My Home Lab Infrastructure

A comprehensive self-hosted infrastructure for learning, development, and production services

Network Architecture

Below is the complete network topology of my home lab infrastructure:

Home Lab Network Diagram

Infrastructure Overview

Hardware Foundation

A budget-friendly setup using repurposed hardware for reliable compute and storage.

  • Old gaming laptop as primary node
  • Mac mini for additional compute
  • 1TB HDD for local backup storage
  • Focused on simplicity and uptime
Network Infrastructure

A clean edge setup with secure access, SSL termination, and managed DNS.

  • Router with proper forwarding rules
  • Nginx Proxy Manager for SSL termination
  • *.balawalraja.uk domain management
  • Cloudflare for DNS and security

Proxmox Datacenter

The core of my infrastructure runs on Proxmox VE, providing enterprise-grade virtualization capabilities.

Node 1

Dedicated to backups and documentation to keep the lab recoverable and well documented.

Proxmox Backup Outline Wiki Dedup Encryption
Proxmox Backup Server: Deduplication and encrypted backups
Outline Wiki: Knowledge base and documentation
Node 2

Runs core services: storage, identity, CI/CD, DNS filtering, and secure remote access.

Nextcloud Wireguard Authentik Cloudflare Jenkins AdGuard
Nextcloud: Storage and collaboration
Wireguard: Secure remote access
Authentik: SSO and OAuth2
Cloudflare: DNS and protection
Jenkins: CI/CD pipelines
AdGuard: DNS filtering and ad blocking

Security & Access Control

Nginx Proxy Manager

Reverse proxy with automatic SSL certificate management via Let's Encrypt

Authentik IDP

Centralized authentication with OAuth2, SAML, and LDAP support for SSO across all services

VPN Access

Wireguard VPN for secure remote access to internal services and management interfaces

Backup & Disaster Recovery

Automated Backup Strategy

  • Daily Scheduled Backups: Automated at 00:00 daily
  • Proxmox Backup Server: Deduplication and incremental backups
  • Local HDD Backup: 1TB local storage for redundancy
  • Data Integrity: Regular backup verification and testing

Technical Challenges & Solutions

Challenges Overcome

The practical problems solved to get a stable, secure, and maintainable lab.

  • Migration from Raspberry Pi with Dynamic DNS
  • Ensuring data security during transitions
  • Managing server performance on limited hardware
  • Maintaining high availability and uptime
Solutions Implemented

The changes that made the environment reliable, repeatable, and easy to operate.

  • Professional domain with SSL certificates
  • Containerized services for better resource management
  • Automated monitoring and alerting systems
  • Comprehensive backup and recovery procedures

Learning Outcome: This hands-on experience, combined with professional cloud infrastructure work at ZAVA, has significantly enhanced my technical skills in system administration, network management, and DevOps practices.