Building a home lab server has been one of my most rewarding technical projects. It serves as a testing ground for cloud solutions, networking configurations, and IT infrastructure experiments. Here's the journey from hardware selection to current implementation.
Choosing the Right Machine to Host
While I didn't need anything super powerful, I noticed that the price floor for used SFF and Mini PCs hovered around $50. Whether the PC was from 2010-2012 or 2014-2017, most PCs had depreciated heavily and stayed at $50 but didn't drop any lower... Might as well purchase something newer then.
A good home server should stay efficient both at idle and under light to moderate load. That led me down the rabbit hole of researching power draw across various CPUs.
I ended up choosing the Ryzen 5 Pro 4650G, and here's why:
- Power Efficiency: Performs similarly to its non-APU counterpart (Ryzen 5 3600) while idling at 5 watts lower. This has been attributed to its "monolithic" design.
- Zen 2 Architecture: Avoids C-State issues on older Ryzen chipsets that would cause Linux to crash or stop functioning altogether.
- ECC Support: Support for unregistered ECC memory for better data integrity.
After adding additional storage, RAM, and installing Proxmox, I was ready to go.
Current Services & Implementation
I've had a lot of fun with the Home Lab Server since then, with a wide variety of additions and hiccups along the way:
TrueNAS
Dedicated storage solution for centralized file management and data redundancy.
Portainer
Container management interface for spinning up and managing Docker containers efficiently.
Minecraft Server
Locally hosted game server for friends and testing multiplayer configurations.
Jellyfin
Self-hosted media server for movies, music, and personal media collection.
pfSense Virtual Firewall
Currently my main focus - implementing advanced networking rules, monitoring traffic, and testing enterprise-grade network security concepts.
WireGuard VPN Implementation
WireGuard is currently running as a VPN server to enable remote access to other devices on the network while I'm away. However, this setup came with its challenges:
Fix 1: Dynamic IP Challenge
One of the first issues I ran into was that I hadn't set a domain for remote access. Everything was tied to my dynamic public IP address. The problem? Every time my ISP refreshed the IP, my WireGuard tunnel would break. Not ideal for stability.
Solution: I set up Dynamic DNS (DDNS). Now, instead of relying on a static IP, I use a domain that always points to the correct public IP, even when it changes.
To keep that domain updated in real-time, I spun up a lightweight Docker container that automatically checks and updates the DNS record whenever my public IP changes. With this in place, I can securely access my WireGuard tunnel using a consistent domain name.
The lab continues to evolve as I experiment with new technologies and solutions. It's become an essential tool for validating concepts before implementing them in production environments.