HeckIT.dev logo

Projects

A living portfolio of experiments, from blinking LEDs to full enterprise stacks.

Enterprise Homelab

In Progress

Windows like enterprise stack on Debian/Proxmox with zero trust access.

ProxmoxMikroTikpfSenseFreeIPAAnsibleCloudflare Tunnel
  • VLAN segmentation for DMZ, Infra, Clients, IoT
  • Zero inbound; admin plane over VPN only
  • Selected admin UIs gated by Cloudflare Access MFA
View

Proxmox + Cloudflare Zero Trust

Active

Secure remote Proxmox management via Cloudflare Tunnel (pve.heckit.dev) with Access MFA.

ProxmoxCloudflare TunnelCloudflare Access
  • Per app Access policy with identity challenge

GNS3 VLAN + Inter VLAN Routing Lab

Completed

Cisco + Aruba switches with pfSense firewall for routed VLANs and policy filtering.

GNS3Cisco IOSvL2ArubaOS CXpfSense
  • DHCP per VLAN; routed access via pfSense
  • Resolved ICMP to default gateway with ACL + rule audit

Lumenoxic LED Art

Active

Interactive LED installations using FastLED with wireless control and on device UI.

FastLEDESP8266/ESP32OLED UI
  • Animations with palette blending
  • UI on microcontroller no laptop required

HeckIT.dev Website

Active

Personal site built with Next.js, Tailwind, and shadcn/ui for portfolio, projects, and resume.

Next.jsTailwind CSSshadcn/uiVercel
  • Projects page with cards
  • Responsive layout with Tailwind v4 utilities
  • Custom branding and theme
View

Remote ID Drone Detector (DIY)

Planned

Low cost receiver for FAA Remote ID using SDR with real time map and alerts.

SDR (Software-Defined Radio)ESP32Python
  • Decode RID beacons; parse and display telemetry
  • Local alerting; optional privacy respecting map

FreeIPA Identity & SSO

Planned

Centralized auth for Linux services with Kerberos/LDAP; exploring Windows trust for mixed env.

FreeIPAKerberosLDAP
  • SUDO, HBAC, and SSH key distribution via IPA
  • Service accounts + host enrollment workflow

LAN Print Server (CUPS + Samba)

Planned

Network print service for mixed clients via CUPS/IPP with SMB sharing, isolated on IoT VLAN.

DebianCUPS (IPP)Samba (SMB)Avahi/mDNS
  • IPP Everywhere for driver light setup; Bonjour/mDNS discovery
  • Samba share for legacy Windows clients; per user ACLs
  • Printer isolated on IoT VLAN; egress-only rules to print host

Privacy First Apartment Cameras

Planned

Vendor free, local only IP cams with segmented VLAN access and encrypted remote viewing.

Reolink (local)WireGuardReverse Proxy
  • Cameras isolated on IoT VLAN with egress controls
  • Remote access via WireGuard + HTTP auth proxy

Nextcloud Personal Cloud

Planned

Self hosted files, calendar, and password vault as a privacy first SaaS alternative.

NextcloudPostgres
  • Object storage backend for durable media
  • External sharing behind Access or VPN

Uptime Kuma + Prometheus + Grafana

Planned

Observability for homelab services and network endpoints.

Uptime KumaPrometheusGrafana
  • HTTP/DNS/ICMP probes with alerts
  • System metrics and dashboards per service