bertmedia.net
Sean Ciranni
// homelab alias: bert · 4 years running
IT Analyst · Homelab Engineer · Open Source Advocate
A self-hosted infrastructure portfolio with Linux at its core —
spanning a five-node Proxmox LXC cluster, a Mac Mini running Ubuntu as the central
orchestration brain, and an honestly chaotic but lovingly organized
18TB mergerfs storage pool serving a full media and usenet stack.
Every service is containerized, monitored, and privately tunneled over a Tailscale mesh.
Salvaged datacenter GPUs are being put to work on AI inference and distributed scientific research.
No cloud dependency. No vendor lock-in. Everything owned, operated, and maintained personally.
Linux
Open Source
Self-Hosted Infrastructure
Distributed Compute
Proxmox
Docker
Tailscale
Central Infrastructure Brain
bertmacmini · Mac Mini · Ubuntu 24.04 · i5-8500B · 64GB
bertmacmini
A Mac Mini running Ubuntu 24.04 via community kernel support — the always-on edge node, primary Docker host, media server, and Cloudflare tunnel endpoint for the entire stack.
CPU Intel i5-8500B · 6 cores
RAM 64GB
Role Edge · Docker host · tunnels · media
Containers 25+ active Docker services
Uptime 15+ days continuous
Cloudflare tunnel
Docker
Tailscale
Samba
Storage — /extmedia mergerfs pool
14TB HDD + 4TB SSD pooled via mergerfs → /extmedia · arr stack + usenet
Workstations
cross-platform · Tailscale mesh
Archbert
Arch Linux · Hyprland · Dell Precision 5560 · i7-10750H · 32GB DDR4 · T1000
Arch LinuxHyprlandT1000primary
bertws1
Ubuntu 24.04 · GNOME · Dell Precision 5560 · i7-10750H · 32GB DDR4 · T1000
UbuntuGNOMET1000controller
SEAN-PC
Windows 11 · MSI · i7-12700K · 64GB DDR5 · RX 9060 XT 16GB
RX 9060 XT 16GB3TB NVMe
MBP M4 Pro
macOS · Apple Silicon · 24GB unified memory
M4 Pro24GB
MBA M1
macOS · Apple Silicon · 8GB unified memory
M18GB
biggestbert
Ubuntu 24.04 · i7-7700 · 16GB · general compute
UbuntuKaby Lake
Kali Pi 5
Kali Linux 2026.2 · Raspberry Pi 5 · 16GB · pentest node
Kali 2026.2RPi 5lab pentest
Proxmox LXC Cluster
5 nodes · Quadro T1000 ×4 · headless LXC workloads
clusterws0
Head node · Dell Precision 5560 · i7-10750H · 32GB · T1000
5560T1000
clusterws1–3
Dell Precision 5550 · i7-9850H · 32GB · T1000 each
5550 ×3T1000 ×3
clusterws4
Acer laptop · Ryzen 7 5800H · 24GB · compute node
Ryzen 724GB
lxc-wazuh
SIEM · XDR · indexer · dashboard
Wazuh
lxc-observability
Grafana · Prometheus · Loki
metricslogs
lxc-velociraptor
Digital forensics · incident response
DFIR
lxc-gitea
Self-hosted git forge
Gitea
lxc-attacklab
DVWA · Juice Shop · pentest target
vuln lab
researchbert — Dell Precision 7820
live · ZFS storage + AI inference + volunteer compute
live · researchbert
Dell Precision 7820 Tower
A dual-socket workstation tower running Ubuntu Server 24.04 as a ZFS NAS over Samba and the lab's primary AI inference engine. Joined the Tailscale mesh and actively serving bulk storage while running volunteer scientific research workloads on salvaged datacenter GPUs. Xeon Gold 6128 · 40GB DDR4 · 512GB NVMe.
ZFS
Samba
Tailscale
Ubuntu Server 24.04
4× Quadro M4000 · 32GB
Tesla K40 · VFIO VM
Ollama · 34B–70B
Stable Diffusion SDXL
Folding@home
BOINC
Homelab Automation
single-command mesh management
labupdate
One command triggers a coordinated update across every node, LXC container, and server in the Tailscale mesh — regardless of OS or role. Keeps the entire cluster current without touching each machine individually.
labrecon
Automated recon script that sweeps the entire cluster for current state — open ports, service status, node health — and writes a structured report directly to a Joplin note. Infrastructure documentation that updates itself.
GPU Fleet
salvaged e-waste · AI inference + scientific compute
Quadro M4000 ×4
Maxwell · CC 5.2 · researchbert primary
32 GB
8GB × 4 · combined VRAM
Primary Ollama inference host. Runs 34B–70B quantized models locally. Handles Stable Diffusion SDXL image generation. Modern driver stack, full CUDA support.
Ollama primary
SDXL
modern CUDA
Quadro T1000 ×4
Turing · CC 7.5 · cluster nodes
16 GB
4GB × 4 · aggregate across nodes
Secondary Ollama inference across cluster nodes. Handles 7B–13B quantized models. Defers large model requests to researchbert M4000s via Open WebUI routing.
