Welcome to my homelab! This site serves as a showcase of my homelab as well as my documentation for disaster recovery. I had quite a bit set up already when I decided to open source everything, so this site will initially be a work in progress as I bring everything up to date.
My goals for my homelab:
- security
- automation
- documentation
- stability
You'll notice privacy is not one of my goals. By making a showcase for my homelab and open sourcing most of the code, I'm inherently revealing some information about what I run, and I'm okay with that. I also rely on some cloud providers for "outside my network" stuff like git hosting, VPN, backups, and TLS proxies. Being fully self-contained is not a goal of mine either.
With that intro out of the way, let's check out my homelab!
TODO
TODO
My app templates rely on the infrastructure below. These systems are laid out in the general order they need to be set up in. Supporting VMs are not strictly necessary for my templates to work, but they help keep things running smoothly.
Use the links to navigate to the setup docs for each item.
- GitHub
- source code management
- bootstrap secrets
- Discord
- channel(s) for homelab alert webhooks
- Tailscale
- ci to infrastructure SSH access
- AWS
- tfstate storage bucket
- github actions terraform federation
- Backblaze
- application key for terraform
- Cloudflare
- DNS
- WAF
- application key for terraform
- Infisical (if not self-hosting)
- common secrets
- GitHub Actions OIDC
- Proxmox VE
- network interfaces
- terraform user
- tailscale for CI access
- Proxmox Backup Server
- OPNsense Firewall
- Interfaces:
- WAN
- DMZ
- ADMIN
- ISC DHCP
- unbound DNS
- DHCP registrations
- tailscale for CI access
- Interfaces:
- Infisical Server (if not using cloud version)
- common secrets
- GitHub Actions OIDC
- tailscale for CI access
- Apt-Cacher-Ng Server
- cache packages for docker hosts
- Monitoring Server
- beszel
- dozzle
- Security Server
- undocumented
TODO