Home Lab Developments
12 points by abnercoimbre
12 points by abnercoimbre
I decided to go with Bitwarden password manager. While it is free for personal use, it is cloud-based and you need to use Bitwarden’s servers. Fortunately, there is a solution: Vaultwarden, a free open source alternative self-hosted server implementation that Bitwarden clients can talk to. It appears that Bitwarden sanctions the Vaultwarden project since one of their employees is allowed to contribute to the project on their own time.
Bitwarden is great, but it's not quite true that you need to either use Bitwarden's cloud servers or the unofficial compatible alternative implementation. They also publish the source code to their official server mostly under the AGPL. (IIRC everything except the SSO glue for the enterprise offering is AGPL, and that's source-available.) Hosting the official server isn't hard, but it's a resource hog for the kinds of things you'd use it for in a home lab. I like Vaultwarden better. But choosing "self hosted" in the client will let you connect to either.
FWIW, I pay for their premium license but self host on Vaultwarden anyway, just because I want to control where and how my data is stored.
Just when I thought my self-hosting skills are advanced, someone out there is an order of magnitude ahead of me:
The last few months, I’ve been busy building out my HomeLab. I’m not new to self-hosting my own services, but I’ve rapidly added on quite a few more services recently.
Everything looks so cool. Does someone here have a similar home lab? Too much maintenance?
I document my personal infra and keep everything in version control. You could take a look at git log to see how much I change :)
A good chunk of software I run is included in LTS distros so that automatic updates take care of the most important bit, patching. But I do fiddle frequently.
I'm toying with setting up a shared Linux server for a (yet to create) community where everyone would be root. One of the objectives would be to run a few non-critical services there (my blog, a feed reader, perhaps some monitoring, maybe my ActivityPub server, Git hosting...) and do "community maintenance".
Wow, that's impressive to me. I should get in the habit of documenting what I self-host more..
I'm doing some "community maintenance" already (e.g. we operate a chat server), but I'm terrified of teardown / deployment. I don't have any "playbook" for it and everyone knows you have to switch servers eventually - due to pricing, upgrades, or what have you!
Well, I started a long long time ago. My first commit was in 2013, so considering it's been more than a decade, it's not so impressive.
I got started with Puppet then because, well, it was 2013. Although NixOS is from 2006, Docker is from 2013, and K8S from 2014, that's what we were using at work, so I've been sticking to that. It's completely out of fashion, but for traditional host management (install packages and configure them on traditional distros) I think it's still one of the best options. Although I dislike Puppet servers, so I've always been doing hacks to avoid that.
I think it's worth looking into declarative distros like NixOS, although the fact that there's no LTS declarative distro is my excuse for not trying to switch to those harder. (I set up my systems with RHEL-clones, which in many cases, reduces maintenance a ton.) Containers I have a distaste for, but they have some advantages (and I use containers for a few things).
But I can say that before Puppet, I used to spend a lot of time documenting setup- I was deathly afraid of having to rebuild stuff, or losing track of things. It's not really so valuable to do infra as code for personal infrastructure, but I find it pleasant and... the stuff I've learned has been very valuable for work.
Similar, yes. I run about 25 services at home (oldish picture) for personal use, and some for use with friends/family.
Sometimes it does give me anxiety that something might not work, but I have a solid backup strategy as well as UPS and RAID implemented.
My favorite services to selfhost are Matrix, my webserver, Homarr, Paperless NGX, Calibre WA, *arr suite and Home Assistant. I run everything on a Dell R220 using Proxmox, and I use Grafana coupled with InfluxDB to monitor things.
As much as docker isn't perfect, I find that keeping my docker files in sort of source code and using incus to manage the infrastructure has made my life much easier. The nice thing about using incus is I can use native Docker without any of the dangers of it running this route because I run it within a non-privileged lxc container. My ISP has static addresses and I use IPv6 and Alpine is my base OS. Basically install Alpine load container. Install docker. Install docker – compose it works!
