Comprehensive Home
Lab Overview

This document serves as a technical inventory of my home lab, showcasing my Linux system administration skills, projects, and experience. I have created this to validate my practical knowledge as I transition from a Service Desk role to a Linux Systems Administrator position.

I first installed Linux while in school at ITT Tech in 2008. Up until recently, I had the CD I first burned with the Ubuntu Gnome Desktop 8.10 ISO image, which I had installed on my first laptop. Although my professional experience has centered around Windows, my heart has stayed with Linux. There have been a few opportunities to work on some Linux servers while working for companies that had clients with hosted servers and I have taken any opportunities available to use Linux either as a solution or tool within my career. Personally, I have always had access to either an older laptop with Ubuntu Desktop or an old desktop with Ubuntu Server running on it. My main laptop will usually be setup to dual-boot Windows and Ubuntu. As I learned more, I wanted to do more and I was able to advance my knowledge as my passion grew.

I now have two physical enterprise-level servers, two enterprise-level switches, an enterprise-level firewall/router and various peripherals and pieces of tech that have allowed me to fully explore Linux. I can see that my skills with Linux have far surpassed my professional skills in a Windows environment and with good reason. I am seeking to set my career on a different trajectory now.

Home Lab Infrastructure Overview

Hardware Configuration

  • Virtual Host Server Hardware: The server is built on a custom setup on a HP DL380e Gen8 enterprise server, ensuring high performance and reliability. The hardware includes:

    • Processors: 2x Intel Xeon E5-2450L with 8-cores, 16-threads each; offering multiple cores for efficient VM hosting.

    • Memory: 96GB DDR3 ECC RAM, providing ample resources for running multiple virtual machines simultaneously.

    • Storage: A combination of high-capacity HDDs and SSDs configured for performance and redundancy, including:

      • 7 x 1TB WD Blue SATA HDDs for main storage of VM disks (RAID6 for fault tolerance)

      • 1 x 1TB WD Blue SATA HDD for the operating system

      • 1 x 2TB WD M.2 NVMe on PCIe Expansion Card for VMs that can benefit from low latency storage

    • Network Interface: Dual 10GbE SFP+ network card to ensure fast data transfer and minimal latency over fiber, as well as a quad 1GbE network card for the management interface and redundancy.

Hardware Configuration

  • Storage Server Hardware: The server is built on a custom setup on a HP DL380e Gen8 enterprise server, ensuring high performance and reliability. The hardware includes:

    • Processors: 2x Intel Xeon E5-2450L

    • Memory: 32GB DDR3 ECC RAM

    • Storage: A combination of high-capacity HDDs and SSDs configured for performance and redundancy, including:

      • 9 x 3TB Hitachi SAS HDDs for main storage (ZFS RAIDZ2)

      • 1 x 146GB Intel SAS HDD for operating system

      • 1 x 64GB Crucial M4 SSD for caching and performance boost (SLOG)

    • Network Interface: Quad 1GbE network card to ensure fast data transfer and minimal latency.

Additional Hardware

OPNsense firewall/router, HP Aruba S2500-24T network switch, TP-Link TL-SG2216 network switch, 2x TP-Link EAP225 access points, Grandstream DP750 DECT VoIP base station and DP720 VoIP phones, Raspberry Pi 3B and 4B, and the various laptops, desktops, tablets, phones, and home automation devices.

Software and Operating Systems

  • Primary OS: Ubuntu Server using only LTS releases, managed via SSH or the terminal via the XOA console. The majority of the servers are on 22.04 LTS with a goal to be upgraded to 24.04 LTS in the next few months.

  • Storage Platform: TrueNAS SCALE is installed on bare metal and this houses the majority of the storage within my environment. Including the local backups from XCP-ng. I currently have just over 9TB of data stored with another 10TB available. I do have compression enabled, but I am not running deduplication or encryption to save CPU and memory resources, prioritizing speed because I have a secured network and ample storage space.

  • Virtualization Platform: XCP-ng hypervisor is installed on bare metal and all of the Ubuntu servers are running as VMs on this hypervisor. The current configuration relies on the 14 VMs running on this hypervisor.

Projects and Systems

  • 1. OPNsense Router Upgrade Project:

    • Objective: Manage and configure OPNsense to enhance network security and infrastructure management, install two TP-Link access points, and set up a NGINX reverse proxy.

