Tuesday, July 28, 2020; Reading time 5 minutes.
Even from highschool I always had a homelab. I can, and I will, pin point that exact thing as a most useful learning material to date for me. I’ve started with Windows Server where I was running my own terminal services and everything just started from there.
Today my homelab is not only my hobby, a learning ground, but also a staple of my infrastructure needed for normal day to day life and work. This post will try to detail what services I run so I can look back at it and compare with the future state.
Goal is to migrate away from most of the online services I use and put the control back in my hands. Everything started with the day I broke up with Google and stopped using my account. I still have some services I use from them but today this is much less. I’ve decided to never get locked in on a platform ever again and that takes a lot of brain power at least in the planning stages.
Services I wanted to have:
- a password manager,
- a news reader,
- a git platform for my code,
- a CI/CD for the whole system,
- a good network backbone,
- some home automation things
After I went thru a bunch of iterations here is a full list of services running on my network:
- Bitwarden1 - my choice for a password manager, still trying it out for a full migration from 1Password
- Gitiles2 - with just a git server - for my own code I don’t need anything fancy, just a code browser and a place to push code to
- Jenkins3 - for building docker images, my blog, and a few other pages
- Wiki.js4 - my solution for a wiki but somehow git repo is winning…
- Miniflux5 - RSS reader for all of the blogs and sites I follow (also as a way to follow my friends on twitter using nitter.net)
- Tinylib6 - my homemade software for keeping all my physical books in order
- Wireguard VPN7 - for when I need to VPN into my network
- DNSCrypt8 + NextDNS9 - for encrypting my DNS and blocking ads
- Home assistant10 - for home automation needs
- Motioneye11 - NVR for my front door security camera
- Asterisk12 - for all of my telephony needs (mostly just a hobby)
- Docker registry13 - for all my private docker images
No services are available from the outside since I didn’t want to mess with security too much. This allows me to not worry about passwords too much.
Some of the services are running as docker containers and other as VMs. I’m using VMWare ESXi14 for VMs and Portainer15 to help me host docker images. Portainer is running just as another VM since it’s easier to manage that way.
All VMs are running OpenSUSE Tumbleweed.
Hardware is much more interesting than my architecture. All of this is running on two Intel NUCs.
- Intel NUC i7, 32GB of RAM, 1.14TB of SSD storage
- Intel NUC i5, 16GB of RAM, 223GB of SSD storage
Network stack is totally Mikrotik however:
- Mikrotik CRS328-24P-4S+, 24 PoE 1Gbps ports
- 2x Mirkotik RBcAPGi-5acD2nD, 2.4GHz and 5GHz access point configured over CAPsMAN
SIP phones are really cheap Groundstream phones (4 of them). And my GSM gateway is a Yeastar TG100.
I am very happy with where I currently am but there are few things I would like to do:
- Migrate away from Stubby for DNS to something that
can host my local DNS recordswon’t die every so often.
- Make the small NUC a storage server so I can finally turn off my Apple iCloud storage, (probs Fedora server with samba/Resilio sync)
- Bitwarden is now a VM and I would like to move it to Portainer
- Backups for all of the services once a file server is up and running
- External HDD for the small NUC