// My Personal Homelab
DevOps, Security, Linux, Docker, Cloudflare, Optimization, Self-Hosting, Home Network Setup, Nginx, Apparmor, Fail2ban, VPN, Dynamic DNS, Network Optimization, Automation, Backup Strategies, Monitoring and Alerting
Oct. 2025 - Present Day
- Managed DNS records and configured mutual TLS authentication through Cloudflare to ensure only authorized connections can access the server
- Implemented port-knocking authentication for SSH to add an extra layer of security against unauthorized access attempts
- Configured multiple backup strategies with varying retention periods to protect against hardware failures and ransomware attacks
- Created automation scripts for routine tasks including backups, disk health monitoring, and software updates
- Set up remote desktop access to easily manage the server from anywhere
- Configured Nginx as a reverse proxy with caching, rate limiting, and a web application firewall for optimal performance and security
- Isolated each web application under separate user accounts to limit the impact of potential security vulnerabilities
- Implemented AppArmor security profiles to strictly control application permissions and restrict damage from potential exploits
- Configured Fail2ban to monitor login attempts and automatically block suspicious IPs across both SSH and web services
- Set up rootless Docker containers with individual AppArmor profiles to minimize security risks from container-based attacks
- Implemented monitoring and alerting to track server health, security events, and application permission requests
- Configured VPN routing for torrent traffic to maintain privacy
- Designed a restrictive firewall policy allowing only pre-approved inbound proxies and whitelisted outbound domains
- Set up dynamic DNS to maintain stable connectivity despite ISP limitations
- Optimized the server's network stack and packet routing to maximize inbound and outbound throughput
