HOMELAB, VIRTUALIZATION, CONTAINER, LINUX, WINDOWS, SOFTWARE, SELF-HOSTED

Overview of My HomeLab

Why do I have a HomeLab

Aside from having a space for fun and freedom, here’s a short list:

I can…

  • …use it to enhance my practical skills.
  • …use it to mimic some real-world scenarios.
  • …develop experience with enterprise-grade systems and methodologies.
  • …set up new machines quickly, try out new technology and then just tear them down.
  • …experiment with software and configs in a sandbox without risking my primary systems.
  • …use it as a playground to learn and break things in a safe, isolated environment.
  • …run my own services, especially with privacy cautious in mind.
  • …prepare for certifications, so I have hands-on practice of the skills I need.
  • …create and improve suitable documentation for my HomeLab.
    Yes, I enjoy creating lists and documents.

My own experience is that the method of taking something apart, rebuilding it, and then taking it apart again to fix it works really well for learning new skills and really getting to understand how something works.

Upcoming

I’m currently planning a major overhaul of my home lab using Ansible, Terraform, Apache Guacamole and an internal PKI (probably EJBCA). The automation, especially the infrastructure and configuration, will be a great investment and will save me a lot of time later on, plus I’m learning some great things that I’ve wanted to do for a long time. I would also like to further improve the segmentation and monitoring of different systems and networks, such as personal productive systems, sensitive data and pure playground systems. If there’s time left, I’d also like to look more closely at Security Onion 2, Snort and Suricata as well as SnipeIT, Calibre Web and OpenShift (I know, very different stuff).

My current lab

Here is a list of the hardware and software I currently use in my HomeLab. Due to planned changes, this is only a rough overview at the moment. Later on I would like to share the network plan and details of the individual systems. Not all systems are always on. Many are only started when they’re needed.

I haven’t mentioned my workstations and the applications they run, or some other devices. I’ll cover those in a separate post later on, where I’ll also show my favourite tools.

Hardware

Raspberry Pis
  • Raspberry Pi 1 - Used temporarily for specific projects
  • Raspberry Pi 2 - Used as DNS server #1 with Pi-hole and Unbound
  • Raspberry Pi 4 - Used as a jump server and for network traffic analysis
Intel NUC - NUC6i5SYH
  • CPU: 2 CPUs x Intel® Core™ i5-6260U CPU @ 1.80GHz
  • RAM: 32 GB
  • Storage: 1 TB
  • Hypervisor: VMware ESXi
  • Used for virtual machines and containers
Fujitsu Primergy RX100 S7
  • CPU: Intel® Xeon® processor E3-1220v2
  • RAM: 32 GB
  • Storage: 1 TB
  • Hypervisor: Proxmox VE
  • Used for virtual machines and containers
NAS - Synology 4 Bay
  • Storage: 10.5 TB
  • Used for files and backups
NAS - TrueNAS Scale
  • CPU: Intel(R) Xeon(R) CPU E3-1220 V2 @ 3.10GHz
  • RAM: 8 GB
  • Storage: 30 TB
  • Used for media files and my Jellyfin media server
Firewall - pfSense
  • Physically running on an out-of-date Sophos appliance
Switch - HP
  • 24 Ports
  • Used with different LAB VLANs

Virtual Machines

Linux

  • Debian and Ubuntu servers
  • Manjaro and Ubuntu Desktops
  • Kali Linux
    Software - self-hosted apps and services
  • Pi-hole & Unbound - DNS Server #2
  • Postfix - E-mail relay server
  • Readeck - Saves web content for later reading
  • Uptime Kuma - Network monitoring
  • Zabbix - System and network monitoring
  • OpenVAS - Vulnerability assessments
  • Wazuh - SIEM and XDR (just in its infancy)
  • Graylog - Log management (just in its infancy)
  • Gitea - DevOps platform (just in its infancy)
  • Ansible - Configuration management and automation (just installed)
  • NetBox - Documenting network infrastructure (not up to date with my latest changes)
  • OpenCVE - Tracks CVE updates and sends alerts (outdated and awaiting v2 release)
  • ntopng - Network traffic analysis (currently not in use due to high resource consumption)

Windows - AD Lab

  • Windows Server 2022 - AD/DC/DHCP/DNS #1
  • Windows Server 2022 - AD/DC/DHCP/DNS #2
  • Windows Server 2022 - Database and file server
  • Windows 10
  • Windows 11

Container - mainly Docker

  • Portainer - Container management
  • Jellyfin - Media system (test instance)
  • LibreSpeed - Lightweight speed tests
  • SmokePing - Latency measurement tool
  • changedetection - Web page change detection
  • IT-Tools - Handy tools for developers
  • minikube - Local Kubernetes learning infrastructure (just in its infancy)

Network simulation

  • GNS3 - Can combine virtual and real devices in one simulation

AI

  • PC with dedicated graphics card - Running Ollama on it with different open source LLMs