{"data":{"projects":{"edges":[{"node":{"frontmatter":{"title":"Home Plex Media Server","tech":["Docker","Ubuntu Server","Linux Filesystem","Storage Management","Networking"],"github":"https://github.com/damienfoster","external":""},"html":"<p>Engineered a high-availability media server architecture by migrating legacy services from Raspberry Pi to an x86-64 HP ProDesk Mini environment. Designed and deployed a containerized stack featuring <strong>Plex, Radarr, Sonarr, SABnzbd, and Prowlarr</strong> using Docker Compose.</p>\n<p><strong>Key Technical Achievements:</strong></p>\n<ul>\n<li><strong>Storage &#x26; Filesystem Architecture:</strong> Orchestrated a 14TB external storage array utilizing persistent bind mounts and standardized Linux filesystem hierarchies.</li>\n<li><strong>Security &#x26; Permissions:</strong> Managed complex UID/GID mapping to ensure secure, consistent container access to local and network-attached storage.</li>\n<li><strong>Network Optimization:</strong> Resolved cross-VLAN mDNS and routing issues to ensure seamless media delivery across segmented home network zones.</li>\n<li><strong>Performance Engineering:</strong> Debugged hardware acceleration (QuickSync) and transcoding behaviors to optimize CPU utilization during high-bitrate playback.</li>\n</ul>\n<p>Demonstrates advanced Linux proficiency, container orchestration, and real-world troubleshooting of complex application networking.</p>"}},{"node":{"frontmatter":{"title":"Home Unify Controller","tech":["Ubuntu Server","Docker","UniFi SDN","802.1Q VLAN Tagging","Linux Administration"],"github":"https://github.com/damienfoster","external":""},"html":"<p>Architected a containerized network management layer by deploying a UniFi SDN controller via Docker on an Ubuntu-based HP Mini-PC. Implemented strict 802.1Q VLAN tagging across dual access points to enforce logical segmentation between IoT, Guest, and Internal traffic, mirroring enterprise-grade security architecture in a compact edge environment.</p>\n<p><strong>Key Technical Achievements:</strong></p>\n<ul>\n<li><strong>Containerized Deployment:</strong> Leveraged Docker to isolate the SDN controller, ensuring easy portability and consistent environment variables across host migrations.</li>\n<li><strong>Network Segmentation:</strong> Orchestrated strict <strong>802.1Q VLAN tagging</strong> across dual access points to enforce logical separation between IoT, Guest, and Internal traffic.</li>\n<li><strong>Linux Systems Management:</strong> Optimized the host Ubuntu Server for minimal resource overhead and configured persistent volume mounts for database stability.</li>\n<li><strong>Traffic Engineering:</strong> Implemented granular stateful firewall rules to manage inter-VLAN routing and prevent lateral movement from untrusted devices.</li>\n</ul>"}},{"node":{"frontmatter":{"title":"Proxmox Virtualization & Infrastructure Lab","tech":["Proxmox VE","ZFS Storage","LXC Containers","KVM Virtualization","Resource Orchestration"],"github":"https://github.com/damienfoster","external":"#"},"html":"<p>Developed a robust Type-1 hypervisor environment to simulate enterprise data center operations and host critical network services.</p>\n<ul>\n<li>Deployed <strong>Proxmox VE</strong> on dedicated hardware, utilizing <strong>ZFS RAIDZ-1</strong> storage pools to ensure data integrity and high-performance I/O for virtual disks.</li>\n<li>Orchestrated a hybrid environment of <strong>LXC containers</strong> for lightweight services and <strong>KVM virtual machines</strong> for full OS isolation, optimizing hardware resource allocation.</li>\n<li>Configured <strong>automated backup policies</strong> and snapshotting to facilitate rapid disaster recovery and system state rollbacks during configuration testing.</li>\n<li>Integrated <strong>real-time monitoring</strong> for CPU, RAM, and thermal metrics to maintain system health and prevent resource contention across the virtual infrastructure.</li>\n</ul>"}},{"node":{"frontmatter":{"title":"Enterprise Edge Security & VLAN Segmentation","tech":["pfSense","WireGuard VPN","Unifi Networking","ntopng","Traffic Shaping"],"github":"https://github.com/damienfoster","external":"#"},"html":"<p>Architected and deployed a custom pfSense security gateway to manage a multi-segmented enterprise-grade home network.</p>\n<ul>\n<li>Established strict <strong>VLAN segmentation</strong> using Unifi hardware to isolate Management, IoT, Guest, and Lab environments, controlled via granular stateful firewall rules.</li>\n<li>Engineered a high-performance <strong>WireGuard VPN tunnel</strong> for secure, low-latency remote access to internal network resources.</li>\n<li>Implemented <strong>ntopng</strong> for deep packet inspection and netflow analysis, providing real-time visibility into bandwidth utilization and potential security anomalies.</li>\n<li>Configured <strong>bandwidth shaping (FQ_CoDel)</strong> to prioritize mission-critical traffic and eliminate bufferbloat during high-utilization periods.</li>\n</ul>"}}]}}}