My 2023 Homelab Setup

Posted on

Homelab, Illustrated By DALL·E

Homelab is a place where you can store all your family’s data, self-host applications and services, locally stream media, and experiment with various technologies.

A Homelab can start with low-power devices such as a Raspberry Pi, or with hacking your router to install open-source firmware and run custom applications. It can also involve easy-to-use consumer NAS solutions like Synology. Alternatively, you might find yourself overwhelmed by used data center hardware.

Throughout 2023, I have been tinkering with my home network and computing setup, which has been both fun and rewarding.

Hardware

Various devices operate continuously at my home. Some were shelved last year, but there are a few newcomers worth mentioning.

The router “Rotom,” which I use for my home’s internet, is an iKoolCore R1. This compact device is powered by a Celeron N5105 processor and is equipped with 8GB of RAM, a 128GB SSD, and four 2.5GbE Ethernet ports. It runs Proxmox VE, hosting an OpenWRT VM as my primary firewall, and a Debian VM for several networking applications.

This summer, I noticed that the SSD became read-only on several occasions due to overheating. Fortunately, the manufacturer offers an R1 Pro upgrade kit. This kit replaces the case with a heatsink that directly contacts the NVMe SSD, effectively mitigating the overheating issue. Additionally, it includes a PWM fan, which keeps this compact computer silent in my closet.

My Network Cabinet in Augest 2023

I have a 15U network cabinet situated in the corner of my living room. At the bottom lies a Santak TG-BOX 850 UPS, safeguarding the devices within the cabinet. Positioned in the middle is my NAS, acquired in 2020 – a Synology DS1621+ equipped with six 8TB HGST drives and 12GB of ECC RAM. It’s set up in a RAID-6 configuration, providing a total storage capacity of 32TB.

At the top of the cabinet is the Homelab server “Porygon,” which I assembled in 2023. Inspired by Tao of Mac, it’s built around an ASRock DeskMeet B660 box. The configuration includes an Intel Core i7 12700 CPU, 128GB of DDR4 RAM, two NVMe SSDs (a WD SN770 2TB and an older Samsung 970 Evo Plus 1TB), and a Geforce RTX 3060 GPU.

The DeskMeet B660 also runs Proxmox VE. The integrated Iris Xe GPU is dedicated to a Fedora Workstation VM for transcoding videos and offering a remote desktop. The RTX 3060 switches between a Windows VM, which I use for game streaming, and a Debian VM for doing AI experiments.

However, I’ve encountered heat issues with the “Porygon” server inside the network cabinet. The CPU, cooled by a Noctua NH-L9i-17xx, can quickly reach 100°C during moderately intensive tasks. The SSD, even with a heatsink, often heats up to 70°C. To address this, I implemented two solutions. Firstly, I replaced the PSU fan with a Noctua NF-A12, which reduced the CPU temperature by 15°C, both at idle and under load, at the cost of injuring both my hands. Secondly, I installed a dedicated cabinet fan controlled by a Xiaomi Smart Plug. When the SSD temperature hits 70°C, Home Assistant activates the fan, which turns off once the temperature drops below 65°C. Ultimately, I’m quite content with the new Homelab server. It’s usually quiet and energy-efficient, yet it can be exceptionally powerful when needed.

Applications and Services

In my Homelab, I run a wide array of applications, catering to various needs. This includes network applications that ensure connectivity for my devices at home and allow me to access my home network remotely. I also use note-taking apps, read-later services, home automation systems, media management services, file synchronization programs, RSS readers, as well as a git server complemented by CI/CD pipelines. Moreover, I have dashboards in place to navigate and monitor all these applications efficiently. It’s fair to say that a significant portion of my digital life depends on these machines, which are entirely under my control at home.

Homepage Dashboard and my Applications

On my router “Rotom”

On the compact yet capable machine, I have set up two virtual machines and one LXC container to manage various services and applications.

One VM operates as my primary router OS, running OpenWRT. I’ve configured it with passthrough for three NIC ports. The WAN port connects to the modem provided by my ISP, while the LAN ports, in conjunction with the VM net port, establish a bridged LAN network. The majority of OpenWRT’s configuration revolves around DHCP settings and firewall rules.

In addition to the routing functions, “Rotom” hosts several other programs:

  • Jellyfin: This serves as my secondary media center. I’m contemplating a switch from Plex to Jellyfin since it is fully open-source and doesn’t depend on a remote server.
  • frpc: This is for exposing certain services, like an SSH service that enables me to connect back to my home network. It’s useful because I have a CG-NAT IPv4 network. If I encounter a lack of IPv6 support in an external Wi-Fi network, I rely on frp to access my home network.
  • cloudflared: This acts as an alternative method for exposing services via Cloudflare Tunnels.
  • cloudflare-ddns: A dynamic DNS service that maintains an AAAA record, facilitating direct IPv6 connections back to my home.
  • traefik: This reverse proxy manages services not running on “Porygon.” I’ll detail the services running on the Homelab PC separately.

