I am an aspiring cybersecurity analyst who loves getting my hands dirty with real world projects. I started my tech journey in october 2024, and things have escalated quickly! My main focus is developing the core skills needed for security operations centers (soc) and defensive security.

My learning journey:

• Currently studying: Rust programming, database logic with sql, and advanced automation with bash/python.
• Passionate about: Infosec, building efficient workflows, and "breaking to fix" my own servers.

Goals:

• Master rust and python for security automation.
• Overthewire Bandit challenge (Completed!)
• Deploy my first web page to the wild.
• Complete google's foundations of cybersecurity and tryhackme's soc 1 pathways.

My active production environment. I migrated from a raspberry pi to 'Phi', a high performance computer (i5 14500, 3060 ti) to support gpu accelerated workloads and complex network routing. This repository documents the security protocols, network isolation, and custom automation scripts that power my operations.

Key technical achievements:

• My very first Website! I set out to prove you can build a website for exactly €0, and I pulled it off! Check out my repositories for the blueprints and tools I used to keep it cost free.
• Scale and isolation: Managing 30+ docker containers with strict network isolation and reverse proxy routing using NPM and Pi-hole.
• Secure remote boot: Custom "double tty strike" script for remote luks decryption via dropbear initramfs, all initialized with WoL.
• Custom rust api: Developed two backends in rust; one to power my website, and another to feed real time data into a homarr iframe, focusing on memory safe data handling.
• Network resolution: Orchestrated Nginx Proxy Manager and Pi-hole within a shared docker network, only opening ports 53/80/443 with UFW and implementing local dns rewrites.
• Automated cloud backup: A dual stage disaster recovery pipeline using tar compression and secure rclone api transport to google drive.

The docker fleet:

• Media and automation: Radarr, sonarr, lidarr, prowlarr, qbittorrent, jellyfin, navidrome, and audiobookshelf.
• Productivity: Immich (machine learning for photo tagging), trilium (note taking), and code server for remote development.
• Monitoring: Uptime kuma (integrated with telegram bots for real time alerts), dashdot, dozzle, and watchtower.
• Gaming: Steam headless — a gpu accelerated gaming instance (sunshine/moonlight) leveraging the 3060 ti in a containerized environment.

Preview:

This is the origin story of my self-hosting addiction. It serves as a comprehensive, step by step tutorial repository for anyone looking to turn a €40 Raspberry Pi 3 into a secure, headless home server. If you are a beginner, you can start here.

Inside the repository you will find:

• Headless Server Basics: Step by step guides on flashing your OS of choice, configuring static IPs via nmtui, and locking down SSH with RSA keys and disabled password authentication.
• Networking & VPNs: Detailed instructions for safely exposing the Pi to the outside world using port forwarding, PiVPN (WireGuard), and OpenVPN.
• Automated setup scripts: Custom Bash scripts I wrote to automate the installation and permission handling for Samba File Shares and Jellyfin media servers.
• Containerization 101: Beginner friendly Docker installation guides and docker-compose.yaml templates for lightweight services like Navidrome.

• Rebuilding qBittorrent in Rust. This is very ambitious! But I hope I can achieve this one.
• Diving deeper into advanced rust for security tooling.
• Rebuilding my automated "now playing" script for navidrome profile integration.
• Open to collaboration on open source security or self hosting projects!