Pause - Inventory - Plan

This homelab journey begins where most do, with what i'm already using for my home network. A router, two small switches, an access point, and the various devices that rely on internet access. What makes my homelab unique? My homelab will be the core support for many of my other hobbies, interests, home devices, and automation equipment for our small farm.

The first step: taking an old gaming PC and wiping the existing Windows OS off of the primary disk and installing Proxmox. Proxmox has become one of the most popular hypervisors (1) for homelab enthusiasts as well as professionals.

1. A hypervisor is a special type of operating system that allows you to create virtual machines that will run a single node (physical computer) or multiple nodes working together.

Link to Proxmox configuration walkthrough.

Since I already have work experience with server administration and automation, I knew I wanted to start exploring Docker Swarm. Until beginning this project, the extent of my Docker knowledge has been writing simple docker-compose YAML (1) files.

1. Yet Another Markup Language

Link to Docker Swarm configuration.

The first service I had in mind is probably what many others did when they got their first Raspberry Pi (1). Configuring Pi-Hole to block ads. As part of this first test, I also wanted to see how Traefik made use of labels in Docker. Finally, since I have been making use of n8n already, I decided to make my first docker stack(2) to setup configurations for and run these three services.

1. Raspberry Pi: A small single board computer that has been popular for small home projects.
2. Domain Name System records allow us to use easy to remember names to access systems instead of having to remember IP addresses.

Link to Pi-Hole, Traefik, and n8n Stack YAML.

While talking about homelab setups, one of my co-workers mentioned AdGuard Home and I decided to give it a try. I added another stack for AdGuard, began exploring the features and interface. Pi-Hole is great what it does, but the interface is not the greatest and finding some of the settings and features are not as easy to locate. In AdGuard I was able to see most of the information I am interested in on the front page. The configuration setting I tweak the most is easily accessible in two clicks. From system administrator's experience, I know it as DNS A records (4). In AdGuard it is labeled as DNS rewrites. This is where I can create custom DNS entries to define where to find the services as I add them to my homelab. The most helpful rewrite is a wildcard for my homelab's domain (1).

1. A domain can refer to a public resource such as google.com or for internal networks, such as mydomain.loc.

Link to AdGuard Stack setup.

Even with as much as I prefer to spend my time in a terminal or CLI (1), I wanted to explore ways to manage the Docker Swarm from a GUI. This is where Portainer enters the homelab's growing list of applications. I first heard of Portainer from one of my favorite homelab YouTube channels: Christian Lempa. After the initial setup of Portainer and cool factor of seeing the stacks, containers, and services populate in the GUi, I noticed each stack was labeld as limited under the Control column. In order for Portainer to have full control over my stacks, I had to stop the stack in Docker Swarm via the CLI and re-create it in Portainer. This process required careful planning to ensure each stack's resource dependencies (2) were available after the move to Portainer. This step is where I learned the most about Docker networks.

1. A Command Line Interface is a text based way to work with a device. A terminal or terminal emulator is an application used to access the command line interface for a device.
2. Dependencies can refer to devices, networks, storage, or other applications that a system or service needs to function.

Link to Portainer setup.

During this buildout of the homelab, one of the sidequest I have been working on is studying for the Practical AI Pentest Associate certification from TCM Academy. In order to provide myself with easy access to local Large Language Models (1) to test with, the next stack I added to the homelab was Ollama and OpenWeb UI. This stack required the most resources out of any of the other stacks setup so far. Mini-PCs have become a popular choice by those building homelabs due to their affordability and low power needs. I was given one of these based on the Ryzen chipset with enough memory to handle the needs of a decent LLM for my use cases.

1. A Large Language Model is the newest interface for working with a dataset. Think of it as an advanced autocomplete tool that can take human language input and generate output based on the data it was trained on.

Link to Ollama and OpenWeb UI setup.

By this point I began thinking about the spread of services I had up and running and the need for secrets management. My first choice was HashiCorp Vault, but after some researching I was intrigued by the feature set of Infisical. After getting the Infisical stack up and running, I had also been looking into options for organizing links to the growing number of stacks in my homelab. This lead me to setting up a stack for Homepage.

Link to Infisical setup and Homepage setup.

This is the the point at which I realized I had started spinning up one stack after another and had not been documenting this journey as well as I wanted. Getting lost in the process and hyper-focusing on projects and not taking the time to document our work as much as we would like seems quite common for many of the systems admins I have met. Which leads to where I am now. I have used this domain off and on to test various projects or ideas. Now it will be home to project documentation for my homelab. With this first post, my plan is to outline the homelab so far with links to the process for each of the services I've setup so far. The next major step for the homelab itself will be planning VLANs (1) to move from a flat network (2) to a properly secured network.

1. Virtual Local Area Networks are a logical way to organize and separate network communications.
2. A flat network is a way to describe a network that has not been configured to use VLANs and all traffic can be visible to every device connected to it.