Binary Roots; Dynamic Systems

Homelab

A dive into the goals, methodology, hardware, and services deployed.

Goals:

1. Real-World Enterprise Experience
  • Build and maintain an enterprise-like environment on inexpensive hardware and virtual machines.
  • Emulate production conditions using Proxmox VMs and Docker Compose for containerized services.
  • Deploy and manage systems such as an edge proxy, centralized authentication (IPA), and networked home directories.
  • Host multiple internal and external websites and applications with a strong focus on efficiency.
2. Skill Development
  • Grow Linux expertise until critical commands become “second nature.”
  • Gain proficiency with Proxmox through both WebGUI and CLI.
  • Build familiarity with GitHub for version control and collaboration.
  • Practice writing basic Bash scripts for automation and system administration.
3. Security & Reliability
  • Maintain a security-first mindset:
    • Implement least-privilege principles.
    • Use segmentation wherever possible and practical.
    • Harden services and infrastructure with Cloudflare and internal controls such as a reverse proxy and firewall.
  • Develop troubleshooting skills across all 7 OSI layers, including interpreting logs and diagnosing issues quickly.
4. Continuous Growth
  • Treat the homelab as both a learning platform and a sandbox for experimentation.
  • Push beyond setup into long-term operations: monitoring, backups, and scaling.
  • Use projects to simulate real-world IT workflows, preparing for enterprise environments and certifications.

Hardware:

  1. Dell Optiplex 7070 SFF
    • Runs Proxmox; OPNsense, Rocky Linux, Ubuntu Server, and various Linux Containers. All the magic happens on this $80 Craigslist pull.
    • Intel i5 9500 – 6 Cores; 6 Threads
    • 32 GB RAM
    • 512 GB NVME
    • 1 TB SATA SSD
    • 7 TB External USB 3.0 HDD.
  2. Raspberry Pi 4
    • Debian 12 ARM
    • All web services, internal and external are served behind Traefik installed “bare plastic”. USB and Wi-Fi are disabled and the proxy is completely isolated from all web services.
    • This isn’t completely set in-stone. I bought this to run a gigabit NAS when they first came out. Just good use of hardware.
    • 2 GB RAM
  3. Workstation; custom built in 2018; upgraded graphics in 2020.
    • Runs a minimal Ubuntu install w/ snap purged into the abyss. Several docker containers and an additional testing VM that can be spun up on demand.
    • Ryzen 5 2600 – 6 Cores; 12 Threads
    • 32 GB RAM
    • nVidia GeForce 2080
    • 2 TB NVME
    • 2 TB HDD
  4. Rytop; a glorified mobile ThinClient.
    • Runs Linux Mint Cinnamon; Uses Tailscale to bridge to my 192.168.0.0/24 and 192.168.1.0/24 networks. Local DNS allows *.homelab.lan to be resolved remotely and accessed through SSH, Spice, NoMachine, and Steam.
    • Intel i5 2500m
    • 8 GB RAM
    • 240 GB SATA SSD