Blog
Technical articles, tutorials, and thoughts on software development.
Internationalization with Astro: i18n Without a Plugin
How this portfolio became bilingual — with Astro's file-based routing, a central translation file, and no i18n library.
Automating Documents — From XML Hell to Headless Browsers
Apache POI and OOXML were the standard for programmatic document generation for years. Today there are more elegant approaches — using Puppeteer, HTML, and CSS.
Identity Management with Zitadel: Centralized Authentication for Self-Hosted Apps
Why every self-hosted application needs identity management, what open-source solutions exist, and how I implemented Zitadel as centralized authentication for three Express apps.
19,000 Login Attempts Per Day: SSH Brute Force in Practice
What happens when a new server with an open port 22 goes online. Real numbers from the logs, an analysis of the attackers, and three countermeasures that work immediately.
Behind the Scenes: Infrastructure and Architecture of This Portfolio
Two Hetzner servers, WireGuard VPN, Nginx Reverse Proxy, GitHub Actions, and a static Astro site. How the infrastructure behind mathis-adler.dev is built and why.
End-to-End Encrypted One-Time Secrets: Why and How
How to share secrets securely without trusting the server. On threat modeling, URL fragments as key transport, and why POST instead of GET makes all the difference.
Why Public URL Shorteners Are a Security Risk
Short links are convenient, but they open doors for phishing, tracking, and vendor lock-in. An analysis of the risks and how to do it better.