Skip to content

Phase 1 Deployment Checklist

Use this checklist before creating the first production-like VM in the lab.

1. Repository and documentation

  • MkDocs site deploys successfully to Cloudflare Pages
  • Project tracker is updated
  • Infrastructure inventory is updated
  • IP plan is reviewed
  • VLAN plan is reviewed
  • VM naming standard is reviewed
  • Server build standard is reviewed
  • Security baseline is reviewed

2. Proxmox preparation

  • Proxmox host is updated
  • Storage is available for VM disks
  • ISO images uploaded
  • VirtIO ISO uploaded
  • Backup storage identified
  • Proxmox firewall approach documented
  • VM bridge plan reviewed

3. Network preparation

  • WAN interface/bridge identified
  • Lab LAN bridge created
  • Management network planned
  • Servers network planned
  • Workstations network planned
  • No overlap with existing home or VPN networks
  • OPNsense will be the default gateway for lab networks

4. Initial VM deployment order

  • Deploy HQ-FW01
  • Configure OPNsense interfaces
  • Configure VLANs/gateways
  • Configure firewall baseline
  • Deploy HQ-DC01
  • Install AD DS, DNS and DHCP
  • Deploy HQ-MGMT01
  • Deploy HQ-W11-001
  • Join test client to domain

5. Access control

  • No RDP exposed directly to the Internet
  • Administrative access uses VPN or trusted management path
  • HQ-MGMT01 is used as jump host
  • Separate daily and administrative accounts are planned

6. Backup before changes

  • Snapshot HQ-FW01 after basic network configuration
  • Snapshot HQ-DC01 before AD DS promotion
  • Snapshot HQ-DC01 after successful domain promotion
  • Document snapshot names and purpose