hire.html
View File

@@ -8,9 +8,9 @@
<div class="hire-intro">
<h1>Work With Me</h1>
<p class="hire-tagline">Infrastructure that actually works. On OpenBSD, Linux, or wherever the job takes it.</p>
<p class="hire-tagline">Infrastructure that actually works. On FreeBSD, Linux, or wherever the job takes it.</p>
<p>I'm Blake Ridgway &mdash; a Site Reliability Engineer based in Enid, Oklahoma with experience across cloud infrastructure, on-prem networks, security hardening, and automation. I've built policy-as-code firewall frameworks, managed Kubernetes workloads at a fintech startup, designed WAN monitoring systems, and I'm currently running SRE on Azure at a cloud-native shop.</p>
<p>This site runs on a self-hosted OpenBSD server in my homelab. That's not a gimmick &mdash; it's how I approach every system I touch.</p>
<p>This site runs on a self-hosted FreeBSD server in my homelab. That's not a gimmick &mdash; it's how I approach every system I touch.</p>
<p><a href="/resume">View my full resume &rarr;</a></p>
</div>
@@ -22,7 +22,7 @@
<p>pf, iptables, VLANs, VPNs, BGP/OSPF, network segmentation, zero trust architecture.</p>
</div>
<div class="service-card">
<h3>Linux &amp; OpenBSD</h3>
<h3>Linux &amp; FreeBSD</h3>
<p>System hardening, service configuration, performance tuning, and ongoing administration.</p>
</div>
<div class="service-card">
@@ -51,7 +51,7 @@
<section class="subscribe-section">
<h2>Stay updated</h2>
<p>Occasional posts on OpenBSD, homelab builds, and infrastructure work. No spam.</p>
<p>Occasional posts on FreeBSD, homelab builds, and infrastructure work. No spam.</p>
<form method="POST" action="/newsletter" class="subscribe-form">
<div class="hp-field" aria-hidden="true">
<label for="url">URL</label>

6
templates/index.html
View File

@@ -3,9 +3,9 @@
{{define "content"}}
<section class="hero">
<h1>Ridgway Systems</h1>
<p class="tagline">A homelab built on OpenBSD &mdash; from firewall to git server.</p>
<p class="tagline">A homelab built on FreeBSD &mdash; from firewall to git server.</p>
<p class="hero-desc">
A self-hosted infrastructure project running entirely on OpenBSD. This site documents the build:
A self-hosted infrastructure project running entirely on FreeBSD. This site documents the build:
hardware decisions, network configuration, service deployments, and everything learned along the way.
</p>
<div class="hero-links">
@@ -21,7 +21,7 @@
<div class="infra-card">
<div class="infra-host">SuperMicro 1U</div>
<div class="infra-role">Firewall &bull; Router &bull; VPN &bull; Reverse Proxy</div>
<div class="infra-detail">OpenBSD &bull; pf &bull; relayd &bull; WireGuard</div>
<div class="infra-detail">FreeBSD &bull; pf &bull; relayd &bull; WireGuard</div>
</div>
<div class="infra-card">
<div class="infra-host">Dell R720</div>

