Homelab
Why I Homelab
I think homelabbing is just a great way to get into IT and a great way to keep skills sharp or develop new ones. I got started with homelabbing like many people do, a Minecraft server running off my own desktop as a kid. From that Minecraft server I moved onto a Raspberry Pi that ran OwnCloud and OpenVPN.
When I interviewed for my first IT position, a Linux Admin position I was woefully underqualified for, I hit it off with their Security lead who happened to be standing up OpenVPN as a solution and we had a great conversation about the struggles of learning the tool. Needless to say I did not get that job but they did end up calling me back a couple months later for a helpdesk/junior admin position that I accepted.
Homelabbing is what got me into the field and I encourage anyone who asks me about getting into IT to take a crack at it. You don't need an entire rack of servers, you don't need expensive disk arrays, a Pi is more than enough to get started down the IT road and to learn a couple new things on.
The Environment
Hardware
| Hardware | Purpose |
|---|---|
| R220 | OPNSense |
| R320 | Backups NAS |
| R620 | XCP-NG |
| R620 | XCP-NG |
| R510 | Media NAS |
| Catalyst-4948 |
Service List
Currently running services
- 365 Tenant
- As low as $6 for just an online license for one user and you get everything in 365 but I use the $22 Business Premium license to have the desktop office suite and Azure functionality/protections.
- 365 - Exchange Online
- I of course use this for email and contacts management. I love Outlook and it is just an absolute joy to have such a powerful suite available for cheap.
- 365 - SharePoint Online
- I am experimenting with this being a "Paperless NG" like solution with Microsoft Lens and SharePoint libraries.
- I would like to have family photo albums here as well, via Guest accounts. Initial tests are promising.
- Azure Static Web Apps
- I am using this for 2 sites, my homepage and my blog/documentation site. One is hosted on Github while the other is hosted in Azure DevOps and they use those respective pipelines to be built.
- https://dev0.sh
- https://docs.dev0.sh
- Azure DNS
- I have my personal domains running here for giggles mostly, why not learn how to use it. It does cost like $1.
- Azure DevOps
- This is hosting most of my personal repos, anything public I left on Github.
- Microsoft Defender for Office 365
- It is nice having a central panel for AV, I had been on Sophos Home a while ago and I was missing a solution. I never notice it running in the background on my Mac and I can get some helpful emails every now and then.
- Active Directory
- I used AD for central authentication of course and playing around. It is nice to have a test realm always running. I am moving away from this as I reduce homeprod and will be relying on local accounts on the few servers I plan to keep.
- Ansible
- CFM on Linux hosts mostly
- Homebridge
- My home automations are based around Apple and Siri
- TrueNas
- I run 2 hosts, one for media and the other for backups/shares (the cost worked out better to have 2 hosts)
- OPNSense
- My choice of firewall, it works fine.
- OpenWrt
- My Cisco WRT series router runs this as my main AP
- Jenkins
- I have this test server running to play with pipelines. I originally had rTS_Debian being built on it, but someone very quickly turned that into a Github Action.
- WireGuard
- I don't particularly care for WireGuard. It is way too complex to setup manually, which is why most methods are scripts. I got it working on my OPNSense firewall with some help, but likely could not do it again.
Previous services I have run
- Windows DNS
- Windows DHCP
- Windows Enterprise CA
- I ran a local CA to allow the use of smart cards on my machines, so I could sign my scripts and to generally test out ideas or tasks for work. It is a easy thing to stand up but incredibly frustrating when it breaks.
- Various webservers
- Basic homepage for https://dev0.sh
- Ran via Docker/Podman or baremetal
- 3CX
- I ran a "work line" over this when we all went WFH and I didn't want to give out my cell to users. It is a great solution and I still have my handsets. If I every start working from home part time again I plan to stand it back up.
- voip.ms was my DID provider
- Nextcloud
- I used this for years, it was my file storage, calendar and contacts solution. It worked great and I do recommend it for anyone wanting to be fully contained. I migrated from Nextcloud to my 365 tenant and have been very happy.
- OpenVPN
- Along with OwnCloud, my first foray into hosting. It works well and I would recommend it over WireGuard for most purposes. I find it much easier to comprehend, setup, and troubleshoot.