▲ Self-hosted · k3s · Resilient infrastructure

Skylar Network Systems Infrastructure
that knows itself.

A private lab running Kubernetes, self-hosted services, telemetry, and automation — built to be observable and honest about its own state.

Explore the network View the stack
Linux k3s / Kubernetes Telemetry Secure edge Automation

What is this?

A private cloud, built at home.

A cluster of small computers running self-hosted services, monitoring, and automation — maintained by one person, from home.

Real hardware, real networking

Physical machines in a redundant cluster — self-hosted, not rented.

Monitored end-to-end

Metrics, logs, and service health gathered continuously. Problems surface before they're noticed.

Private and controlled

TLS everywhere, Cloudflare Tunnel, no open ports. Data stays on hardware I own.

Capabilities

Infrastructure with a nervous system.

Connected infrastructure — understood at a glance, repaired with intention.

Self-hosted services

Internal tools, bots, and web services on cluster compute I control.

k3s Traefik Longhorn nginx

Monitoring & telemetry

Uptime, power draw, logs, and service health — gathered continuously.

Prometheus Grafana Loki Alertmanager

Security posture

Layered access control, TLS everywhere, firewall rules, and log review. Recovery paths are documented and exercised, not assumed to work.

TLS / mTLS Cloudflare fail2ban audit logs

Backup integrity

Scheduled, verified, and periodically tested restores — not just set and forgotten.

restic rustic offsite S3 checksums

Automation

Repeated repairs become repeatable tools — scripts, playbooks, and CronJobs.

Ansible Python bash k8s CronJobs

Operational dashboards

Raw system noise translated into language that helps decide what to do next. Dashboards should reduce anxiety, not manufacture it.

Grafana skynet CLI runbooks

Current stack

What's actually running.

Hardware and software as of the last update. The stack evolves.

Hardware
HP EliteDesk 800 G3 Mini — 3 nodes i5-7500T · 16 GB RAM · 256 GB NVMe · Debian 13 · GeeekPi RackMate T2 12U 10" cabinet
NETGEAR GS308EP switch 8-port PoE+ Gigabit · rack-mounted · direct LAN to all nodes
GL.iNet GL-X3000 Spitz AX 5G/LTE gateway · Wi-Fi 6 · edge router · replaced Protectli V1410
Linux workstations Daily compute · build hosts · cluster access
Tripp Lite UPS + ElecVoztile rack PDU BC350R 350VA · 10" 1U PDU · 4 outlets · 1020J surge · 15A overload switch
Ubiquiti UniFi G5 Ultra 4K PoE network camera · managed via UniFi Protect on Cloud Key Gen2+
Ubiquiti UniFi Cloud Key Gen2 Plus UCK-G2-PLUS · 1 TB Toshiba · UniFi Network + Protect controller
Software platform
k3s · Traefik · Longhorn Lightweight Kubernetes · ingress routing · replicated block storage
Prometheus · Grafana · Loki Metrics collection · dashboards · log aggregation · alerting
Cloudflare Tunnel · cert-manager Zero-trust edge · automatic TLS · no open inbound ports
restic / rustic · offsite S3 Encrypted snapshots · checksum-verified · tested restores

The lab

A household of machines.

Compute, networking, storage, and monitoring as connected systems — understood, not just kept running.

HP EliteDesk cluster GeeekPi RackMate T2 Protectli V1410 node helper Linux workstations UPS telemetry central logging TLS edge

Design principles

  • Observe first. Gather evidence before touching the system. Log before you guess.
  • Automate carefully. Turn repeated repairs into repeatable, reviewable tools — not magic scripts.
  • Keep recovery visible. Backups, logs, and service state should be easy to locate and verify, not just scheduled and forgotten.
  • Prefer legibility over cleverness. Systems and scripts should be readable by a future version of me who forgot the context.

Signal Board

System telemetry at a glance.

Tunnel latency, power draw, backup health, and service readiness — live data, updated every 15 minutes.

Tunnel Latency ms

Cloudflare Tunnel · edge path · 7-sample window

Power Draw W

7-sample window

Backup Freshness score / 100

restic snapshots · weekly view · higher is better

Service Health

Core services · from /data/service-health.json

  • Tunnel
    Connected
  • Traefik
    Routing
  • k3s
    Ready
  • Backups
    Recent
Edge Security 24 h

Cloudflare WAF · managed rules · last 24 hours

blocked
challenged
total events

Status

System snapshot.

Live data from the cluster — updated every 15 minutes.

Cluster nodes Loading…

Ingress / Traefik Loading…

Storage (Longhorn) Loading…

Backups Loading…

Monitoring Loading…

Power / UPS Loading…

Visitors

Where visitors are coming from.

Top countries by request volume — last 30 days via Cloudflare analytics.

Top countries

    Loading…

    Origin map

    Connect

    Questions, collaboration, or just curious?

    Personal project. Questions about homelab infrastructure or anything here — reach out directly.

    Send a message Back to top ↑