amphora.int

I needed a comprehensive home infrastructure solution that could provide enterprise-level services including network management, secure storage, media serving, monitoring, and automated backups.

The challenge of this project was designing and successfully implementing a production-grade infrastructure without having to make any purchases, and while learning advanced systems administration concepts.

I implemented a virtualized infrastructure using Proxmox hypervisor on custon hardware with a 16-core CPU and 80GB RAM.

I architected a comprehensive service ecosystem spanning 14 specialized Linux VMs of various distibutions. I deployed DNS, DHCP, network security, storage services, monitoring, and backup systems.

I implemented storage management with TrueNAS Scale managing multiple RAID configurations totalling 25TB of organized storage pools.

Throughout the project, I was careful to establish proper and consistent security practices with centralized authentication, service accounts, and comprehensive backup and disaster recovery.

I carefully designed the network and virtualization platform to efficiently use system resources and stay organized. I built the actual system on Proxmox Virtual Environment with backups through Proxmox Backup Manager.

I implemented network infrastructure using Pi-hole for DNS and DHCP with ad-blocking, OPNsense firewall for security, and NGINX Proxy Manager for routing.

I configured TrueNAS Scale with six organized storage pools using proper ACLs and SMB/NFS sharing protocols.

I established custom monitoring and alerts using Grafana and Prometheus. I established secure password management with VaultWarden. I automated nightly incremental backups using Proxmox Backup Server, plus additional configuration backups and replication through custom scripts and crontab.

Custom Grafana dashboard with most relevant metrics at-a-glance

Pi-hole filtering spammy and harmful requests across the network

Previous slideNext slide

I was able to successfully deploy an enterprise-grade infrastructure to my household with 99.9% uptime.

I achieved comprehensive network visibility and security through centralized DNS, firewall protection, and detailed logging and alerting.

I implemented thorough data protection via automated backups and multiple storage redundancy levels.

Through this project, I was able to synthesize multiple abstract concepts I had learned about Linux system administration, network security, storage management, and service deployment patterns, to create a production environment that is both complex and reliable.