This Is Just the Starting Point

Even after designing PKI, Vault, proxies, and basic app layouts, I still see this as the beginning of the lab, not the end.

There are many directions I’d like to explore next.

Possible Next Steps

Some things on my list:

  • Service mesh concepts on a single VPS:
  • mutual TLS between more services,
  • identity-based access at the proxy layer.
  • More automated rotation:
  • integrate cert rotation with app reloads,
  • detect expired certs before they cause incidents.
  • Experiment with Kubernetes-like patterns:
  • use my VPS as a conceptual bridge toward future cluster setups.
  • Better observability:
  • metrics, traces, not just logs.

Why I’m Writing It Down

Writing this as blog posts, not just private notes, forces me to:

  • be precise about what I’m trying to do,
  • admit where things are still fuzzy,
  • and document failures and successes in a way I can revisit later.

This lab is my sandbox for infra, security and bug bounty work – and this blog is my way of keeping track of the journey.