Infrastructure, automation, and self-hosting with a strong bias towards privacy, control, and Linux-first solutions.
- 🇨🇭 Located in Switzerland
- Focus: homelab and SMB infrastructure, Proxmox, kernel hardening, hardware-aware tooling and more
- Philosophy: sustainable, vendor-independent IT with re-use of existing hardware where it makes sense
Website: https://it-kuny.ch
Self-hosted Git: https://git.it-kuny.ch (currently not exposed to the public)
IT-Kuny is primarily a one-person operation.
The work sits somewhere between homelab engineering in facto SMB (and maybe further...) and real-world support:
- Fixing everyday issues for friends, family, and close contacts (smartphones, PCs, tablets, NAS, Gaming consoles, TVs, TV Box's, Router/Modem, Security cameras etc.)
- Acting as a consultant and “second brain” for new systems, network redesigns, and infrastructure overhauls
- Building small tools and workflows when existing solutions are too heavy, opaque, or vendor-locked
Most tooling here started as "we have a real problem to solve right now" and was later cleaned up and published.
This organization collects tools and configurations that help you:
- Run self-hosted infrastructure (Proxmox, Linux, containers)
- Automate repetitive operational tasks
- Harden systems and reduce attack surface
- Make hardware behaviour more predictable (IOMMU, iLO fans, kernel profiles)
- Recover broken systems quickly (chroot, storage detection, bootfix)
Most of the daily-driver projects live on a self-hosted Forgejo instance on a private distributed server farm.
GitHub is used for public tooling, kernels, and upstream collaboration (and sometimes for experiments that are useful to others).
| Repository | Description |
|---|---|
chrooty |
Rescue and chroot utility that automates recovery workflows. Handles LVM, ZFS, Btrfs subvolumes, EFI mounts, logging, and a plugin-driven hook system for pre/post-chroot actions. Designed for “fix this system now” scenarios on modern Linux distributions. |
Proxmox-Sync-Wildcard |
Bash automation to securely pull a wildcard TLS certificate from a remote CA / reverse proxy host and deploy it into a Proxmox VE cluster. Includes full store backup, atomic replacement, permission fixes, and minimal service impact (reloads only pveproxy). |
These projects are designed to be dropped into real environments: rescue media, Proxmox clusters, and automation pipelines.
| Repository | Scope | Focus |
|---|---|---|
Thinkpad-P16S-Kernel |
Opinionated Linux kernel profile for the Lenovo ThinkPad P16s Gen4. Keeps NVMe-only internal storage, USB BOT/UAS disks, USB4/TB4, graphics, audio, camera, LAN, WLAN, BT, and trims unused SATA/SAS/FC/iSCSI paths to reduce complexity and attack surface. | Hardware-specific kernel config, IOMMU, VFIO, modern workstation hardening. |
This is not a generic “one size fits all” kernel – it is a documented profile for a very specific platform and threat model.
| Repository | Origin | Purpose |
|---|---|---|
IOMMU-Report |
Fork of mkoreneff/iommu_info_generate |
Curses-based TUI to inspect local platform details and submit IOMMU topology data to iommu.info. Includes API health checks, vendor probes, board existence checks, chunked upload flow, and throttling that respects Retry-After. |
ilo4-fan-controller |
Fork of DavidIlie/ilo4-fan-controller |
Next.js UI and Dockerized service to control fan speeds on modded iLO4-based HPE Gen8 servers. Talks to iLO4 over SSH, exposes presets and dynamic fan layouts, and is homelab-friendly when paired with an auth proxy. |
These forks are kept close to upstream while adding homelab-centric operational experience.
IT-Kuny is not a large service provider. It is mainly:
- Best-effort support for friends, family, and close contacts and for those who want to get in touch with
- Help for small environments that share the same philosophy (primarly focused on self-hosted, privacy-focused, realistic budgets) and other environment obviously too
Typical support activities include:
-
End-user systems & apps
Fixing issues with Apps (e.g. Google Play, Samsung Browser, iOS App sideloading via XCode, Wireguard), mail clients, office suites, and everyday desktop workflows on Windows, macOS, and Linux. And also for iOS/iPadOS and Android/HarmonyOS. -
Client devices
Troubleshooting and setting up smartphones and tablets (Android, iOS/iPadOS), including accounts, apps, backups, and security and privacy. -
Storage & NAS systems
Deploying and maintaining NAS devices (e.g. Synology, UGREEN and similar), ACL permissions, shared folders, remote access, and backup strategies. -
Networks & small infra
Designing or restructuring small networks (home and small office), including Wi-Fi, routing, VPN, DNS, remote access, and pragmatic security baselines. -
Consulting & planning
Acting as a sounding board for new systems, hardware refreshes, or complete infrastructure overhauls — from “What should I buy?” to “How do we migrate without losing data and while being live?”.
Language-wise:
- 🇨🇭 Swissgerman – native
- 🇩🇪 German – native
- 🇬🇧 English – fluent
There is no 24/7 SLA and no marketing team. Expect honest answers, conservative designs, and solutions you can actually maintain yourself.
Typical stack and domains represented across these projects:
- Operating systems: Linux (Fedora, Debian, Proxmox), with a focus on server and workstation use-cases
- Infrastructure: Proxmox VE, containers, homelab automation, backup and recovery workflows
- Security & hardening: Kernel configuration, IOMMU/VFIO, TLS automation, reduced attack surface
- Scripting & tooling: Bash, Python, TypeScript/Next.js, plus packaging for Debian/RPM where useful
- Hardware: ThinkPad platforms, HPE ProLiant Gen8, 3× Synology NAS, 1× UGREEN NAS, IOMMU-capable boards and virtualization hosts
If you care about owning your infrastructure, keeping control over your data, and understanding what your hardware is actually doing, you are in the right place.
Additional internal tools, Ansible roles, and more live on the self-hosted Git:
- 🔗 Forgejo: https://git.it-kuny.ch (currently internal-only; public exposure under evaluation)
Issues and pull requests are welcome on the public repositories here on GitHub.
For anything security-sensitive, please use a private contact channel instead of opening a public issue.
Some tools and operating systems used on a daily basis (more or less):
🌐 Website:
💬 Telegram:
For project-specific bugs or feature requests, please use the respective GitHub issue tracker.