Living Infrastructure-as-Code
Self Hosted
& AI Powered
Homelab
I decided to run my home like an enterprise data center — with no DevOps background and no prior sysadmin experience.
By partnering with Claude Code as a real-time infrastructure co-pilot, I built and now maintain
a self-hosted stack on a repurposed desktop PC: hypervisor, smart home, automations, and AI bots
— without writing a single line of code alone.
This is the blueprint.
ACT I PART ONE//THE SYSTEM RACK ONLINE
01 Self-Hosted First
Everything runs on owned hardware. No cloud subscriptions for core infrastructure. Full control over data and services.
02 AI as a Partner
Claude Code is the infrastructure co-pilot — every build, fix, and improvement is done collaboratively with AI in real time.
03 Zero Open Ports
Cloudflare Tunnel for public services, Tailscale for private access. No port-forwarding on the router. Zero-trust by default.
04 Living Documentation
CLAUDE.md is always up to date. Every session starts with full context. Disaster recovery is a document, not a memory test.
05 Automate Everything
n8n classifies Gmail. Second Brain Bot files to Notion. Anything repetitive gets automated — no manual toil.
06 Resilient Backups
Daily Proxmox snapshots offloaded to Google Drive. Three copies kept. Restore procedure is documented and tested.
CPU & Memory
- Intel Core i7-3770 · 3rd gen · 4C/8T
- Gigabyte GA-H61M-USB3H · Intel H61
- 16 GB DDR3 · 2× 8 GB · maxed out
Storage
- Samsung 870 EVO 500 GB SSD — OS & VMs
- WD 1 TB HDD — data
- Seagate 500 GB HDD — daily backups
Backups
- Daily 02:30 + 22:30 → Google Drive
- 3 snapshots retained · rclone sync
- Proxmox VE hypervisor · 4 VMs active
Extras
- Sonoff Zigbee 3.0 USB dongle — smart home
- Repurposed desktop PC found on the street
- Repo:
LiadLevy92/Homelab
// NET-TOPO · 00.01 REV · 2026.05
-
CELLCOM FIBER
1 Gbps Symmetric
-
CELLCOM GATEWAY
Sagemcom · Router · DHCP · NAT · WiFi
-
HOME OFFICE
HOMELAB SERVER
Intel i7-3770 · 16 GB DDR3
Proxmox VE · 4 VMs
-
LIVING ROOM SWITCH
8-Port · 1G · Central Distribution
-
-
-
MAMAD
Cellcom STB · Safe Room
N8N — AUTOMATION
- Automation engine — visual workflow builder
- Webhook endpoint via Cloudflare Tunnel
- OAuth callbacks via public Cloudflare endpoint
CLOUDFLARE — TUNNEL
- Tunnel daemon — routes external traffic to services
- n8n — public automation endpoint
- Home Assistant — public smart home endpoint
- Domain expires May 2027 · zero open ports
SECOND BRAIN — TELEGRAM BOT
- Telegram → Notion AI filing bot
- Multi-user — isolated Notion workspaces
- Python · Docker Compose · VM 102
POSTGRESQL — DATABASE
- Container:
second-brain-postgres - Alpine image · Fernet-encrypted user data
- Stores multi-user state & tokens · VM 102
TAILSCALE — VPN MESH
- Private mesh network — zero config
- Access Proxmox, HA, n8n from anywhere
- No port forwarding required
ADGUARD — DNS
- Router-level DNS — whole-home blocking, zero per-device config
- Tailscale DNS override — ad-free on any device, anywhere
- Custom rules for local service resolution
The hard part is done. A hypervisor running on a repurposed desktop PC, smart home integration, automated email,
and an AI filing system mean every future project has a solid foundation to build on — without starting from scratch.
Second Brain Bot turns anything — a thought, a voice note, a link, an image — into a structured Notion entry in seconds. From Telegram, from anywhere, in any language.
- Accessible from any device via Telegram
- Multi-user — isolated Notion workspaces per person
- No manual filing, no forgetting — just capture and move on
InboxNinja on n8n classifies every incoming Gmail automatically into 7 categories. No SaaS subscription — runs entirely on the homelab, powered by Claude API.
- Receipts extracted and structured automatically
- Newsletters auto-archived, action items flagged
- Runs 24/7 — inbox is always clean
Home Assistant runs locally with UPS battery backup — survives power cuts without interruption. Zigbee mesh, Bambu Lab monitoring, all managed locally with zero cloud dependency.
- UPS integration — knows battery level, alerts on power loss
- Bambu Lab 3D printer monitored with remote alerts
- Zigbee mesh via Sonoff dongle — no cloud required
Tailscale VPN connects all 4 VMs in a private mesh. Cloudflare Tunnel exposes only what's meant to be public. Zero open ports on the router.
