← Cheatsheets
Tags: homelab, self-hosting, server, proxmox, docker, ollama, networking, devops
Last updated: 2026-07-02
Homelab for Vibe Coders Cheatsheet
What Is a Homelab for Vibe Coding?
A homelab is a personal server setup at home — a playground where you run your own services, host your own AI models, and build infrastructure without cloud bills. For a vibe coder, a homelab means:
| Benefit | What It Gives You |
| Local AI inference | Run Ollama, Open WebUI, and local LLMs 24/7 without API costs |
| Private Git + CI/CD | Host your own Gitea/Forgejo with Drone/Woodpecker runners |
| Self-hosted databases | Postgres, Redis, MariaDB for your projects — no $29/mo cloud tiers |
| Always-on services | VPN, DNS, monitoring, backups — learn infra while building apps |
| No surprise bills | Fixed electricity cost. No cloud vendor lock-in. |
Hardware Considerations
Recommended Specs by Use Case
| Use Case | CPU | RAM | Storage | GPU | Est. Cost |
| Minimal (LLM + Git + NAS) | 4-core Intel N100/N305 | 16 GB | 2x 1TB SSD | None (CPU-only Ollama) | £150–250 |
| Mid-range (7B–14B models + services) | 6–8 core Ryzen/Core i5 | 32–64 GB | 2x 2TB NVMe + HDDs | GTX 1060 6GB / RTX 3050 | £400–700 |
| Serious (30B+ models + CI runners) | 12–16 core (Ryzen 9, Xeon) | 64–128 GB | 4x+ drives (ZFS pool) | RTX 3090 24GB / RTX 4090 | £1,200–2,500 |
| Enterprise-lite (70B models + full infra) | Dual Xeon / Threadripper | 128–256 GB | 6x+ drives (ZFS RAID) | Dual RTX 3090 / A6000 | £3,000–6,000+ |
🚨 Pro Tip: GPU Is Everything for AI
- For Ollama/LLM inference, the GPU is your most important component. A 24GB RTX 3090 is the best price-to-performance card for local AI. It runs 30B models at Q4_K_M comfortably.
- CPU-only inference is 10–50x slower. A 7B model on a modern CPU gets ~2–5 tok/s vs ~40–60 tok/s on a GPU.
- Used enterprise gear (Dell PowerEdge, HP ProLiant, SuperMicro) on eBay is cheap but loud and power-hungry. A quiet mini PC with an external GPU is often better for a home office.
- Intel Arc A770 16GB is a surprisingly good budget AI card (£200–250 used) with 16GB VRAM.
Hardware Shopping List
| Component | Budget Pick | Sweet Spot | Power User |
| Mini PC | Beelink N100 16GB | Minisforum MS-01 i9 64GB | Custom build with GPU |
| Used Server | Dell T320 (quiet tower) | Dell T440 / HP ML350 | Rackmount: Dell R740xd |
| GPU (AI) | Intel Arc A770 16GB | RTX 3090 24GB (used) | Dual RTX 3090 / A6000 |
| Storage | 2x 1TB NVMe (mirror) | 4x 4TB HDD (RAID-Z1) + NVMe cache | 8x 20TB HDD + Optane |
| Network | Built-in 1GbE | 2.5GbE switch + NIC | 10GbE SFP+ switch + NIC |
| UPS | CyberPower 1500VA | APC 1500VA with network card | Dual UPS + ATS |
Operating System & Hypervisor
Proxmox VE (Recommended)
Proxmox is a free, open-source hypervisor based on Debian. It runs VMs (KVM) and containers (LXC) with a web UI.