Jellyfin operates within an LXC container, with the Intel iGPU passed through for video transcoding. The remaining services are housed in Docker containers running on a Debian VM. The Debian VM also functions as a side router for my Homelab PC and devices such as the Apple TV and Sonos One.

On my Synology NAS “Uxie”

As my storage center, I need my NAS to be as robust as possible, so I haven’t installed too many applications on it.

In addition to standard NAS services like SMB, NFS, and File Station, the applications I use include:

  • Synology Photos: Backs up the photos of my family. I’m considering switching to an open-source solution like Immich, but the last time I tried, Immich didn’t integrate well with the iCloud Photo Library.
  • qBittorrent and VueTorrent: Mostly used to download Linux ISOs.
  • aria2: Another tool for downloading Linux ISOs.
  • Forgejo: A self-hosted Git server; it’s lightweight and a community fork of Gitea.
  • Sonatype Nexus Repository: My private package manager for Docker and npm, and also a cache proxy for docker.io and ghcr.io to ensure all my applications can start without an internet connection.
  • MinIO: An S3-like object storage service for my other applications.
  • Navidrome: A lightweight music manager compatible with the Subsonic API.
  • Sonarr: An automatic media manager for anime and TV shows.
  • Radarr: An automatic media manager for movies.
  • Bazarr: A subtitle downloader for content in Sonarr and Radarr.

Apart from first-party Synology apps, all third-party programs are running in Docker containers.

A Home Kubernetes Cluster in “Porygon”

I’ve migrated the k3s control plane and worker VMs from Frost Canyon NUC “Comet” to my new Homelab PC. Most of my applications are running in this k3s cluster because it’s easy to maintain, upgrade, and recover. Building this has also been a great way to learn.

Here’s a list of applications running in this cluster:

  • Memos: My primary note-taking app for capturing my thoughts and ideas. I also developed the iOS and Android client titled “Moe Memos.”
  • Miniflux: My RSS reader. It supports the Fever and Google Reader API and can be connected to various RSS clients.
  • Vaultwarden: An unofficial server written in Rust for the open-source password manager Bitwarden. It’s more lightweight than the official server.
  • Wallabag: My link manager and “read later” app.
  • MicroBin: A text and file-sharing application for when I’m transferring things without Universal Clipboard.
  • NocoDB: An AirTable-like smart spreadsheet. I use it for personal project management and to track games and movies.
  • Komga: My manga library. It supports OPDS clients like Panels and Mihon.
  • Paperless-ngx: A document management system for organizing scanned documents.
  • Stirling PDF: An all-in-one PDF toolkit.
  • Audiobookshelf: I use it as an automatic podcast downloader.
  • Photoview: I use it to manage collected pictures not in my photo library, such as CD and Blu-ray booklets.
  • Prowlarr backed by FlareSolverr: An indexer manager for Sonarr/Radarr.
  • YoutubeDL-Material: Downloads videos from YouTube via yt-dlp.
  • draw.io: The most powerful diagramming tool.
  • Kimai: A self-hosted time tracker.
  • Firefly III: A self-hosted finance manager. I haven’t used it much yet.
  • Node-RED and n8n: Powerful automation tools, but I haven’t used them much yet.
  • Woodpecker CI: A Kubernetes native continuous integration solution.

The manifest of my Kubernetes cluster is managed in a Git repository and is automatically deployed via a GitOps tool named Flux CD. When I push changes to the repository, such as adding a new application or upgrading Docker images, the deployment occurs within a few minutes.

Recently, I discovered a powerful tool named Renovate Bot. It scans my Kubernetes manifest repository every few hours to identify which Helm releases or container image tags require upgrades and then creates pull requests in Forgejo, similar to how Dependabot operates on GitHub.

In addition to the applications I’m running, my setup includes the Ingress NGINX Controller, MetalLB, and cert-manager to facilitate service access and manage certificates. The data for these applications is stored on Longhorn volumes, which are replicated across all three worker VMs and two SSDs. I’ve also integrated Kube Prometheus Stack and Grafana Loki to monitor the cluster and review pod logs.

Another tool I use in parallel with kubectl for managing resources in the cluster is Portainer. I’ve also configured Portainer environments to manage Docker Compose stacks on my NAS, router, and several cloud servers. For convenient navigation through all the apps in my Homelab, I utilize a highly customizable dashboard named Homepage. It seamlessly integrates with Kubernetes and is capable of discovering services based on Ingress annotations.

