HOMELAB ARCHITECTURE

Homelab & Toolbox

A practical environment for learning infrastructure, monitoring, security detection, identity, and automation by running real services and fixing real breakages.

01

Architecture

Core Host Linux server Docker-managed service stack
Runtime Docker / Dockge Containerised services and stack management
Security Wazuh + Suricata SIEM, alerting, and network intrusion detection
Monitoring Grafana stack Prometheus metrics, Loki logs, Grafana dashboards
Access Authentik + Cloudflare Tunnel Identity layer and safer service exposure
Automation n8n Workflow automation for repeatable admin tasks
Writeups Jekyll Markdown notes for incidents, builds, and projects
02

Toolbox

Infrastructure

  • Linux server administration
  • Docker container deployment
  • Dockge stack management
  • Cloudflare Tunnel exposure

Security

  • Wazuh SIEM and alerting
  • Suricata IDS coverage
  • Log review and triage
  • Incident writeups and root-cause notes

Monitoring

  • Grafana dashboards
  • Prometheus metrics
  • Loki log storage
  • Promtail log shipping

Automation

  • n8n workflow automation
  • Repeatable admin tasks
  • Service health checks
  • Operational reminders and cleanup flows

Identity & Access

  • Authentik identity layer
  • Centralised service access
  • Proxy-aware application exposure
  • Access-control experimentation

Documentation

  • Markdown incident notes
  • Jekyll writeup publishing
  • Build/break/fix logs
  • Portfolio-facing evidence
03

Changelog

Short operational history of the lab. Larger changes and failures can be expanded into full Markdown writeups over time.

PUBLISHING Jul 2026

Added Jekyll writeups system

Converted the static portfolio into a Jekyll site so incidents, builds, projects, and notes can be written in Markdown and rendered through the site theme.

Read writeup →
ACCESS In progress

Identity and secure access layer

Centralising access with Authentik, exposing selected services through Cloudflare Tunnel, and reducing ad-hoc access patterns across the lab.

MONITORING Built

Grafana / Prometheus / Loki observability

Added metrics, logs, and dashboards so services are visible during normal operation and easier to diagnose when they degrade.

Read writeup →
SECURITY Built

Wazuh and Suricata security stack

Stood up SIEM and IDS coverage as the security layer for log analysis, alerting, and network detection practice.