Profile Tutorials My Setup Tags About

About

This blog is written for people who value their privacy and want to understand how to run their own services independently, without handing their data to corporations. Whether you’re taking your first step away from Google Drive or running a full Kubernetes cluster at home, there is something here for you.

What You’ll Find Here

Tutorials cover the full stack of a self-hosted home lab — built up from real hardware and real production use. The content is organised around the layers of the setup:

Virtualisation

  • Proxmox VE — setting up a cluster, managing VMs and LXC containers, snapshots, shared storage
  • Creating VMs — Proxmox wizard walkthrough, CPU type selection, live migration trade-offs

Networking

  • VyOS — running a router as a Proxmox VM, basic interface and routing configuration
  • DHCP and DNS forwarding — VyOS as the DHCP server and DNS resolver for the lab network
  • BIND DNS — authoritative primary/secondary DNS on LXC with zone transfers
  • HAProxy on VyOS — load balancing the Kubernetes API server across control plane nodes
  • WAF — setting up a Web Application Firewall to protect exposed services

Storage

  • OpenMediaVault — running OMV as a Proxmox VM with full SATA controller passthrough, ZFS, and SMB shares

Security & PKI

  • Internal CA — creating a root CA and intermediate CA with OpenSSL, issuing TLS certificates for private domains

Kubernetes

  • Cluster setup — bootstrapping a highly available cluster with kubeadm across Proxmox VMs and Raspberry Pi 5 control plane nodes
  • BGP with MetalLB — advertising Kubernetes service IPs through VyOS for external access

Identity & Authentication

  • LDAP + Kerberos — centralised directory with Kerberos-backed authentication and SASL bind
  • Keycloak — SSO for all internal services, plus SAML federation to AWS and Google Workspace
  • Mail authentication — IMAP/SMTP with per-application tokens instead of shared passwords

Automation

  • CI/CD pipelines — automated build, test, and deployment workflows for self-hosted services
  • Automatic updates — keeping systems and containers up to date without manual intervention

A Note on the Content

The tutorials on this blog are compiled from my own internal documentation — notes and runbooks I have written while building and maintaining my homelab. Parts of the content have been expanded and formatted with the help of AI tools based on that documentation.

Everything described here reflects real setups running on real hardware. The goal is accuracy and reproducibility, not theory.