$ cat ~/.status
Last updated: 2026-05-10
Location: Los Angeles, CA
Building
- FreeBSD pf router: A self-built edge router and firewall at the heart of my homelab. FreeBSD 15 on a CWWK N100 mini PC (hostname
homefw), with an X-ONU-SFPP XGS-PON SFP+ module replacing the AT&T fiber gateway entirely. ZFS root, pf, unbound, ISC DHCP, WireGuard, and a Sodola 12-port 10G managed switch downstream of the LAN trunk. Tour the setup.
- Jail-isolated services: Moving DNS, monitoring, and VPN out of the router host and into VNET jails. One service, one dataset, one ZFS snapshot before every change.
- NixOS + K8s lab: A 3-node bare-metal Kubernetes cluster on Proxmox, configured declaratively in a private nix-config flake.
Running
- FreeBSD 15 edge router (
homefw) behind XGS-PON, with pf, unbound, ISC dhcpd, ntpd
- NixOS on Proxmox: 3-node Kubernetes cluster, bare metal
- Monitoring: Prometheus, Grafana, Alertmanager
- WireGuard for road-warrior VPN back into the LAN
- ZFS everywhere with hourly snapshots and offsite send/recv
Learning
- Cilium eBPF networking: replacing kube-proxy on the cluster
- Talos Linux: immutable OS for k8s nodes
- FreeBSD VNET internals and bhyve
- IPv6 design for residential networks (real prefix delegation, not 6to4)
Writing About
- FreeBSD pf router build and operations
- pf.conf design: rules, NAT, anti-spoofing, logging
- FreeBSD jails for network services
- NixOS in production
- Kubernetes on bare metal
- AWS cost optimization (real numbers, not fluff)
Stack
$ cat ~/.stack
Edge: FreeBSD 15 (homefw) + pf + unbound + XGS-PON SFP
Servers: NixOS 24.11 (declarative)
Cluster: kubeadm + Cilium
Hypervisor: Proxmox + ZFS
Editor: Neovim
Shell: Zsh + Starship
Terminal: Wezterm
Monitoring: Prometheus + Grafana
Reading
- Re-reading The Design and Implementation of the FreeBSD Operating System end to end
- Working through Designing Data-Intensive Applications patterns in production
- Following NixOS RFCs and the Lix project
Not Doing
- Social media (mostly)
- Chasing every new framework
- Premature optimization
$ echo "Ship fast. Ship often. Ship boring."