Home Lab Cluster
Live service telemetry from Proxmox
Quick Links
Direct access to self-hosted services
System Overview
Node-level performance metrics
CPU Usage
PendingMemory Usage
PendingStorage
PendingNetwork I/O
PendingAndromeda — Home Lab Mission Control
A self-hosted infrastructure dashboard providing real-time telemetry, service monitoring, and secure access to homelab services.
Architecture
Proxy
Edge
Tunnel
LXC
API
Every API request from the browser is intercepted by a Cloudflare Pages Function running at the edge. The function authenticates the request using a session cookie, injects the Proxmox API token from a secret environment variable, and proxies the call through a Cloudflare Tunnel to a cloudflared LXC container running on the Proxmox node. The Proxmox VE API responds with live cluster data — the browser never sees the credentials.
Tech Stack
Features
Auth
Invite-code gated registration and session-cookie login. Passwords are hashed with SHA-256 via the Web Crypto API before storage in Cloudflare D1.
Troubleshooting Story
Login returned 200 but the page never changed. The HttpOnly flag on the session cookie made it invisible to JavaScript, so the router always saw the user as unauthenticated and silently redirected back to the login screen.
Dashboard
Live service health grid showing all Proxmox LXC containers and VMs. Status dots pulse green for online, amber for standby, and grey for offline. Auto-refreshes every 30 seconds.
Troubleshooting Story
The service grid returned "missing API token" even though the environment variable was set. Debug logging revealed a trailing space in the variable name — the code looked up PROXMOX_TOKEN_VALUE but Cloudflare stored PROXMOX_TOKEN_VALUE . Invisible characters, real bug.
Quick Links
Clickable tiles for every self-hosted service — Nextcloud, Vaultwarden, Jellyfin, AdGuard, Matrix, and more. Each tile shows a live status dot sourced from the Proxmox API. Tailscale URLs are used for direct mesh access.
System Overview
Four live Chart.js charts rendering one hour of RRD telemetry from the Proxmox node: CPU utilisation, memory usage, root disk capacity, and network I/O. Refreshes every 60 seconds.
Troubleshooting Story
Chart.js loaded from a CDN URL pointing to a nonexistent version. The CDN returned an HTML error page, the browser rejected it for MIME type mismatch, and the failed script tag cascaded — breaking every script that loaded after it, including the router and login.
Infrastructure
The homelab runs on a single Proxmox VE node hosting 11 LXC containers — each service isolated in its own container with dedicated resource limits. A dedicated cloudflared container maintains the outbound Cloudflare Tunnel, eliminating the need for any open inbound ports on the home network. Tailscale is installed on the node and key containers, providing a WireGuard-encrypted mesh network for direct device-to-service access from anywhere on the tailnet without routing through the public internet.