This is a decent writeup on applying “Zero Tust” principles to a home lab using mostly open source tools. I’m not the author, but thought it was worth sharing.
This is a decent writeup on applying “Zero Tust” principles to a home lab using mostly open source tools. I’m not the author, but thought it was worth sharing.
Zero trust, but you have to use Amazon AWS, Cloudflare, and make your own Telegram bot? And have the domain itself managed by Cloudflare.
Sounds like a lot of trust right there… Would love to be proven wrong.
Yeah, I practice some ZeroTrust principles w/o using any of the above. I use Docker networks to associate services and their data and restrict them from accessing services/data they don’t need. I use HAProxy at the edge to route requests to specific nodes in my network, and all of that operates over my own WireGuard VPN. I’m working on creating VLANs for my network to further segment things, so I can dictate which devices can access which resources. For continuous monitoring and alerting, any separate device connected to my VPN would work (haven’t yet configured that); I personally don’t bother because my SO/kids will tell me if something they use goes down, and knowing a few minutes earlier wouldn’t matter.
You really don’t need AWS, Cloudflare, or Telegram for any of this. That said, it is interesting to read through when crafting your own solution, if only to check which parts you have and what parts you may have forgotten.