Homelab, Virtualization, DevOps
•
15 min read
Complete Homelab Setup Guide with Proxmox VE
Learn how to build a professional homelab environment using Proxmox VE for virtualization, containerization, and automated infrastructure management
proxmox
homelab
virtualization
lxc
automation
monitoring
devops
Introduction
Building a homelab is an excellent way to learn enterprise technologies, test configurations, and develop DevOps skills in a safe environment. Proxmox VE (Virtual Environment) offers a powerful, open-source platform for virtualization and containerization, ideal for creating a professional home lab setup.
In this comprehensive guide, we’ll walk through designing and deploying a complete homelab environment using Proxmox VE, including network segmentation, automated backups, monitoring, and self-hosted services.
Why Proxmox VE for Homelab?
Proxmox VE offers several advantages for homelab enthusiasts and DevOps professionals:
- Open Source: Free to use with enterprise-grade features
- Type-1 Hypervisor: Direct hardware access for optimal performance
- LXC Containers: Lightweight, fast containerization alongside VMs
- Web Interface: Intuitive management through browser-based UI
- Backup & Replication: Built-in backup strategies and disaster recovery
- Clustering: Multi-node support for high availability
- Active Community: Extensive documentation and community support
Homelab Architecture Overview
Our homelab design follows enterprise best practices while remaining accessible for learning:
# Homelab architecture
proxmox_cluster:
nodes:
- pve01: main compute node
- pve02: backup/redundancy node
storage:
- local-lvm: fast SSD storage
- nfs-share: network storage for backups
- ceph: distributed storage (optional)
networking:
- vmbr0: management network (192.168.1.0/24)
- vmbr1: isolated lab network (10.0.0.0/24)
- vmbr2: DMZ network (172.16.0.0/24)
services:
- monitoring: prometheus, grafana
- automation: ansible, terraform
- development: gitlab, jenkins
- storage: nextcloud, samba
- security: pfsense, openvpn
Hardware Requirements
Minimum Requirements
- CPU: 4+ cores (Intel VT-x/AMD-V support)
- RAM: 16GB DDR4
- Storage: 256GB SSD for OS + 1TB for VMs
- Network: Gigabit Ethernet
- Power: Reliable PSU with UPS backup
Recommended Setup
- CPU: 8+ cores (Intel i7/Ryzen 7 or better)
- RAM: 32GB+ DDR4
- Storage: 512GB NVMe + 2TB+ SSD/HDD
- Network: 2.5GbE or 10GbE
- RAID: Hardware RAID or ZFS for data protection
Installing Proxmox VE
Download and Installation
- Download Proxmox VE ISO:
# Download from official site
wget https://enterprise.proxmox.com/iso/proxmox-ve_9.0-1.iso
- Create Bootable USB:
# Using dd command (replace /dev/sdX with your USB device)
sudo dd if=proxmox-ve_9.0-1.iso of=/dev/sdX bs=4M status=progress
- Installation Process:
- Boot from USB
- Select “Install Proxmox VE”
- Configure network settings
- Set root password
- Choose target disk
- Complete installation
Post-Installation Configuration
# Update system packages
apt update && apt upgrade -y
# Backup & Configure network interfaces
[ -f /etc/network/interfaces.default ]||cp -pv /etc/network/interfaces{,.default}
cat <<EOF > /etc/network/interfaces
# Example network configuration
auto lo
iface lo inet loopback
auto vmbr0
iface vmbr0 inet static
address 192.168.1.100/24
gateway 192.168.1.1
bridge-ports eno1
bridge-stp off
bridge-fd 0
EOF
# Restart networking
systemctl restart networking
Network Design and Segmentation
VLAN Configuration
Create isolated networks for different purposes:
# /etc/network/interfaces
# Management Network (VLAN 1)
auto vmbr0.1
