An overview and documentation of my personal homelab environment, network architecture, and self-hosted infrastructure.
This repository contains the configurations, docker-compose files, and Infrastructure as Code (IaC) for my homelab. The primary goals of this environment are to learn new technologies, self-host essential services, and experiment with network security and automation. Homelab Diagram
Looking for Homelab guides? All hardware-agnostic documentation and step-by-step guides for setting up these services from scratch can be found in my separate repository: Homelab Manuals.
My infrastructure is logically divided into distinct VLANs to separate the core home network from isolated security testing environments.
| Network | Description | Purpose |
|---|---|---|
| VLAN 1 | Home Network | Main secure network for trusted end devices and core services. |
| VLAN 2 | Honeypot | Isolated network strictly for security monitoring and capturing malicious traffic. |
| External Service | Category | Badge |
|---|---|---|
| Ubiquiti Ecosystem | Gateway & Switching |  |
| Cloudflare | DNS & Domain Management |  |
| GitHub | Version Control & Backups |  |
| Discord | System Alerts (Webhooks) |  |
| Node | Hardware | OS/Hypervisor | Primary Role |
|---|---|---|---|
| Node 1 | HP Prodesk 600 G3 |  |
Main Compute (VMs/LXC) |
| Node 2 | Ugreen DXP2800 |  |
NAS & Media Storage |
| Node 3 | Raspberry Pi 3 |  |
Security Node (VLAN 2) |
| Service | Badge | Description | Tags |
|---|---|---|---|
| Torrenting Box |  |
Isolated Docker environment for secure P2P via VPN. | VM VPN |
Network & Security
| Service | Badge | Description | Tags |
|---|---|---|---|
| Nginx Proxy Manager |  |
Reverse Proxy & SSL Management | [Tailscale Node] [Wazuh Agent] |
| AdGuard Home |  |
DNS Sinkhole & Tailscale routing | [Tailscale Node] [Wazuh Agent] |
Monitoring & Alerting
| Service | Badge | Description | Tags |
|---|---|---|---|
| Wazuh |  |
SIEM & Threat Detection | |
| Grafana |  |
Metrics Visualization Dashboards | |
| Prometheus |  |
Time-series Metric Collection | |
| Glances |  |
Real-time System Monitoring | |
| Uptime Kuma |  |
Uptime tracking for services | [Tailscale Node] |
| Prometheus Alerts |  |
Self-hosted notification routing |
Dev & Automation
| Service | Badge | Description | Tags |
|---|---|---|---|
| n8n |  |
Workflow Engine n8n-workflows | |
| Gitea |  |
Self-hosted Git with Cron backups | |
| Auto-updaters | |
Automated container management |
Productivity & Tools
| Service | Badge | Description | Tags |
|---|---|---|---|
| Paperless-ngx |  |
Document Management & OCR | |
| Syncthing |  |
P2P File Synchronization | |
| Linkwarden |  |
Bookmark Archive & Manager | |
| File Browser |  |
Web UI for filesystem access | |
| Gotenberg |  |
API for PDF conversions |
Dashboard & Portfolio
| Service | Badge | Description | Tags |
|---|---|---|---|
| Homepage |  |
Central Service Dashboard | [Tailscale Node] |
| Personal Portfolio |  |
Self-hosted Portfolio Site |
| Service | Badge | Description |
|---|---|---|
| Jellyfin |  |
Media server for local streaming |
| Photo/Media |  |
Dedicated media backup containers |
| Service | Badge | Description | Tags |
|---|---|---|---|
| Web-Honeypot |  |
Captures malicious traffic on VLAN 2 | [Wazuh Agent] VLAN 2 |
I'm Jonathan, and I develop projects in my spare time that help myself and others become better and more efficient developers!
This project is licensed under CC BY-SA 4.0.