A deep technical tour of Percival, our self-hosted AI operator โ 28 MCP servers (213 tools) wired to every system at Rainier IT, 7 autonomous background workers, Claude Haiku over a LiteLLM proxy with Ollama fallback on a GPU LXC, pgvector memory, prompt caching, three-tier approval gates, and WebSocket streaming.
Lock Down Windows 11 in 15 Minutes: A Hardening Checklist
A 15-minute, license-free Windows 11 hardening checklist for SMB endpoints โ TPM/Secure Boot, BitLocker, standard-user accounts, Defender + ASR rules, firewall, telemetry trim, and Recall opt-out.
Why Your SMB Needs Windows 11 Pro, Not Home: The $99 Upgrade That Saves $4,000 in Incidents
Windows 11 Home is the wrong product to run a business on. Real BitLocker, Group Policy, Entra/AD join, RDP host, Hyper-V, MDM, and Update for Business are all Pro-only โ and the upgrade is $99 with no reinstall.
Lock Down SSH in 10 Minutes: A Hardening Checklist for Linux
Key-only auth, no root, a non-default port, fail2ban, and a workflow that won’t lock you out โ every box I run gets this same six-line hardening file.
Make Your Servers Smile: Dynamic MOTDs with Figlet, Cowsay, Fortune, and Lolcat
A tour of /etc/update-motd.d/, the four tiny packages that build a great login banner (figlet, cowsay, fortune, lolcat), and how to drop a unicorn into your SSH greeting in under ten minutes.
Claude Code + the Karpathy Guidelines: A Saner AI Coding Workflow
How I install Anthropic’s Claude Code CLI plus the Superpowers and Karpathy-guidelines plugins from the marketplace โ and why this combination turns an LLM from helpful-looking autocomplete into a junior engineer who has read the handbook.
Introducing the Rainier IT Client Knowledge Base
Introducing our new customer knowledge baseโself-service guides, troubleshooting, and best practices available 24/7 at kb.rainier-it.com.
Onboarding Day, Reinvented: How a New Client Gets Fully Protected Before Lunch
When you sign with Rainier IT, every device you own is provisioned, monitored, and backed up the same day โ not three weeks later. Here’s exactly what runs, and why it matters for security.
What Huntress EDR Actually Does
A non-technical (then technical) walkthrough of Huntress Managed EDR โ what it is, how it catches what antivirus misses, and the 2026 SMB breach numbers that explain why it ships on every plan.
โ๏ธ Self-Hosted Monitoring with Prometheus and Grafana โ๏ธ
Set up a complete Prometheus + Grafana monitoring stack on your own Linux server in 10 minutes using Docker Compose.