Security

Traefik Middleware Security Hardening — Headers, Rate Limiting, and Auth

Complete guide to Traefik middleware security hardening with real-world configs — security headers, rate limiting, IP whitelisting, basic auth, redirect schemes, and chaining middlewares for an A+ security rating.

May 18, 2026 · 15 min · 3006 words · GnTech

Docker Rootless Mode — Secure Container Runtime for Homelabs

Complete guide to running Docker in rootless mode — no root daemon, no privileged containers. Covers installation, networking workarounds, Docker Compose, Proxmox LXC compatibility, and production readiness.

May 18, 2026 · 15 min · 3065 words · GnTech

Proxmox GPU Passthrough — Complete Setup Guide for VMs

Complete guide to GPU passthrough on Proxmox VE — from IOMMU enablement and VFIO binding through NVIDIA Error 43 fixes and the vendor-reset kernel module.

May 18, 2026 · 12 min · 2494 words · GnTech

Docker Multi-Stage Builds — Practical Guide for Homelab

Master Docker multi-stage builds to shrink production images from 1.2GB to under 50MB. Covers Go, Python, and Node.js patterns with real Dockerfiles and build cache strategies.

May 18, 2026 · 12 min · 2510 words · GnTech

CrowdSec Docker Deployment — Collaborative IPS for Your Homelab

Deploy CrowdSec with Docker Compose and Traefik to protect your homelab services with collaborative threat intelligence. Covers the LAPI agent, bouncers, collections, custom scenarios, and remediation pipeline with real configs.

May 17, 2026 · 11 min · 2309 words · GnTech

Vaultwarden Docker Deployment — Self-Hosted Password Manager Guide

Deploy Vaultwarden, a lightweight Bitwarden-compatible password server, with Docker Compose and Traefik in your homelab. Covers admin panel setup, automated backups, SMTP configuration, and security hardening.

May 17, 2026 · 9 min · 1789 words · GnTech

Pi-hole and Unbound — Recursive DNS with Ad Blocking for the Homelab

Deploy Pi-hole v6 with Unbound as a recursive DNS resolver using Docker Compose. Covers ad blocking, privacy-focused recursive resolution, local DNS records for homelab services, MikroTik router integration, and query monitoring.

May 16, 2026 · 13 min · 2706 words · GnTech

Self-Hosted AI — Deploy Ollama and Open WebUI in Your Homelab

Deploy Ollama and Open WebUI on your homelab hardware for private, self-hosted AI inference. Covers Docker Compose setup, GPU acceleration, model management, remote access, and production hardening tips.

May 16, 2026 · 10 min · 1987 words · GnTech

Systemd Service Hardening — Lock Down Linux Services in Your Homelab

Hardening systemd service units in your homelab isn’t just for production servers — it’s how you prevent one compromised service from taking down your entire host. This guide covers sandboxing, capability drops, filesystem isolation, and resource limits with real unit files you can use today.

May 15, 2026 · 12 min · 2405 words · GnTech

Docker Container Security — Non-Root Users, Capabilities, and Runtime Hardening

Hardening Docker containers in your homelab isn’t optional — it’s how you prevent container escapes and privilege escalation. This guide covers non-root users, capability drops, read-only filesystems, and seccomp profiles with real Compose configs.

May 15, 2026 · 12 min · 2433 words · GnTech