    • Technical Details: Configuration of the OPNsense router, TP-Link access points, and nginx reverse proxy. Configuration interface has been secured with 2FA for additional security and is only accessible from the LAN.

    • Skills Demonstrated: Network configuration, firewall management, and performance optimization.

  • 2. XCP-ng Virtual Host and Hypervisor Management:

    • Objective: Managing multiple VMs for various services within my home lab.

    • Technical Details: VM creation, resource allocation, and monitoring on the XCP-ng platform.

    • Skills Demonstrated: Virtualization, resource management, and Linux system administration.

  • 3. TrueNAS Storage Server Implementation:

    • Objective: Creating a scalable and reliable storage solution for my home lab.

    • Technical Details: Setup of TrueNAS Scale, NFS shares, and integration with other systems like Jellyfin.

    • Skills Demonstrated: Storage management, data redundancy, and network file sharing.

  • 4. Jellyfin Media Server Virtualization:

    • Objective: Deploying a media server on a VM optimized for streaming.

    • Technical Details: Installation of Ubuntu Server, Jellyfin setup, and network configuration for remote access.

    • Skills Demonstrated: Virtualization, Linux server administration, and media streaming optimization.

  • 5. Email Server Setup and Management:

    • Objective: Setting up an email server first using Zentyal, then Dovecot, Postfix, and iRedMail on a residential connection.

    • Technical Details: Configuration of SMTP smarthost, DNS records (SPF & DKIM), and integration with various email clients.

    • Skills Demonstrated: Email server administration, DNS management, and overcoming technical challenges like ISP restrictions.

  • 6. Xen Orchestra Appliance Virtualization:

    • Objective: Deploying XOA as a VM to allow for easier management and remote access to the VMs running on XCP-ng.

    • Technical Details: Installed from source on Ubuntu 22.04 LTS. Used for remote management of VMs, managed backups and snapshots, resource allocation, VM creation, VM settings management (auto-start, disk storage repositories, etc.), VM migrations, and VM health reporting.

    • Skills Demonstrated: Virtualization, backup management, resource management, and Linux system configuration.

  • 7. Nextcloud Collaboration Server Virtualization:

    • Objective: Allow file sharing of large files outside of network, document editing within the browser, file synchronization between devices, and file collaboration.

    • Technical Details: Initially installed using scripts on Ubuntu Server 18.04 LTS. It has since been moved to 22.04 LTS and is running Nextcloud AIO in a Docker container. The document collaboration is handled by the builtin Collabora Online app.

    • Skills Demonstrated: Virtualization, Docker container setup and configuration, Linux server administration, and collaboration software configuration and implementation.

  • 8. Home Assistant OS Server Virtualization:

    • Objective: Manage various home automation devices – smart bulbs, smart plugs, and smart thermostat. Some devices had been made obsolete for use with Google Home and others worked via APIs to China. I wanted to isolate these devices to my home network and continue to use perfectly operational devices that no longer worked with Google Home.

    • Technical Details: Initially installed Home Assistant Core via Docker on an Ubuntu Server 22.04 LTS VM, but found that it had major limitations on upgrades and the addition of plugins I needed. Created a new VM to install Home Assistant OS via an imported OVA file. Automation has been setup via YAML files to configure automatic control of devices at set times, triggered by other devices via push updates, or MQTT messages.

    • Skills Demonstrated: Virtualization, Docker container setup and configuration, Linux server administration, automation.

  • 9. Pufferpanel Game Management Server Virtualization:

    • Objective: Manage multiple Minecraft servers with multiple versions, along with plugins and multiple Minecraft worlds.

    • Technical Details: Installed via scripts on Ubuntu Server 22.04 LTS. Not used much, but it has been accessible externally to be able to play Minecraft in the past with my nephew. Setup to allow multiple devices with a low latency connection and enough resources to allow smooth gameplay for multiple players.

    • Skills Demonstrated: Virtualization, resource allocation, Linux server administration.

  • 10. Node-RED and MQTT Server Virtualization:

    • Objective: Setup Node-RED to test MQTT messaging to trigger a Python app on a Raspberry Pi to send text messages via a LTE cellular modem hat for an idea my wife had.

