As the title says, I want to know the most paranoid security measures you’ve implemented in your homelab. I can think of SDN solutions with firewalls covering every interface, ACLs, locked-down/hardened OSes etc but not much beyond that. I’m wondering how deep this paranoia can go (and maybe even go down my own route too!).


    6 months ago

    With my firewall disabled a lot of my internal network (including home assistant) will fall over sooner than later.

    But that is also a recipe for mass stress. Because I know “something happened”. And now I know “in six hours, I need to check in and make sure that ‘something’ is still not happening”. Which is extra shitty if I got the notification late evening local time.

    I have friends/neighbors that I trust to swing by and push a button in the event I need to bring it back up before I get home. But if I have reached the point of “it is possible my wireguard credentials were compromised?” then I really don’t need to be able to download the next episode of ATLA NOW.