gero.dev LogoGero Gerke
Blog
[email protected]
Published on

My overkill Homeserver

Network/Infrastructure/Homelab/Homeserver/DevOps

Introduction

I've been running various online services for myself and the public on budget-friendly VPS providers like Netcup and Hetzner for quite some time now. The idea of homelabbing has always intrigued me, but I never had a stable enough internet connection or the means to set up a commercial server at home. I had only hosted smaller applications on a thin client.

However, things changed about six months ago when I relocated to a new apartment boasting a robust 20Gbit/s internet uplink and even a dedicated server room. This significant upgrade in my living situation prompted me to explore the possibility of migrating my web services to a server located right here.

The Hardware

I was fortunate to come across a used server for around 150€ which fit my specifications:

Dell R520

  • 2 × Intel Xeon E5-2440
  • 2 × 256GB Crucial MX500
  • 4 × 1TB HDD
  • 2 × 414W PSU
  • 80GB DDR3 ECC RAM
  • Dell H710
  • iDRAC Enterprise

I took the initiative to upgrade this server further by adding a dual-port 10Gbit/s network card, which I acquired for a small €10, and a 1TB Crucial MX500 SSD, which set me back €45. Forthermore, I added 16 more Gigabyte of RAM that I had laying around bringing the total to 96GB of RAM.

The Homeserver (and its uplink fiber on top)

Software

In my current setup, I've opted for Proxmox 8 as the hypervisor running on my machine. Given that most of my existing services were already hosted on Docker within my VPS, I made the strategic choice to create a larger VM to serve as the Docker host. This decision allowed me to maintain my Traefik reverse-proxy configuration, mirroring the setup I had on my previous VPS.

In terms of routing internet traffic, I've now transitioned to utilizing Cloudflare tunnels in conjunction with Traefik. My primary motivation for this shift is to circumvent the need to request open ports, which, in my network, has been associated with certain drawbacks, including automated security scans from web scrapers operated by my internet uplink.

The last piece that remains to be migrated is my Matrix server. For this, there certainly won't be a way around requesting an opened port.