Table of Contents
Like many nerds, I run a homelab. I'm going to talk about it now, because I can.
On-Prem #
The majority of my server infrastructure is under the stairs in my house. The cupboard door has some holes drilled in it for airflow, and the holes have what I assure you is far more sophisticated that four-Noctua-fans-on-a-stick for airflow: it's four-Noctua-fans-on-two-sticks. Sandwiched between the fans and the wood of the door is some mesh material reminscent of the lining of swim-shorts. It's not the best dust filter, but does a reasonable job of minimising detritus ingress. It's better than nothing.
Also visible from outside, there's a SonOff USB-to-ZigBee dongle on a USB-3 extension cable, and a Unifi access point mounted on the door.
Inside the Cupboard #
Inside the cupboard, there's an IKEA LACK table on it's head with a caster wheel screwed to each corner. My LACK-rack is in the apparently-discontinued black colour, because I can then lie to myself and pretend it's a real server rack from a serious server rack supplier.
In the lowest "rack unit", there's a 2U Eaton 5PX 3000VA which provides battery backup for most of my services. I was (very generously) given this UPS for free from a previous employer, though it sat idle for long enough after I received it before installing that I'd actually moved to a new company. Ordinarily, this wouldn't be a problem, but it turns out that the network card doesn't have the ability to be reset from the UPS itself (or from the card itself) in any way that I can find, and I no longer have access to the company password manager so I can't have a look and see what it was. This isn't a major problem, and I'm sure at some point I'll be inclined to replace that card with one off Ebay or similar for the sake of networked monitoring. However, that time is not now.
Resting on top of the UPS, I have sol, my router-firewall which runs on Debian
(currently Bookworm, though I'm eyeing a Trixie upgrade in the near future).
This is a no-name device with a passive heatsink case and four gigabit ethernet
ports running off an Intel NIC. dmidecode seems to think it's a "PICO PC(R)",
though that's not the most useful description. I've had this machine a while
now, and I don't remember exactly why I chose this particular model, but it was
most likely the cheapest machine I could find with multiple Intel-backed
Ethernet ports and AES-NI hardware support.
In sol, I've stuffed a whopping 4GB of DDR3L to match up to it's beefy Intel
Atom E3845, and a single 240GB Kingston SSD, which I probably got second-hand.
Of that 240 GB, I'm actually using around 10GiB, most of which is the operating
system and logs. As mentioned, sol runs Debian Bookworm, and I use
Shorewall to configure ~iptables~ nftables to actually do my
packet-wrangling. This is mostly because a previous employer made pretty
significant use of Shorewall, and I liked it's syntax; it's a good blend of
simplicity and functionality.
Above sol, I have an Aruba SP2500-24P switch; this is woefully under-utilised
at the moment. I picked this up for it's four 10GbE ports when I was playing
around with Ceph for storage, though the fact that it can supply Power
over Ethernet (PoE) is nice too. At the time of writing this, there is exactly
one port suppling PoE power, and that's to the UniFi UAP-AC-LR mounted to the
door. There are plans to set up some kind of NVR (mostly to cover the drive in
front of the house), but they're still in the idle-rumination stage for the time
being.
The Aruba switch is my primary networking device outside of sol; it handles
some L3 routing, and functionally every packet that reaches the wire in my
house.
There's then the LACK's built-in shelf - which I very cleverly installed "upside down" so that I could put more servers on top of it to increase carrying capacity.
On this shelf, I have a Dell R720XD, which I picked up as a fantasic deal; I
bought it for £100 and a two-hour round-trip. The machine has 192GB of RAM, and
two Intel E5-2650s, each clocked in at 2GHz. This machine - imaginatively named
proxmox-01 - runs Proxmox VE, which in turn run the VMs that form most
of my infrastructure. In the rear drive bays, there are two random-find ebay
SSDs in a mirrored arrangement for Proxmox's boot drive, and my FrankenRAID of
10x (various) 2TB hard drives in RAID-Z2. I'd like to migrate to solid state
storage, but Kioxia haven't offered me a sponsorship. I guess I'm just not
internet-famous enough. (It's probably worth mentioning that I'm not expecting
to ever be internet-famous enough to be sponsored drives, but won't turn down
offers.)
I do have a warm spare drive ready to go should it be required, and I'm also running a Kingston 1TB SSD for logs, to try and speed things up a touch. I'm new to ZFS, so if you have any tips, feel free to reach out.
Above this, there are three powered off nodes, based around the Supermicro X9
DRL-7F motherboard; these were the majority of my homelab at one point.
Currently, they're sitting quiet and idle (in fact, I think only one of the
three is even connected to power) waiting for me to have the time an inclination
to gut one and put it's slightly-superior CPUs into proxmox-01.
Above those, and the top of the tower, are two more micro-PCs. One is called
bkp-01, and manages (some) of my backups via BackupPC. It's also a
Borg repository, and clones itself to S3 (well, Wasabi cloud storage) and a
remote machine periodically. For the choice of BackupPC, see the above for
Shorewall; for Borg, it came recommended by a friend of mine, and hasn't done me
wrong yet. The other micro-PC is named homeassistant, and runs Home
Assistant for my first tentative steps into home automation.
The only other bit of hardware of note in that cupboard is the ONT that converts
the OpenReach fibre connection to the house to Ethernet so sol can do magic
over it.
That concludes the list of things in my house.
Elsewhere #
My parents very gracefully host yet-another micro-PC at their house, which acts as a backup location for some of my most critical data. It's nothing special, and has a 120GB SSD and 1TB HDD in it, along with 8GB of DDR3L. It's not the most exciting machine in the world.
Instead of opening ports to the world, r-bkp-01 connects back to my network
via Wireguard and is only ever addressed using it's Wireguard
addresses.
Finally, I also run a VPS in Linode that I use as a mail server, because I'm enough of a masochist that I self-host my mail. I'm falling out of love with the idea - mostly due to mail providers blocking small-scale, low-volume senders with otherwise good reputation - and might start to think about paying someone else to host my mail for me.
Anyway, my coffee has gone cold and I've run out of spoons to keep typing into the void today, so I'll finish this up here. I'll talk about the software and/or configuration of the above thinking rocks at a later date.