Case study · Homelab

Infrastructure & Systems Lab

A practical homelab environment built to learn, deploy, monitor, and troubleshoot real services.

Back HomeOpen LeaderboardContact Me

// ARCHITECTURE

Visual Architecture

Animated data paths from the network edge through secure access to the Proxmox host and downstream services in a controlled lab environment.

InternetTailscaleProxmox HostHome AssistantPortainerHomepageAdGuardUptime KumaNetdatan8n

Hover for quick info · Click a node for details

Domain & DNS

Custom domain with DNS records managed for mail and service routing.

Records validated against provider expectations.

Email authentication

SPF, DKIM, and DMARC aligned with provider guidance; monitored before tightening policy.

Policy tightened only after clean reporting windows.

Next direction

Remote access hardening and Tailscale-style mesh for admin paths—planned, not overstated.

Zero-trust admin paths under evaluation.

// SYSTEMS

Systems I've worked with

What it is, how I used it, and what I learned while operating it.

Proxmox virtualization

What: Type-1 hypervisor for VMs and LXC.

Used for: Hosts lab workloads and isolates Docker workloads in a VM.

Learned: Snapshots, resource planning, and network bridge behavior under load.

Docker & Docker Compose

What: Container runtime and declarative stacks.

Used for: Runs core services with repeatable compose files and clear ports/volumes.

Learned: Networking between stacks, health checks, and upgrade discipline.

Linux server administration

What: Headless server maintenance and permissions model.

Used for: SSH access, service restarts, log inspection, disk and user hygiene.

Learned: Tracing failures from logs first instead of guessing at config.

DNS and email authentication

What: Public DNS records and mail trust mechanisms.

Used for: Aligned TXT/CNAME records with provider requirements.

Learned: SPF/DKIM/DMARC interplay and why DNS TTL and validation matter.

Monitoring and uptime checks

What: Availability metrics and alerting paths.

Used for: Heartbeat checks across internal services and dashboards for trends.

Learned: Reducing alert noise and confirming incidents with second signals.

Home automation

What: Local-first automation and device integration.

Used for: Stable automations with clear failure modes.

Learned: Prefer reliability over novelty; document assumptions.

Automation workflows

What: Scheduled jobs and integration flows.

Used for: n8n-style automation between APIs and internal hooks.

Learned: Idempotent steps and safe retries beat fragile one-off scripts.

Web app deployment

What: Shipping apps with hosting, TLS, and CI-style discipline.

Used for: Shipped a full-stack app with auth, database, and production hosting.

Learned: Environment parity and deployment logs are half the battle.

// WINS

Troubleshooting wins

Concrete problems solved—not theory.

Resolved Docker service access issues (ports, networks, dependency order).
Debugged reverse proxy / host validation mismatches.
Fixed DNS and email authentication records after provider changes.
Moved DMARC from monitoring toward enforcement-ready posture.
Deployed and verified self-hosted services end-to-end.
Built a full-stack app with database, auth, deployment, and real users.

// ROADMAP

Current roadmap

Active learning—not claimed mastery. These are the next concrete improvements I'm focused on.

Improve networking fundamentals
Expand monitoring dashboards
Harden remote access
Add better backups
Build automation workflows
Document repeatable deployment steps