Skip to content

The state of my homelab in 2025

At the start of this year I decided to embrace the challenge of building my own home server and going deep into the self-hosted world. I’ve always been interested in open-source and free software, mainly for privacy reasons as I’m a privacy advocate and it always made sense to me to own and control my data, so self-hosting apps and services was a natural fit for me.

Following this, and inspired by The Orange One’s series, I decided to document that process and share my thoughts and learnings along the way. At the moment I’m writing this, I’ve been working on the server for about two months, and I managed to get the main services and tools running, but there’s still some work until it reaches a point where I’m satisfied with it.

I hope to continue to learn and improve my skills, and to share my learnings with others.

System overview

Applications

Hardware

Storage

Backups

Still need to implement off-site encrypted backups for critical data, so I will probably be using Backblaze B2 as I’ve been reading about them and the reviews are positive and it seems to have a good price-quality ratio. For now I’m still copying my data from other services to the new server, so there’s not much to lose in case something goes wrong, except configurations.

Automation

About losing configs. I didn´t want to have to tune everything up every time I wanted to change something on the server or on any of the apps, so I’ve been using Terraform to provision the infrastructure of the VMs and LXCs containers in Proxmox and Ansible to configure the apps and docker containers. This is still a work in progress, but I’m pretty satisfied with how it’s going. It has kind of a large learning curve but I think it’s worth it in the long run as it allows me to focus on really using the tools and not having to worry about the underlying infrastructure.

I’ll try to write more about this setup in the future.

Network

For now, as I don’t intend to open my services to the internet, I’m currently using Adguard-Home as my DNS server and Nginx Proxy Manager to be able to access the services using a custom domain, instead of having to memorize the IP addresses and ports of the services.

Nginx Proxy Manager works as a reverse proxy for the services and it also generates a Let’s Encrypt certificate for the custom domain, so I don’t have to worry about getting warnings about the certificate being self-signed everytime I want to access the apps.

Remote Access

For acessing my internal network without opening it to the world, I’m working on implementing Tailscale as a solution.

Next Steps