Tags: homelab, self-hosting, server, proxmox, docker, ollama, networking, devops Last updated: 2026-07-02

Homelab for Vibe Coders Cheatsheet

What Is a Homelab for Vibe Coding?

A homelab is a personal server setup at home — a playground where you run your own services, host your own AI models, and build infrastructure without cloud bills. For a vibe coder, a homelab means:

BenefitWhat It Gives You
Local AI inferenceRun Ollama, Open WebUI, and local LLMs 24/7 without API costs
Private Git + CI/CDHost your own Gitea/Forgejo with Drone/Woodpecker runners
Self-hosted databasesPostgres, Redis, MariaDB for your projects — no $29/mo cloud tiers
Always-on servicesVPN, DNS, monitoring, backups — learn infra while building apps
No surprise billsFixed electricity cost. No cloud vendor lock-in.

Hardware Considerations

Recommended Specs by Use Case

Use CaseCPURAMStorageGPUEst. Cost
Minimal (LLM + Git + NAS)4-core Intel N100/N30516 GB2x 1TB SSDNone (CPU-only Ollama)£150–250
Mid-range (7B–14B models + services)6–8 core Ryzen/Core i532–64 GB2x 2TB NVMe + HDDsGTX 1060 6GB / RTX 3050£400–700
Serious (30B+ models + CI runners)12–16 core (Ryzen 9, Xeon)64–128 GB4x+ drives (ZFS pool)RTX 3090 24GB / RTX 4090£1,200–2,500
Enterprise-lite (70B models + full infra)Dual Xeon / Threadripper128–256 GB6x+ drives (ZFS RAID)Dual RTX 3090 / A6000£3,000–6,000+

🚨 Pro Tip: GPU Is Everything for AI

Hardware Shopping List

ComponentBudget PickSweet SpotPower User
Mini PCBeelink N100 16GBMinisforum MS-01 i9 64GBCustom build with GPU
Used ServerDell T320 (quiet tower)Dell T440 / HP ML350Rackmount: Dell R740xd
GPU (AI)Intel Arc A770 16GBRTX 3090 24GB (used)Dual RTX 3090 / A6000
Storage2x 1TB NVMe (mirror)4x 4TB HDD (RAID-Z1) + NVMe cache8x 20TB HDD + Optane
NetworkBuilt-in 1GbE2.5GbE switch + NIC10GbE SFP+ switch + NIC
UPSCyberPower 1500VAAPC 1500VA with network cardDual UPS + ATS

Operating System & Hypervisor

Proxmox VE (Recommended)

Proxmox is a free, open-source hypervisor based on Debian. It runs VMs (KVM) and containers (LXC) with a web UI.

# Download from https://proxmox.com — ISO installer
# After install:
apt update && apt dist-upgrade -y

# Remove enterprise repo (free users)
rm /etc/apt/sources.list.d/pve-enterprise.list
echo "deb https://download.proxmox.com/debian/pve bookworm pve-no-subscription" > /etc/apt/sources.list.d/pve.list

# Create a privileged LXC container for Docker (nesting)
pct create 100 local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst \
  --storage local-lvm --memory 8192 --cores 4 \
  --net0 name=eth0,bridge=vmbr0,ip=dhcp \
  --unprivileged 0 --features nesting=1
HypervisorBest ForNotes
Proxmox VEGeneral homelab, VMs + LXCFree, great web UI, ZFS native, backup built-in
Ubuntu ServerSimple single-purpose boxGood if you don't need VMs. Run Docker + Ollama directly.
TrueNAS ScaleStorage + VMs in oneExcellent ZFS, built-in SMB/NFS/iSCSI. KVM for lightweight VMs.
ESXi (free)VMware ecosystemFree tier limits: 8 vCPU per VM. Being phased out by Broadcom.
UnraidDocker + VMs + NASPaid (£40+). Easy disk pooling with mixed drive sizes.

