The Homelab Almanac: A guide for starting the homelab journey, from purchasing to DevOps deployment

By Michael Taggart

A guide for starting the homelab journey, from planning to purchasing to deployment using DevOps tools.

Have you ever wanted to simulate enterprise networks from the comfort of your home? Ever dream of executing malware in a safe, controlled environment? What about automating your deployments with industry-standard tools, all from the comfort of your home?

If so, this book can help you realize your homelab aspirations. Take advantage of Michael Taggart's years of experience studying, designing, and deploying diverse IT systems, with a focus on affordability and ease of deployment. Leverage open source software to build secure, reproducible environments for any lab scenario. From simple WordPress servers to entire Windows domains, In The Homelab Almanac, you'll find everything you need to begin.

• Language: English
• Publisher: Lulu.com
• Release date: Sep 12, 2023
• ISBN: 9781312450516

Book preview

Table of Contents

About This Book

Prologue

Part 1: Planning

0: Introduction

1: Essential Questions

2: Hardware Choices

3: Purchasing

Part 2: Building the Lab

0: Introduction

1: Lab Server Setup

2: Network Creation

3: The Router

4: The Jumpbox - Network Configuration

5: The Jumpbox - Tools

6: The Seclab Repository

7: Asset Inventory

8: Vault

9: Packer

10: Ubuntu Template

11: Kali Template

12: Windows Desktop Template

13: Windows Server Template

14: Windows 11/Server 2022

15: Terraform

16: Ansible

17: Docker Host

18: Attack Box

19: Lab Firewall Config

20: SIEM

Part 3: Deployments

0: Introduction

1: Juice Shop

2: WordPress

3: Malware Lab

4: Windows Domain

5: Packet Capture

Epilogue

Acknowledgments

The Homelab Almanac

A guide for starting the homelab journey, from planning to DevOps deployment.

About the Author

Michael Taggart is a career technologist and educator, with over a decade of experience building software and IT systems and training others how to do the same. Currently a Senior Cybersecurity Researcher for UCLA Health, Taggart spends his days hunting and emulating threat actors. At night, he produces cybersecurity content on Twitch, YouTube, and his own education platform The Taggart Institute. Before pivoting to infosec, he worked as a computer science instructor, contract web developer, and Director of Technology for multiple schools.

Taggart holds a Bachelor’s in English and Creative Writing from Ursinus College, and a Master’s Degree in Education Leadership from the University of Pennsylvania. Certifications include: LFCS, Security+, CISSP, CRTO, eCTHPv2, and eWPT.

Taggart lives in Los Angeles with his wife, daughter, and what some have called a concerning number of computing devices.

AI Free Disclaimer

No part of this book was generated by a large language model such as ChatGPT or Google Bard. The prose and code you see here was created by humans, mostly by me, with help from open source software authors and contributors.

Copyright

© 2023 The Taggart Institute LLC. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher.

isbn

Version

Version 1.2.2, published 2023-10-29

Prologue

My Homelab Origin Story

I grew up around computer parts. My father's work on flight simulator software meant we always had multiple PCs, components, and peripherals in varying states of functionality strewn about the house. If I wanted a machine to play Treasure Mathstorm or my shareware copy of Commander Keen, it was on me to cobble together the components to get it working.

And then I just...never stopped tinkering.

Now that I've not-so-subtly established I'm an Old that's been at this for a while, let me tell you about my current homelab journey, and why I wrote this book.

Roundabout May of 2020, I got extremely bored due to the pando. And it was going to be my first summer not employed as a professional educator, having made the jump to cybersecurity earlier that year. Any other summer, I'd be looking forward to working with interns on summer IT projects, teaching and working hard alongside enthusiastic learners.

For me, teaching is not a job I can move on from. It's how I interact with the world, seeking knowledge and sharing it with others. Even in that isolating time, that impulse required an outlet.

So I started streaming—first on YouTube, then on Twitch. Once again, I just...never stopped. At some point it became clear that the concepts and technologies I wanted to explore on stream required more than platforms like TryHackMe or HackTheBox could offer. And, if I'm being honest, I wanted to scratch the old sysadmin itch.

The server arrived, and I've been happily using it as a teaching and learning lab ever since. Much of the journey has been documented on YouTube, but I feel that compiling everything in writing will become a valuable resource for our community.

This book is the distillation of not just my homelab journey, but my years of experience in system administration, network engineering, cybersecurity, and technology education. I hope it can serve as a guide on your homelab journey, whatever shape it takes and wherever it may lead.

Homelab Definition

The term homelab can mean many different things, depending on whom you ask. Let's lock down our definition right now: we're discussing a virtual lab environment run by a hypervisor, and fully contained within the hypervisor server. You may, as you choose, go even crazier with things like additional physical switches and routers, storage clusters, and more. That's all cool, and I hope you have a great time doing that. We're going to keep it simple in this book: a single hypervisor with some virtual networks.

This Book's Audience

Maybe you're a tech/cybersecurity learner who's ready to get more serious about independent practice. Maybe you're a longtime Linux user who has grand home automation designs with a central hub of your own creation. Or maybe you've lost all faith in society and will only trust hardware you own to store your data.

