My Homelab Journey in 2024

At the beginning of 2024, I decided to step into the world of homelabbing. My goal was to bring my services out of the cloud and host them locally, giving me more control, privacy, and flexibility. I started with a Lenovo M720Q, equipped with an Intel i5-8500T, 16GB of RAM, and a 1TB hard drive. This initial setup was enough to move my website and password manager away from AWS.

Since then, self-hosting has opened up many opportunities for me, and I now run a wide variety of services at home.

Services I Currently Host:

• Immich – A self-hosted alternative to Google Photos
• WordPress – Hosts this website and another for a family member
• Vaultwarden – Password management solution
• pfSense – Virtual firewall and reverse proxy
• Pi-hole – DNS service with ad blocking capabilities
• Veeam – Backup and recovery
• Jellyfin – Media server for local content
• Arr Stack – Automated TV and movie downloading
• Home Assistant – Smart home automation
• Unifi Console – WiFi access point management
• Mealie – Recipe management
• ActualBudget – Personal finance and budgeting
• DokuWiki – Internal knowledgebase
• PRTG / Zabbix – Infrastructure monitoring and alerting
• NTFY – Push notifications
• IPAM – IP address management
• Uptime Kuma – Website and service monitoring
• TrueNAS – FTPS-based configuration backups

Infrastructure and Virtualization

Initially, running all these services on 16GB of memory was limiting, so I upgraded to 64GB. I use Proxmox VE as my hypervisor, running a combination of Debian, Ubuntu, and Windows virtual machines. One of my Pi-hole instances is the exception—it’s deployed as an LXC container.

Network and Storage Setup

Homelabbing gave me the opportunity to experiment with VLANs and replace my ISP’s default router with pfSense. To do this properly, I installed a 4-port PCIe NIC. Since the original 1TB HDD was occupying the PCI slot, I migrated my storage to a new layout:

• 1TB M.2 SSD for the operating system
• 1TB USB external SSD
• 4TB USB external HDD for larger storage

While I haven’t implemented RAID yet, I back up all virtual machines daily to different drives and replicate them to a BackBlaze S3-compatible bucket. In the near future, I plan to add a second Proxmox node. This will allow for high availability, performance maintenance without downtime, and improved redundancy.

Remote Access and Security

All externally-facing services are proxied through Cloudflare. My firewall only accepts inbound connections from Cloudflare, significantly reducing my public exposure. The only exception is an OpenVPN instance, which allows secure remote management.

Internally, HAProxy runs on pfSense, handling HTTPS traffic and acting as a reverse proxy to my services. SSL certificates are automatically managed through Let’s Encrypt using Cloudflare’s API, ensuring encryption remains current and seamless.

---

In the following posts, I’ll go into detail on each service—how I’ve configured them, what they do, and how they fit into the broader homelab environment.