Recommended VM / LXC Layout

Proxmox Host
├── LXC: Docker host (Ubuntu 22.04)  — 8GB RAM, 4 vCPU
│   ├── Ollama + Open WebUI
│   ├── Gitea + Woodpecker CI
│   ├── Postgres + Redis
│   ├── Nginx Proxy Manager
│   └── Uptime Kuma + Grafana
├── LXC: Media server  — 4GB RAM
│   ├── Jellyfin / Plex
│   └── Sonarr / Radarr / Transmission
├── VM: TrueNAS Scale (passed-through HBA)  — 8GB RAM
│   └── ZFS pools shared via NFS/SMB
└── VM: Development sandbox  — 16GB RAM, 4 vCPU, GPU passthrough
    └── Test builds, CI runners, experiment with new tools

Essential Services for Vibe Coders

AI / LLM Stack

ServicePurposeInstall
OllamaRun LLMs locallycurl -fsSL https://ollama.com/install.sh | sh
Open WebUIChatGPT-like UI for Ollamadocker run -d -p 3000:8080 ghcr.io/open-webui/open-webui:main
LocalAIOpenAI API-compatible alternativedocker run -ti --gpus all quay.io/go-skynet/local-ai:latest
AnythingLLMRAG with your documentsdocker run -d -p 3001:3001 mintplexlabs/anythingllm
ComfyUIStable Diffusion image gengit clone https://github.com/comfyanonymous/ComfyUI

Development Services

ServicePurposeInstall
Gitea / ForgejoSelf-hosted Git (like GitHub)docker run -d -p 3000:3000 gitea/gitea
Woodpecker CILightweight CI/CD (Drone fork)docker run -d -p 8000:8000 woodpeckerci/woodpecker-server
MinIOS3-compatible object storagedocker run -d -p 9000:9000 minio/minio
Nginx Proxy ManagerReverse proxy with SSLdocker run -d -p 80:80 -p 443:443 jc21/nginx-proxy-manager
PortainerDocker management UIdocker run -d -p 9001:9001 portainer/portainer

Databases (Self-Hosted)

# PostgreSQL
docker run -d --name postgres -e POSTGRES_PASSWORD=secret -p 5432:5432 postgres:16

# Redis
docker run -d --name redis -p 6379:6379 redis:7-alpine

# MariaDB
docker run -d --name mariadb -e MARIADB_ROOT_PASSWORD=secret -p 3306:3306 mariadb:11

# MongoDB
docker run -d --name mongodb -p 27017:27017 mongo:7

Monitoring & Backup

ServicePurposeInstall
Uptime KumaUptime monitoring + alertsdocker run -d -p 3001:3001 louislam/uptime-kuma
Grafana + PrometheusMetrics dashboards + collectiondocker compose -f prometheus-grafana.yml up -d
NetdataReal-time system monitoringbash <(curl -Ss https://my-netdata.io/kickstart.sh)
DuplicatiEncrypted backups to cloud/remotedocker run -d -p 8200:8200 duplicati/duplicati
BorgBackupDeduplicating backups (CLI)apt install borgbackup

Networking

Basic Network Layout

Internet
  └─ Router / Firewall (OPNsense / pfSense / OpenWRT)
       ├─ VLAN 10: Servers (Proxmox, Docker hosts)
       ├─ VLAN 20: Trusted (Desktop, laptop)
       ├─ VLAN 30: IoT (smart devices — isolated)
       └─ VLAN 40: Guest WiFi (internet only)

Reverse Proxy with SSL

Use Nginx Proxy Manager or Traefik to route traffic:

For external access, use Cloudflare Tunnel or Tailscale instead of opening ports:

# Cloudflare Tunnel (no open ports needed)
docker run -d --name cloudflare-tunnel \
  cloudflare/cloudflared:latest tunnel --no-autoupdate run \
  --token YOUR_TOKEN_HERE

# Tailscale VPN mesh
curl -fsSL https://tailscale.com/install.sh | sh
tailscale up --accept-routes

Useful Tools

ToolPurpose
Pi-holeNetwork-wide ad blocking (DNS sinkhole)
AdGuard HomePi-hole alternative with nicer UI
WireGuardFast, modern VPN (built into Proxmox/Ubuntu)
TailscaleZero-config VPN mesh based on WireGuard
Cloudflare TunnelExpose services without opening ports
CaddyAutomatic HTTPS reverse proxy (simple config)
NetbirdOpen-source alternative to Tailscale

Storage

ZFS Basics

ZFS is the gold standard for homelab storage — it's a filesystem + volume manager with checksumming, snapshots, and RAID built in.