iface vmbr0.1 inet static
address 192.168.1.100/24
gateway 192.168.1.1
vlan-raw-device vmbr0
# Lab Network (VLAN 10)
auto vmbr0.10
iface vmbr0.10 inet static
address 10.0.0.1/24
vlan-raw-device vmbr0
# DMZ Network (VLAN 20)
auto vmbr0.20
iface vmbr0.20 inet static
address 172.16.0.1/24
vlan-raw-device vmbr0
Firewall Rules
# Configure iptables for network isolation
# Allow management access
iptables -A INPUT -i vmbr0.1 -j ACCEPT
# Allow lab network to access internet
iptables -A FORWARD -i vmbr0.10 -o vmbr0.1 -j ACCEPT
# Restrict DMZ access
iptables -A FORWARD -i vmbr0.20 -o vmbr0.1 -j DROP
Storage Configuration
Local Storage Setup
# Create LVM thin pool for VMs
pvcreate /dev/sdb
vgcreate pve /dev/sdb
lvcreate -l 100%FREE -T pve/vmdata
# Create ZFS pool for data storage
zpool create tank mirror /dev/sdc /dev/sdd
zfs create tank/vmdata
zfs create tank/backups
NFS Storage for Backups
# Install NFS server
apt install nfs-kernel-server
# Configure exports
echo "/mnt/backups 192.168.1.0/24(rw,sync,no_subtree_check)" >> /etc/exports
exportfs -a
# Mount in Proxmox
pvesm add nfs backup-nfs --server 192.168.1.100 --export /mnt/backups
Virtual Machine Templates
Ubuntu Server Template
Create a reusable template for consistent VM deployment:
# Download Ubuntu cloud image 22.04
wget https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img
# Create VM template
qm create 9000 --name ubuntu-template --memory 2048 --cores 2 --sockets 1
qm importdisk 9000 jammy-server-cloudimg-amd64.img local-lvm
qm set 9000 --scsihw virtio-scsi-pci --scsi0 local-lvm:vm-9000-disk-0
qm set 9000 --boot c --bootdisk scsi0
qm set 9000 --serial0 socket --vga serial0
qm set 9000 --ciuser ubuntu --cipassword ubuntu
qm set 9000 --sshkeys ~/.ssh/id_rsa.pub
qm set 9000 --ipconfig0 ip=dhcp
qm template 9000
Windows Template
# Create Windows VM template
qm create 9001 --name windows-template --memory 4096 --cores 2 --sockets 1
qm set 9001 --scsihw virtio-scsi-pci
qm set 9001 --boot c --bootdisk scsi0
qm set 9001 --serial0 socket --vga serial0
qm template 9001
LXC Container Setup
Development Environment Container
# Create development container
pct create 100 local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.gz \
--hostname dev-env \
--memory 2048 \
--cores 2 \
--rootfs local-lvm:8 \
--net0 name=eth0,bridge=vmbr0.10,ip=10.0.0.10/24,gw=10.0.0.1
# Start container
pct start 100
# Install development tools
pct exec 100 -- bash -c "
apt update && apt install -y git docker.io python3-pip nodejs npm
systemctl enable docker
usermod -aG docker 1000
"
Monitoring Container
# Create monitoring container
pct create 101 local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.gz \
--hostname monitoring \
--memory 4096 \
--cores 2 \
--rootfs local-lvm:16 \
--net0 name=eth0,bridge=vmbr0.1,ip=192.168.1.101/24,gw=192.168.1.1
# Install monitoring stack
pct exec 101 -- bash -c "
apt update && apt install -y docker.io docker-compose
mkdir -p /opt/monitoring
cd /opt/monitoring
"
Automated Backup Strategy
Backup Configuration
# Create backup script
cat > /root/backup-script.sh << 'EOF'
#!/bin/bash
# Backup all VMs and containers
vzdump --all --compress gzip --storage backup-nfs --mode snapshot
# Clean old backups (keep 7 days)
find /mnt/backups -name "*.vma.gz" -mtime +7 -delete
# Sync to remote storage
rsync -avz --delete /mnt/backups/ user@remote-server:/backups/proxmox/
chmod +x /root/backup-script.sh
# Add to crontab
echo "0 2 * * * /root/backup-script.sh" | crontab -
Backup Verification