190
templates/infrastructure.html
View File

@@ -1,5 +1,5 @@
{{define "title"}}Infrastructure &mdash; Ridgway Systems{{end}}
{{define "meta-desc"}}Hardware inventory and network diagram for the Ridgway Systems OpenBSD homelab.{{end}}
{{define "meta-desc"}}Hardware inventory and network diagram for the Ridgway Systems FreeBSD homelab.{{end}}
{{define "content"}}
<div class="page-header">
@@ -22,19 +22,19 @@
<tr>
<td class="hw-name">fw01</td>
<td>SuperMicro 1U<br><span class="hw-spec">E3-1230v2 &bull; 16 GB RAM</span></td>
<td>OpenBSD</td>
<td>OPNsense 26.1</td>
<td>Firewall, router, VPN, reverse proxy<br><span class="hw-spec">pf &bull; relayd &bull; WireGuard &bull; unbound</span></td>
</tr>
<tr>
<td class="hw-name">srv01</td>
<td>Dell R720<br><span class="hw-spec">Xeon E5-2620 &bull; 96 GB RAM</span></td>
<td>OpenBSD</td>
<td>FreeBSD</td>
<td>Primary server<br><span class="hw-spec">Gitea &bull; httpd &bull; OpenSMTPD &bull; Prometheus &bull; Grafana &bull; Matrix</span></td>
</tr>
<tr>
<td class="hw-name">srv02</td>
<td>Dell R710<br><span class="hw-spec">Xeon X5560 &bull; 288 GB RAM</span></td>
<td>OpenBSD + Linux VMs</td>
<td>FreeBSD + Linux VMs</td>
<td>Backup, game servers<br><span class="hw-spec">nsd &bull; qemu &bull; Jellyfin &bull; secondary DNS</span></td>
</tr>
<tr>
@@ -43,46 +43,164 @@
<td>Fedora Linux 43</td>
<td>Daily driver, Ansible control node<br><span class="hw-spec">Development &bull; playbook management</span></td>
</tr>
<tr>
<td class="hw-name">ws02</td>
<td>Lenovo ThinkPad T14s<br><span class="hw-spec">AMD Ryzen Pro 5 8640HS &bull; 32 GB RAM</span></td>
<td>Fedora Linux 43</td>
<td>Mobile daily driver<br><span class="hw-spec">Development &bull; remote work</span></td>
</tr>
<tr>
<td class="hw-name">ws03</td>
<td>System76 Lemur Pro<br><span class="hw-spec">Intel Core i7-10210U &bull; 16 GB RAM</span></td>
<td>FreeBSD</td>
<td>FreeBSD testing machine<br><span class="hw-spec">Development &bull; testing</span></td>
</tr>
</tbody>
</table>
</section>
<section class="infra-section">
<h2>Network Diagram</h2>
<pre class="network-diagram">
Internet
|
[WAN interface]
|
+=================+
| fw01 | SuperMicro 1U
| OpenBSD | pf firewall
| relayd | WireGuard VPN
+=====+===========+
|
+-- [Management VLAN 1] -- fw01, switches, OOB
|
+-- [Servers VLAN 10] -- srv01, srv02
| |
| +-- srv01 (R720)
| | httpd / relayd (external traffic routed here)
| | Gitea, mail, monitoring, Matrix
| |
| +-- srv02 (R710)
| DNS (nsd), Jellyfin, game VMs
|
+-- [Desktop VLAN 20] -- ws01, personal devices
|
+-- [Game VLAN 30] -- game clients, gaming VMs
|
+-- [IoT/Guest VLAN 40] -- untrusted devices
<div class="netmap-wrap">
<svg class="netmap" viewBox="0 0 720 430" xmlns="http://www.w3.org/2000/svg" role="img" aria-label="Network topology diagram">
External traffic flow:
Internet --&gt; fw01 (relayd) --&gt; srv01 (httpd/app)
<!-- Internet -->
<g class="netmap-node" data-tooltip="Public internet — WAN uplink">
<rect x="285" y="10" width="150" height="38" rx="4" class="netmap-box netmap-box-internet"/>
<text x="360" y="34" class="netmap-label">Internet</text>
</g>
VPN:
WireGuard on fw01 --&gt; routed to server VLANs
</pre>
<!-- Internet → fw01 -->
<line x1="360" y1="48" x2="360" y2="88" class="netmap-line"/>
<!-- fw01 -->
<g class="netmap-node" data-tooltip="fw01 · SuperMicro 1U&#10;OPNsense 26.1&#10;&#10;Services: pf · relayd · WireGuard · unbound">
<rect x="220" y="88" width="280" height="44" rx="4" class="netmap-box netmap-box-fw"/>
<text x="360" y="107" class="netmap-label">fw01</text>
<text x="360" y="123" class="netmap-sublabel">OPNsense 26.1 · SuperMicro 1U</text>
</g>
<!-- fw01 → trunk line -->
<line x1="360" y1="132" x2="360" y2="160" class="netmap-line"/>
<!-- horizontal trunk -->
<line x1="60" y1="160" x2="660" y2="160" class="netmap-line"/>
<!-- VLAN drop lines -->
<line x1="60" y1="160" x2="60" y2="185" class="netmap-line"/>
<line x1="195" y1="160" x2="195" y2="185" class="netmap-line"/>
<line x1="360" y1="160" x2="360" y2="185" class="netmap-line"/>
<line x1="525" y1="160" x2="525" y2="185" class="netmap-line"/>
<line x1="660" y1="160" x2="660" y2="185" class="netmap-line"/>
<!-- VLAN 1 — Mgmt -->
<g class="netmap-node" data-tooltip="VLAN 1 · Management&#10;10.0.1.0/24&#10;&#10;Switches, OOB, firewall mgmt">
<rect x="10" y="185" width="100" height="38" rx="4" class="netmap-box netmap-box-vlan"/>
<text x="60" y="200" class="netmap-label netmap-label-sm">Mgmt</text>
<text x="60" y="215" class="netmap-sublabel">VLAN 1</text>
</g>
<!-- VLAN 10 — Servers -->
<g class="netmap-node" data-tooltip="VLAN 10 · Servers&#10;10.0.10.0/24&#10;&#10;srv01, srv02">
<rect x="145" y="185" width="100" height="38" rx="4" class="netmap-box netmap-box-vlan"/>
