Home / HomeProd
Infrastructure

HomeProd

A 3-node Proxmox cluster spanning my home lab and a Hetzner server, with live migration, HA, and automated backups to BackBlaze B2. A private cloud with proper DR, monitoring, and security tooling. It just happens to also run Minecraft.

3 Proxmox Nodes
2 Locations
28 Running Services
24/7 Uptime Target

🔒 Networking & Security

5 services
  • OPNsense
    Firewall and routing. Network segmentation, VLANs, traffic rules, and VPN for roaming and site-to-site.
  • Nginx Proxy Manager + CrowdSec
    Reverse proxy for all inbound traffic, backed by CrowdSec's community threat intelligence.
  • AdGuard Home
    Network-level DNS filtering. Ads and trackers don't make it off the wire.
  • Teleport
    Zero-trust access. No exposed SSH, bastion-free, audited, identity-aware.
  • Wazuh
    Full SIEM. Security monitoring, threat detection, and compliance.

📊 Observability & Platform

4 services
  • Grafana + Prometheus + Loki
    Full observability. Metrics, logs, and traces across every node and service.
  • Elasticsearch
    Search backend for Wiki.JS, Nextcloud, and n8n. Also handles logs for Eramba.
  • Proxmox Backup Server
    Automated VM and container backups to BackBlaze B2. Retention policies, restore testing.
  • Heimdall
    Internal dashboard. One place to see everything running.

🤖 AI & Automation

1 service
  • AIStack Open WebUI + n8n + Bedrock Access Gateway + SearXNG
    Open WebUI for the interface, AWS Bedrock for models via a self-hosted gateway, SearXNG for web search without leaking queries, and n8n tying it all together. Home of my personal AI, "Hermes".

💬 Communication & Collaboration

4 services
  • Mailcow
    Self-hosted email. SMTP, IMAP, spam filtering, webmail. And no, it doesn't end up in spam.
  • RocketChat
    Discord is a dangerous place for children, of which I have several, who like to play games online.
  • Jitsi
    Self-hosted video conferencing for RocketChat voice and video.
  • Coturn
    TURN/STUN server supporting WebRTC services like Jitsi.

🗄️ Data & Storage

4 services
  • Nextcloud
    File storage, calendars, contacts, collaboration. Google Drive without the surveillance.
  • Vaultwarden
    Bitwarden-compatible self-hosted password manager.
  • MariaDB + PostgreSQL
    Database backends powering the service stack.
  • Valkey
    Redis-compatible in-memory cache and data store.

💼 Business & Productivity

5 services
  • Zammad
    Help desk and ticketing. Because WhatsApp was getting silly.
  • Dolibarr
    ERP. Mainly because it was interesting.
  • Eramba
    GRC platform. More useful than I'd like to admit.
  • Wiki.JS
    Internal wiki and knowledge base.
  • WordPress
    Web hosting. Soon to be retired (I hope).

🎮 Game Servers

3 services
  • Pterodactyl
    Game server management panel. Provisioning, monitoring, and console access.
  • Enshrouded
    Dedicated server. Yes, this runs in the same cluster as the SIEM.
  • Minecraft
    Obviously.

🎬 Media & Home

2 services
  • Plex
    Media server. The whole reason home networking exists.
  • Home Assistant
    Lights, heating, presence detection, and a frankly unreasonable number of automations.