The latest iteration of my home lab is quite a powerhouse. Currently my main server houses 6×4TB WD Enterprise Gold hard disks in a ZFS raidz2 configuration, amounting to ~16TB of usable storage.
The underlying hardware is an AMD EPYC 7443P on an ASRock ROMED8-2T motherboard, with 256GB ECC RAM and a pair of Samsung 980 PRO NVMe SSDs, running a RAID 1 configuration for the operating system and a ZFS L2ARC on one and log device (write buffer) on the other. This all lives in an Intel P4000M server chassis with redundant, hot-swappable 750W power supplies and 8 SAS hot-swap 3.5" hot-swap bays.
Additionally, I have a Kubernetes cluster with four worker nodes, each a Lenovo M720q/M920q with an Intel i7-8700T and 32GB RAM.
Internet connectivity is symmetrical 5Gbps residential fiber (XPON), with a 10Gbps local network backbone. Traffic is routed between VLANs on a Cisco 3850 layer 3 switch and routed to the internet with a custom-built router running OpenBSD on a Supermicro X10SDV mini-ITX server board with dual 10Gbit onboard Intel NICs.
Power is supplied through two APC Smart-UPS 1000 rackmount UPSes and a pair of APC AP7750A automatic transfer switches, allowing for a minimum of 30 minutes of runtime on battery power and UPS failover in the event of power interruption. My home has 200A main service through a buried feeder, a GenerLink whole-home meter-mounted transfer switch and a Westinghouse 12kW dual-fuel generator.
Shell hosting is offered in the form of a systemd-nspawn container on darkwing, running the Linux distribution of your choice, to which you will have root access and a ZFS filesystem with negotiable storage quota. You will use an IPSec VPN to access your container over SSH; scripts are provided for Windows and Linux to obtain and renew your certificate. Web hosting is possible through a shared IPv4 IP and shared or dedicated IPv6 IP. The shared IP front-end is an Envoy SNI proxy which will route all traffic matching the wildcard pattern(s) of your choice to your container. You have the option to deploy any TLS-powered services you want, and can either provision your own certificates with Let's Encrypt (or similar), or if using my managed DNS, my system can obtain and auto-renew Let's Encrypt certificates for you, deploying them to your container with Puppet.
Puppet-based management is required for all containers. Puppet is used to tie your system into centralized logging and monitoring, deploy certificates, manage the network configuration, keep xx0r-related tooling up to date and set up SSH access using your public keys from LDAP.
I can also give you a Kubernetes namespace, however please be aware that capacity on the k8s cluster is limited, persistent storage is not available just yet, and when it does appear it will not be designed for high IOPS. What you will get is access to a private container registry with Arch Linux images pre-configured for the xx0r environment, as well as the ability to use any public container images you may want.
Home.