I've always been a multi-disciplinary person - every aspect of technology interests me. The problem is never the curiosity, it's finding enough time. Well, I never found enough of it, but I built this anyway.
I planned and built a multi-node Proxmox cluster, a managed enterprise switch, a professional pfSense firewall, and a massive UPS. Yes, I have a server rack. And yes, my office is a bit warmer than the rest of the house. That's a sacrifice I can live with.
This project is genuinely addicting - tons of fun. I get to work at the bare metal level, start from power, move up through the physical networking layer, and build everything above it from scratch. I started it out of pure love for trying, discovering, and exploring new things. I wanted to level up my skills across the board. It became my greatest hobby - I stopped gaming, and whenever I have free time, this is where I go.
The idea is simple: build a company-like infrastructure covering every aspect I can think of. My nickname is NX1X and I call my projects NX1X LAB - where I try, test, break, and learn.
I won't go into the full architecture details here for privacy and security reasons. If you have questions or want to know more, feel free to reach out: nx1xlab.dev/contact
Configs, internal details, and some tools are intentionally not published here for security and privacy reasons.
I'll be publishing configurations from time to time. Latest upload: Self-hosted GitLab & GitLab Runner. Enjoy!
- Hypervisor - Proxmox VE, multi-node cluster
- Firewall / Router - pfSense (DNS, DHCP, VPN, Next-Generation Firewall)
- Networking - Managed switch, VLAN-segmented zones, encrypted VPN for remote access
- Storage - ZFS (RAIDZ1, snapshots), software RAID, NFS, TrueNAS Scale
- Backups - Scheduled cluster-wide VM backups + ZFS snapshots
- UPS - Graceful cluster shutdown on power loss (NUT)
- Docker + Docker Compose + Portainer
- Kubernetes
- ArgoCD
- Terraform - VM provisioning as code
- Ansible - configuration management across all nodes
- GitLab (self-hosted) - Git, CI/CD, issue tracking
- Wazuh XDR & SIEM - centralized log analysis and intrusion detection on all nodes
- Syslog - centralized log collection from all infrastructure components
- Next-Generation Firewall (NGFW) with IDS/IPS - application-aware traffic inspection, intrusion detection and prevention
- Internal CA - TLS for all internal services, no plain HTTP
- Zero trust network access - all remote access goes through identity-verified encrypted tunnels
- Cluster monitoring - real-time Slack alerts for VM events, resource usage, ZFS health, and security events
| App | Purpose |
|---|---|
| Nextcloud | Personal cloud, file sync, calendar |
| Jellyfin | Media streaming |
| Immich | Photo and video library |
| ARMA 3 server | Private game server |
| Tool | Description | Status |
|---|---|---|
| SwitchSentinel | Python CLI for automated switch configuration backups | Personal / Private |
| pfSentinel | Python CLI for pfSense management and automation | Open Source |