# Download from https://proxmox.com — ISO installer
# After install:
apt update && apt dist-upgrade -y
# Remove enterprise repo (free users)
rm /etc/apt/sources.list.d/pve-enterprise.list
echo "deb https://download.proxmox.com/debian/pve bookworm pve-no-subscription" > /etc/apt/sources.list.d/pve.list
# Create a privileged LXC container for Docker (nesting)
pct create 100 local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst \
--storage local-lvm --memory 8192 --cores 4 \
--net0 name=eth0,bridge=vmbr0,ip=dhcp \
--unprivileged 0 --features nesting=1
| Hypervisor | Best For | Notes |
| Proxmox VE | General homelab, VMs + LXC | Free, great web UI, ZFS native, backup built-in |
| Ubuntu Server | Simple single-purpose box | Good if you don't need VMs. Run Docker + Ollama directly. |
| TrueNAS Scale | Storage + VMs in one | Excellent ZFS, built-in SMB/NFS/iSCSI. KVM for lightweight VMs. |
| ESXi (free) | VMware ecosystem | Free tier limits: 8 vCPU per VM. Being phased out by Broadcom. |
| Unraid | Docker + VMs + NAS | Paid (£40+). Easy disk pooling with mixed drive sizes. |
Recommended VM / LXC Layout
Proxmox Host
├── LXC: Docker host (Ubuntu 22.04) — 8GB RAM, 4 vCPU
│ ├── Ollama + Open WebUI
│ ├── Gitea + Woodpecker CI
│ ├── Postgres + Redis
│ ├── Nginx Proxy Manager
│ └── Uptime Kuma + Grafana
├── LXC: Media server — 4GB RAM
│ ├── Jellyfin / Plex
│ └── Sonarr / Radarr / Transmission
├── VM: TrueNAS Scale (passed-through HBA) — 8GB RAM
│ └── ZFS pools shared via NFS/SMB
└── VM: Development sandbox — 16GB RAM, 4 vCPU, GPU passthrough
└── Test builds, CI runners, experiment with new tools
Essential Services for Vibe Coders
AI / LLM Stack
| Service | Purpose | Install |
| Ollama | Run LLMs locally | curl -fsSL https://ollama.com/install.sh | sh |
| Open WebUI | ChatGPT-like UI for Ollama | docker run -d -p 3000:8080 ghcr.io/open-webui/open-webui:main |
| LocalAI | OpenAI API-compatible alternative | docker run -ti --gpus all quay.io/go-skynet/local-ai:latest |
| AnythingLLM | RAG with your documents | docker run -d -p 3001:3001 mintplexlabs/anythingllm |
| ComfyUI | Stable Diffusion image gen | git clone https://github.com/comfyanonymous/ComfyUI |
Development Services
| Service | Purpose | Install |
| Gitea / Forgejo | Self-hosted Git (like GitHub) | docker run -d -p 3000:3000 gitea/gitea |
| Woodpecker CI | Lightweight CI/CD (Drone fork) | docker run -d -p 8000:8000 woodpeckerci/woodpecker-server |
| MinIO | S3-compatible object storage | docker run -d -p 9000:9000 minio/minio |
| Nginx Proxy Manager | Reverse proxy with SSL | docker run -d -p 80:80 -p 443:443 jc21/nginx-proxy-manager |
| Portainer | Docker management UI | docker run -d -p 9001:9001 portainer/portainer |
Databases (Self-Hosted)
# PostgreSQL
docker run -d --name postgres -e POSTGRES_PASSWORD=secret -p 5432:5432 postgres:16
# Redis
docker run -d --name redis -p 6379:6379 redis:7-alpine
# MariaDB
docker run -d --name mariadb -e MARIADB_ROOT_PASSWORD=secret -p 3306:3306 mariadb:11
# MongoDB
docker run -d --name mongodb -p 27017:27017 mongo:7
Monitoring & Backup
| Service | Purpose | Install |
| Uptime Kuma | Uptime monitoring + alerts | docker run -d -p 3001:3001 louislam/uptime-kuma |
| Grafana + Prometheus | Metrics dashboards + collection | docker compose -f prometheus-grafana.yml up -d |
| Netdata | Real-time system monitoring | bash <(curl -Ss https://my-netdata.io/kickstart.sh) |
| Duplicati | Encrypted backups to cloud/remote | docker run -d -p 8200:8200 duplicati/duplicati |
| BorgBackup | Deduplicating backups (CLI) | apt install borgbackup |
Networking
Basic Network Layout
Internet
└─ Router / Firewall (OPNsense / pfSense / OpenWRT)
├─ VLAN 10: Servers (Proxmox, Docker hosts)
├─ VLAN 20: Trusted (Desktop, laptop)
├─ VLAN 30: IoT (smart devices — isolated)
└─ VLAN 40: Guest WiFi (internet only)
Reverse Proxy with SSL
Use Nginx Proxy Manager or Traefik to route traffic:
ollama.vibed.local → Open WebUI (port 3000)
git.vibed.local → Gitea (port 3000)
monitor.vibed.local → Uptime Kuma (port 3001)
For external access, use Cloudflare Tunnel or Tailscale instead of opening ports:
# Cloudflare Tunnel (no open ports needed)
docker run -d --name cloudflare-tunnel \
cloudflare/cloudflared:latest tunnel --no-autoupdate run \
--token YOUR_TOKEN_HERE
# Tailscale VPN mesh
curl -fsSL https://tailscale.com/install.sh | sh
tailscale up --accept-routes
Useful Tools
| Tool | Purpose |
| Pi-hole | Network-wide ad blocking (DNS sinkhole) |
| AdGuard Home | Pi-hole alternative with nicer UI |
| WireGuard | Fast, modern VPN (built into Proxmox/Ubuntu) |
| Tailscale | Zero-config VPN mesh based on WireGuard |
| Cloudflare Tunnel | Expose services without opening ports |
| Caddy | Automatic HTTPS reverse proxy (simple config) |
| Netbird | Open-source alternative to Tailscale |
Storage
ZFS Basics
ZFS is the gold standard for homelab storage — it's a filesystem + volume manager with checksumming, snapshots, and RAID built in.
