Course Module 07: Maintenance Playbook
The unglamorous work that keeps a self-hosted privacy stack alive past month three. Patching cadence, key rotation, peer churn, certificate renewal, log retention, decommissioning. The boring playbook that separates a hobby project from a daily-driver.
This is the final module of the RouteHarden Network Engineering Course. Modules 01-06 stood up a working stack. This module covers the work that keeps it working. The most common failure mode for self-hosted setups is not "got hacked" — it's "person who set it up stopped maintaining it; six months later the keys are stale, the kernel is unpatched, and the VPS is still running."
By the end of this module you will have:
- A monthly maintenance checklist you can actually finish
- A documented key rotation cadence for WireGuard and any TLS-in-TLS layer
- A decommissioning script that leaves no orphan accounts or logs behind
- A written runbook for "what happens when I get hit by a bus" (or just stop caring)
We do this kind of work for hire.
Network architecture review, self-hosted privacy stacks, zero-trust corporate VPNs.