Skip to main content

Filed under

Homelab

34 entries

  1. Security·8 min read·

    Signed USB Rescue Boot: aegis-boot and the QEMU+OVMF Persona Harness

    A UEFI-Secure-Boot-preserving rescue USB for any ISO, and the companion QEMU harness that validates it against ~100 hardware personas without physical Frameworks, ThinkPads, or Dells on a lab bench.

  2. Linux·8 min read·

    Multiboxing EverQuest on Linux: Deterministic Wine Prefixes and Programmatic Window Layout

    I left Windows behind for good. Norrath-Native is an IaC-style toolkit that deploys EverQuest on Ubuntu 24.04 with Wine and DXVK, and a growing exploration into what you can actually do with programmatic window management on Linux.

  3. Security·6 min read·

    Investigating the Trivy Supply Chain Compromise with AI Agents

    How I used AI-assisted investigation to triage the trivy-action supply chain attack across my homelab repos — and some thoughts on weekend incident response and community notification gaps.

  4. Cloud·11 min read·

    Building a Private Cloud in Your Homelab with Proxmox and Security Best Practices

    Learn to build and secure a production-grade private cloud using Proxmox VE. Covers network segmentation, backup strategies, security hardening, and resource management with real homelab implementation lessons.

  5. Security·10 min read·

    Hardening Docker Containers in Your Homelab: A Defense-in-Depth Approach

    Eight security layers that stopped real attacks in homelab testing: minimal base images, user namespaces, seccomp profiles, network segmentation, and more. Defense-in-depth without Kubernetes overhead.

  6. Security·12 min read·

    Building a Homelab Security Dashboard with Grafana and Prometheus

    Real-world guide to monitoring security events in your homelab. Covers Prometheus configuration, Grafana dashboards, and alerting rules for threat detection.

  7. Supply Chain·10 min read·

    NodeShield: Runtime SBOM Enforcement Stops 98% of Supply Chain Attacks

    NodeShield enforces SBOMs at runtime using CBOM policies to prevent supply chain attacks. Homelab Docker deployment guide with attack simulations, 98.3% prevention rate, and <1ms overhead.

  8. Prometheus·6 min read·

    PromSketch: 2-100x Faster Prometheus Queries with Sketch Algorithms

    Deploy PromSketch to optimize slow PromQL queries using sketch-based approximation. Homelab benchmarks show 2-100x speedup on percentile queries.

  9. Siem·10 min read·

    SIEM for Homelab: Wazuh vs Graylog Performance Comparison

    Deploy and benchmark Wazuh and Graylog SIEM solutions in your homelab. Performance analysis, resource usage, and integration patterns for security monitoring.

  10. Computational Science·32 min read·

    Preparing Your Homelab for the Quantum Future: Post-Quantum Cryptography Migration

    Implement post-quantum cryptography with CRYSTALS-Kyber and Dilithium—prepare homelab for quantum threats using NIST-approved algorithms.

  11. Ethics·18 min read·

    Building a Privacy-First AI Lab: Deploying Local LLMs Without Sacrificing Ethics

    Build privacy-first AI lab with local LLMs—run models up to 34B on RTX 3090 (24GB VRAM) with network isolation, traffic monitoring, and real privacy controls.

  12. Ai·9 min read·

    From Claude in Your Terminal to Robots in Your Workshop: The Embodied AI Revolution

    Deploy Vision-Language-Action models for embodied AI robots—integrate physical world interaction with security considerations for homelab automation.

  13. Homelab·7 min read·

    Proxmox High Availability Setup for Homelab Reliability

    Build Proxmox high-availability clusters with shared storage and automated failover—implement live migration for zero-downtime homelab maintenance.

  14. Homelab·8 min read·

    IoT Security in Your Home Lab: Lessons from OWASP IoTGoat

    Test IoT security with OWASP IoTGoat—practice firmware extraction, API exploitation, and hardware hacking in secure lab environments.

  15. Homelab·16 min read·

    Implementing Zero Trust Microsegmentation with VLANs

    Implement zero trust with VLAN segmentation—secure homelab networks using micro-segmentation and layer 3 firewalls for defense in depth.

  16. Cryptography·13 min read·

    Self-Hosted Password Manager Migration: Bitwarden Deep Dive

    Migrate to self-hosted Bitwarden—deploy secure vault with backup strategies, SSL certificates, and database encryption for full control.

