Phase 4 of the homelab roadmap moves beyond stable service hosting into active infrastructure experimentation. Once the core platform, development services, and observability stack are solid, the focus shifts to learning-oriented projects: container orchestration with Kubernetes, local AI inference, declarative GitOps workflows, and unified identity management with Authentik. These labs are intentionally kept separate from production services so experiments can break things safely.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/IsaiasCarrion/Homelab/llms.txt
Use this file to discover all available pages before exploring further.
Everything on this page is planned for future phases of the homelab roadmap. None of these projects are currently deployed. They represent the direction the homelab is heading, not its current state.
Lab Projects
| Project | Status | Goal |
|---|---|---|
| Kubernetes Lab | π§ | Multi-node k8s cluster for container orchestration learning |
| AI / Ollama | π§ | Local LLM inference with Ollama |
| Full Observability | π§ | Grafana + Prometheus + Alertmanager complete stack |
| GitOps | π§ | Infrastructure as code with Git-driven deployments |
| CI/CD Self-Hosted | π§ | Build and deploy pipelines on homelab infrastructure |
| Authentik | π§ | Self-hosted SSO and identity provider |
Kubernetes Lab
The Kubernetes lab aims to build a multi-node cluster for hands-on learning of container orchestration concepts β scheduling, rolling deployments, services, ingress, persistent volumes, and namespaces. Running a real cluster (rather than a local single-node tool like minikube) is the point: the goal is exposure to the same operational patterns used in production environments. The cluster will most likely be provisioned as a set of VMs on the existing Proxmox VE host (pve.home.arpa, 192.168.1.20), taking advantage of the hypervisor layer already in place. Node IPs will be drawn from the 192.168.1.70β99 expansion range reserved in the network inventory, keeping cluster traffic cleanly separated from core infrastructure.
AI / Ollama
Ollama will bring local large language model inference to the homelab, allowing LLMs to run entirely on-premises without sending data to external APIs. This is useful both as a learning project and as a practical tool for experimenting with AI-assisted workflows in a controlled environment. AI and lab workloads have a dedicated IP reservation:192.168.1.50β69 is set aside specifically for Labs / AI in the network inventory. Ollama and any associated model-serving or frontend services will be allocated addresses from this range, keeping them isolated from the core infrastructure subnet (192.168.1.20β29) and the Docker / Dev range (192.168.1.30β39).
Full Observability
A complete observability stack β Grafana, Prometheus, and Alertmanager β is planned to provide metrics collection, dashboarding, and alerting across all homelab services. Grafana and Prometheus are already listed as planned services in the main service inventory, and this lab phase connects them into a unified monitoring pipeline with alert routing. The goal is end-to-end visibility: every service emitting metrics, every anomaly surfaced automatically.GitOps
The long-term infrastructure management goal is a fully declarative, Git-driven model where every service, configuration, and network rule is defined in code and reconciled automatically. Rather than making changes by SSHing into a machine or clicking through a UI, the desired state lives in the Gitea repository and an automation layer ensures the running infrastructure matches it. This applies to both application deployments (Docker Compose stacks, Kubernetes manifests) and infrastructure configuration (DNS records, reverse proxy rules, storage mounts). The CI/CD pipeline planned for Phase 4 β built on Gitea Actions β will be the mechanism that triggers reconciliation whenever a change is merged to the main branch.CI/CD Self-Hosted
A self-hosted CI/CD pipeline will close the loop between code changes and running deployments. The plan is to run pipelines entirely within the homelab β no external build services β so that every commit to Gitea can automatically trigger build, test, and deploy steps on homelab infrastructure. This keeps the full software delivery lifecycle on-premises and reinforces the GitOps workflow being built in parallel.Authentik
Authentik will provide a unified identity and access management layer across all homelab services. Currently, each service manages its own login β Portainer, Dashy, Gitea, and future services all have independent credentials. Authentik replaces this with a single sign-on (SSO) provider that all services authenticate against via OIDC or SAML. This means one set of credentials for the entire homelab, centralized session management, and the ability to enforce MFA across everything from a single place. Authentik integrates with Nginx Proxy Managerβs forward authentication, so even services that donβt natively support OIDC can be placed behind an authenticated proxy without modifying the service itself.Roadmap
See the full phased plan from core infrastructure through to future labs.
Dev Platform
The Phase 2 dev platform β Gitea, PostgreSQL, Redis, and CI/CD β comes first.