The physical machines and network hardware running the lab. Three Proxmox hosts, each sized for its role rather than uniform: a low-power node for networking, an older APU for storage, and a recent multi-core CPU with a GPU for the application workload.
A compact managed switch chosen to push past gigabit on the LAN without jumping to enterprise-priced 10 GbE everywhere. The 10 Gb SFP+ port is the uplink to the NAS so storage traffic between hosts isn’t bottlenecked by access-port speed, and the PoE+ ports power the wireless access points.
| Model | KeepLink KP-9000-9XHPML-X-AC |
|---|---|
| Type | 9-Port Multi-Gigabit Managed Switch |
| Access ports | 8 × 2.5 Gbps PoE+ |
| Uplink | 1 × 10 Gbps SFP+ |
| Management | Web UI, VLANs, link aggregation |
| Spec sheet | keeplink.pro/kp-9000-9xhpml-x |
The smallest of the three hosts, deliberately. Networking sits on its own node so the firewall and VPN stay up when the application hosts are powered off for maintenance or upgrades, and so the router has no resource contention with anything else.
| CPU | Intel N100, 4 cores |
|---|---|
| Hypervisor | Proxmox VE |
| Power profile | Passively cooled, low idle draw |
| Role | Networking Always-on |
BSD-based firewall handling all LAN routing, NAT, and DNS forwarding for the lab. Also maintains a tunneled outbound gateway used for external access to internal services.
Wireless controller for the access points, a small internal homepage, and a local speed-test endpoint. Kept separate from the firewall VM so neither one can take the other down.
A purpose-built small NAS chassis with an embedded AMD APU. The CPU is modest, but for ZFS over NFS at home-network speeds it’s plenty, and the box was designed around the 3.5″ drives that matter for capacity.
| CPU | Low-power AMD APU, 2 cores |
|---|---|
| Hypervisor | Proxmox VE |
| Storage VM | ZFS-based NAS VM, 24 GiB RAM allocated |
| Role | Storage Backup agent |
| Drive | Capacity | Status |
|---|---|---|
| Seagate IronWolf 10 TB | 10 TB | Healthy |
| Seagate IronWolf 10 TB | 10 TB | Healthy |
| Toshiba 10 TB | 10 TB | Healthy Replacement |
Drives are passed through to the NAS VM by stable device ID and arranged as a single RAIDZ1 pool, so one drive can fail without data loss. The most recent rebuild, after a Toshiba replaced an aging Seagate, completed cleanly with no errors.
The workhorse. Modern multi-core CPU with a discrete GPU passed through to a single Linux VM that runs the full self-hosted application stack in containers. Sized so transcoding, photo indexing, and database workloads don’t fight each other for CPU.
| CPU | Modern Intel Core i7 |
|---|---|
| GPU | NVIDIA Quadro GPU, passed through to the VM |
| Hypervisor | Proxmox VE |
| Role | Applications |
Linux Docker host. Media, photos, files, productivity apps, automation, identity, and monitoring, all containerised, all behind a reverse proxy with SSO. The GPU handles hardware transcoding and ML-based photo indexing.
See the Services page for what runs in here.
Off-Proxmox backup destination. Deliberately on a different OS, a different vendor, and a different filesystem than the primary NAS, so a bug, a misconfigured upgrade, or a ransomware event on the primary NAS can’t cascade into the backups. Local-only, no remote access, no cloud sync.
| Type | Synology NAS |
|---|---|
| OS | DSM |
| Volume | 9.1 TB usable |
| Protocols | NFS only (SMB disabled) |
| Role | Backups LAN-only |
Holds Proxmox VM dumps and a Restic repository of NAS dataset snapshots. The full backup strategy is on the Storage & Backups page.