René Welches

TECH NOTES TO MYSELF

Running Debian 13 in UTM on Apple Silicon

Native ARM64 virtualization with a Debian netinstall ISO — no emulation required

Step-by-step guide to creating a Debian 13 (Trixie) ARM64 virtual machine in UTM on an Apple Silicon Mac using the Virtualize mode for near-native performance.

Posted by Rene Welches on Thursday, February 19, 2026

Running Your Own Root CA for the Homelab

What started as a GitHub README turned into a proper blog post

How to create a self-signed Root CA for your homelab, sign server certificates, and trust them on macOS and Linux — including the git gotcha that the macOS Keychain won't tell you about.

Posted by Rene Welches on Wednesday, February 18, 2026
Last Modified on Thursday, February 19, 2026

Using Vagrant with QEMU on macOS - or not

Lightweight VM provisioning on Apple Silicon with cloud-init support

Learn how to set up Vagrant with QEMU on macOS using Homebrew. Explore two provisioning approaches: shell scripts and cloud-init, along with the advantages and limitations of this setup.

Posted by Rene Welches on Thursday, January 29, 2026

Securing Proxmox API Tokens with Apple Keychain Access for Terraform

Store and retrieve Proxmox credentials securely using macOS Keychain instead of plain text files

Securely manage Proxmox API tokens for Terraform using macOS Keychain Access. Eliminates plain text credential files and integrates seamlessly with automated Terraform workflows.

Posted by Rene Welches on Tuesday, December 9, 2025
Last Modified on Wednesday, February 4, 2026