-
🌱 Check out my pins for projects I am currently working on or actively commit to
-
📝 I sometimes write articles on My Blog (need to be better about this)
-
🌐 Website 🖥️ Official (work in progress..)
-
⚡ Hobbies Learning new things, breaking and fixing things in my home-lab, watching sports, spending time with my family (Wife, Son, Dog, and 2 Cats)
I run a small yet capable home-lab within my house, where I constantly experiment to gain new knowledge. Here's a list of the equipment I currently have in my home-lab:
- Dell Optiplex 5000 PC: running Proxmox VE which hosts my k3s cluster
- Two Beelink Mini PCs:
- running Proxmox VE (clustered with the Dell Optiplex 5000 PC)
- running several podman containers
- RasberryPI3: not currently used mainly due to its performance limitations
- Synology NAS (DS923+): for file and data storage; also run a few docker containers
- eero6 router & mesh network
- TP-Link un-managed gig switch
- APC UPS Pro 1500VA: for power protection
- Old HP Laptop: running Ubuntu server and used for adhoc tasks and testing
Within my home lab, I operate multiple open-source applications, tools, and services. Some of these are deployed within my k3s cluster, and some are deployed using docker/podman or directly on a VM/LXC. I recently migrated several services over from podman to dedicated LXC's using Proxmox Helper Scripts. Here are some other interesting details:
- I employ traefik as my reverse proxy for all components, including Kubernetes.
- To access my home lab from anywhere, I rely on tailscale (highly recommended) as my VPN solution.
- I use k9s to help manage my k3s cluster.
- argocd serves as my gitops tool within the k3s cluster. Currently, approximately half of my services are deployed using argocd. I am cautious about relying entirely on argocd due to its potential impact on the cluster's performance.
- To handle secrets, I utilize vault and the argocd-vault-plugin to inject secrets into pods as part of my gitops workflow.
- For observability, I employ a combination of tools such as prometheus, grafana, and loki. I previously used the kube-prometheus-stack but found it to be too resource intensive for my cluster. Additionally, I rely on uptime-kuma to monitor the availability of my public facing services and websites. These are exposed to the internet either using CloudFlare Pages or Cloudflare Tunnels. Finally, I created a simple tool called python-URLChecker to monitor the availability of internal services. This tool runs within my k3s cluster and sends alerts to my ntfy server.
- To handle local DNS, I rely on adguardhome, and for ad-blocking, I combine adguardhome with cloudflare. I've also tried pi-hole and technitium, but I found adguardhome to be the simpliest for my needs.
- I use renovate to keep my images up-to-date.
- To encrypt sensitive data like env files, I use sops and age.
Apart from my home-lab, I have deployed multiple servers within Oracle Cloud Infrastructure (OCI) to serve various needs. I use OCI over AWS or GCP because they have a very generous free tier that allows me run multiple servers without incurring any costs. These servers are deployed and manged using Terraform and Terraform Cloud.
Here is a screenshot showing some of the applications that are currently deployed in my home-lab:
In the sreenshot above, I am using a tool called homepage to display all of my services in a single page.
If you wish to delve deeper into my home-lab's operations, I have GitHub repositories housing the manifests, docker-compose files, and scripts that facilitate most of my operations. You can locate them here:
Lastly, I want to mention my dotfiles repository, which contains all of my configuration files for my shell across both macOS and Linux. I used a very powerful tool called chezmoi to manage these files. With chezmoi I am able to encrypt sensitive files, pull secrets from 1password, and use go tempalting to manage more complex configurations. You can find my dotfiles repository here: