Daniel Bird

Infrastructure, support, systems, things built properly

← Back to Projects

Enterprise Infrastructure & Homelab

The start of my home lab and learning experience

What originally started as a small VoIP project quickly evolved into a fully self-hosted enterprise-style infrastructure environment designed to simulate real-world production systems, networking, and service delivery.

As I continued learning and expanding my technical knowledge, I wanted to move beyond isolated projects and instead build a complete infrastructure ecosystem where services, networking, security, virtualisation, and applications could all integrate together in a realistic environment.

This homelab became the foundation for nearly every project I have worked on since, allowing me to gain practical hands-on experience with enterprise technologies, troubleshooting, infrastructure design, and self-hosted services.

Project Goals

From the beginning, the primary objectives for the environment were:

  • Create a fully self-hosted infrastructure environment
  • Learn enterprise-style networking and system administration
  • Implement secure service segmentation and access control
  • Host production-style services and applications internally
  • Improve knowledge of virtualisation, disaster recovery, and infrastructure resilience
  • Develop practical troubleshooting and deployment experience

Infrastructure Stack

The environment was designed using multiple infrastructure layers to closely mirror how modern enterprise environments are structured.

Network Layer

  • pfSense firewall for routing, NAT, VPNs, and security policy enforcement
  • Cisco managed switch for VLAN segmentation and structured network design
  • UniFi wireless access points for wireless coverage and segmented SSIDs

Using VLANs and firewall rules, I was able to isolate services, improve internal security, and gain practical experience with network segmentation and traffic management.

Virtualisation Layer

  • VMware ESXi host for virtual machine management and workload isolation

Virtualisation allowed multiple independent services to operate securely and efficiently within the same physical environment while also providing flexibility for testing, snapshots, backups, and disaster recovery planning.

Service Layer

Several enterprise-style services were deployed and integrated into the environment, including:

  • Microsoft Exchange mail server with SMTP relay integration
  • Nextcloud private cloud storage platform
  • Veeam Backup & Replication for disaster recovery and backup management
  • Kemp LoadMaster for reverse proxying, HTTPS publishing, and SSL termination
  • VoIP infrastructure using FreePBX and SIP communications

These services were integrated together using internal DNS, firewall policies, SSL certificates, reverse proxying, and secure external access configuration.

Application Layer

  • ASP.NET Core (.NET 8) web applications
  • Personal portfolio website hosted internally
  • Self-managed HTTPS service publishing and application hosting

Hosting applications within the environment allowed me to gain experience with deployment workflows, application hosting, secure web publishing, and infrastructure integration.

Security & Disaster Recovery

Security and resilience became a major focus as the environment expanded and more services became interconnected.

To improve resilience and prepare for worst-case scenarios, I designed and implemented a backup strategy based on the 3-2-1 principle using Veeam Backup & Replication.

This included:

  • Onsite backups for fast service restoration
  • Offsite backups for protection against hardware or location failure
  • Offline backups for ransomware and compromise protection

I also regularly tested restore procedures, failover scenarios, and service recovery processes to validate the integrity and reliability of the environment.

Learning & Troubleshooting

One of the most valuable aspects of this project was the troubleshooting and problem-solving experience gained throughout the deployment and maintenance process.

Since all services were interconnected, even small issues within DNS, firewall rules, SSL certificates, routing, or service dependencies could impact multiple systems simultaneously.

Troubleshooting these scenarios significantly improved my understanding of:

  • Enterprise networking concepts
  • Infrastructure dependency management
  • Service integration and communication
  • System reliability and resilience
  • Production-style troubleshooting methodologies
  • Infrastructure security and access control

Outcome

This project evolved into a fully functional enterprise-style homelab platform combining networking, virtualisation, infrastructure services, application hosting, backup management, and secure external service delivery.

More importantly, it provided hands-on practical experience with technologies and concepts commonly found within real-world IT infrastructure environments.

Through building and maintaining this environment, I significantly strengthened my knowledge of:

  • Networking and VLAN segmentation
  • Virtualisation and infrastructure hosting
  • Enterprise service deployment
  • Reverse proxying and secure service publishing
  • Disaster recovery and backup planning
  • Infrastructure troubleshooting and systems integration
  • Self-hosted application and service management

This homelab continues to serve as both a learning environment and a platform for developing new infrastructure projects, applications, and enterprise-style services.