All Projects

A comprehensive list of my architectures, scripts, and deployments.

HomeLab: Hyperconverged Cluster with Proxmox & Kubernetes

HomeLab: Hyperconverged Cluster with Proxmox & Kubernetes

A production-grade home lab built from enterprise surplus hardware — a 3-node Proxmox VE hyperconverged cluster running Kubernetes, Ceph storage, VLANs, and a full monitoring stack. The entire infrastructure is defined as code using Terraform and Ansible.

ProxmoxKubernetesCephTerraformAnsibleCiliumGrafanaPrometheus
Open-Source SIEM: Wazuh + ELK Stack Deployment

Open-Source SIEM: Wazuh + ELK Stack Deployment

Designed and deployed a fully integrated SIEM platform using Wazuh for host-based intrusion detection and the ELK stack for log aggregation, correlation, and visualisation — monitoring 50+ endpoints across 3 network segments.

WazuhElasticsearchLogstashKibanaDockerFilebeatSuricata
Multi-AS BGP Lab with FRRouting on Linux

Multi-AS BGP Lab with FRRouting on Linux

A fully virtualised BGP routing lab simulating a 4-AS internet exchange environment using FRRouting on Linux VMs. Covers eBGP peering, iBGP full-mesh, route reflectors, path manipulation, community tagging, and route filtering with prefix lists.

BGPFRRoutingLinuxGNS3NetworkingOSPF
Self-Hosted ZTNA Gateway with Authelia & WireGuard

Self-Hosted ZTNA Gateway with Authelia & WireGuard

Designed and deployed a self-hosted Zero Trust Network Access gateway combining Caddy reverse proxy, Authelia for SSO/MFA, and WireGuard for encrypted tunnels. Enforces device-health, role-based access, and session-aware policies across internal services.

Zero TrustWireGuardAutheliaCaddyDockerSecurity