I Don't Maintain My Homelab
17 points by confusedalex
17 points by confusedalex
I have a similar experience with my server at home.
I run Debian with unattended security upgrades, everything runs as rootless containers with pinned versions, managed by systemd using Podman Quadlet. Podman's auto-update keeps the containers updated.
Systemd timers take care of routine tasks like backups, image pruning, and the like.
I only pop have to pop in to reboot if there was a kernel upgrade, or if I am bumping an image version. Ansible takes care of these.
rootless containers with pinned versions ... Podman's auto-update keeps the containers updated.
I'm trying to understand these two parts. I thought the "pinned versions" comment meant that you weren't automatically pulling updates, but it sounds like you are, so I think these are two different things being updated and I'm misunderstanding.
I'm guessing "pinned versions" means they're running tags like foo:3 or foo:3.2, as opposed to foo:latest?
That way, when auto-update pulls the latest images, their service will automatically update from 3.2.0 to 3.2.1 (as well as get any updates to, say, the Alpine base image), but it will never update to 4.0.0 on its own.
Same but I don’t update anything unless there’s a specific feature I want. The nice part about self-hosted software is that you can update it on your schedule. And if everything is working fine, and not exposed to the Internet except through Tailscale, then you can just leave it be and it’s stable, excepting hardware failure.
(Besides from a pet peeve that a "lab" is more a place for experiments- and you don't need to maintain experiments...)
I think using containers is a mixed bag. On one hand, there are projects where containers are the first-class citizen delivery, and you get proper updates that way.
But I feel many people are running "suboptimally" maintained containers- I see lots of trouble coming from that.
I think it's more about figuring out what's the first-class citizen of getting updates for the software you use.
I run mostly RHEL clones with automatic updates and Nagios tells me when something needs a reboot. Fairly maintenance free, but because most of the services I run are in RHEL or EPEL.
I'm in an extremely similar spot; as much as I hate to admit it; a lot of this is a result of just ending up with a simpler setup. I used to love having the whole observability stack with rotating logs and all that. But my most recent headaches (2+ years ago at this point) were all dumb things caused by all that complexity. Things like the disk getting full of logs and metrics. Trivially solvable problems, but not really ones I want to deal with anymore.
I'd be hesitant to call my setup a "homelab" but it is an unraid nas running various docker containers. It's one of the reasons I am happy to pay for unraid as it has reasonable docker support, will automatically update containers (with a plugin) and other maintainance is also really straightforward.
I like the tool Watchtower for keeping docker-compose setups updated. https://hub.docker.com/r/nickfedor/watchtower
Has some pretty good config options to keep versions advancing and to account for most major changes.
For the base OS I just run Debian LTS with unattended updates. I still jump in for reboots with new kernels. Definitely not much work at all and I agree < 15min month is right.