In the SOC stack overview, I introduced Wazuh as the SIEM centerpiece. This post goes deeper - how I deployed Wazuh on Proxmox, configured agent-based and agentless log collection, wrote custom dec...

A backup strategy is only as good as the number of independent copies you maintain and how quickly you can restore from them. This post covers my multi-site Proxmox Backup Server deployment - two P...

Connecting a home lab to a remote datacenter with a single VPN tunnel is simple - but fragile. This post explains why I run two separate WireGuard tunnels between my home and DC sites, how they’re ...

Running a dedicated firewall VM is essential when your datacenter hosts production services on the public internet. This post details how I deploy OPNsense as the sole network gateway on a Proxmox ...

Running a two-node Proxmox VE cluster without a quorum witness is a recipe for split-brain disaster. This post covers how I set up my home cluster with a Corosync QDevice for reliable quorum, how P...

Manual infrastructure management doesn’t scale — even in a homelab. This post covers how I use Terraform, Ansible, and GitLab CI to manage every VM, container, and configuration across both sites a...

Infrastructure exists to serve applications. This post covers the self-hosted services running across my homelab — from email and web hosting to identity management and home automation. Mailcow — ...

Backups are the part of homelab infrastructure nobody finds exciting — until they need one. This post covers my multi-site, multi-technology backup strategy and the disaster recovery plan that give...

Running a multi-site homelab with production services means security can’t be an afterthought. This post covers the SOC (Security Operations Center) stack I’ve built — from log collection to incide...

Networking is the backbone of any multi-site homelab. This post covers how I connect my home and datacenter sites, segment traffic with VLANs, and run a layered DNS architecture. OPNsense as the D...