Photo by Leeloo Thefirst
I originally intended to keep this blog up to date at least monthly. Unfortunately, life happens, and we've had a lot of life happening around our place... a lot of good, but some bad too. Though technology is a passion of mine, there are other things I am more passionate about, such as the family, setting up a new-ish house, and taking care of a plethora of outdoor cats that call us home. We also have almost a dozen chickens that we raise as pets. Some of them lay eggs, some don't. We're not farming, it was just nice to have enough yard to have a few chickens. The season is changing, and I thought I'd revisit this site and think about how to better keep it up to date... and, while I'm here, why not a quick blog post to fill the space?
I currently have about 140'ish docker containers running across my humble homelab. Most of them are redundant copies of services which allows me to make updates without service interruptions. It's not a hard requirement, but it's nice to be able to keep things running without feeling like one of my half-a-dozen users might see an impact. I've recently started using Forgejo (a fork of Gitea) to mirror some open-source projects and trigger Jenkins pipelines to build images locally. Especially with Nextcloud, it really saves on frustration when it works right. I'm not sure how much further I'll take that, especially since Docker clients do not play well with HAProxy, and I cannot for the life of me figure out why.
Yep, there's now a second Plex server. The first one has been migrated across several servers, and when I tried to move it from its current host to a new host, even though it's in Docker, it did not like it at all. Instead, I just created a new Plex server and moved a handful of users over to it (like I have so many). Some of the older side of the user base will remain on the old server for ease of use.
The two most notable additions are Wazuh and Vaultwarden, an unofficial fork of Bitwarden. Wazuh is very interesting, as it provides seemingly enterprise-level SEIM (security information and event management) solution, but it's 100% open-source! I'm not really interested in security at this level, however work is always interested in solutions like this, and I also don't want to be surprised should something bad happen. It has a LOT of options that I've not even began to scratch the surface on.
Vaultwarden is a password-management solution, which is a problem I already have solved... however, my solution is only on my local and is just a client with a local encrypted database (Keepass). Vaultwarden could allow for a solution for others to use, and password managers are sorely underutilized in today's internet. I've also been following a lot of discussion around SSO (like this), which I'm very interested in! It would be wonderful to provide a solution that allows them to use a master password or SSO via Authentik. I've really been playing around with this recently, and I find using the Bitwarden clients and browser plugins quite nice! Keepass has these too, but, again, Keepass is not a solution I can deploy for multiple users.
A quick disclaimer, my last update was 6 months ago. In the last 6 months, I hit a point where I needed another Plex server. More recently, my users have been complaining of the Plex servers' performance, both the new and old one. The company has started taking an unusual stance against it's users, blocking an entire hosting company siting multiple TOS violations, and is even falsely banning individual accounts they suspect are getting monetary compensation for access to a Plex server. While I have no problem with Plex banning people for receiving monetary compensation for pirated content, what if it's copyrighted content owned by the host? The Terms of Service prohibit commercial use... okay, but how do you know? How does Plex Inc make the leap that a user is profiting off of their software? How do they know that there are a bunch of people on one hosting provider that are violating the TOS?
So, what I originally intended to take place over a couple of years will hopefully be completed in the next 6 months: All users are moving to Jellyfin. It's been a great ride, but Plex Inc is abandoning it's original users.
The hardware that makes up this humble homelab is somewhat dated, with one host's network connection being lost by the kernel multiple times a day. Even my desktop is a 6th gen Intel i7. The wife is on a Devil's Canyon i7, and both of us are running 16GB of RAM. Overall, all of our hardware is pretty long-in-the-tooth. The only screens that support 4K are our cell phones. None of our video cards can game at 4K reliably (I have a 1070 that might not do too bad), and though our machines are fine and dandy for browsing and light application workloads, they are showing their age whenever demand is put upon them. We are due for upgrades, so hopefully next year we'll start with desktops, and the old desktops will replace the oldest homelab machines, and the oldest homelab machines are promised to a fellow homelabber who is still getting started.
I mentioned working on a new-ish house earlier. So far, that's just been getting settled in (moved in about 18 months ago) and using the space properly. Eventually, we'd like to introduce technology to the house! We want (mostly I, but others kinda want it too) a non-internet-connected Smart Home. I'd like to improve the lighting situation starting in common areas where light switches are not plentiful enough. I'd also like to get the homelab moved out of desktop cases and into server racks and rack-mounted properly (will probably hit up Sliger for cases, Ebay for an enclosure). Long-term, I might even integrate outdoor lighting, voice control and response, and even a reactive security system (alerts only, it will not be weaponized). Needless to say, I have a lot of ideas, and it will take a lot of time, money, and effort to get there! As new as this house is, it is very basic and doesn't have any networking cables ran anywhere. It will take a while to fully realize the dream.
Specific to the homelab, I'm also looking at removing additional single points of failure. I could do a lot more orchestration with something like OpenStacks, but that's meant for entire datacenters. The more I look into the complexity that introduces, the more I think ya know, Proxmox has been really good to me. Storage, however, is a big SPOF that I've not decided how to tackle yet... but I'm leaning towards Ceph clusters. Minimally, I'd like 3 servers (currently there are 2) that are clustered maybe with some SSD clusters for speed, and 10GB dedicated for cluster traffic. Ideally, I'd like multiple sets of 3 in different locations in the house (or outside in a dedicated space) for better power distribution, more redundancy, and better fault-tolerance with better ability to scale too! The pipe dream there is to get to a Petabyte of available space!
I can't promise any of this will happen. We have plans to take care of some of the hardware just after the turn of the year, but that's as far as we've planned out, and a thousand things could happen between now and then. I can't even promise the next blog post... but there will eventually be another one. I want to talk about the solutions we decide on and how that technology affects our lives. I want to move away from just playing with things and actually putting things in place that make a difference. Some of that is in place only because I played with it and realized the value, so I don't regret it... but I don't need half of the services I have running up and going. All the proxy services are just for fun and as a courtesy. Some of the static sites, like 5etools are just nice-to-have, where something like the lan cache or pastebin just aren't necessary or utilized. We'll see how it goes, but I'm excited for the future, and I hope I can capture it all here!