    • Technical Details: I was able to get this all setup and testing was performed, but the modem had very poor documentation and the network it was using was made obsolete a few months after I had begun testing. This project has been shelved, but I installed Mosquitto via Docker to allow easier MQTT management between my Home Assistant VM and a RPi with Rhasspy installed to act as a virtual voice assistant. This project did test good, but I had issues with the microphone and the RPi staying online, so I have also shelved this project. The automation scripts created for the voice assistant are still active and I plan to return to this project after sourcing a better microphone and speaker configuration.

    • Skills Demonstrated: Virtualization, MQTT, Python, Node-RED, YAML, automation, Docker containers.

  • 11. Observium Server Virtualization:

    • Objective: Create a central server for management of logs, inventory, resource monitoring, and uptime with automatic reporting.

    • Technical Details: I have installed and configured Observium via the installation scripts provided by them on a VM with Ubuntu Server 24.04 LTS installed. Created SNMP community and configured SNMP connections to each of the servers and network devices. Still fine tuning the metrics captured and the reports generated. Once the reports are being generated, I will be configuring them to be sent via email or other method on a regular basis to allow for easier oversight on my systems.

    • Skills Demonstrated: Virtualization, software installation and configuration, Linux server administration, monitoring and reporting, automation.

  • 12. Omada Software Controller Virtualization:

    • Objective: Server setup to configure and manage multiple TP-Link APs and migrate software from desktop. Allowing for easier control of the network configuration and data collection from the APs.

    • Technical Details: The latest version of this software would not run on anything later than Ubuntu Server 20.04 LTS. I attempted to install it on 22.04 with no success. I had some issues installing on 20.04, but was able to get it running and using the builtin migration tool, transfer control from the controller software installed on my desktop to this server. I was then able to turn on some of the data collection reporting to have better insights into device connections and issues with the wireless network.

    • Skills Demonstrated: Virtualization, software installation and configuration, Linux server administration, wireless network administration.

  • 13. nginx Reverse Proxy Server Virtualization:

    • Objective: Create a single point of entry from the firewall to the various services on the internal network that I want to expose to the internet.

    • Technical Details: Created VM with Ubuntu Server 22.04 LTS using nginx server modified for more security installed from source, which was retrieved from a git repository, then configured as a reverse proxy using config files. I have added, removed, and changed the mapping of domains and services over the years on this server. All insecure traffic is upgraded to secure traffic. Installed Certbot to help manage and request SSL certificates from Let’s Encrypt to all services passing through this reverse proxy. Configured the allowed ciphers, adjusted proxy settings, and how services are accessed to increase security to and from them. Created CAA records for each domain and setup ddclient for dynamic IP updates for all domains from this server. Created subdomains to help route traffic to each service on the individual domains.

    • Skills Demonstrated: Virtualization, DNS administration, SSL certificate management, web server configuration and management, reverse proxy configuration, Linux server administration.

  • 14. Rudder Server Virtualization:

    • Objective: Create VM with software used to manage scripts that can be centrally updated and pushed to servers to run on a schedule. Providing compliance with directives I set for each of the servers in my network.

    • Technical Details: Created VM with Ubuntu Server 22.04 LTS and installed Rudder through apt, after adding the Rudder software repository. Configured the server, then added all of the Rudder Agents to my servers. Once connected, I pushed bash scripts that would run on a schedule to automatically run updates and detect if a reboot is needed after an update, if a reboot is required, it is set to stagger the reboot script to run overnight. This is only for servers not considered critical to operations and helps keep non-critical servers patched with the latest security updates. When an agent is initially run on a newly added server, Rudder is set to push a script that will automatically create a base level of security and configuration for my servers, so they are all configured the same.

    • Skills Demonstrated: Virtualization, automation, bash scripting, device compliance, Linux server administration.

  • 15. Shinobi NVR Server Virtualization:

    • Objective: Required a VM with open-source software that can also provide real-time object detection, to be used to manage my security cameras and record video. Replacing older software that was not open-source, was unreliable, had introduced additional licensing costs that reduced my existing features, and had connections to China.

