HomeLab
Mar 7, 2025
·
3 min read
Note
Still under development
Homelab is my personal server infrastructure used to manage self-hosted services, automate deployments, and ensure the privacy of my data. It grew out of my experience with a QNAP NAS, which became limited in resources and speed, and from my increasing interest in avoiding dependence on large IT companies’ services.
The system is based on two miniPCs running Proxmox and Proxmox Backup Server:
- Main miniPC: i9 with 20 cores, 64 GB RAM, 2 TB storage. This is where all virtual machines run, depending on the services I want to deploy.
- Secondary miniPC: less powerful, dedicated to Proxmox Backup Server to optimize storage and keep a second local copy of backups.
- Encrypted remote backup: stored in a cloud provider, following the 3-2-1 backup strategy (three copies, two media types, one off-site).
Both the creation and configuration of virtual machines and the deployment of all services (via Docker containers) are fully automated using Ansible.
Services I currently use
| Service | Usage / what it is for |
|---|---|
| Homer | Dashboard to access all homelab services |
| VaultWarden | Self-hosted password manager compatible with Bitwarden |
| AdGuard Home | Internal DNS with ad-blocking, malware protection, and tracking filters |
| Home Assistant | Home automation platform for integrating and controlling devices |
| ZWave | Control and integration of IoT devices using the Z-Wave protocol |
| PeaNut | UPS status monitoring through a web interface |
| OwnCloud | File storage, synchronization, and sharing |
| Immich | Private photo hosting with automatic backup and mobile sync |
| Memos | Lightweight, self-hosted note-taking app |
| LubeLogger | Vehicle maintenance and expense tracking |
| Tandoor Recipes | Recipe manager, meal planner, and shopping list system |
| Tailscale | Mesh VPN for secure remote access without opening ports |
| MailRise | SMTP server that converts emails into notifications |
| AppRise | REST API to send notifications to more than 90 services |
| MailPit | Fake SMTP server for testing, with web UI to view emails |
| Portainer | GUI to manage Docker containers and stacks |
| ActualBudget | Personal finance manager based on envelope budgeting |
| Traefik | Reverse proxy and TLS certificate manager with Let’s Encrypt |
| AlertManager | Metrics-based alert routing and notifications |
| Prometheus | System and service monitoring and metrics collection |
Main goals achieved:
- Secure remote access to all services without opening ports directly on the router.
- Access to services through internal DNS with automatic TLS certificate issuance and renewal using Let’s Encrypt, avoiding exposed IPs and ports.
- Organization of services by hardware resources and data criticality, defining backup frequency and retention.
- Full control of my data, storage, and applications, replacing third-party services (Dropbox, Google Docs, Google Photos, Google Keep, etc).
