-
š± Iām currently working on python-SysInformer and encrypting all my sensitive data using SOPS and age
-
š I sometimes write articles on My Blog
-
š Website š„ļø Official
-
ā” Hobbies learning new things, breaking and fixing things in my home-lab, watching sports, car detailing, working on my yard
I run a small yet exciting home-lab within my house, where I constantly experiment and gain valuable knowledge. Here's a list of the equipment I currently have in my home-lab:
- Dell Optiplex 5000 PC: running Proxmox VE which hosts my k3s cluster
- Two Beelink Mini PCs:
- running Proxmox VE
- running several podman containers including my primary adguard-home for local dns
- RasberryPI3: runs replica adguard-home and acts as qdevice to ensure Proxmox HA
- Synology NAS (DS923+): for file storage
- eero6 router & mesh network
- TP-Link un-managed gig switch
- APC UPS Pro 1500VA: for power protection
Within my home lab, I operate multiple open-source applications, tools, and services. The majority of these are deployed within my k3s cluster, although some are deployed using docker/podman or directly on the VMs. For example, I utilize podman for deploying and backing up my adguardhome instances, whereas my PostgreSQL database and Zabbix monitoring server are directly deployed on the VMs. It is worth noting a few additional details:
- I employ traefik as my reverse proxy for all components, including Kubernetes.
- To access my home lab from anywhere, I rely on tailscale (highly recommended) as my VPN solution.
- I manage my docker containers using portainer, while Lens helps me manage my k3s cluster. Although I enjoy working with the terminal, I find GUIs useful for certain management tasks.
- argocd serves as my gitops tool within the k3s cluster. Currently, approximately half of my services are deployed using argocd. However, I am cautious about relying entirely on argocd due to its potential impact on the cluster's performance.
- To handle secrets, I utilize vault and the argocd-vault-plugin to inject secrets into pods as part of my gitops workflow. While I plan to transition all my secrets management to vault in the future, I have recently started using it. For other secrets, I directly inject them into manifests and docker-compose files using the command line tool
envsubst
. - For monitoring, I employ a combination of tools such as prometheus, grafana, and alertmanager through the kube-prometheus-stack. Additionally, I utilize zabbix to monitor my network and VMs. Lastly, I rely on uptime-kuma to monitor the availability of my websites, services, and hosts.
- To handle local DNS, I rely on adguardhome, and for ad-blocking, I combine adguardhome with cloudflare.
Apart from my home-lab, I have deployed multiple servers within Oracle Cloud Infrastructure (OCI) to host various services. This includes my IP challenge website, which can be accessed at ip-addr.timmybtech.com, as well as a server running Monika, a command-line application for monitoring apps and services. By utilizing OCI, I ensure uninterrupted monitoring coverage that operates independently from my home-lab, offering reliability and resilience regardless of the status of my local infrastructure.
Finally, here is a screenshot showing some of the applications that are currently deployed in my home-lab:
If you wish to delve deeper into my home-lab's operations, I have GitHub repositories housing the manifests, docker-compose files, and scripts that facilitate all my deployments. You can locate them here: