Skip to content

Latest commit

 

History

History
46 lines (35 loc) · 2.36 KB

README.md

File metadata and controls

46 lines (35 loc) · 2.36 KB
Raw

Homelab

Configuration and personal documentation for my homelab - (eternal) WIP

Figure 1: Me trying to assemble this monstrosity

Tech Stack

  • pfSense CE - firewall sitting in front of all this (bare metal)
  • Proxmox VE - host OS (bare metal)
  • Ubuntu Server (22.04 LTS) - guest OS, hosts portainer
    • TODO: move to NixOS for this layer
    • Docker + Docker Compose - most services in containers
      • Portainer - nice web GUI for docker stuff
      • Jellyfin - media server
      • Jellyseerr - automate requesting content
      • Servarr Suite - automate (legally!) obtaining various media files

Todo

In no particular order:

  • Auto provision TLS certificates via Caddy
  • Close off container ports (i.e. web UIs only accessible via Caddy)
  • Expose containers to Tailnet. ✅ Single Tailscale instance for whole cluster (ports subdomains for different services) or one per service (allows subdomains)
  • Gluetun in containers (currently done at pfsense layer)
  • Figure out something for NAS layer
  • PCIe passthrough iGPU from Proxmox Host -> Ubuntu -> Jellyfin container, for transcoding
  • Move to NixOS instead of Ubuntu
  • Add more RAM to host PC
  • Set up auto offsite backups
  • Automate deployment from scratch (Ansible? Nix?)
  • Add automated speed test tool (for periodically testing WAN speed through ISP)
  • Add self-hosted web-based speed test (for testing a client device's connection speed to the homelab, e.g. via Tailscale)
  • Add Unifi network controller (for configuring local wifi access points, etc)
  • Set up PiHole for DNS
  • Set up Watchtower for auto-updating non-critical containers
  • Put Portainer in docker compose (rather than as a raw docker run command)

Note: ~~I don't have a domain name and don't (currently) plan to purchase one, which adds some additional hoops to jump through (e.g. provisioning valid TLS certificates becomes slightly more difficult than just Caddy + Let's Encrypt)~~ Ended up getting a domain after all

Disclaimer

This was created as a learning exercise to upskill on various technologies, and is/has/will be only ever used for legally permissible purposes, such as obtaining media released to the public domain or sharing Linux ISOs.