Enterprise-grade infrastructure, built and operated by one engineer. A personal datacenter for learning, building, and securing everything.
A full-stack datacenter environment running on enterprise hardware with redundancy, segmentation, and monitoring at every layer.
High-performance hypervisor hosting the entire stack.
Enterprise NAS with redundant parity and NVMe caching.
Full UniFi SDN stack with enterprise security features.
A 9-node K3s cluster running ~190 pods with ArgoCD GitOps for fully declarative, version-controlled deployments.
High-availability control plane with dedicated worker nodes for different workload types.
Every workload is defined in Git and automatically synced. No manual kubectl applies, no drift.
Enterprise VLAN segmentation with purpose-built security zones. Every network boundary is a firewall boundary.
Defense in depth: network segmentation, endpoint monitoring, AI surveillance, and continuous vulnerability assessment.
Full security information and event management platform with 25 agents across all infrastructure hosts. Centralized log analysis, vulnerability scanning, file integrity monitoring, rootcheck, and security configuration assessment.
Frigate NVR with 7 cameras running real-time AI object detection on an NVIDIA RTX 3080 Ti. Person, vehicle, and animal detection with zone-based alerting and 24/7 recording.
UniFi IPS/IDS with deep packet inspection at the gateway. Country-based geo-blocking, content filtering, and real-time threat intelligence feeds.
Network-wide ad and tracker blocking via AdGuard Home. Custom filter lists, per-client rules, and DNS-over-HTTPS for outbound queries.
Automated TLS certificate provisioning via Let's Encrypt with Traefik. Wildcard certificates for internal services, auto-renewal, and HTTPS everywhere.
Full observability stack with metrics, alerting, and dashboards for every layer of the infrastructure.
Time-series metrics database scraping every host, service, and application in the stack.
Visualization platform with custom dashboards for every subsystem in the lab.
PrometheusRule-based alerting with multi-channel notification delivery.
~190 pods running across 9 Kubernetes nodes. Every service deployed via ArgoCD GitOps, monitored by Prometheus, and secured by VLAN isolation.
Media streaming server with hardware transcoding and remote access
TV series management and automated download orchestration
Movie collection management with quality profiles and upgrades
Music library management and automated acquisition
Unified indexer manager for all media automation services
Request management portal for media library additions
Central home automation hub with 200+ entities across lighting, climate, and sensors
Visual flow-based automation for complex multi-service workflows
Zigbee device bridge supporting 50+ devices without vendor lock-in
Addressable LED controller for ambient and accent lighting effects
Security information and event management with 25 monitored agents
AI-powered NVR with 7 cameras and RTX 3080 Ti object detection
Network-wide DNS filtering and ad blocking with query analytics
Time-series metrics collection with custom scrape configs for every host
Visualization dashboards for infrastructure, network, and application metrics
Alert routing and notification delivery via Discord, Telegram, and email
Custom AI management platform with 264+ tools across 30 tool groups
AI-powered bot for infrastructure management via slash commands
Mobile-first infrastructure control and monitoring
Local LLM inference on RTX 3080 Ti for AI object detection and analysis
Document management system with OCR, tagging, and full-text search
Task management and project tracking with Kanban boards
Reverse proxy and ingress controller with automatic Let's Encrypt certificates
GitOps continuous deployment for all Kubernetes workloads
External DNS management with DDoS protection and CDN
Zero-config mesh VPN with dual subnet routers for high availability
A custom-built AI platform (Thor) that provides intelligent infrastructure management through 264+ MCP tools, 10 specialized agents, and multi-channel interfaces.
Model Context Protocol server providing AI assistants with direct access to every system in the infrastructure. Built on Claude AI with Anthropic's SDK.
10 specialized AI agents, each with scoped tool access and domain expertise. Hot-reloadable registry with persistent memory.
Beyond software: a workshop for physical prototyping, custom fabrication, and creative projects.
40W diode laser for cutting and engraving wood, acrylic, leather, and more. Enclosed workspace with exhaust filtration.
Dual-laser system (fiber + diode) for engraving metals, plastics, wood, and stone. High-speed galvo marking.
Multi-material FDM printer with AMS (Automatic Material System). Carbon fiber, PETG, TPU, and 16-color prints.
16K resolution MSLA resin printer for ultra-detailed miniatures, prototypes, and jewelry molds.
Precision cutting machine for vinyl, paper, fabric, and thin materials. Custom stickers, decals, and craft projects.
The scale of a personal infrastructure that rivals small enterprise deployments.
This homelab is a living platform for continuous learning in security, infrastructure, and automation.
Get in Touch Back to Resume