<text x="195" y="200" class="netmap-label netmap-label-sm">Servers</text>
<text x="195" y="215" class="netmap-sublabel">VLAN 10</text>
</g>
<!-- VLAN 20 — Desktop -->
<g class="netmap-node" data-tooltip="VLAN 20 · Desktop&#10;10.0.20.0/24&#10;&#10;ws01, personal devices">
<rect x="310" y="185" width="100" height="38" rx="4" class="netmap-box netmap-box-vlan"/>
<text x="360" y="200" class="netmap-label netmap-label-sm">Desktop</text>
<text x="360" y="215" class="netmap-sublabel">VLAN 20</text>
</g>
<!-- VLAN 30 — Game -->
<g class="netmap-node" data-tooltip="VLAN 30 · Game&#10;10.0.30.0/24&#10;&#10;Game clients, gaming VMs">
<rect x="475" y="185" width="100" height="38" rx="4" class="netmap-box netmap-box-vlan"/>
<text x="525" y="200" class="netmap-label netmap-label-sm">Game</text>
<text x="525" y="215" class="netmap-sublabel">VLAN 30</text>
</g>
<!-- VLAN 40 — IoT -->
<g class="netmap-node" data-tooltip="VLAN 40 · IoT/Guest&#10;10.0.40.0/24&#10;&#10;Untrusted / isolated devices">
<rect x="610" y="185" width="100" height="38" rx="4" class="netmap-box netmap-box-vlan"/>
<text x="660" y="200" class="netmap-label netmap-label-sm">IoT/Guest</text>
<text x="660" y="215" class="netmap-sublabel">VLAN 40</text>
</g>
<!-- Servers VLAN → hosts -->
<line x1="170" y1="223" x2="170" y2="255" class="netmap-line"/>
<line x1="170" y1="255" x2="145" y2="255" class="netmap-line"/>
<line x1="170" y1="255" x2="220" y2="255" class="netmap-line"/>
<line x1="145" y1="255" x2="145" y2="275" class="netmap-line"/>
<line x1="220" y1="255" x2="220" y2="275" class="netmap-line"/>
<!-- srv01 -->
<g class="netmap-node" data-tooltip="srv01 · Dell R720&#10;Xeon E5-2620 · 96 GB RAM&#10;FreeBSD&#10;&#10;httpd · Gitea · OpenSMTPD&#10;Prometheus · Grafana · Matrix">
<rect x="90" y="275" width="110" height="44" rx="4" class="netmap-box netmap-box-host"/>
<text x="145" y="293" class="netmap-label netmap-label-sm">srv01</text>
<text x="145" y="308" class="netmap-sublabel">Dell R720 · FreeBSD</text>
</g>
<!-- srv02 -->
<g class="netmap-node" data-tooltip="srv02 · Dell R710&#10;Xeon X5560 · 288 GB RAM&#10;FreeBSD + Linux VMs&#10;&#10;nsd · qemu · Jellyfin&#10;Game servers">
<rect x="165" y="275" width="110" height="44" rx="4" class="netmap-box netmap-box-host"/>
<text x="220" y="293" class="netmap-label netmap-label-sm">srv02</text>
<text x="220" y="308" class="netmap-sublabel">Dell R710 · FreeBSD</text>
</g>
<!-- Desktop VLAN → hosts -->
<line x1="360" y1="223" x2="360" y2="255" class="netmap-line"/>
<line x1="300" y1="255" x2="420" y2="255" class="netmap-line"/>
<line x1="300" y1="255" x2="300" y2="275" class="netmap-line"/>
<line x1="360" y1="255" x2="360" y2="275" class="netmap-line"/>
<line x1="420" y1="255" x2="420" y2="275" class="netmap-line"/>
<!-- ws01 -->
<g class="netmap-node" data-tooltip="ws01 · Desktop&#10;Intel Core i9-12900K · 64 GB RAM&#10;Fedora Linux 43&#10;&#10;Daily driver · Ansible control node">
<rect x="248" y="275" width="104" height="44" rx="4" class="netmap-box netmap-box-host"/>
<text x="300" y="293" class="netmap-label netmap-label-sm">ws01</text>
<text x="300" y="308" class="netmap-sublabel">Desktop · Fedora</text>
</g>
<!-- ws02 -->
<g class="netmap-node" data-tooltip="ws02 · Lenovo ThinkPad T14s&#10;AMD Ryzen Pro 5 8640HS · 32 GB RAM&#10;Fedora Linux 43&#10;&#10;Mobile daily driver">
<rect x="308" y="275" width="104" height="44" rx="4" class="netmap-box netmap-box-host"/>
<text x="360" y="293" class="netmap-label netmap-label-sm">ws02</text>
<text x="360" y="308" class="netmap-sublabel">ThinkPad T14s</text>
</g>
<!-- ws03 -->
<g class="netmap-node" data-tooltip="ws03 · System76 Lemur Pro&#10;Intel Core i7-10210U · 16 GB RAM&#10;FreeBSD&#10;&#10;FreeBSD testing machine">
<rect x="368" y="275" width="104" height="44" rx="4" class="netmap-box netmap-box-host"/>
<text x="420" y="293" class="netmap-label netmap-label-sm">ws03</text>
<text x="420" y="308" class="netmap-sublabel">Lemur Pro · FreeBSD</text>
</g>
</svg>
<!-- Tooltip element -->
<div class="netmap-tooltip" id="netmap-tooltip"></div>
</div>
<script>
(function() {
var tip = document.getElementById('netmap-tooltip');
document.querySelectorAll('.netmap-node').forEach(function(node) {
node.addEventListener('mouseenter', function(e) {
var text = node.getAttribute('data-tooltip') || '';
tip.textContent = text;
tip.classList.add('visible');
});
node.addEventListener('mousemove', function(e) {
tip.style.left = (e.pageX + 14) + 'px';
tip.style.top = (e.pageY - 10) + 'px';
});
node.addEventListener('mouseleave', function() {
tip.classList.remove('visible');
});
});
})();
</script>
</section>
<section class="infra-section">

