[Joffrey Birster]
Infrastructure Engineer
Building and automating a production homelab with 50+ Ansible roles, spanning network management, containerized services, monitoring, and backup systems.
My Homelab
A production-grade home infrastructure built on dedicated hardware — network-segmented, fully monitored, and automated end to end with Ansible. Every component is managed as code: deploy, backup, and restore.
Network & Security
OPNsense firewall at the core with 8 VLANs isolating servers, desktops, cameras, and guests. Strict inter-VLAN rules, WireGuard VPN for remote access, Kea DHCP and Unbound DNS — all managed via REST API.
Virtualization server
HP Z440 workstation running Proxmox VE with a Xeon E5-2698v3 and 128GB DDR4. Hosts 10+ VMs: monitoring stack, logging, Docker services, cameras, a Windows gaming VM with PCI passthrough, a Linux dev VM, and test servers.
Storage & Backup
Synology DS418 with 4×3TB as the primary NAS. A dedicated Proxmox Backup Server runs nightly encrypted VM backups. An OpenMediaVault VM acts as a secondary redundant target. All backup jobs are automated and managed as code.
Monitoring & Observability
Grafana dashboards fed by InfluxDB and Telegraf agents on every host. Centreon handles service checks and sends email alerts via Postfix. Graylog aggregates logs from all servers using rsyslog.
Services
A Docker VM hosts 15+ services: Vaultwarden (passwords), Nextcloud (file sync), GitLab, Navidrome (music), Joplin (notes), Mealie (recipes), DokuWiki, 2FAuth, and more — all behind Nginx Proxy Manager with SSL. ZoneMinder handles IP cameras on an isolated VLAN.
Automation
50+ Ansible roles cover the entire infrastructure: firewall rules, DHCP/DNS, certificates, monitoring agents, Docker deployments, and backup pipelines. Every role is idempotent and uses the code as source of truth.
Technologies & Tools
The stack powering the homelab infrastructure.