🏗️ Network Architecture
Production-Grade Homelab Infrastructure with Pi-Hub
🌐 Internet
☁️
VPS Gateway
IONOS Berlin • 2 vCPU • 2GB RAM • 80GB NVMe
→ Traefik (Reverse Proxy)
→ Gerbil (Wireguard Gateway)
→ CrowdSec (IDS/IPS)
→ UFW Firewall
→ Newt Relay Client
🔒 Encrypted Tunnel
🔐
Wireguard VPN
Zero-trust encrypted connection VPS → Pi Hub
→ TLS 1.3 encryption
→ Automatic reconnection
→ NAT traversal
→ Sub-10ms latency
🧠 Pangolin Brain
🥧
Raspberry Pi 5 Hub
Pi 5 8GB • NVMe Gen3 • Ethernet • 27W PSU
→ Pangolin Server (Identity/SSL)
→ Newt Tunnel Termination
→ Traefik Routing
→ Let's Encrypt Certificates
→ Local Network Bridge
🏠 Home Network
🖥️
NAS Server
i3-13100 • 32GB RAM • 33TB RAID5 • ZimaOS
→ Docker Engine (40+ containers)
→ BTRFS Filesystem
→ mdadm RAID5
→ Application Services
→ Database Instances
🛡️
Pi-hole DNS
Network-wide ad-blocking & DNS
→ DNS filtering
→ DHCP server
→ Ad blocking
→ Query logging
📦 Services
🎬
Media Stack
Automated media management & streaming
Emby • Sonarr • Radarr
Prowlarr • Bazarr • Lidarr
qBittorrent • Gluetun VPN
☁️
Productivity
Self-hosted cloud services
Nextcloud • Immich Photos
Paperless-NGX • Vaultwarden
Joplin • Linkwarden
🗄️
Infrastructure
Backend & database services
PostgreSQL (8x instances)
Redis (3x instances)
Dockge • Syncthing
👤 Clients
💻
End Users
Secure access from anywhere
Web browsers (HTTPS only)
Mobile apps (iOS/Android)
Desktop clients
Public Gateway
Encrypted Tunnel
Pangolin Brain (Pi 5)
Home Infrastructure
Application Services
40+
Services
33TB
Storage
~90%
Uptime
35W
Total Power