14
templates/post.html
View File

@@ -1,11 +1,11 @@
{{define "title"}}{{.Title}} &mdash; Ridgway Systems{{end}}
{{define "meta-desc"}}{{.Description}}{{end}}
{{define "og-title"}}{{.Title}} &mdash; Ridgway Systems{{end}}
{{define "og-desc"}}{{.Description}}{{end}}
{{define "title"}}{{.Inner.Title}} &mdash; Ridgway Systems{{end}}
{{define "meta-desc"}}{{.Inner.Description}}{{end}}
{{define "og-title"}}{{.Inner.Title}} &mdash; Ridgway Systems{{end}}
{{define "og-desc"}}{{.Inner.Description}}{{end}}
{{define "og-type"}}article{{end}}
{{define "og-url"}}https://ridgwaysystems.org/blog/{{.Slug}}{{end}}
{{define "tw-title"}}{{.Title}} &mdash; Ridgway Systems{{end}}
{{define "tw-desc"}}{{.Description}}{{end}}
{{define "og-url"}}https://ridgwaysystems.org/blog/{{.Inner.Slug}}{{end}}
{{define "tw-title"}}{{.Inner.Title}} &mdash; Ridgway Systems{{end}}
{{define "tw-desc"}}{{.Inner.Description}}{{end}}
{{define "content"}}
<article class="post">