# Create a mirrored pool (2 drives)
zpool create tank mirror /dev/sda /dev/sdb

# Create a RAID-Z1 pool (3+ drives, 1 parity)
zpool create tank raidz /dev/sda /dev/sdb /dev/sdc

# Create datasets with different properties
zfs create tank/docker
zfs create tank/media
zfs create tank/backups
zfs set compression=lz4 tank/backups
zfs set atime=off tank/docker

# Snapshots
zfs snapshot tank/docker@2026-07-02
zfs rollback tank/docker@2026-07-02

# Send snapshot to remote backup
zfs send tank/docker@2026-07-02 | ssh backup-server zfs recv backup-tank/docker

Security

First Steps

# SSH hardening
sed -i 's/#PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config
sed -i 's/#PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config
systemctl restart sshd

# Firewall (UFW)
ufw default deny incoming
ufw default allow outgoing
ufw allow ssh
ufw allow https
ufw enable

# Fail2ban
apt install fail2ban
systemctl enable --now fail2ban

# Automatic security updates
apt install unattended-upgrades
dpkg-reconfigure --priority=low unattended-upgrades

General Rules

Power & Cooling

FactorImpact
Idle powerAn N100 mini PC sips ~15W. A dual-Xeon server pulls ~120W idle, 300W+ loaded. £50 vs £400+/year.
GPU powerAn RTX 3090 draws 350W under load. Running AI inference continuously adds up fast.
CoolingRack servers are LOUD (60–70 dB). Tower servers are quieter. Mini PCs are silent.
UPS runtime1500VA UPS runs a mini PC for ~2 hours. A loaded server rack for ~10 minutes.
LocationBasement/garage for rack gear. Office/living room for mini PCs.

Rule of thumb: A homelab that costs £500/year in electricity is fine. £2,000/year is a second car.

Sample Deployment: Vibe Coder Starter Lab (£300)

Budget-build hardware:
- Beelink N100 mini PC (16GB RAM, 512GB SSD)  — ~£150
- External 2TB USB3 SSD  — ~£80
- Raspberry Pi 4 (4GB)  — ~£50
- UPS: used APC Back-UPS  — ~£30

Services (all on the Beelink):
- Ollama + Open WebUI (7B models, CPU-only)
- Gitea + Woodpecker CI
- Postgres + Redis
- Nginx Proxy Manager
- Uptime Kuma

Pi 4:
- Pi-hole (DNS ad-blocking)
- WireGuard (VPN)
- Network-wide monitoring

Total electricity: ~25W = ~£30/year

Troubleshooting

ProblemLikely CauseFix
Services unreachable after rebootDocker not starting on bootsystemctl enable docker && systemctl enable containerd
Proxmox VM won't startNo more RAM availableCheck free -h and shut down unused VMs/LXCs
ZFS pool DEGRADEDA drive failedzpool status to identify, zpool replace
Slow Docker writes (databases)ZFS recordsize too largezfs set recordsize=16K tank/docker
GPU not detected in LXCPassthrough not configuredAdd lxc.cgroup2.devices.allow: c 195:* rwm + mount /dev/dri
High power billServer running 24/7 at high loadCPU governor to powersave, spin down idle drives
Cloudflare Tunnel droppingOutdated cloudflareddocker pull cloudflare/cloudflared:latest
Can't reach services externallyFirewall blockingCheck ufw status and reverse proxy port (443)

Tips & Advice