• 🌱 Check out my pins for projects I am currently working on or actively commit to

• 🌐 Website and Blog (when I have time to) 🖥️ Official

• ⚡ Hobbies Learning new things, breaking and fixing things in my home-lab, axe throwing, pocket knife collecting, 3D printing, pc gaming, watching sports, spending time with my family (Wife, Son, Dog, and Cat)

I run a small yet capable home-lab within my house, where I constantly experiment to learn new things. Here's a list of the equipment I currently have in my home-lab:

• Dell Optiplex 5000 PC
• Three Beelink Mini PCs
• Synology NAS (DS923+)
• eero6 router & mesh network
• TP-Link un-managed gig switch
• APC UPS Pro 1500VA
• Old HP Laptop

Within my home-lab, I run many open-source applications, tools, and services. Many of these are deployed within my k3s cluster, and some are deployed using podman or directly on a VM/LXC. I recently migrated several services over to dedicated LXC's using Proxmox Helper Scripts. Here are some other interesting details:

• I employ traefik as my reverse proxy for all components, including Kubernetes.
• I use authentik for authentication and authorization.
• To access my home lab from anywhere, I rely on tailscale as my VPN solution.
• I use k9s to help manage my k8s cluster.
• argocd serves as my gitops tool within the k3s cluster.
• I developed a custom deploy agent script to manage podman deployments through gitops. This script is available here.
• To handle secrets in my k8s cluster, I utilize vault and the argocd-vault-plugin to inject secrets as part of my gitops workflow.
• To handle secrets in my podman deployments, I utilize sops and age.
• For observability, I employ a combination of tools such as prometheus, grafana, and loki. I previously used the kube-prometheus-stack but found it to be too resource intensive for my cluster. Additionally, I rely on uptime-kuma to monitor the availability of my public facing services and websites. These are exposed to the internet either using CloudFlare Pages or Cloudflare Tunnels. Finally, I created a simple tool called PingPulse to monitor the availability of internal services and emit prometheus metrics I alert on. To ensure visibility into critical services such as my three proxmox nodes, I run Zabbix on an Oracle Cloud Infrastructure (OCI) instance.
• To handle local DNS and ad-blocking, I rely on adguardhome. I use cloudflare as my DNS provider. I've also tried pi-hole and technitium, but I found adguardhome to be the simpliest for my needs.
• I use renovate to keep my dependencies and images up-to-date.

Apart from my home-lab, I have deployed multiple servers within Oracle Cloud Infrastructure (OCI) to serve various needs. I use OCI over AWS or GCP because they have a very generous free tier that allows me run multiple servers without incurring any costs. These servers are deployed and manged using Terraform and Terraform Cloud.

Here is a screenshot showing some of the applications that are currently deployed in my home-lab:

In the sreenshot above, I am using a tool called homepage to display all of my services in a single page.

If you wish to delve deeper into my home-lab's operations, I have GitHub repositories housing the manifests, docker-compose files, and scripts that facilitate most of my operations. You can locate them here:

• homelab-podman-apps
• homelab-k8s-apps
• homelab-scripts
• homelab-ansible
• homelab-tool-dns-tracer

Lastly, I want to mention my dotfiles repository, which contains all of my configuration files for my shell across both macOS and Linux. I used a very powerful tool called chezmoi to manage these files. With chezmoi I am able to encrypt sensitive files, pull secrets from 1password, and use go tempalting to manage more complex configurations.