Welcome to the microLab!
My goal is to have a homelab with critical services being highly available, important services being self-healing, and optional services mostly available, while maintaining a small footprint and low power consumption. Here's a photo of the current lab setup.
This repo exists as part of the billv-ca/homelab-* series of repositories containing IaC and documentation for my homelab.
This repo contains documentation for the homelab-* series of repositories. See also:
- TL-SG1016PE (Facebook Marketplace $75 unopened)
- Proxmox Cluster 2.5G
- Netgear GS105
-
pfSense pfSense is a free and open source firewall and router that also features unified threat management, load balancing, multi WAN, and more.
- HP Elitedesk 800 G3 Mini (35W) - Microcad.ca $94
- Intel® Core™ i5-6500T CPU @ 2.50GHz
- 8GB DDR4
- 512GB NVME
- 1Gbe on board
- 2.5Gbe m.2 NIC - 3d model to add nic
- HP Elitedesk 800 G3 Mini (35W) - Microcad.ca $94
graph
ONT[*ONT* 💿] --> ROUTER[*Pfsense* 💻↔️🌐]
ROUTER --> MAINSWITCH[*TL-SG1016PE* 💻🔗💻]
MAINSWITCH --> VLAN0[**LAN** 🌐✂️🖥️]
MAINSWITCH --> VLAN1[**Main** 📡🌐✂️🖥️]
MAINSWITCH --> VLAN2[**IOT** 📡🌐✂️🖥️]
MAINSWITCH --> VLAN3[**Homelab** 🌐✂️🖥️]
VLAN1 --> AP[3 x *EAP-650* 🛜]
AP --> WLDEV[**Wireless Devices** 📡]
VLAN2 --> AP
VLAN0 --> PCs[**PCs** ⌨️🖱️💻]
VLAN3 --> HLSW[*2.5G Switch* 💻🔗💻]
HLSW --> PM[**Proxmox Nodes** 💻]
VLAN3 --> ZIGBEE[**SMLIGHT SLZB-06** 🛜]
ZIGBEE --> ZBDEV[**Zigbee Devices** 📡]
VLAN2 --> NGSW[*Netgear GS105*]
NGSW --> WSD[**Wired IoT Devices**]
-
HP Elitedesk 800 G4 Mini (35W) - Microcad.ca $116
- Intel® Core™ i5-8500T CPU @ 2.10GHz
- 16GB DDR4
- 256GB NVME
- 1TB SATA III SSD
- 1Gbe on board - Used for AMT
- m.2 -> oculink adapter
- Minisforum DEG1 eGPU dock
- ASUS AMD 7800XT
- FSP VITA 750W power supply
- 2.5Gbe m.2 NIC - 3d model to add nic
-
HP Elitedesk 800 G3 Mini (35W) - Microcad.ca $94
- Intel® Core™ i5-6500T CPU @ 2.50GHz
- 16GB DDR4
- 256GB NVME
- 1TB SATA III SSD
- 1Gbe on board - Used for AMT
- 2.5Gbe m.2 NIC - 3d model to add nic
-
HP Elitedesk 800 G3 Mini (65W) - Microcad.ca $94
- Intel® Core™ i5-6500 CPU @ 3.20GHz
- 24GB DDR4
- 256GB NVME
- 1TB SATA III SSD
- 1Gbe on board - Used for AMT
- 2.5Gbe m.2 NIC - 3d model to add nic
Proxmox is a complete, open-source server management platform for enterprise virtualization. It tightly integrates the KVM hypervisor and Linux Containers (LXC), software-defined storage and networking functionality, on a single platform. With the integrated web-based user interface you can manage VMs and containers, high availability for clusters, or the integrated disaster recovery tools with ease.
🔑 Integrated with Authentik
- Kubernetes
- k3s-0
- k3s-1
- k3s-2
- OpenMediaVault
- Home Assistant
- Crafty Controller
OMV is the next generation network attached storage (NAS) solution based on Debian Linux. It contains services like SSH, (S)FTP, SMB/CIFS, RSync and many more ready to use. Thanks to the modular design of the framework it can be enhanced via plugins. openmediavault is primarily designed to be used in small offices or home offices, but is not limited to those scenarios. It is a simple and easy to use out-of-the-box solution that will allow everyone to install and administrate a Network Attached Storage without deeper knowledge.
Home Assistant is open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts.
Crafty Controller is a cross-platform Minecraft server control platform that you control from your web browser.
K3s is lightweight Kubernetes. Easy to install, half the memory, all in a binary of less than 100 MB.
| Service | Category | Description | Authentik Integration |
|---|---|---|---|
| Atlantis | IaC Deployment | Atlantis is Terraform Pull Request Automation. | ✅ |
| Authentik | Identity | Authentik is a self-hosted, open-source identity provider. | |
| Cert Manager | Network | cert-manager is a powerful and extensible X.509 certificate controller for Kubernetes and OpenShift workloads. It will obtain certificates from a variety of Issuers, both popular public Issuers as well as private Issuers, and ensure the certificates are valid and up-to-date, and will attempt to renew certificates at a configured time before expiry. | |
| Kubernetes Dashboard | System Tools | Dashboard is a web-based Kubernetes UI. | ✅ |
| Longhorn | Storage | Longhorn provides cloud-native persistent block storage. | ✅ |
| Mealie | Recipe Storage | Mealie is an intuitive recipe management app. | ✅ |
| Meshcentral | System Tools | Meshcentral is an open source, multi-platform, self-hosted, feature packed web site for remote device management with support for Intel AMT. | ✅ |
| MetalLB | Network | MetalLB is a load-balancer for bare-metal Kubernetes. | |
| OCIS | File Sync | Welcome to oCIS, the modern file-sync and share platform, which is based on our knowledge and experience with the PHP based ownCloud server. | ✅ |
| Ollama | AI | Ollama lets you run large language models locally. | |
| Omada Software Controller | Network | Omada software controller manages Omada APs. | |
| Open WebUI | AI | Open WebUI is an extensible, self-hosted AI interface that adapts to your workflow, all while operating entirely offline. | ✅ |
| Pi-hole | Network | Pi-hole offers network-wide ad protection. | ✅ |
| ROCm k8s-device-plugin | System Plugin | ROCm k8s-device-plugin enables AMD GPU registration in Kubernetes clusters. | |
| Traefik | Network | Traefik is a leading modern open source reverse proxy and ingress controller that makes deploying services and APIs easy. Traefik integrates with your existing ... | ✅ |
| Wireguard UI | System Tools | Wireguard UI is a web user interface to manage your WireGuard setup. | ✅ |
| Wireguard | Network | Wireguard: fast, modern, secure VPN tunnel. WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. |