As the title says, I want to know the most paranoid security measures you’ve implemented in your homelab. I can think of SDN solutions with firewalls covering every interface, ACLs, locked-down/hardened OSes etc but not much beyond that. I’m wondering how deep this paranoia can go (and maybe even go down my own route too!).

Thanks!

  • @tapdattl
    link
    English
    211 months ago

    Do you recommend any resources about this? I’d be interested in learning how to implement this.

    • @refreeze
      link
      English
      211 months ago

      I’m using the recently merged Clevis module for NixOS. There was a recent talk at FOSDEM about it.