10
templates/projects.html
View File

@@ -15,11 +15,11 @@
<h2 class="project-title">ridgwaysystems.org</h2>
<div class="project-tags">
<span class="tag">Go</span>
<span class="tag">OpenBSD</span>
<span class="tag">FreeBSD</span>
<span class="tag">self-hosted</span>
</div>
</div>
<p>This site. A single Go binary serving a blog, status page, hire page, and admin panel &mdash; no database, no Docker, no external dependencies at runtime. Flat Markdown files on disk, HMAC-signed sessions, chroma syntax highlighting. Deployed on OpenBSD behind relayd. The build log covers the whole thing.</p>
<p>This site. A single Go binary serving a blog, status page, hire page, and admin panel &mdash; no database, no Docker, no external dependencies at runtime. Flat Markdown files on disk, HMAC-signed sessions, chroma syntax highlighting. Deployed on FreeBSD behind nginx. The build log covers the whole thing.</p>
<div class="project-links">
<a href="/blog">Build log &rarr;</a>
<a href="https://git.ridgwaysystems.org">Source &rarr;</a>
@@ -35,7 +35,7 @@
<span class="tag">security</span>
</div>
</div>
<p>A policy-as-code system for managing pf firewall rules across multiple OpenBSD hosts. Rules defined in structured configuration, rendered to pf.conf via templating, with automated geo-location blocking and rule validation before deployment. Deployed at Triangle Insurance to manage ~200 rules across three firewall segments.</p>
<p>A policy-as-code system for managing pf firewall rules across multiple FreeBSD hosts. Rules defined in structured configuration, rendered to pf.conf via templating, with automated geo-location blocking and rule validation before deployment. Deployed at Triangle Insurance to manage ~200 rules across three firewall segments.</p>
<div class="project-links">
<a href="/blog/pf-vlans">Related post &rarr;</a>
</div>
@@ -57,13 +57,13 @@
<div class="project-header">
<h2 class="project-title">Homelab Infrastructure</h2>
<div class="project-tags">
<span class="tag">OpenBSD</span>
<span class="tag">FreeBSD</span>
<span class="tag">Ansible</span>
<span class="tag">Terraform</span>
<span class="tag">homelab</span>
</div>
</div>
<p>The homelab: fw01 running OpenBSD with pf and WireGuard, two Dell rack servers, VLAN-segmented network (management, servers, IoT, guest), self-hosted Gitea, Matrix, Jellyfin, Prometheus, and Grafana. Fully documented, IaC'd where possible, and used as a test bed before anything touches production.</p>
<p>The homelab: fw01 running OPNsense with pf and WireGuard, two Dell rack servers, VLAN-segmented network (management, servers, IoT, guest), self-hosted Gitea, Matrix, Jellyfin, Prometheus, and Grafana. Fully documented, IaC'd where possible, and used as a test bed before anything touches production.</p>
<div class="project-links">
<a href="/infrastructure">Infrastructure diagram &rarr;</a>
<a href="/uses">What I run &rarr;</a>

