Hands-on IT infrastructure projects from the homelab and technical guides on IT security and Linux administration. All projects are based on production-grade practice.
Homelab Infrastructure
Homelab • Networking
Ongoing
Network Architecture
OpenBSD pf as firewall/router with VLAN segmentation and WireGuard VPN mesh. Stateful packet inspection, rule management with logging, and secure remote administration.
OpenBSD pf
VLANs
WireGuard
pfctl
TCP/IP
Hands-on Experience
- VLAN segmentation by security zone
- WireGuard VPN mesh with multiple peers
- Firewall rule management and logging
- Zero-trust network architecture in production
Homelab • DevOps
Ongoing
Monitoring Stack
Complete observability stack for all homelab services: metrics, logs and alerting in a unified system.
Prometheus
Grafana
Loki
Node Exporter
Alertmanager
Hands-on Experience
- PromQL dashboards for all services
- Log aggregation with Loki
- Alert rules and notifications
- Multi-service monitoring in production
Homelab • DevOps
Ongoing
Virtualisation & Containers
Proxmox as hypervisor for VMs and LXC containers. Docker for containerised services with automated backup strategies.
Proxmox
Docker
LXC
ZFS
Bash
Hands-on Experience
- 10+ services running in production
- Automated backup strategies with ZFS
- Resource planning and isolation
- 5+ years of operation without data loss
Homelab • Security
Ongoing
Security & Intrusion Detection
Network monitoring and intrusion detection with Suricata IDS, Fail2ban and packet analysis. Integrated into the monitoring stack for centralised evaluation.
Suricata IDS
Fail2ban
tcpdump
Packet Analysis
Log Analysis
Hands-on Experience
- Suricata rule management and log integration
- Fail2ban configuration for SSH and web services
- Packet analysis with tcpdump for troubleshooting
- Identifying and classifying security incidents
Guides & Knowledge Base
Based on my practical experience with IT security and Linux administration, I create detailed guides. All articles focus on security, privacy, and open-source solutions.
Available
Pi-hole filters ads — but external resolvers still see all your queries. Unbound fixes that: recursive resolver with no third-party dependency, DNSSEC, QNAME minimisation, and network hardening.
DNS privacyrecursive resolverUFWDNSSEC
Available
Why and how to run your own mail server on Oracle Cloud Free Tier: OCI basics, mail DNS records, SPF/DKIM/DMARC and open source tools at a glance.
MailOCISPF/DKIM/DMARCSelf-Hosting
Available
Why SearXNG structurally improves privacy — and how it can be run on Proxmox, Debian, and Docker.
PrivacyDockerSelfhostingGDPR
Planned
WireGuard VPN Hardening
Secure VPN configuration with WireGuard: server setup, client management, firewall integration and performance optimization.
VPN securityRemote accessEncryption
Available
Conceptual overview: How OpenBSD PF firewalls work, stateful filtering, threat detection, and centralized observability — practical and straightforward.
Firewall securityOpenBSDStateful filteringMonitoring
Coming Soon
Linux Server Hardening
LPIC-2 based security configuration for production servers: SSH, firewall, Fail2ban, monitoring and backup strategies.
Linux SecurityServer AdministrationMonitoring
Planned
Network Segmentation & VLAN Design
Practical network segmentation: planning and implementing VLANs, defining security zones, inter-segment firewall rules, and avoiding common mistakes.
VLANsNetwork DesignSegmentation
Technology Stack in Use
Technologies I actively use and deploy in my projects:
- Infrastructure Security: OpenBSD pf, iptables, ufw, Fail2ban, WireGuard, Tailscale
- Systems Administration: Linux (LPIC-1/2), Bash, CLI, systemd, cron, process management
- Network Infrastructure: TCP/IP, DNS (Pi-hole, Unbound, BIND), DHCP, routing, switching
- Platform Engineering: Docker, Proxmox, container orchestration, automation, monitoring
- Cloud Infrastructure: AWS (Cloud Practitioner), Oracle OCI (Foundations, Networking)
- Development Operations: Git, CI/CD, infrastructure as code, scripting
Other Projects & Experiments
Learning projects from the web space.
Web Learning Project
2025
Agrar-Dashboard-demo
Web-based dashboard with weather data API, Chart.js visualisation, and responsive design.
HTML5
JavaScript
Chart.js
Netlify
Personal Experiment
2025
Kimi Chat – AI Chat Frontend
AI chat frontend as a learning project. Technically relevant: streaming latency reduced from 8+ seconds to under 500ms via client-side intent injection.
Next.js 15
React 19
TypeScript
Docker