Homelab

Running large language models locally with Ollama for privacy-focused AI experimentation. Models include LLaMA, Gemma, Qwen, and DeepSeek. Open WebUI provides a user-friendly interface for interacting with various models. Claude Code enables AI-assisted development workflows directly in the terminal.

Qdrant serves as vector database for embeddings, enabling RAG (Retrieval-Augmented Generation) patterns. n8n provides workflow automation with AI integration for both local and cloud-based AI tooling.

The backbone of the homelab runs on Proxmox VE with QEMU/KVM as the virtualization backend, providing robust virtualization for all workloads. Ubuntu cloud images serve as the base for most VMs, ensuring consistent and reproducible deployments.

ZFS provides enterprise-grade storage with built-in data integrity, snapshots, and compression. Proxmox Backup Server handles automated snapshots and backups. TrueNAS serves as dedicated NAS storage, with NFS and Samba providing network shares for various clients. Docker containers and LXC handle application isolation for various services.

A lightweight k3s cluster handles container workloads for various services. Helm manages application deployments with templated configurations. Traefik and Nginx serve as ingress controllers, with cert-manager handling automatic TLS certificate provisioning via ClusterIssuer.

Experience with OpenShift includes both single-node and 3-node cluster deployments. This environment mirrors enterprise Kubernetes patterns on a smaller scale, enabling experimentation with cloud-native architectures and deployment strategies.

Home Assistant serves as the central hub for smart home automation, integrating multiple protocols and standards. KNX provides reliable wired automation for lighting and blinds, while EnOcean enables energy-harvesting wireless sensors.

LoRaWAN extends connectivity to outdoor sensors and long-range applications. All devices communicate through MQTT for seamless integration and custom automations.

Security-first approach with TLS encryption via ACME/Let’s Encrypt for all services. Cloudflare provides DDoS protection and secure tunneling for external access.

OPNsense serves as the firewall and router with DHCP and traffic monitoring. Unifi Controller manages network infrastructure, while Unbound provides local DNS resolution. Network segmentation through VLANs isolates different workloads. WireGuard enables secure remote access. Vaultwarden handles password management, and Postfix provides local mail relay for system notifications.

Comprehensive monitoring stack with Prometheus and Telegraf for metrics collection, InfluxDB as time-series database, and Grafana for visualization. Checkmk provides infrastructure monitoring with auto-discovery.

ntfy handles push notifications for critical events, while NUT (Network UPS Tools) monitors UPS status to ensure graceful shutdowns during power outages.