30
templates/resume.html
View File

@@ -135,13 +135,41 @@
<dd>Prometheus, Grafana, Nagios, Splunk, ELK Stack, SIEM integration, Azure Monitor</dd>
<dt>Platforms</dt>
<dd>Linux, OpenBSD, VMware, Hyper-V, Proxmox, Citrix, Docker, Kubernetes, Argo CD</dd>
<dd>Linux, FreeBSD, VMware, Hyper-V, Proxmox, Citrix, Docker, Kubernetes, Argo CD</dd>
</dl>
</div>
</section>
<section class="resume-section">
<h2>References</h2>
<div class="resume-reference">
<blockquote>
<p>Working alongside Blake has been a pleasure from day one. When he joined our team, our network infrastructure was in need of serious attention, and he wasted no time bringing everything up to current standards with precision and purpose.</p>
<p>Beyond the foundational work, he took the initiative to implement comprehensive monitoring solutions that gave our entire team far greater visibility and confidence in our systems.</p>
<p>What truly sets Blake apart is how he stays continuously plugged in to the evolving threat landscape &mdash; always aware of emerging vulnerabilities, new attack vectors, and the latest tools and best practices to address them. This proactive awareness means our network is never just where it needs to be today, but prepared for what&rsquo;s coming tomorrow.</p>
<p>He approaches every challenge with a sharp, innovative mindset that consistently produces solutions we hadn&rsquo;t even considered. He is exactly the kind of colleague you want in your corner when the stakes are high.</p>
</blockquote>
<cite class="resume-reference-cite">&mdash; Austin M. &mdash; Triangle Insurance Company</cite>
</div>
<div class="resume-reference">
<blockquote>
<p>Blake was an invaluable resource for our team. From the jump, he was focused on streamlining processes and automating tasks where applicable. He not only helped in the team we worked on directly, but he worked across multiple teams to make sure there were streamlined processes there, as well. Outside of the progress he made in the team, he was on the forefront of recommending network and security protocols and enhancements for the team and the company as a whole. </p>
<p>Not only was Blake a superb addition to the team on a technical level, his ability to relate to and get along with everyone made him an invaluable asset in that department as well. Whether it was coworkers or it was the clients spanning multiple states, he was able to relate to them all.</p>
</blockquote>
<cite class="resume-reference-cite">&mdash; Nic F. &mdash; BankOnIT</cite>
</div>
<div class="resume-reference">
<blockquote>
<p>Ive had the privilege of working alongside Blake, and I can confidently say he is one of the most exceptional engineers Ive encountered. His expertise across DevOps, systems administration, and software engineering is truly top tier. He consistently demonstrates a depth of knowledge and technical capability that sets him apart.</p>
<p>What makes Blake stand out even more is how he pairs that skill with relentless drive, strong work ethic, and a genuinely positive attitude. He doesnt just solve problems, he elevates the people and teams around him. Working with Blake raises the bar for everyone involved.</p>
<p>Any organization or team that has Blake contributing is gaining a top 1% individual, not just technically, but as a professional and as a person.</p>
</blockquote>
<cite class="resume-reference-cite">&mdash; Bryan B. &mdash; Sr. Director of Software Engineering &mdash; Prime Trust</cite>
</div>
</section>
</div>
{{end}}

27
templates/status.html
View File

@@ -12,14 +12,29 @@
{{if .Page.Services}}
<ul class="status-list">
{{range .Page.Services}}
{{$h := index $.History .Name}}
<li class="status-item status-{{.Status}}">
<span class="status-indicator" aria-label="{{.Status}}"></span>
<div class="status-info">
<span class="status-name">{{.Name}}</span>
{{if .Description}}<span class="status-desc">{{.Description}}</span>{{end}}
{{if .Note}}<span class="status-note">{{.Note}}</span>{{end}}
<div class="status-top">
<span class="status-indicator" aria-label="{{.Status}}"></span>
<div class="status-info">
<span class="status-name">{{.Name}}</span>
{{if .Description}}<span class="status-desc">{{.Description}}</span>{{end}}
{{if .Note}}<span class="status-note">{{.Note}}</span>{{end}}
</div>
<span class="status-badge status-badge-{{.Status}}">{{.Status}}</span>
</div>
<div class="uptime-bar-row">
<div class="uptime-bar">
{{range $h.Blocks}}
<span class="uptime-block uptime-block-{{.Status}}" title="{{.Date}}"></span>
{{end}}
</div>
{{if ge $h.UptimePct 0.0}}
<span class="uptime-pct">{{printf "%.1f" $h.UptimePct}}%</span>
{{else}}
<span class="uptime-pct uptime-pct-none">no data</span>
{{end}}
</div>
<span class="status-badge status-badge-{{.Status}}">{{.Status}}</span>
</li>
{{end}}
</ul>

