Blog

Added Cortex to the homelab stack today. Simple enough service to spin up, but getting it properly accessible with a trusted .homelab domain and no browser cert warnings took a few moving parts. Here’s the full process so I don’t have to figure it out again. The Goal Every service in the homelab gets a .homelab domain, HTTPS with a trusted internal cert, and a redirect from plain HTTP. No “your connection is not private” warnings, no typing https:// manually. ...

Hugo static site generator, PaperMod theme, hosted on Cloudflare Pages, deployed automatically on every git push. Zero servers to maintain, zero cost to run. The Stack Hugo: static site generator. Converts markdown files into a full HTML site at build time. PaperMod: clean, minimal Hugo theme. Fast, dark mode by default, good typography out of the box. GitHub: source of truth. The whole site lives in a repo. Cloudflare Pages: builds and hosts the site. Watches the GitHub repo and redeploys automatically on every push to master. How It Was Set Up Hugo Installed Hugo Extended locally on the machine used for writing. Extended is required for PaperMod because it handles the SCSS compilation. ...

Built out a full threat intelligence pipeline in the homelab today. The goal was to go from raw log data to enriched, actionable alerts with real IOC context, not just signature matching. The Problem Wazuh out of the box is good at detecting known attack patterns like brute force, privilege escalation, and file tampering. But it has no context about who is attacking. An SSH brute force from a random IP is an alert. An SSH brute force from a known Feodo C2 node is an incident. ...