I recently made some big changes to my homelab so I thought I’d write about it here.
My “on-prem” infrastructure consists of three Proxmox hosts with a variety of VMs. As of right now, I do this so I can be hardware agnostic and easily move and backup entire VMs to any Proxmox host I need in the future. I’ve thought about implementing high availability, but many of my services require devices to be passed through. I may end up doing that in the future for a few critical services.
I use Nginx Proxy Manager to access my services from my Wi-Fi / Guest network while keeping my main production network isolated. I’ve also thought about making network access more granular and implementing more VLANs, but a lot of my IoT devices rely on mDNS and other things that don’t play nicely with VLANs. Having Home Assistant and my IoT devices on the same network as my endpoints lets everything work without issue. I treat all devices on this network as untrusted.
Other than that, I use Tailscale to access my services remotely with the exception of Jellyfin. Backups of all VMs and my main network share (an Ubuntu VM with a SATA card passed through using SnapRAID + MergerFS) are backed up every night via Ansible playbooks. I’m planning to go more in-depth regarding that in another post.
I’m also contemplating replacing Graylog and Checkmk with Zabbix or Prometheus along with looking into running Graylog and Wazuh as containerized services versus having to manage separate VMs. I’ve also thought about building a physical firewall instead of virtualizing it so my network doesn’t go down during Proxmox updates.
That’s about all I have for now, thanks for reading!
Leave a Reply