[Joffrey Birster]
Infrastructure Engineer
Building and automating a production homelab with 51+ Ansible roles, spanning network management, containerized services, monitoring, and backup systems.
My Homelab
A production-grade home infrastructure built on dedicated hardware — network-segmented, fully monitored, and automated end to end with Ansible. Every component is managed as code: deploy, backup, and restore with a single playbook run.
Network & Security
OPNsense firewall at the core with 8 VLANs isolating servers, desktops, cameras, and guests. Strict inter-VLAN rules, WireGuard VPN for remote access, Kea DHCP and Unbound DNS — all managed via REST API.
Compute
HP Z440 workstation running Proxmox VE with a Xeon E5-2698v3 and 128GB DDR4. Hosts 10+ VMs: monitoring stack, logging, Docker services, cameras, a Windows gaming VM with PCI passthrough, a Linux dev VM, and test servers.
Storage & Backup
Synology DS418 with 4×3TB as the primary NAS. Uses Synology SHR Raid and encrypted folders. Hosts all kinds of data, including music, pictures, videos, backups. I also have an Openmediavault VM for backup redundancy.
Monitoring & Observability
Grafana dashboards fed by InfluxDB and Telegraf agents on every host. Centreon handles service checks and sends email alerts via Postfix. Graylog aggregates logs from all servers using rsyslog.
Services
A Docker VM hosts Vaultwarden (passwords), GitLab, Navidrome (music streaming), Maloja (listening stats), 2FAuth, and more — all behind Nginx Proxy Manager with individual SSL certificates. ZoneMinder handles IP cameras on an isolated VLAN.
Automation
51+ Ansible roles cover the entire infrastructure: firewall rules, DHCP/DNS, certificates, monitoring agents, Docker deployments, and backup pipelines. Every role is idempotent and uses the code as source of truth.
Technologies & Tools
The stack powering the homelab infrastructure.