# Create a mirrored pool (2 drives)
zpool create tank mirror /dev/sda /dev/sdb
# Create a RAID-Z1 pool (3+ drives, 1 parity)
zpool create tank raidz /dev/sda /dev/sdb /dev/sdc
# Create datasets with different properties
zfs create tank/docker
zfs create tank/media
zfs create tank/backups
zfs set compression=lz4 tank/backups
zfs set atime=off tank/docker
# Snapshots
zfs snapshot tank/docker@2026-07-02
zfs rollback tank/docker@2026-07-02
# Send snapshot to remote backup
zfs send tank/docker@2026-07-02 | ssh backup-server zfs recv backup-tank/docker
- Use separate pools for fast (NVMe) and bulk (HDD) storage.
- L2ARC (read cache on SSD) helps ZFS if you have spinning rust + spare SSD.
- Special vdev for metadata on NVMe speeds up small-file operations.
- Don't use RAID-5 on HDDs over 4TB — rebuild times risk URE. Use RAID-Z2 or mirrors.
- For Docker volumes, disable
atime and set recordsize=16K for database performance.
Security
First Steps
# SSH hardening
sed -i 's/#PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config
sed -i 's/#PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config
systemctl restart sshd
# Firewall (UFW)
ufw default deny incoming
ufw default allow outgoing
ufw allow ssh
ufw allow https
ufw enable
# Fail2ban
apt install fail2ban
systemctl enable --now fail2ban
# Automatic security updates
apt install unattended-upgrades
dpkg-reconfigure --priority=low unattended-upgrades
General Rules
- Never expose SSH on a non-standard port — security by obscurity is not security. Use a VPN or Tailscale instead.
- Isolate services with Docker networks — each stack gets its own network.
- Use reverse proxy for HTTPS — never run a raw HTTP service on the open internet.
- Backups are security — ransomware can't hold you hostage if you have clean snapshots + off-site backups.
- Monitor login attempts —
journalctl -u sshd -f and set up alerts for repeated failures.
Power & Cooling
| Factor | Impact |
| Idle power | An N100 mini PC sips ~15W. A dual-Xeon server pulls ~120W idle, 300W+ loaded. £50 vs £400+/year. |
| GPU power | An RTX 3090 draws 350W under load. Running AI inference continuously adds up fast. |
| Cooling | Rack servers are LOUD (60–70 dB). Tower servers are quieter. Mini PCs are silent. |
| UPS runtime | 1500VA UPS runs a mini PC for ~2 hours. A loaded server rack for ~10 minutes. |
| Location | Basement/garage for rack gear. Office/living room for mini PCs. |
Rule of thumb: A homelab that costs £500/year in electricity is fine. £2,000/year is a second car.
Sample Deployment: Vibe Coder Starter Lab (£300)
Budget-build hardware:
- Beelink N100 mini PC (16GB RAM, 512GB SSD) — ~£150
- External 2TB USB3 SSD — ~£80
- Raspberry Pi 4 (4GB) — ~£50
- UPS: used APC Back-UPS — ~£30
Services (all on the Beelink):
- Ollama + Open WebUI (7B models, CPU-only)
- Gitea + Woodpecker CI
- Postgres + Redis
- Nginx Proxy Manager
- Uptime Kuma
Pi 4:
- Pi-hole (DNS ad-blocking)
- WireGuard (VPN)
- Network-wide monitoring
Total electricity: ~25W = ~£30/year
Troubleshooting
| Problem | Likely Cause | Fix |
| Services unreachable after reboot | Docker not starting on boot | systemctl enable docker && systemctl enable containerd |
| Proxmox VM won't start | No more RAM available | Check free -h and shut down unused VMs/LXCs |
| ZFS pool DEGRADED | A drive failed | zpool status to identify, zpool replace |
| Slow Docker writes (databases) | ZFS recordsize too large | zfs set recordsize=16K tank/docker |
| GPU not detected in LXC | Passthrough not configured | Add lxc.cgroup2.devices.allow: c 195:* rwm + mount /dev/dri |
| High power bill | Server running 24/7 at high load | CPU governor to powersave, spin down idle drives |
| Cloudflare Tunnel dropping | Outdated cloudflared | docker pull cloudflare/cloudflared:latest |
| Can't reach services externally | Firewall blocking | Check ufw status and reverse proxy port (443) |
Tips & Advice
- Start small. A used mini PC + Ollama + Gitea is more useful than an empty 42U rack.
- Document everything. Keep a
homelab.md with passwords, IPs, and config notes.
- Use Docker Compose. Don't install services directly on the host. Compose files are reproducible.
- Separate fast and slow storage. SSDs for databases. HDDs for media and backups.
- Set up monitoring first. Uptime Kuma and Netdata should be the first services you deploy.
- Backups > RAID. RAID protects against drive failure, not fire, theft, or
rm -rf. Have off-site backups.
- Don't expose services directly. Use Tailscale, Cloudflare Tunnel, or a VPN.
- Learn Proxmox backups.
vzdump is built-in. Schedule nightly backups.
- Power matters. A £80 UPS is cheaper than a corrupted ZFS pool from a power cut.
- The best homelab is the one you actually use. Build for what you need right now.