# Test backup restoration
qmrestore /mnt/backups/vzdump-qemu-100-2025_01_26-02_00_00.vma.gz 999
# Verify VM functionality
qm start 999
qm stop 999
qm destroy 999
Monitoring and Observability
Prometheus Setup
# docker-compose.yml for monitoring
version: "3.8"
services:
prometheus:
image: prom/prometheus:latest
container_name: prometheus
ports:
- "9090:9090"
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml
- prometheus_data:/prometheus
command:
- "--config.file=/etc/prometheus/prometheus.yml"
- "--storage.tsdb.path=/prometheus"
- "--web.console.libraries=/etc/prometheus/console_libraries"
- "--web.console.templates=/etc/prometheus/consoles"
- "--storage.tsdb.retention.time=200h"
- "--web.enable-lifecycle"
grafana:
image: grafana/grafana:latest
container_name: grafana
ports:
- "3000:3000"
volumes:
- grafana_data:/var/lib/grafana
environment:
- GF_SECURITY_ADMIN_PASSWORD=admin123
volumes:
prometheus_data:
grafana_data:
Proxmox Metrics Collection
# prometheus.yml
global:
scrape_interval: 15s
scrape_configs:
- job_name: "proxmox"
static_configs:
- targets: ["192.168.1.100:9221"]
metrics_path: /metrics
scheme: https
tls_config:
insecure_skip_verify: true
basic_auth:
username: "prometheus@pve"
password: "your-password"
Self-Hosted Services
GitLab CI/CD
# Create GitLab VM from template
qm clone 9000 1000 --name gitlab
qm set 1000 --memory 8192 --cores 4
qm set 1000 --ipconfig0 ip=192.168.1.10/24,gw=192.168.1.1
qm start 1000
# Install GitLab
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash
apt install gitlab-ce
gitlab-ctl reconfigure
Nextcloud Storage
# Create Nextcloud container
pct create 102 local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.gz \
--hostname nextcloud \
--memory 2048 \
--cores 2 \
--rootfs local-lvm:32 \
--net0 name=eth0,bridge=vmbr0.1,ip=192.168.1.11/24,gw=192.168.1.1
# Install Nextcloud
pct exec 102 -- bash -c "
apt update && apt install -y apache2 mariadb-server php php-mysql
wget https://download.nextcloud.com/server/releases/latest.zip
unzip latest.zip -d /var/www/
chown -R www-data:www-data /var/www/nextcloud
"
Security Hardening
Network Security
# Configure firewall rules
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 8006 -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -P INPUT DROP
# Save rules
iptables-save > /etc/iptables/rules.v4
SSL/TLS Configuration
# Install Certbot for Let's Encrypt
apt install certbot python3-certbot-apache
# Generate SSL certificate
certbot --apache -d homelab.yourdomain.com
# Configure Proxmox HTTPS
nano /etc/hosts
# Add: 192.168.1.100 homelab.yourdomain.com
Automation with Ansible
Ansible Playbook for Homelab
# homelab-setup.yml
---
- name: Configure Proxmox Homelab
hosts: proxmox
become: yes
tasks:
- name: Update system packages
apt:
update_cache: yes
upgrade: yes
- name: Install monitoring tools
apt:
name:
- htop
- iotop
- nethogs
- iftop
state: present
- name: Configure backup storage
file:
path: /mnt/backups
state: directory
mode: "0755"
owner: root
group: root
- name: Setup automated backups
cron:
name: "Proxmox backup"
hour: "2"
minute: "0"
job: "/root/backup-script.sh"
state: present
Terraform for Infrastructure as Code
# main.tf
terraform {
required_providers {
proxmox = {
source = "telmate/proxmox"
version = "2.9.14"
}
}
}
provider "proxmox" {
pm_api_url = "https://192.168.1.100:8006/api2/json"
pm_api_token_id = var.pm_api_token_id
pm_api_token_secret = var.pm_api_token_secret
pm_tls_insecure = true
}
resource "proxmox_vm_qemu" "test_server" {
name = "test-server"
target_node = "pve01"
clone = "ubuntu-template"
cores = 2
sockets = 1