These and more can benefit from this book.

This Book's Structure

The Almanac is broken into three parts. The first concerns the planning and preparation for acquiring your homelab equipment. The second and largest section is the setup of the lab using Proxmox, Packer, Terraform, and Ansible. The final part is a collection of sample deployments to help get you up and running with your new lab.

Prerequisites

If you're considering undertaking a homelab, there is an assumption of some level of system administration experience. While this book will explain many concepts involved in setting up the lab, we need some shared knowledge to start with. This will include:

Networking concepts (IP Addresses, DNS, DHCP, subnets)

Linux command line fluency (Good news, we have a course for you!)

Windows domain basics

Biases

I come to this, and any topic, with a set of unavoidable biases based on my background. I want to be forthright about these—at least the ones I know about—before we get started, so you can understand where I'm coming from and why it might not apply to your circumstances or agree with your worldview.

I am a United States citizen, and have only lived here. When I discuss systems for acquiring resources, materials and supplies, even electricity, I am doing so from the position of abundant access to these resources. I have never had to ration power, and I have no logistical challenges to acquiring required equipment. I know that isn't the case for everyone.

Because I believe that access to technology should be available to all, I try to use as much free and open source software in my projects as possible. That too is a bias, and means I will probably never create content around proprietary homelab options like VMWare. My bias toward open first is significant, although tempered by practicality. If a proprietary tools works better, I will use it. Case in point: this book was drafted in Obsidian, despite its counterpart Joplin being truly open source.

I am a cybersecurity professional. I've been a systems administrator and web developer in past lives, but my primary focus—and the focus of this lab project—will be for those pursuing cybersecurity-adjacent goals. The lab has many uses, but the implementations discussed here will center on security work.

I have strong opinions about the tools I use. That doesn't make my choices better than yours; these are what work for me. If your favorite tool works for you, that's great! When I discuss my preferences, please understand them as just that: my preferences, not a claim that they are somehow superior to others.

Automation vs. Manual Setup

As we go through the lab setup, we will be using both automated DevOps tools and manual processes. You may be wondering why we don't Automate All The Things™.

'Cause I'm a teacher. The objective here is to use just the right amount of automation to make life easy, without obscuring important learning opportunities for you. The whole point of the homelab is to learn, after all!

Also, there are parts of our setup that are so finicky to automate and so infrequent, it's often more trouble than it's worth. Manual effort is only evil if it's in the way. Balance is key.

The Cloud

Why build a homelab when you can just spin up machines in AWS/Azure/GCP/DigitalOcean/Vultr/Linode/?

I love cloud computing. It's a huge part of my professional life and even my personal research work. There is absolutely a place for cloud resources in the spectrum of homelab pursuits. However, as a primary platform for the kind of homelabbin' I do, the total cost of ownership (TCO) for the cloud would be absolutely bananas. Maintaining large-ish running servers and terabytes of storage on any cloud provider would run me thousands of dollars a year. As you'll see, even a fairly substantial homelab can be a fraction of that, with most of the investment up-front.

So while there is no antipathy toward the cloud here, we also won't be focusing on it.

The LinkedIn Problem

Top 10 homelab projects to get into cybersecurity.

You need a homelab to get ahead.

What's in your homelab?

Depending on the individual, the Homelab Question™ can spawn utter terror or profound joy in the hearts of job applicants. It can be an invitation to discuss one's passions, or a forced admission of lack of time, treasure, energy, or interest for extracurricular IT pursuits.

Let's get something clear right off the bat. No one should have to run a homelab. Expecting that of anyone, even established IT professionals, is grind culture nonsense, yet another signaling mechanism for the LinkedIn set to show how employable they are.

This is not why anyone should homelab. Yes, you can learn marketable skills, but there are other roads that lead there. Homelabbing is a matter of passion and curiosity for their own sake. The costs can be significant, and often are not worth the investment until a certain level of experience has been achieved. I beg you, dear reader, to not consider this book an endorsement of the idea that a homelab is a requirement to be effective in cybersecurity. This is for the joy of hacking—no more, no less.

Our Community

Need help? Or just want to talk about your homelab, hacking, or your tech learning journey? We'd love to see you in The Taggart Institute Discord. We've created a welcoming, inclusive community of learners who are eager to discuss their successes, trials, tribulations, and curiosities. I hope to see you there.

Without further ado, here is The Homelab Almanac, presented for your enjoyment and edification. As always, be good to yourselves, be good to each other, and happy hacking.

- Michael Taggart

Part 1: Planning

Before we press a power button, we need to think carefully about what kind of homelab we want, and what kind of homelab our home can support.

1: Essential Questions

Why do you want to build a homelab?

'Cause it seems fun, is a perfectly valid answer on a lot of levels! Unfortunately, it doesn't provide a lot of information about what equipment we need, or how we'll set it up in our home. For that, we need to dive into the nitty-gritty of both intention and circumstance for your future lab.

Purpose

Let's get specific about your goals. What sorts of things do you want to spin up in the lab? Single servers to test