  17. Homelab·13 min read·

    Building a Network Traffic Analysis Lab with Suricata

    Deploy Suricata IDS/IPS for real-time network threat detection—configure rule management, performance tuning, and SIEM integration for homelab monitoring.

  18. Docker·12 min read·

    Docker Runtime Security Hardening with Linux Security Modules

    Harden Docker containers using AppArmor and SELinux for isolation without orchestration overhead. LSM profiles, seccomp filters, and capability dropping at homelab scale.

  19. Cryptography·6 min read·

    Implementing DNS-over-HTTPS (DoH) for Home Networks

    Deploy DNS-over-HTTPS with Pi-hole and dnscrypt-proxy—encrypt DNS queries for home network privacy and prevent ISP monitoring with DoH implementation.

  20. Ai·8 min read·

    Local LLM Deployment: Privacy-First Approach

    Deploy local LLMs for privacy-first AI—run language models on homelab hardware with model selection, optimization, and deployment strategies.

  21. Ai·17 min read·

    Fine-Tuning LLMs in the Homelab: A Practical Guide

    Fine-tune LLMs on homelab hardware with QLoRA and 4-bit quantization. Train Llama 3 8B models on RTX 3090 with dataset prep and optimization strategies.

  22. Homelab·5 min read·

    Building a Security-Focused Homelab: My Journey

    Build security-focused homelab with Proxmox, VLANs, and IDS/IPS—create testing environment for cybersecurity and family data protection.

  23. Ai·4 min read·

    Securing Your Personal AI/ML Experiments: A Practical Guide

    Secure personal AI experiments with model isolation and network segmentation—protect LLM deployments using privacy controls and threat modeling.

  24. Homelab·6 min read·

    Raspberry Pi Security Projects That Actually Solve Problems

    Build Raspberry Pi security projects with Pi-hole, VPN gateway, and honeypots—deploy practical network monitoring and threat detection on budget hardware.

  25. Automation·4 min read·

    Automating Home Network Security with Python and Open Source Tools

    Automate home network security with Python and Ansible—deploy patching, threat detection, and compliance scanning for homelab infrastructure.

  26. Llm·9 min read·

    LLM-Powered Security Alert Triage with Local Models

    Automate security alert analysis using local LLMs (Ollama) for privacy-preserving incident response. Reduce alert fatigue with AI-powered triage without cloud dependencies.

  27. Homelab·13 min read·

    Privacy-Preserving AI Training Across My Homelab: Federated Learning with Granular-Ball Computing

    Deploy federated learning across homelab with granular-ball computing—train privacy-preserving models with 82% reduced network transfer.

  28. Ai·14 min read·

    GPU Power Monitoring in My Homelab: When Machine Learning Met My Electricity Bill

    Monitor GPU power with NVIDIA SMI and Grafana dashboards—reduce ML training electricity costs by 40% using optimization strategies for RTX 3090.

  29. Container Orchestration·11 min read·

    Sandboxing Untrusted Containers with gVisor: Lessons from G-Fuzz Vulnerability Research

    Secure containers with gVisor sandboxing—prevent kernel exploits in Kubernetes clusters while managing 59% startup overhead for untrusted workloads.

  30. Edge Computing·14 min read·

    Running LLaMA 3.1 on a Raspberry Pi: Memory-Efficient Edge AI with PIPELOAD

    Run LLaMA 3.1 on Raspberry Pi with PIPELOAD pipeline inference—achieve 90% memory reduction and deploy 7B models on 8GB edge devices at 2.5 tokens/sec.

  31. Privacy·9 min read·

    Zero-Knowledge Proof Authentication for Homelab Services

    Implement privacy-preserving authentication using ZK-SNARKs for homelab SSO. No passwords transmitted, cryptographic proof of identity without revealing credentials.

  32. Programming·3 min read·

    The Pizza Calculator: A Weekend Project in Humility

    A Saturday afternoon coding project that taught me more about assumptions than algorithms.

  33. Ai·16 min read·

    Retrieval Augmented Generation (RAG): Enhancing LLMs with External Knowledge

    Build RAG systems with vector databases and semantic search—eliminate LLM hallucinations and ground responses in verified knowledge for trustworthy AI.

  34. Python·8 min read·

    Building a Python Vulnerability Scanner with NVD API Integration

    Automate vulnerability detection in your homelab using Python and the National Vulnerability Database API. Track CVEs, scan dependencies, and integrate with monitoring systems.