The Power of Zero-Trust Architecture: Building a Secure Internal Network with Nebula

Imagine if we could establish a level of trust that in our network, we can verify with certainty that a computer really is who it says it is. By bringing mutual authentication and trust into networking, we can better make security decisions on when connections should be allowed. This can enable our services to talk to each other securely over the global internet, and reduce the dependence on a a trusted perimeter.
read more →

Using Proxmox METRICS In Your Homelab

As an engineer, I LOVE looking at DATA! So today, I’m setting up my Proxmox system to push data to InfluxDB, where I can view it using Grafana. With this setup, I can keep track of how many resources all of my homelab services are using, which really helps when trying to size VMs, hosts, containers, etc. Contents Video Install InfluxDB 2.0 Install Grafana Example Dashboard Using TLS Video Install InfluxDB 2.
read more →

Self-Hosted TRUST with your own Certificate Authority!

TRUST. It’s what certificates are all about. How do we know that we can trust a server? We verify that the server has a certificate, and that the certificate is signed by someone we trust. That can be a well-known third party like Let’s Encrypt, or our own certificate authority. In this video, I’m going to cover the basics of setting up a root private key and signing certificates using OpenSSL, and running a certificate authority server.
read more →

Organize your Homelab Services with Dashy!

Do you have so many self-hosted services running in your homelab that it’s hard to keep track of them all? Do you hate typing the IP/port for each one? You could use DNS, but a nice dashboard would make it easier too! Today I’m setting that up with Dashy, a beautiful and easy to edit homelab dashboard tool. It’s not the lightest weight tool in the world, but the look is worth it for me.
read more →

The ULTIMATE Guide to Fiber Optic Home Networking

Do you have a need to extend your home network around your property? Maybe you want reliable internet in the shed you turned into a work-from-home office, or your garage or workshop? Today I’m going to explain what you need to run fiber optic newtorking around your home and property on a budget, for high bandwidth and low latency networking. Fiber doesn’t have any issues with lightning or electrical potential changes between buildings, and can handle much higher bandwidth with higher reliability than wifi mesh or point to point systems.
read more →

The Homelab Swiss Army Knife: ZimaBoard

I’ve used a lot of different small form factor machines over the years, from the Raspberry Pi to used ebay thin clients. All of them are good at some things. But when Icewhale sent over their x86-based Zimaboard for me to take a look at, I’ve been impressed with the flexibility it has for me to test new software and hardware in a relatively cheap way. It’s not spectacular at any one thing, but it’s versatile enough that it’s a great foundation for so many of my projects.
read more →

Setting Up my PROXMOX Backup Server!

I’ve gone from “no backups” to “raid is a backup” to “two zfs pools in one box”, and decided it’s finally time for a proper backup solution. So, I settled on Proxmox Backup Server! And today, I rebuild my HP Microserver Gen8 with 4x10T refurbished SAS drives, a new SAS controller card, and more! With this backup solution, I’m feeling a lot better about my data migration to Ceph. Contents Video SAS Drive Formatting ZFS Pool Setup Next Steps Video SAS Drive Formatting Since these drives were refurbished they were formerly formatted for a hardware RAID controller and were giving me lots of protection errors in dmesg - specifically blk_update_request: protection error (and failing to read, but not write).
read more →

Remove Proxmox Server Access over SERIAL! Cheaper Alternative to IPMI or KVMs

I have a rack-mounted KVM now, and it’s great, but I’m working on building out a new Proxmox cluster which might not have a graphics output at all on some of the nodes. So, I need a new remote access solution for them. The new nodes I’m planning on building will all be based on used consumer hardware, so I’m limited by what would be available on normal mATX boards. This doesn’t include IPMI, and if I go with AMD-based CPUs, doesn’t include an iGPU either.
read more →

Network KVM for ALL of my Servers!

Since I use a lot of repurposed computers as servers, I don’t have many with IPMI / remote access built in. Usually I can configure them remotely through SSH or their web UI, but sometimes things go wrong and it’s nice to have remote console access. Enter, PiKVM, a project to build a networked KVM switch with a Raspberry Pi. Unfortunately, I have a more than one server, and building a PiKVM for every one gets expensive, so I’m combining it with an 8 port rack mount KVM switch so I can remotely view and control all of the servers in my rack.
read more →

Fully Routed Networks in Proxmox! Point-to-Point and Weird Cluster Configs Made Easy

Are you playing with Proxmox clustering, but want faster networking without paying for multi-gig switches? For small clusters, sometimes it can make sense to use fast point to point links between nodes. This could be in a small 2 or 3 node cluster, where you can use dual port 10 gig cards and direct attach cables without a switch. Maybe you’ve got a wacky 5 node cluster with quad port gigabit cards on each node, and don’t want to buy a 20 port switch and do link aggregation.
read more →