Infrastructure

The Home
Lab

A self-hosted playground for DevOps, Networking, and Virtualization experiments. Where production-grade systems meet curiosity.

Why Self-Host?

In an era of cloud convenience, running your own hardware teaches you the fundamentals that abstractions hide. My home lab is a testing ground for enterprise concepts—from VLAN segmentation to high-availability clusters.

It allows me to simulate failure scenarios, experiment with new orchestrators, and maintain complete control over my data privacy without racking up cloud bills.

Built entirely on used enterprise components, this project proves that high-performance infrastructure doesn't require a massive budget—just resourcefulness and curiosity.

Live Status

HardwareLenovo ThinkCentre M920q
i5 9th Gen • 48GB RAM
RouterTP-Link ER605 (Multi-WAN)
HypervisorProxmox VE
NetworkIPv6 + Cloudflare DDNS
PowerSolar Connected

The Stack

ENERGY

Solar Power

Powers the entire lab and household with renewable energy.

"

Sustainability. Running servers 24/7 consumes significant power. An on-grid setup offsets this consumption entirely during the day and net-meters the rest, making the lab effectively carbon-neutral and cost-free to run.

Why I chose this
CORE HV

Proxmox VE

Type-1 hypervisor running on Lenovo M920q. Manages LXC containers and VMs with efficient resource allocation for 24/7 operation.

"

I chose Proxmox over ESXi primarily for its native LXC (Linux Container) support. This allows me to run lightweight services with bare-metal performance and minimal RAM overhead, maximizing what I can squeeze out of the hardware.

Why I chose this
NETWORKING

Omada & Cisco

TP-Link ER605 handling routing, pairing with Cisco switches for Layer 2 segmentation.

"

The ER605 is unbeatable for its price-to-performance ratio in handling Multi-WAN load balancing. Combined with Cisco's robust VLAN capabilities, it gives me enterprise-grade isolation for IoT devices without the enterprise licensing fees.

Why I chose this
ACCESS

Cloudflare Tunnel

Zero Trust exposure for services. No open ports on the router.

"

Security is paramount. By using Cloudflare Tunnels, I avoid port forwarding entirely. It mitigates DDoS attacks at the edge and simplifies SSL certificate management to a 'set and forget' operation.

Why I chose this
ORCHESTRATION

Docker & Portainer

Container orchestration for microservices (Media, Monitoring, Automation).

"

Standardization. Defining infrastructure as code via Docker Compose makes backups and migration trivial. Portainer provides that quick 'at-a-glance' health check from my phone when I'm away.

Why I chose this
VPN

WireGuard

Kernel-level VPN for direct, low-latency access to the LAN.

"

Speed and battery life. WireGuard's modern codebase is significantly lighter than OpenVPN. The connection is instant, and it doesn't drain my mobile battery when left on 24/7.

Why I chose this
SERVICES

UmbrelOS

The operating system powering the deployed apps listed below.

"

Usability. It acts as the central dashboard for all self-hosted services. Instead of managing individual Docker containers via CLI, UmbrelOS provides a unified, app-store-like experience for deploying and maintaining the entire suite of applications.

Why I chose this

Deployed Apps

Budibase

Live

Rapidly building internal tools and dashboards for the lab.

code-server

Live

VS Code in the browser for remote development from any device.

Docmost

Live

Centralized knowledge base for documenting network configurations.

Domain Locker

Live

Managing domain expirations and SSL certificates.

Excalidraw

Live

Whiteboarding network diagrams and architecture flows.

File Browser

Live

Web-based file manager for managing NAS storage remotely.

Frigate

Live

NVR with real-time AI object detection for security cameras.

Home Assistant

Live

The brain of the smart home, automating lights, climate, and security.

Homebridge

Live

Bridging non-HomeKit devices like Unifi cameras to Apple Home.

Jellyfin

Live

Open-source media server for streaming movies and TV shows.

Jellyseerr

Live

Request management system for the media library.

LibreSpeed

Live

Hosting a local speed test server to diagnose network bottlenecks.

LlamaGPT

Live

Private, self-hosted LLM chatbot running entirely offline.

n8n

Live

Workflow automation to sync data between services.

Nextcloud

Live

Self-hosted cloud storage for backing up photos and documents.

Nginx Proxy Manager

Live

Managing reverse proxies and auto-renewing Let's Encrypt SSLs.

Plex

Live

Streaming media to family devices with a polished interface.

Prowlarr

Live

Index manager for integrating trackers with Sonarr and Radarr.

Radarr

Live

Automating movie downloads and organizing the library.

SimpleTorrent

Live

Lightweight torrent client for quick downloads.

Technitium DNS

Live

Local DNS server with ad-blocking and custom records.

Transmission

Live

Robust BitTorrent client for handling large ISOs.

WebCheck

Live

Monitoring uptime and SSL status of all public services.

Yucca

Live

Video surveillance server for managing and viewing camera feeds.

Next: openclaw.ai

"The missing interface for my Home Lab."

I'm using OpenClaw to give my entire stack a voice. It connects to Home Assistant, Frigate, and my media servers, letting me control everything from standard chat apps.

Lab Control Center

Query server stats, restart Docker containers, or check Frigate events without opening a dashboard.

Unified Interface

One chat window to talk to Home Assistant, search Jellyfin, or get network alerts from Uptime Kuma.

Private Intelligence

Running local LLMs (Llama 3) on my own hardware to process my personal data securely.

Visit OpenClaw.ai