- Proxmox, Home Assistant, n8n — accessible from any device
- No VPN app needed for public services — Cloudflare handles it
- Full access from anywhere without compromising security
AdGuard Home runs as the network's DNS resolver — every device on the home network gets ad and tracker blocking with zero configuration. Tailscale extends this outside the home.
- Router points to AdGuard — all devices covered automatically
- Tailscale DNS override — same filtering on mobile and laptop, anywhere
- No browser extension, no per-device setup required
ACT II PART TWO//THE PROJECTS OPERATOR AT CONSOLE
N8N — AUTOMATIONS
- InboxNinja — Gmail classifier · 7 categories · receipts, newsletters, action items
- Daily Feedback Review — 09:00 daily · Notion → Claude API → Telegram
- Hebrew analysis: user intent + proposed fix + complexity level
- Model:
claude-sonnet-4-6 · Claude API - active
HOME ASSISTANT — AUTOMATIONS
- In development — coming soon
- UPS alerts · smart home triggers
- Bambu Lab · Zigbee device rules
What It Does
- Telegram bot that files anything into Notion using AI
- Supports: text, voice, images, links, documents
- Auto-categorizes and routes to the right Notion DB
- Multi-user — each user has isolated Notion workspace
Architecture
- Python bot + Docker Compose on VM 102
- PostgreSQL 16-alpine for user state
- Fernet encryption for stored tokens
- Source:
/root/second_brain/
Status
- v2.0.0 — in production
- Active users: 2 · owner + beta user
- Repo:
LiadLevy92/Second-Brain - Onboarding: self-serve via Telegram
Operations
- Restart:
docker compose up -d bot - Logs: copy
second_brain.log from container - DB:
psql -U second_brain -d second_brain
ACT III PART THREE//THE PROCESS CLAUDE AT CONSOLE
Every change to this homelab — a new VM, a config tweak, a bug fix — goes through the same loop.
I describe what needs to happen. Claude Code makes the edits, the site updates, and everything stays documented.
1
Describe the change in plain language — Hebrew or English, doesn't matter
Me
2
Surgical edits to all affected files — only the specific lines that changed
Claude Code
3
Review in browser — check the result, request adjustments if needed
Me
4
Git push to GitHub — change is committed and infrastructure state is locked in
Me
5
Cloudflare Pages auto-deploys — site live within seconds, no manual step
Cloudflare
Every session starts by reading CLAUDE.md — full homelab context, no re-explaining. VM list, network layout, active projects, recent changes. The entire system state is in one file, always current.
CLAUDE.md is updated in the same session as any change. The documentation is never out of sync with reality. The changelog at the bottom of CLAUDE.md is the audit trail.
I describe changes in Hebrew or English — often mid-sentence switching. Claude Code understands both and operates entirely in the homelab context without losing track.
This entire homelab was built without prior experience in Proxmox, Docker, n8n, or networking. Claude Code fills the knowledge gap in real time — every command explained, every risk flagged.
The project instruction file gives Claude Code full homelab context at the start of every session — no re-explaining, no starting from scratch.
- Who I am: product manager, not a developer — explain every command as you go
- Safety rails: alert before risky changes, never rewrite whole sections
- Change protocol: update CLAUDE.md only on confirmed changes, never during brainstorming
- Full index: every VM, every file, every path — Claude knows exactly where everything lives
- Changelog: every session ends with dated entries — full audit trail of what changed and why
What makes an AI-assisted homelab fundamentally different from doing it alone — it's not just a faster search engine.
- Instant recall: "Which VM runs the bot?" — answered in seconds from CLAUDE.md
- Cross-domain reasoning: changing Docker config? Claude checks all affected VMs and services
- Incident response: something breaks at midnight → root cause + fix + docs in one session
- No expertise needed: learned Docker, Proxmox, n8n by doing — Claude filled every gap
- Always current: the docs update themselves — a git push is a documentation update
The Killer Feature
Ask anything.
Get the right
answer instantly.
Every Claude Code session opens with complete knowledge of my entire infrastructure — every VM, every container, every service, every path. No searching old notes. No "I think it was on VM 102?"
Ask a question in plain language and get an answer that accounts for my specific setup, with the exact next step to take.
~ homelab-docs — claude code
$ "Which VM runs the Second Brain Bot?"
› Docker Host (VM 102). Compose at /root/second_brain/. Restart: docker compose up -d bot. Logs: copy from container.
$ "My n8n webhook stopped receiving calls."
› Check cloudflared on VM 102. If the tunnel is down, restart it. n8n listens on :5678. Webhook goes through the Cloudflare Tunnel — verify the tunnel is active first.
$ "Home Assistant went offline — what do I check?"
› VM 101, HAOS. Open Proxmox console — is the VM running? If power loss: UPS should have alerted. If no alert, check VM 100 (AdGuard) — DNS might be the issue, not HA itself.
