My Homelab

What is a homelab?

Hardware

Servers

My primary servers are three Lenevo ThinkCentre Tinys, clustered together under Proxmox. Each ThinkCentre has an additional NIC installed, allowing for redundant cluster communication and a dedicated replication/migration network.

Nodes 1 and 3 are my primary "compute" nodes, which run the majority of VM/CT workload. In their "High Aavailablity" configuration, guests will failover if either node becomes unavailable and are periodically rebalanced between nodes by ProxLB [1]. Node 2 is primarily used as a storage server running Proxmox Backup Server (PBS) and apt-cacher-ng, but also serves as a reserve host for manual short-term migration of guests if needed. 
Lastly, I have one additional off-site server running a bare-metal install of PBS for remote backups.

Router

My primary router is a BananaPi R3 board. This serves as the edge router and wifi access point, while also performing traffic shaping, ad blocking via AdGuardHome, Dynamic DNS updating, and running two Wireguard instances for remote network access.

Switch

The primary switch is a managed Cisco unit with POE.

 

Networking

My network is segmented into several VLANs, based on access needed; i.e. external services are confined to a DMZ, CCTV cameras are only accessible by the NVR, the Proxmox cluster has a dedicated network for migrations, etc. The router's LAN connection is port-mirrored within my switch to allow for additional monitoring by ntopng.

I currently run two separate reverse proxies: one runs in the DMZ for proxying requests from external (untrusted) sources, and the second runs in my internal network for proxying internal requests. 
Internal DNS is handled by AdGuardHome with dnsmasq as a reverse DNS upstream server (both running on the router)

 

Services

In addition to anything mentioned above, other services usually running in my homelab include:

  • Nginx webserver for my website, Wavelog, and this blog
  • Crowdsec for monitoring access logs and addressing potential malacious actions or attacks.
  • Home Assistant, mostly for aggregating system monitoring
  • "Homepage" as my browsers starting page and homelab dashboard
  • Linkwarden for bookmarking and archiving webpages
  • AgentNVR for CCTV
  • Paperless-ngx for document archiving
  • Lubelogger for recording fuel and maintenance on my vehicles

 

Of course, being a homelab, there's usually a handful of other services running at any given time as I play and expirement with different ideas and concepts.

 

Note(s)

  1. ^ ProxLB is currently disabled due to a bug causing it to reallocate VMs which were explicitly excluded and failing to follow grouping settings.

Published on 24 Nov 2024 by Adam