    • Technical Details: Made a VM with Ubuntu Server 22.04 LTS. Installed and configured the Shinobi NVR software using the script from their website. Setup an iSCSI share for video storage, since that would allow maximum bandwidth to and from the TrueNAS server. Initially used an NFS share, but found that it would not scrub through video quickly, if at all, and was consuming additional resources just to save video. I was able to reduce RAM usage and greatly improve reliability and consistency with the iSCSI share. Configured the cameras to record to the server. Fine tuned the object detection and detection zones to reduce the amount of videos created and also reduce the amount of time needed to find videos of past events.

    • Skills Demonstrated: Virtualization, software installation and management, media streaming optimization, resource management and optimization, Linux server administration.

  • 16. Synapse Chat Server Virtualization:

    • Objective: Needed an open-source, end-to-end encrypted chat server with encrypted storage and easy to use clients that were available on multiple devices. Federation with other chat servers would be a bonus.

    • Technical Details: Found matrix.org and their implementation of my requirements above with the Synapse Chat Server. It has since been moved to development with Element.io, but that has been our chat client of choice on all devices. Setup Ubuntu Server 22.04 LTS with the software installed from the matrix.org software repositories. Configured using the YAML config files and setup federation with the matrix.org decentralized network. Configured private rooms with encryption and disabled any additional users on the server, who are not manually created. Setup users with Element.io chat client on phones and enabled encryption.

    • Skills Demonstrated: Virtualization, software installation and configuration, encrypted communication, YAML, Linux server administration.

  • 17. Docker Container Server Virtualization:

    • Objective: Needed to have a server that could reduce the number of VMs needed for all of the websites and some services that were hosted on the network.

    • Technical Details: Configured a VM with Ubuntu Server 22.04 LTS, Docker, and Docker Compose. Setup YAML files for Wordpress and the other services that would allow me to manage each instance with Docker Compose. Setup several Wordpress Docker containers using this method. Had to work around only having one Redis server available, need to reconfigure how this sever is setup to include access to Redis for each, so they can all have server-side caching. Running a homepage for myself that aggregates some alerts from other servers in an easy to see interface that is configured using YAML files. Configured all of the ports for the sites, so that the reverse proxy can route to them individually.

    • Skills Demonstrated: Virtualization, Docker containerization, Docker Compose automation, YAML, web server setup – Apache and nginx, Wordpress, HTML5 and CSS3 (This website, significantly modified from a template found on Github), reverse proxy configuration, and multi-tenancy with Docker containerization and Wordpress.

  • 18. Web Servers Virtualization:

    • Objective: Wanted to try OpenLiteSpeed Web Server software to host Wordpress.

    • Technical Details: There are two VMs setup with this software. Both are running Ubuntu Server 24.04 LTS. They each have a Wordpress site setup and running on them with the QUIC.cloud CDN in front of them.

    • Skills Demonstrated: Virtualization, web server configuration, Wordpress, CDN configuration, web server caching, Linux server administration.

  • 19. Jitsi Video Conferencing Server Virtualization:

    • Objective: Server is not currently powered on, but the VM is still on my host, ready to be turned back on. It was to be used as an open-source implementation of video conferencing via a browser to allow for video calls outside of the SaaS offerings for video conferencing and have more control over the security of connection and QoS.

    • Technical Details: Ubuntu Server 20.04 LTS. Setup with Jitsi software and secure login for rooms. Video calls were low in artifacts and lost frames. Audio was consistent and clear. Since it was not being used, I archived it to allocate resources to other VMs.

    • Skills Demonstrated: Virtualization, streaming media optimization, Linux server administration.

  • 20. 3CX VoIP PBX Server Virtualization:

    • Objective: Create an internal PBX for voice calls and video calls. I received a free license for this software at the beginning of 2020 and decided to try and host a video conference solution for my family to connect during COVID-19.

    • Technical Details: Decided to allocate the resources for this to other VMs. I no longer have this archived either, but would like to setup an Asterisk PBX to allow me to make use of the Grandstream phones that I have in my inventory. I had this on a VM running Ubuntu Server 20.04 LTS and the phones were configured with 2 incoming numbers at one point. The VoIP DIDs were hosted by CallCentric initially and then with Twilio. I had the 3CX app installed on my phone and could successfully make and receive calls using the app and the desk phones.

    • Skills Demonstrated: Virtualization, PBX and VoIP configuration, Linux server administration.

Back to the projects list