All k3s nodes operate under Ubuntu 22.04, and I’ve configured the system-upgrade-controller to automatically update k3s and apt.

Remote Development and Desktop

Like my Kubernetes cluster, The Fedora Workstation VM “comet-core” is also migrated from the Frost Canyon NUC. The Intel Iris Xe iGPU is passed through it. I use it mostly as a remote development server, and when I need GUI applications, I can access the GNOME desktop with RDP via xrdp and xorgxrdp.

Notable applications running in this VM contains:

  • Plex: My primary media library. I have lifetime Plex Pass and I still prefer Plex for a variety of unique features. But I’m kinda worried about Plex’s future and its troublesome handling of privacy. Maybe I’ll switch to Jellyfin some day.
  • code-server: A web development environment. However, I often develop on this VM via the Remote Development feature in Visual Studio Code.
  • calibre and calibre-web: My book library. I also use calibre to DeDRM and convert digital books I bought.
  • Handbrake: I use it to transcode videos from my Blu-ray collection to H.265 with Intel Quick Sync.

Gaming and AI Experiments

Having a dedicated GPU has significantly justified upgrading my Homelab PC. I’ve set up a Windows VM “Porygon-Z” and a Debian VM “Porygon2,” both configured to utilize the RTX 3060 GPU. However, only one VM can be powered on at a time since GPU passthrough is restricted to a single VM.

In the Debian VM, I’ve been experimenting with a few smaller LLM apps such as Ollama and ChatGLM-6B, as well as creating art with the Stable Diffusion web UI. I’ve also explored vector databases such as Chroma.

On the Windows VM, I’ve installed Sunshine, primarily to stream games from PC Game Pass, and titles that are either unsupported or don’t perform well on the Steam Deck, to my handheld console with Moonlight. The ability to play games at 1080p 60fps with the highest settings on a handheld device was a dream I never thought would be possible until now.

Other VMs and LXC Containers

Last but not least, I’d like to highlight more applications.

Nextcloud serves as my file synchronization server. It used to perform poorly, particularly when syncing a large number of small files. However, with recent upgrades to both Nextcloud versions and my hardware, its performance has significantly improved, offering super-fast file transfers. I’ve set up Nextcloud with Nextcloud AIO in an LXC container on “Porygon.” Beyond file syncing, Nextcloud also manages my calendar and tasks through CalDAV and syncs browser bookmarks using Floccus.

Home Assistant OS orchestrates all my IoT devices and bridges them to HomeKit. For devices that don’t natively support HomeKit, I can access them through hass-xiaomi-miot. Home Assistant also automates various tasks, such as controlling the network cabinet fan I mentioned earlier and activating the Aqara M1S night light when someone enters the living room at night.

Backups

I loosely adhere to the 3-2-1 backup strategy for safeguarding my data. My NAS serves as the primary backup target for various devices, including my family’s iMac via Time Machine and two Proxmox VE devices using a Proxmox Backup Server VM. Additionally, my older Synology DS916+ NAS, which has been operational for 8 years, secures the data from my main NAS through rsync and Hyper Backup.

For offsite backup, I utilize Backblaze B2 and OneDrive. Backblaze B2 houses backups from Hyper Backup, restic, Longhorn, and Arq, while selected folders from my NAS are one-way synced to OneDrive using Cloud Sync. I’ve opted not to have a remote backup for my media library due to the storage costs, considering that most of the content can be reacquired by re-ripping physical media or re-downloading.

Homelab in 2024

That’s all for my 2023 Homelab setup. I’m very satisfied with my current setup, and there are a few areas I’d like to explore.

Currently, I only have Gigabit Ethernet, even though I have a few 2.5GbE devices. Perhaps I should add a few 2.5GbE switches to access my data faster.

I’d like to make the most of my devices. I’m considering reconfiguring my Frost Canyon NUC as a backup device in case one or two pieces of hardware in my Homelab fail. It happened before with the Noctua CPU fan, and I lost access to “Porygon” for a few days. I also have a spare Raspberry Pi 4 and a Zero 2 W, but I haven’t figured out how to utilize them effectively.

I’m also interested in open-source NAS solutions such as mergerfs, SnapRAID, and openmediavault, but I’m not yet motivated to build one. I’m looking into VLAN setup as well, although I don’t think I really need it yet.

Overall, I have enjoyed my Homelab journey and am looking forward to more building and learning. I hope you enjoyed reading this post, and if you have any suggestions or ideas, please reach out to me on Mastodon.