Homelab
π‘ DevOps Home Lab
As a retired NYPD Sergeant and U.S. Army Veteran transitioning into DevOps, I built this self-hosted, production-grade home lab to mirror real-world infrastructure. Itβs designed for learning, testing, automation, and hardening β with security and observability at its core.βοΈ Hardware Setup
| Device | Purpose |
|---|---|
| Desktop | Kali Linux + Windows 11 (dual boot) for local dev/testing |
| Laptop | Kali Linux for mobility and SSH access |
| Server | GMKtec N100 running Ubuntu Server |
| Hypervisor | MinisForum MS-01 with Proxmox VE |
| NAS | Synology DS223j (16TB) for media & backups |
π³ Core Dockerized Services
- Traefik β Reverse proxy with auto HTTPS (Letβs Encrypt)
- Pi-hole β Network-wide ad/malware blocking
- Prometheus + Grafana β Metric collection and dashboards
- Netdata β Real-time monitoring across containers
- Plex β Media server integrated with NAS
- Nginx β Static site hosting (including this website)
π Networking & Access
- TLS encryption for all services (Letβs Encrypt via Traefik)
- Subdomain routing handled via Cloudflare
- SSH access restricted to public key authentication
- Dynamic DNS managed through Cloudflare API
- Reverse proxy + firewall rules for tight access control
π Monitoring & Automation
- Prometheus β Time-series metrics
- Grafana β Visual dashboards (disk, CPU, containers)
- Netdata β Real-time performance graphs
- Fail2Ban β SSH brute-force protection
- Bash scripts β Automated daily health reports via email (cron)
β Design Principles
- Security-first: Public key SSH, HTTPS, restricted ports
- Separation of concerns: Media, DNS, compute split by service
- Production-like: Infrastructure mimics real environments
- Self-hosted: Full control, no third-party lock-in
- Flexible + Scalable: Proxmox allows isolated VM environments for experimentation
This lab gives me hands-on experience with the same tools used in real-world DevOps β and helps me continuously improve my automation, observability, and security skills.
π Back to Projects | View on GitHub