memory = 2048
network {
bridge = "vmbr0.10"
model = "virtio"
}
disk {
type = "scsi"
storage = "local-lvm"
size = "20G"
}
}
Performance Optimization
Resource Allocation
# CPU pinning for performance-critical VMs
qm set 1000 --cpulimit 4 --cpuunits 1000
# Memory ballooning
qm set 1000 --balloon 1
# Storage optimization
qm set 1000 --scsi0 local-lvm:20,cache=writeback,ssd=1
Network Optimization
# Enable jumbo frames for storage network
ip link set vmbr1 mtu 9000
# Configure network bonding
auto bond0
iface bond0 inet manual
bond-slaves eno1 eno2
bond-mode 802.3ad
bond-miimon 100
Troubleshooting Common Issues
VM Won’t Start
# Check VM configuration
qm config 1000
# Verify storage availability
pvesm status
# Check system resources
htop
df -h
Network Connectivity Issues
# Test network connectivity
ping -c 4 192.168.1.1
# Check bridge configuration
brctl show
# Verify firewall rules
iptables -L -n -v
Backup Failures
# Check backup logs
tail -f /var/log/vzdump.log
# Verify storage space
df -h /mnt/backups
# Test backup manually
vzdump 100 --storage backup-nfs --mode snapshot
Scaling Your Homelab
Adding Additional Nodes
# Join node to cluster
pvecm add 192.168.1.101
# Verify cluster status
pvecm status
# Migrate VMs between nodes
qm migrate 1000 pve02 --online
Storage Expansion
# Add new disk to LVM
pvcreate /dev/sde
vgextend pve /dev/sde
lvextend -l +100%FREE pve/vmdata
Best Practices Summary
Security
- Use strong passwords and SSH keys
- Implement network segmentation
- Regular security updates
- Monitor access logs
Performance
- Right-size VMs and containers
- Use SSD storage for active workloads
- Implement resource limits
- Monitor resource usage
Reliability
- Automated backups with testing
- Redundant storage
- Monitoring and alerting
- Documentation of configurations
Maintenance
- Regular system updates
- Log rotation and cleanup
- Performance monitoring
- Capacity planning
Conclusion
Building a homelab with Proxmox VE provides an excellent platform for learning enterprise technologies and developing DevOps skills. The combination of virtualization and containerization offers flexibility for various use cases, from development environments to production-like testing scenarios.
Key takeaways from this guide:
- Plan your architecture before implementation
- Implement proper networking with VLANs and firewalls
- Automate everything possible with scripts and IaC
- Monitor and backup your infrastructure
- Document your setup for future reference
Remember that a homelab is a living environment that evolves with your learning and needs. Start simple and gradually add complexity as you become more comfortable with the platform.
Resources
- Proxmox VE Documentation
- Proxmox Community Forum
- LXC Container Documentation
- Ansible Documentation
- Terraform Proxmox Provider
This guide provides a foundation for building a professional homelab environment. Adapt the configurations and recommendations to match your specific hardware and requirements.
Jan 25, 2025
Complete Kubernetes Monitoring Guide for DevOps Engineers
Learn how to implement comprehensive monitoring and observability for Kubernetes clusters using Prometheus, Grafana, and modern DevOps practices
Jan 26, 2025
Bitcoin Deployment & Monitoring: A DevOps Engineer's Guide
Learn how to deploy, monitor, and maintain Bitcoin nodes in production environments using modern DevOps practices, containerization, and observability tools
Stay Updated
Get the latest DevOps insights and best practices delivered to your inbox
No spam, unsubscribe at any time