Real-time Status

HomeLab

I started my homelab at the beginning of 2023, and it's been growing and evolving ever since. At first the idea was to play and experiment with various technologies that I've been wanting to learn (e.g. cloud native), then it quickly became a central pillar in our day-to-day digital life, from managing and securing our home network to keeping all our data securely in place, backing up work stuff, and much more.

If you're interested in the current physical equipment in the lab, check out my kit page for my homelab.

I'm using Proxmox as my hypervisor on a Dell R720 server with an H710 mini raid controller for NAS. I'm running a bunch of VMs for different purposes:
My TrueNAS is running on titanium (I like naming VMs as chemical elements) with a NextCloud plugin that serves as our daily data handling solution for my wife and me (e.g. document backups, instant camera uploads from phones, etc.). I also put the periodic backups for the VMs into this server.
Our home-wide DNS server is a PiHole instance, running on potassium to cache our dns requests to make things more responsive at home, as well as blocking ads globally across the network.
Firewall is handled by an OPNSense instance for now, I'm planning on switching to a hardware setup soon.
Silicon and nitrogen are serving as our reverse proxies, each running a Traefik instance. Nitrogen is the live reverse proxy, handling requests coming from the internet, and the Silicon is the local reverse proxy, handling internal routing of the services. Both are utilizing Portainer instances to manage docker images, hosting a bunch of small services such as a LittleLink instance to serve canerlab.live, and things like Uptime Kuma for monitoring, which is what serves that live status page you see at the top of this page.
In addition to all this, lithium is running a headless ubuntu that I use daily for work. I use Jetbrains Gateway to keep my Goland instances remotely hooked up there all the time.

My external DNS is handled by Cloudflare and the SSL certificates are provided by LetsEncrypt, distributed internally by the Traefik instances on nitrogen and silicon, so all the services under the domain "canerlab.live" are legit SSL certified.

Here's the logical layout of the services:

I recently did a network upgrade with Unifi equipments. I set up the Dream Machine Special Edition as the primary router. Google Fiber 2.5Gbit router became just a passthrough modem. I also added a layer 3 Pro Max 24 PoE switch to create some VLANs to isolate IoT devices and cameras etc in my network from the main compute devices. Also the smart Power Distribution Pro became handy, as it constantly monitors the connection and whenever there's a fluctuation in the network or an outage, it automatically restarts the devices I designated (e.g. router, modem etc) to try to re-stabilize the network by itself. So no more waking up to a catastrophy in the mornings.

My future plans include laying down a hardware firewall, as well as adding more compute to form clusters, improving power management (better UPS with more capacity), maybe adding a dedicated separate NAS server. I also need to work a little bit on the cooling. The room is in the basement so I don't have a too big problem there just yet, but we're getting there. I'm thinking installing a split AC to take care of that soon. Software-wise, I'd like to experiment more with Terraform on Kubernetes clusters with Juju using the terraform juju provider that I'm maintaining and developing. You can check out a discourse post I wrote about it recently.

Physical Stuff