Homelab
What it is My home infrastructure: a Proxmox virtualization host behind an enterprise-grade firewall, running everything from home automation to media services. Architecture Internet (105/39 Mbps VDSL) │ ▼ ┌─────────────────────────┐ │ OPNsense Firewall │ │ (Sophos SG 210) │ └─────────────────────────┘ │ ├── LAN (192.168.128.0/24) │ └── Daily devices │ └── LAB (192.168.129.0/24) └── Proxmox Host ├── Home Assistant ├── Media services └── VMs & containers Key components Network & Security Firewall: OPNsense on Sophos SG 210 hardware DNS: DNS-over-TLS with Quad9 (primary) and Cloudflare (backup) Segmentation: VLANs separating daily-use from lab environment Monitoring: Gateway monitoring, custom LCD status display on the firewall Virtualization Hypervisor: Proxmox VE Containers: LXC for lightweight services VMs: For workloads that need full isolation Home Automation Platform: Home Assistant Protocol: Zigbee (thermostats, sensors) Future: Integration with eva (my AI assistant) Design principles Self-hosted first — Avoid cloud dependencies where possible Security by default — VLAN isolation, encrypted DNS, MFA everywhere Document everything — If I can’t reproduce it, I didn’t learn it Learning platform — Real infrastructure to experiment with What I learned Enterprise firewall configuration and hardening VLAN design and inter-VLAN routing DNS privacy (DNS-over-TLS, DNSSEC) Proxmox storage and container management Home automation protocols (Zigbee, MQTT) Running servers costs more energy than you’d think Roadmap IDS/IPS with Suricata WireGuard VPN for remote access Monitoring dashboard with Grafana Custom ESP32-H2 Zigbee devices