Mikkel Damgaard

Menu

Hardware

For my home server, I use a Dell OptiPlex Micro, which offers the perfect balance of compact size, power efficiency, and reliable performance. It’s well-suited for running multiple Linux services and containerized applications without drawing excessive power or taking up space.

Hardware Specifications:

  • CPU: Intel Core i5-8500T, 6 cores, base frequency 2.10GHz
  • Memory: 16GB DDR4 @ 2333MHz
  • Storage: 1TB NVMe SSD for fast and responsive storage
  • Power Consumption: Typically 15–25W under load

The biggest advantage of the OptiPlex Micro is its low power draw and 24/7 reliability. Consuming only as much electricity as a standard light bulb, it is both cost-effective and environmentally friendly to keep running continuously. 

Overall, this compact system provides excellent value as a home server platform: energy-efficient, quiet, and powerful enough to run a wide variety of services in a homelab environment.

68747470733a2f2f7777772e70726f786d6f782e636f6d2f696d616765732f70726f786d6f782f50726f786d6f785f73796d626f6c5f7374616e646172645f6865782e706e67

Hypervisor

I use a hypervisor to make better use of my hardware and keep services isolated. Instead of running everything on one host, each service runs in its own VM, which makes the setup simpler, more scalable, and more stable. If one server has an issue, it doesn’t affect the others.

For the software, I chose Proxmox VE, a free and well-supported Type 1 hypervisor. It combines KVM virtualization with LXC containers, offers an easy-to-use web interface, and includes advanced features like snapshots, backups, and clustering. Proxmox has strong community support and a solid development roadmap, making it reliable and future-proof for a home server environment.

I use proxmox’s inbuild backup functianality and keep backups both locally and in Azure, this ensures i have a secure imuteable backup and a local backup which is fast to restore from. Ensuring that i can restore no matter what if i tend to get hacked in the future. As much as i would have loved having a backup solution with air gaped backups sadly i don’t, and its just to save on cost, becouse this is not a serious production company who falls under if somehow the imuteable backups isn’t enough. 

My Featured Servers / Applications

I use Home Assistant as the central hub for managing my smart home. Through it, I control all my lights, temperature settings, and other connected devices. Beyond just home automation, I also integrate data from third-party servers and applications, making Home Assistant the central mangament system in my home and server envirement. 

My long-term goal is to make Home Assistant the only interface I need to check for both monitoring and managing applications, tools and programs I use in the daily. To make sure my Home Assistant runs smooth, I have several “backend applications” running in the background that handle infrastructure tasks such as authentication, reverse proxies, and networking.

For stability and performance, I run Home Assistant using the official KVM virtual machine image. This ensures the best experience as its the most supported out of the box method to run Home Assistant. 

I run a dedicated server with Docker, hosting several containers for different applications and services. To simplify the management of these containers, I use Portainer as a user friendly interface on top of Docker.

I really appreciate the flexibility of Docker because it offers a wide range of preconfigured, ready-to-deploy containers. This makes it possible to spin up new services quickly without the hassle of complex setup, while still maintaining good security practices and separation between applications.

To enhance security and streamline access, my Portainer instance is integrated with Authentik as the Identity Provider (IdP), providing Single Sign-On (SSO) for authentication. This setup gives me both convenience and centralized control over access management across my services.

I run Zabbix as my main monitoring solution, keeping track of all my servers, containers, and services. It provides real-time insights into performance, availability, and resource usage, while also sending out alerts and alarms whenever something goes wrong. This ensures I can respond quickly and keep everything running smoothly.

To extend its capabilities, Zabbix is fully integrated with my Grafana server. While Zabbix handles the raw monitoring and alerting, Grafana takes that data and transforms it into custom dashboards that visualize every aspect of my infrastructure. From firewall activity to performance metrics across my Linux servers and Docker containers. 

Both Zabbix and Grafana are configured to use Authentik as the Identity Provider (IdP) with Single Sign-On (SSO). This keeps authentication consistent, secure, and centralized across my monitoring and visualization stack.

At the core of my infrastructure, I run an Authentik server that acts as the central Identity Provider (IdP) for my entire environment. My goal is to have all applications whether its front-facing tools like Home Assistant and Grafana or backend management systems like Portainer and Zabbix integrated with Authentik for authentication.

By unifying authentication under Authentik, I enable Single Sign-On (SSO) across my home server ecosystem. This approach not only streamlines access by reducing the need for multiple logins, but it also greatly improves security and manageability. With one consistent identity provider, I can enforce stronger policies, centralize user management, and have a clear overview of who can access what.

Ultimately, Authentik provides the backbone for a more cohesive, secure, and user-friendly environment, tying all my services together under a strong an secure authetication layer

I use Traefik in my home server environment as my reversed proxy, this is because it provides a flexible and powerful way to manage access to all of my services. One of the key benefits is its seamless integration with Cloudflare, which allows me to automatically obtain a wildcard SSL certificates. This means I can securely serve all of my home services over HTTPS without needing to manually manage individual certificates for each service.

Traefik supports both statically configured reverse proxies and dynamic configurations, which makes it incredibly versatile. For services that are always running, I can define static routes in the configuration, ensuring they are reliably accessible. At the same time, Traefik’s built-in dynamic reverse proxy functionality allows it to automatically detect and expose Docker containers as soon as they start, making it extremely convenient.

By using Traefik, I get a unified entry point for all my home services, automated SSL management, and a simple way to scale or modify services without having to configure and renew certificates manually for all my services and constantly update reverse proxy configuration. This combination of automation, security, and flexibility makes Traefik an ideal choice for my home server setup.

The services listed above represent only a selection of the essential services I run on my home server. In addition, my server also hosts:

  • Mailcow – Primarily used for SMTP with OAuth 2.0 authentication, enabling secure email verification for outgoing alerts and system notifications.
  • Mealie – A meal planning tool capable of web scraping recipes, storing them locally, and generating weekly meal plans along with shopping lists for required ingredients.
  • Nextcloud – Centralized file management for easy storage, access, and sharing of files.
  • Wazuh – A full SIEM solution for monitoring and detecting security threats within my server environment.
  • CloudPanel – A platform for hosting and managing my web servers.
  • Technitium – My preferred DNS server for network management.
  • Semaphore – A management platform for orchestrating and executing Ansible automation scripts.
  • WebDB – A web-based database management tool for investigating and managing databases from anywhere.

 

All these services talk together to provide a stable infrastructure which is secure and has a very high uptime while focusing on scalabilty and ease of new deployments that should integrate with the current setup.

My future plans and ideas

I really do think i have a good base of applications and software that fits nicely with what i want in a home server as a tech nerd. Of cause i have future plans software wise and im constantly updateting and improving my servers and services along the way but its really not my focus point for the future.

So for future plans im mostly thinking for hardware options that can help me achieve more redundancy, this has not been my focus as im the only person to use these systems and essentialy i don’t care if my services goes down for some time, i am configureing this stuf becouse i like playing arround with infrastructure and use this to extend my knowledge to essentially help my proffesional carrier. 

I really want to implement a cluster for my proxmox installation, i wan’t 3 physical hosts which i can use to build a cluster that has utilizes CEPH to share their own local storage with eachother much like a Raid 5 system, making sure i can dynamicly move vm’s accross servers if needed due to maintannce or host problems. 

This is rather expensive and thats what have kept me away from setting this up.