Homelab Guides
Curated, battle-tested guides for building, hardening, and evolving your homelab — written in the same language we use in the rack.
Plan your network layout
Choose single LAN, VLANed IoT, dual-WAN, or DMZ and get tailored firewall, DNS, and proxy steps.
Fundamentals
Core concepts, mindset, and base skills.
HomeLab 101 - What a Homelab Is & Why You Want One
BeginnerPlain-language introduction to the concept of a home lab, why it matters, and what you can do with one.
UPS-Backed Shutdown Orchestration
IntermediateUse NUT or apcupsd to trigger orderly shutdowns across Proxmox, NAS, and containers, including hooks for snapshot checks and post-restore verification.
Your First Server Build - From Old PC to Lab Node
BeginnerChoose hardware, prep the machine, and get it ready for Proxmox, Docker, or basic server duty.
Virtualization
Proxmox, VMs, containers, and resource layouts.
Docker Compose for Homelab Stacks
IntermediateDesign Compose files that survive reboots and upgrades: pinned images, healthchecks, internal networks, named volumes, and sane resource limits.
Proxmox Core Setup - Install & Configure on Bare Metal
IntermediateInstall Proxmox, configure disks, set networking, create templates, and prepare your virtual environment.
Proxmox VE - Beginner Setup Guide
BeginnerHow to install, configure, and prep Proxmox for a stable home lab foundation.
Networking
Switching, routing, tunnels, DNS, and access.
Cloudflare Tunnel for Homelab Edge
IntermediatePublish lab services to the public internet with no port forwards: cloudflared install, ingress rules, wildcard-to-proxy pattern, and Cloudflare Access policies.
Kubernetes Gateway API Home Edge
AdvancedDeploy a lean K3s cluster with Gateway API and Cert-Manager (DNS-01), front apps via Cloudflare Tunnel, and sync secrets with External Secrets for home edge workloads.
Pi-hole + Unbound - Local Recursive DNS
BeginnerBlock ads network-wide, run your own recursive resolver with Unbound, add local DNS records for lab services, and plan for HA.
Tailscale Mesh VPN for Homelab
IntermediateUse a mesh VPN to skip port forwards and dynamic DNS, route lab subnets, run exit nodes, lock down with ACLs, and optionally self-host the control plane with Headscale.
WireGuard Hub with VLAN Split
IntermediateStand up a WireGuard jump point, segment guest vs admin traffic with VLANs, and route lab access through the tunnel using policy-based routing.
Working With DNS-Encoded Strings
IntermediateDecode, analyze, and understand DNS-based data encoding and tunneling.
Security
Auth, identity, defense layers, and hardening.
Authelia SSO with Nginx Proxy Manager
IntermediateOne MFA-protected login in front of every internal app — Authelia config, NPM forward-auth, LDAP backend, and access control rules.
Prometheus + Grafana Monitoring Stack
IntermediateScrape every host and container, build dashboards that answer questions, and route alerts through Alertmanager to Discord/email before users notice.
SSL/TLS Certificates - From Let's Encrypt to Internal CA
IntermediateUnderstand TLS certificates, set up Let's Encrypt, use Cloudflare origin certs, and troubleshoot common HTTPS issues.
Unified Logs with Loki + Promtail
IntermediateCentralize logs from Proxmox, TrueNAS, Docker hosts, and Pi-hole into Loki, wire up Promtail scraping, and add Grafana dashboards with sane retention.
Storage
TrueNAS, ZFS pools, datasets, and backups.
Backup Strategies - The 3-2-1 Rule & Beyond
IntermediateMaster the 3-2-1 backup rule, compare tools like Restic and Borg, and automate reliable restore-tested backups.
Proxmox Backup Server
IntermediateIncremental, deduplicated, verified VM and container backups: PBS install, datastore layout, retention, verify jobs, sync to offsite, and restore drills.
S3-Compatible Backup Mesh with Restic
AdvancedRun MinIO with object locking, ship backups from Proxmox and containers via restic, sync offsite with rclone, and rehearse restores with policy checks.
TrueNAS ZFS Pool Design
IntermediatePick vdev topology, ashift, recordsize, and compression that match your workload — and avoid the choices you cannot undo without destroying the pool.