Skip to content

ADR-0007: Proxmox VE as Platform Foundation

Status

Accepted

Context

The HomeOps Platform requires a self-hosted server environment that can support multiple applications with different trust levels, exposure requirements, and lifecycles. The platform is intended to evolve incrementally, with an emphasis on experimentation, learning, and clear separation of concerns.

An earlier consideration was to use a headless Debian installation as the base operating system and run application workloads directly on the host, primarily using container-based deployments. While this approach is lightweight and simple, it offers limited isolation between workloads and increases the risk that misconfiguration or compromise of a single service could affect the entire system.

At the same time, ongoing coursework uses Proxmox VE as a virtualization platform, making it a familiar and relevant technology to evaluate in this context.

Decision

Proxmox VE is selected as the platform foundation for the HomeOps self-hosted server environment.

Proxmox VE will be installed directly on the physical server hardware and used as a virtualization layer. Application workloads will not be deployed directly on the Proxmox host. Instead, services will run inside virtual machines, with container runtimes (e.g. Docker) operating within those virtual machines as needed.

Rationale

This decision is based on the following considerations:

  • Isolation and security boundaries
    Proxmox VE enables strong isolation between workloads by running them in separate virtual machines. This supports the platform’s security model and trust-boundary assumptions by limiting the blast radius of misconfiguration or compromise.

  • Support for experimentation and recovery
    The ability to create, snapshot, and roll back virtual machines allows safe experimentation and faster recovery from configuration errors. This aligns with the platform’s learning-oriented and iterative development goals.

  • Alignment with documented architecture and security model
    Virtual machines provide a natural way to implement network segmentation and trust boundaries described in the architecture and security documentation.

  • Integrated firewall capabilities
    Proxmox VE includes built-in firewall functionality at the datacenter, node, and virtual machine levels. This provides a structured and well-documented way to manage network exposure without relying solely on in-guest firewall configurations.

  • Educational and portfolio value
    Using Proxmox VE reflects tooling used in current coursework and allows practical application of virtualization concepts in a real environment. This improves both learning outcomes and the demonstrative value of the project.

  • Acceptable resource overhead
    While Proxmox VE introduces some overhead compared to a minimal headless Debian setup, the available hardware resources are sufficient for the intended scale and number of virtual machines.

Consequences

Positive

  • Clear separation between infrastructure, runtime environment, and application workloads
  • Reduced risk of system-wide impact from individual service failures
  • Easier implementation of network segmentation and access control
  • Improved operational flexibility through snapshots and VM lifecycle management
  • Strong alignment with security and operability goals

Negative

  • Slightly increased system complexity compared to a single-host setup
  • Additional resource overhead from virtualization
  • Requirement to manage both host-level and guest-level configuration

These trade-offs are considered acceptable given the platform’s scope and objectives.

Alternatives Considered

Headless Debian with container workloads on the host

This approach offers minimal overhead and simplicity, but provides weaker isolation between services and increases the risk that errors or compromises propagate across the system. It was deemed less suitable for a platform that emphasizes security boundaries and controlled exposure.

  • ADR-0001 – Decision to introduce a self-hosted server environment
  • ADR-0003 – Baseline security hardening for self-hosted server
  • ADR-0004 – Network segmentation and trust boundaries
  • ADR-0006 – Secrets management and credential handling