Security-focused homelab builder. I design and operate hardened self-hosted infrastructure with a strong emphasis on defense in depth, active threat detection and operational monitoring.
| Project | Description |
|---|---|
| secure-vps-homelab | Configuration and documentation for deploying a secure VPS and homelab environment. Focuses on server hardening, network security, and self-hosted services management. |
| securehomelab | Containerized homelab stack: CrowdSec, Cowrie honeypot, Nginx Proxy Manager, Prometheus, Grafana, Metabase threat intel |
| syswarden-homelab | SysWarden v3.10.2 HIPS deployed on ARM64 with manual Go compilation, nftables L2/L3 defense, full audit |
Security CrowdSec · Wazuh · SysWarden · nftables · Fail2ban · Cowrie · GeoIP / ASN filtering Infrastructure Docker · Nginx Proxy Manager · Portainer · Tailscale · WireGuard Observability Prometheus · Grafana · Metabase · Uptime Kuma Platform Debian ARM64 · Linux · Freebox Ultra · VPS-2-2027-OVH
- Defense in depth architecture, from L2 kernel filtering to L7 application defense
- Threat intelligence and active honeypot deployment
- Self-hosted infrastructure hardening and monitoring
Documenting real deployment outcomes (blocked ASNs, GeoIP stats, audit results) and extending observability across the stack.
Based in France · Open to connect on infrastructure security and self-hosting.