Ollama secondary
7B–13B
modern CUDA
researchbert · planned
Tesla K40
Kepler · CC 3.5 · datacenter-class
12 GB
monolithic · VFIO passthrough VM
Isolated in a dedicated Ubuntu 20.04 VM via VFIO passthrough. Runs legacy CUDA 470 stack independently of M4000 drivers. Folding@home and BOINC running continuously.
F@H planned
BOINC planned
VFIO VM
driver 470
salvage bench · planned deployment
Quadro K4000 ×5
Kepler · CC 3.0 · 3GB each
Folding@home secondary compute slots on researchbert
F@H planned
Quadro K4200 ×2
Kepler · CC 3.0 · 4GB each
GPU passthrough to Kali Purple attacklab for hashcat
hashcat planned
Quadro K2200 ×1
Kepler · CC 3.0 · 4GB
Kali Purple secondary hashcat or Folding@home slot
benched · planned
Quadro K2000 ×2
Kepler · CC 3.0 · 2GB each
Folding@home tertiary slots or benched pending use case
benched · planned
Quadro P2000 ×1
Pascal · CC 6.1 · 5GB · full-height
Benched — no full-height home found yet. Future tower candidate.
benched
Volunteer Compute
idle cycles contributed to scientific research · pending K40 VM build
Stanford University's distributed protein folding project. The Tesla K40's 12GB VRAM — running inside a dedicated VFIO passthrough VM — qualifies for large complex work units contributing to research into Alzheimer's, Parkinson's, and cancer.
Stanfordprotein foldingK40 · VFIO VM
Berkeley Open Infrastructure for Network Computing — simultaneous contributions to climate modeling, pulsar detection, mathematics, and physics simulations across multiple active projects.
Berkeleyclimatepulsarsphysics
Local AI image generation via AUTOMATIC1111. The 4× M4000's 32GB combined VRAM handles full SDXL generation on the modern driver stack. The K40 handles legacy SD 1.5 workloads via its isolated VFIO VM — private, cost-free, running on rescued hardware.
AUTOMATIC1111SDXLM4000 ×4K40 VM
Ollama · Local LLMs
plannedTwo-tier local inference via Ollama + Open WebUI. The 4× M4000 on researchbert handles large models (34B–70B quantized). The T1000 cluster nodes handle 7B–13B requests. Private, offline-capable, zero API cost across salvaged hardware.
OllamaOpen WebUIM4000 ×4 · 34B–70BT1000 ×4 · 7B–13B
Service Stack
self-hosted · containerized · open source
Media
Jellyfin
Sonarr · Radarr · Lidarr
Bazarr · Prowlarr
SABnzbd · qBittorrent
Jellyseerr
Security tooling
Wazuh SIEM / XDR
Velociraptor DFIR
Zeek network monitor
AdGuard DNS
Attack lab (DVWA · Juice Shop)
Productivity
Nextcloud
Joplin Server
Vaultwarden
Syncthing
code-server
Observability
Grafana
Prometheus + Loki
Uptime Kuma
Glances · Glance
Homepage dashboard
Open Source Stack
the whole point
Open source isn't a cost-saving measure here — it's the philosophy the entire lab is built around.
Transparency, community ownership, and the freedom to self-host without asking permission.
Every tool below was chosen deliberately. No vendor lock-in, no phone-home telemetry,
no subscription to run software on your own hardware.
Arch Linux
operating system
Rolling release, built from scratch. Full control over every package, no bloat, no defaults you didn't choose.
Ubuntu 24.04
operating system
Stable long-term support Linux across servers, edge nodes, and workstations throughout the lab.
Kali Linux
security platform
Purpose-built penetration testing distribution used on the Pi 5 recon node and attack lab work.
Proxmox VE
hypervisor
Open source hypervisor running the entire LXC cluster. Full API access, no licensing fees, enterprise-grade tooling.
Docker
containerization
Every service in the lab runs in a container. Reproducible, portable, easy to rebuild from compose files.
Tailscale
networking
Zero-config WireGuard mesh connecting every node privately. No exposed ports, no port forwarding required.
Hyprland
desktop environment
Wayland compositor on Archbert. Tiling window management, custom rice, dotfiles version-controlled.
Wazuh
security
Open source SIEM and XDR platform. Enterprise-grade security tooling running entirely on local hardware.
Jellyfin
media server
Fully open media server. No tracking, no required accounts, no phone-home. Your media stays yours.
Gitea
version control
Self-hosted git forge. Code repositories that don't live on someone else's servers by default.
Grafana
observability
Open source dashboards pulling from Prometheus and Loki. Full visibility across every node in the cluster.
Nextcloud
cloud storage
A personal cloud that actually belongs to you. Replaces proprietary cloud storage with something self-hosted.
Continuing Education
formal + self-directed
Western Governors University
B.S. Cybersecurity & Information Assurance
Pursuing a degree in cybersecurity and information assurance. Four years of hands-on homelab practice across a live multi-node environment.
WGUin progressPython
Certified Addiction Technician
Addiction Counseling & Support
A parallel path in addiction support and counseling — a personal commitment to community service that runs alongside the technical career. Human-centered work matters as much as the infrastructure.
CATin progresscommunity