13
templates/uses.html
View File

@@ -16,7 +16,7 @@
<span class="uses-name">fw01</span>
<span class="uses-role">Firewall / Router</span>
</div>
<p>SuperMicro 1U, Intel E3-1230v2, 16GB ECC RAM. Running OpenBSD. Handles all pf firewall rules, VLANs, WireGuard VPN, unbound DNS, and relayd reverse proxy. The critical piece everything else depends on.</p>
<p>SuperMicro 1U, Intel E3-1230v2, 16GB ECC RAM. Running OPNsense (FreeBSD-based). Handles all pf firewall rules, VLANs, WireGuard VPN, unbound DNS, and reverse proxy. The critical piece everything else depends on.</p>
</div>
<div class="uses-item">
@@ -47,8 +47,9 @@
<section class="uses-section">
<h2>Operating Systems</h2>
<ul class="uses-list">
<li><strong>OpenBSD</strong> &mdash; fw01, this web server. Chosen for its security defaults, pf, and the fact that it does exactly what it says on the tin.</li>
<li><strong>AlmaLinux / Rocky</strong> &mdash; srv01, srv02. RHEL-compatible for production workloads where SELinux and systemd are expected.</li>
<li><strong>FreeBSD</strong> &mdash; srv01, srv02. Chosen for ZFS, jails, pf, and a clean coherent base system.</li>
<li><strong>OPNsense</strong> &mdash; fw01. FreeBSD-based firewall/router OS. pf, WireGuard, unbound all built in.</li>
<li><strong>AlmaLinux / Rocky</strong> &mdash; Linux VMs on srv02. RHEL-compatible for workloads where SELinux and systemd are expected.</li>
<li><strong>Fedora</strong> &mdash; Workstation. Stays close to bleeding-edge tooling without being Arch.</li>
</ul>
</section>
@@ -56,11 +57,11 @@
<section class="uses-section">
<h2>Networking</h2>
<ul class="uses-list">
<li><strong>pf</strong> &mdash; OpenBSD packet filter. VLANs, NAT, geo-blocking, antispoof. The whole reason fw01 runs OpenBSD.</li>
<li><strong>pf</strong> &mdash; FreeBSD/OPNsense packet filter. VLANs, NAT, geo-blocking, antispoof. The whole reason fw01 runs what it does.</li>
<li><strong>WireGuard</strong> &mdash; VPN for remote access. Simple, fast, auditable.</li>
<li><strong>unbound</strong> &mdash; Recursive DNS resolver on fw01. Validates DNSSEC, blocks ad/tracking domains.</li>
<li><strong>nsd</strong> &mdash; Authoritative DNS on srv02 for the ridgwaysystems.org zone.</li>
<li><strong>relayd</strong> &mdash; OpenBSD reverse proxy in front of this site and internal services.</li>
<li><strong>nginx</strong> &mdash; Reverse proxy in front of this site and internal services.</li>
</ul>
</section>
@@ -81,7 +82,7 @@
<li><strong>VS Code</strong> &mdash; Primary editor. Remote SSH extension makes working directly on servers seamless.</li>
<li><strong>Go</strong> &mdash; Preferred language for infrastructure tooling and this site. Fast to compile, easy to deploy a single binary.</li>
<li><strong>Python</strong> &mdash; Scripting, automation, quick data processing.</li>
<li><strong>Bash / ksh</strong> &mdash; Bash on Linux, ksh on OpenBSD. Shell scripts for anything that doesn't need to outlast the week.</li>
<li><strong>Bash</strong> &mdash; Shell scripts for anything that doesn't need to outlast the week.</li>
<li><strong>tmux</strong> &mdash; Terminal multiplexer. Multiple panes across multiple SSH sessions, always.</li>
</ul>
</section>