Documentation Index
Fetch the complete documentation index at: https://docs.jacobpevans.com/llms.txt
Use this file to discover all available pages before exploring further.
The goal: fault-tolerant infrastructure I can rebuild from a single nix build.
The homelab is a real production environment, just for one person. Proxmox cluster on bare metal, UniFi networking, Splunk indexers, Cribl Edge collectors, Home Assistant, a docker-host VM for the necessary evil of vendor-locked containers.
Topology
Container philosophy
LXC by default. Native packages where possible. Docker is the exception — high-volume network traffic must never cross Docker’s virtualized networking. The decision tree:- Vendor ships Docker-only image with no native path → Docker on the dedicated
docker-hostVM. Documented exception at the top of the repo’sCLAUDE.md. - Single binary or native package → LXC + Ansible role.
- CI/automation → Docker on the docker-host VM, isolated
ci_runnersnetwork. - Dev / test → Docker on the docker-host VM, Swarm overlay.
What runs where
| Workload | Where | Why |
|---|---|---|
| Proxmox host | Bare metal | Hypervisor |
| HAProxy | LXC | Lightweight, native systemd unit |
| Cribl Edge | LXC | Native package, network-heavy |
| Splunk Enterprise | Bare-metal-ish VM | Vendor-only Docker option ruled out for network volume |
| Home Assistant | LXC | Native install via supervised path |
| docker-host | VM | Isolated landing pad for vendor Docker images |
| GitHub Actions runners | Docker on docker-host | Ephemeral container-per-job, isolated ci_runners network |
| Qdrant (vector DB) | LXC (nesting) | Vendor Docker image, lightweight, RAG workload |