My foundation is stable. Here's what I'm building next — ordered by priority and readiness.
VLAN Segmentation
- Upgrade to a managed switch that supports 802.1Q VLANs
- Replace Sagemcom gateway with a VLAN-capable router
- Separate networks: IoT · main · management · cameras
- Isolate smart home devices from the main LAN
HA Automations
- Build out presence detection — room-level awareness
- Power management automations via Zigbee smart plugs
- Climate and lighting schedules tied to presence
- Alerts and notifications pipeline via Telegram
More n8n Workflows
- Expand beyond Gmail classification
- Calendar sync and smart reminders
- Notification routing — HA events → Telegram
- Data pipelines for personal analytics
Home Surveillance
- NVR setup with local AI detection (Frigate)
- IP cameras — key entry points and outdoor zones
- Motion alerts routed to HA and Telegram
- Fully local — no cloud, no subscription
Every part of this homelab is documented. The documentation updates in the same session as the change — never out of sync, never from memory.
CLAUDE.MD
Project Brain
Full homelab context — VM list, network, active projects, changelog, recovery steps. The single source of truth Claude reads at session start.
CHANGELOG
Change Log
Every significant change, dated, with context — inside CLAUDE.md. The audit trail for what changed, when, and why.
NETWORK
Network Topology
Physical and logical layout of the home network — ISP, gateway, switch, server, and all connected rooms. Visualized on this site.
GITHUB
Homelab Repo
LiadLevy92/Homelab — CLAUDE.md, crontab, backup scripts, and this site's source. Every push auto-deploys via Cloudflare Pages.
GITHUB
Second Brain Repo
LiadLevy92/Second-Brain (private) — full bot source, Docker Compose, DB schema, and onboarding flow for multi-user deployment.
THIS SITE
Live Documentation
This site is the documentation. Built with Astro, styled from scratch, updated via Claude Code. A git push is a doc update.
From a desktop PC found on the street to a running homelab with smart home, AI automation, and a Telegram bot — here's how it happened, one phase at a time.
PHASE 1
Foundation
- Found a broken desktop PC — i7-3770, 16 GB DDR3, three drives
- Installed Proxmox VE — first hypervisor, first VM, first panic
- Spun up 4 VMs: AdGuard, Home Assistant, Docker Host, Uptime Kuma
- No DevOps experience — Claude Code was the instructor
PHASE 2
Smart Home
- Home Assistant on HAOS — fully local, no cloud
- Zigbee mesh via Sonoff USB dongle — lights and sensors
- UPS integration — power-cut proof, battery alerts
- Bambu Lab 3D printer monitoring with remote alerts
PHASE 3
Zero-Trust Network
- Tailscale mesh across all 4 VMs — private access from anywhere
- Cloudflare Tunnel — public endpoints with zero open ports
- AdGuard DNS — ad filtering for every device on the network
- Domain liad-dev.com — expires May 2027
PHASE 4
Automation Engine
- n8n on Docker Host — visual workflow builder
- InboxNinja: Gmail → Claude API → 7-category classifier
- Receipts structured, newsletters archived, action items flagged
- Runs 24/7 — inbox is always clean without touching it
PHASE 5
Second Brain
- Built a Telegram bot that files anything into Notion with AI
- Text, voice, images, links — all routed to the right Notion DB
- PostgreSQL with Fernet encryption for user data
- v2.0.0 — multi-user, in production, two active users
PHASE 6
Docs as Code
- CLAUDE.md as the living memory — every session starts here
- This site as the documentation layer — built in one session
- Astro + Claude Code — a git push is a doc update
- Changelog at the bottom of CLAUDE.md is the audit trail
01 Install Proxmox on new hardware
02 Download backups from Google Drive
My Server/proxmox-backups
03 Restore VMs via Proxmox UI — in order: 100, 101, 102, 103
04 Install rclone curl https://rclone.org/install.sh | bash
05 Configure rclone rclone config → gdrive → Google Drive
06 Restore backup script + crontab cp backup-to-gdrive.sh /usr/local/bin/ && crontab ~/homelab/crontab.txt
07 Configure Tailscale on each VM — connect to your account
08 Verify Cloudflare Tunnel is active on VM 102 — test public endpoints
// EOF
Built Different
I'm an electrical engineering student — not a sysadmin, not a developer, not someone who does this professionally.
I built and now maintain a self-hosted homelab with a hypervisor, smart home, AI automations,
and a multi-user Telegram bot — fully documented, version-controlled, and continuously extended.
All of it built collaboratively with Claude Code, one session at a time.
No prior experience required. Just curiosity and a PC someone threw out.
Proxmox Home Assistant n8n Docker AdGuard Tailscale Cloudflare Telegram Notion Python Astro Claude Code Zigbee Git