Skip to content

Network Architecture

This page describes the full networking setup of the SZ Homelab.

🧭 Overview

The system is designed around:

  • Cloudflare DNS for domain management
  • Oracle VPS as public gateway
  • Caddy reverse proxy for TLS + routing
  • Tailscale VPN connecting VPS and homelab
  • Fully isolated Proxmox cluster

🧱 Network Diagram

```mermaid flowchart LR

Internet((Internet))
Cloudflare[Cloudflare DNS<br/>sz-homelab.com]

VPS[Oracle VPS<br/>141.144.233.165]
Caddy[Caddy Reverse Proxy]

Authentik[Authentik<br/>Identity Provider]

Portainer[Portainer]
Glance[Glance]

Tailscale((Tailscale VPN))

Proxmox[Proxmox Cluster]

Jellyfin[Jellyfin]
Nextcloud[Nextcloud]
Immich[Immich]
ARR[*arr Stack]
N8N[n8n]
SAB[SABnzbd]

Internet --> Cloudflare --> VPS

VPS --> Caddy
VPS --> Authentik
VPS --> Portainer
VPS --> Glance

VPS --- Tailscale --- Proxmox

Caddy --> Jellyfin
Caddy --> Nextcloud
Caddy --> Immich
Caddy --> ARR
Caddy --> N8N

Nextcloud --> Authentik

Proxmox --> Jellyfin
Proxmox --> Nextcloud
Proxmox --> Immich
Proxmox --> ARR
Proxmox --> SAB
Proxmox --> N8N