Layer 1: The Edge & Ingress
Core Skills: Zero Trust Architecture, Cloudflare HA, Tailscale MeshLive Zero Trust Ingress Architecture
Public Request
Cloudflared HA
β
βοΈ CF Tunnel (pi4)
Physical bare-metal
βοΈ CF Tunnel (ha01)
VM on Proxmox Box
Admin VPN
Tailscale Mesh
β
π¦ Tailscale (ha02)
VM on Proxmox Box
π¦ Tailscale (ha03)
VM on Proxmox Box
β
Self-Hosted Services Network
Docker Stack
Layer 2: Physical Hardware & Compute Root
Core Skills: Bare-metal Provisioning, Proxmox VE, Direct Disk Passthrough, LVM Storage
Proxmox Virtual Environment (PVE)
Hypervisor Root
Host Hardware Limits
- Logical CPU Threads 6 Threads
- Memory Limit (RAM) 64 GB
- Primary Subnet <PRIMARY_SUBNET_CIDR>
Hosted Virtual Machines
ZuluServer
180GB Disk β’ UbuntuOMV NAS
80GB Disk + Passthroughha01 (CF)
8GB Disk β’ DietPiha02 (Vault)
8GB Disk β’ DietPiha03 (Guac)
8GB Disk β’ DietPiBase Templates
Cloud-Init TestingPVE Storage Allocations
- nvme0n1 (LVM Storage) ~1 TB
- sda & sdc (PVE Dirs) 2x 1 TB
- sdb (OMV Passthrough) 6 TB
- nvme1n1 (Optane) 14 GB
pibuster4 (Bare-metal)
Control Head
Hardware Limits
- Logic Board Pi 4B (4-Core)
- Memory Limit 4 GB LPDDR4
- Control Subnet <PI_SUBNET_CIDR>
Supervised Services
Raspberry Pi OS
Debian Bare-MetalCloudflared HA
Zero Trust Network TunnelAnsible Configuration
GitOps Automation Controllerpibuster4 Storage Allocation
- sda (USB 3.0 SSD) 489 GB
- sda1 (/boot/firmware) 512 MB
- sda2 (Root /) 488.5 GB
- zram0 (SWAP) 2 GB
Knightbox (Bare-metal)
Windows Backup Target
Hardware Limits
- Logic Board i7-12700K (12C/20T)
- Memory Limit 64 GB
- Target Subnet <BACKUP_SUBNET_CIDR>
Supervised Services
Windows Host
Bare-Metal ArchitectureVeeam Repository
Offsite Archival SyncingPlex Identity Data
LZ4 Compressed VolumesKnightbox Volumes
- C: (Windows OS) 930 GB NVMe
- D: (DATA) 2.8 TB HDD
- Total Pool ~3.7 TB
Layer 3: Logical Infrastructure & Orchestration
Core Skills: GitOps Automation, Kubernetes Declarative State, Virtual Machine Orchestration
Compute Fleet (Proxmox + ARM)
π
pibuster4 Physical bare-metal
Control Head / Ingressπ₯οΈ
ZuluServer Ubuntu VM Proxmox Box
Data Core / Observabilityπ¦
DietPi HA Fleet 3x Micro VMs Proxmox Box
Distributed MicroservicesπΎ
OpenMediaVault NAS Debian VM Proxmox Box
Physical Disk Passthrough
βΈοΈ K3s Sandbox (Rebuildable)
- Control Plane 2 Cores / 2GB
- Worker Node 2 Cores / 2GB
- OS Template Ubuntu 24.04 LTS
Terraform Managed
prevent_destroy = false
Hardware IaC Configuration
Direct physical disk attachment to OpenMediaVault NAS VM using stable hardware identifiers, bypassing Proxmox `/etc/fstab`.
Proxmox Host CLI
# Set SCSI controller & pass physical 6TB drive
qm set <OMV_VMID> -scsihw virtio-scsi-pci
qm set <OMV_VMID> -scsi0 /dev/disk/by-id/<DISK_BY_ID>,iothread=1
# Verify fstab eviction (removed from host)
cat /etc/fstab | grep sdc
qm set <OMV_VMID> -scsihw virtio-scsi-pci
qm set <OMV_VMID> -scsi0 /dev/disk/by-id/<DISK_BY_ID>,iothread=1
# Verify fstab eviction (removed from host)
cat /etc/fstab | grep sdc
βοΈ Automation Controller
GitOps Loop
Layer 4: Distributed Services
Core Skills: Microservices Architecture, Reverse Proxies, Media Pipeline IntegrationService Topologies
π‘οΈ Access 4 Nodes
Cloudflared HA
pi4/ha01
Vaultwarden
ha02
Guacamole
ha03
π Observability Global
Grafana/Prometheus
Zulu
Dozzle Aggregator
pi4
cAdvisor / Kuma
Global
π οΈ Automation Core
Pre/Post Scripts
PVE Node
Pi-hole HA
Zulu/ha03
Ansible Control
pi4
πΎ Data & Rescue 9.1 TB
Veeam Exporter
Zulu
[Knightbox] Repo
Remote
OMV Direct Disk
OMV VM
π‘οΈ 3-2-1 Disaster Recovery Pipeline
π₯οΈ
Compute Fleet
ZuluServer Configs
Vault/CF HA Fleet
OMV NAS Core
K3s Cluster Payload
β
πͺ
Knightbox Repo
Veeam Compression
β
βοΈ
Dropbox Cloud
Offsite Archive SyncHomelab Application Workloads
π¬ Media Stack
πΊ SonarrZulu
π¬ RadarrZulu
π΅ LidarrZulu
π ProwlarrZulu
π― HuntarrZulu
π§Ή CleanuparrZulu
π¦ DispatcharrZulu
πΆ SonobarrZulu
πΌ TubeArchivistZulu
π± iPlayarrZulu
π΅ CopypartyZulu
πΊ SonarrZulu
π¬ RadarrZulu
π΅ LidarrZulu
π ProwlarrZulu
π― HuntarrZulu
π§Ή CleanuparrZulu
π¦ DispatcharrZulu
πΆ SonobarrZulu
πΌ TubeArchivistZulu
π± iPlayarrZulu
π΅ CopypartyZulu
β¬οΈ Downloads & Proxy
β¬ qBittorrentZulu
π° NZBGetZulu
π‘οΈ FlareSolverrZulu
π§ Slskd (P2P)Zulu
π Nginx Proxy MgrZulu
π‘ ThreadfinZulu
π Vaultwardenha02
βοΈ Cloudflaredpi4
π WatchYourLANZulu
π GlancesZulu
β¬ qBittorrentZulu
π° NZBGetZulu
π‘οΈ FlareSolverrZulu
π§ Slskd (P2P)Zulu
π Nginx Proxy MgrZulu
π‘ ThreadfinZulu
π Vaultwardenha02
βοΈ Cloudflaredpi4
π οΈ Ops & Dashboards
π HomepageZulu
π₯οΈ HomarrZulu
π DashyZulu
π» Code-ServerZulu
π¦ GitLab CIFleet
ποΈ TerraformZulu
βοΈ Ansiblepi4
π Filebrowser QuantumZulu
π HomepageZulu
π₯οΈ HomarrZulu
π DashyZulu
π» Code-ServerZulu
π¦ GitLab CIFleet
ποΈ TerraformZulu
βοΈ Ansiblepi4
π Filebrowser QuantumZulu