I love self hosting useful apps. I wish finding more things was easier. Right now I self host a jellyfin server and home assistant. When I learned a subscription for home security was $75/mo I said “there has to be something out there” and there was. I pay the developer their $6/mo even though everything works without it.
Jellyfin has been amazing for physical media backups. It’s nice to experience old VHSes and DVDs in a user friendly way.
nginx-proxy becomes almost a must have if you have multiple services and prefer remembering domain names instead of port numbers https://github.com/nginx-proxy/nginx-proxy
Most people will use nginx-proxy [0] or Traefik [1] for front ending home labs with LetsEncrypt certs... Beyond that people will protect them with things like Tailscale [2], Cloudflare Tunnels [3] or even just mTLS [4] for protected access.
Home labbing today has a lot of amazing software and it's hard to keep up!
And as for dashboarding [5] on top of all this there are a lot of options.
Also, for those new to the game who want an easier way to approach take a look at Tipi [6].
I use Tailscale for a bunch of self hosted services on a raspberry pi in my house. Port numbers and TLS certs are my current main problems with this setup but it's not annoyed me quite enough yet to do anything about it.
BTW why bother with TLS over already-encrypted and authenticated Wireguard tunnels? Is this just so that browsers won't complain, or do you have a more complex threat model?
Sorry for late reply, exactly that yeah - so the browser doesn't complain. I'm not worried about the security of HTTP over wireguard or anything like that. And domain names are easier to remember than ports so... http://raspberrypi:8123/ vs homeassistant.raspberrypi.local (or something)
> I use Tailscale...Port numbers and TLS certs are my current main problems with this setup
I've been running a Tailscale container, using the `tailscale serve` feature[0], as a sidecar for each containerized service I want to access. External access, TLS (to make my browser happy), and domain names all come for almost free. This allows me to set up `https://my-cool-service.lemur-pangolin.ts.net` with relative ease.
There's a ton of boilerplate, which drives me a bit nuts. But at least copy/paste is easy to do. Looking just now I have 31 Tailscale containers running that are almost duplicates of each other. You could probably do config generation but for a homelab I'm not motivated to really do that.
The command line interface for this tool is a little bit limited and forces you to share the network stack between your service and the sidecar. I would recommend injecting a config file into each container to give you full flexibility. I put up an example config on pastebin[1].
Lots of options to proxy and provide automation for certs. I'm personally a huge fan of Traefik, but I know a lot of folks use NPM since it's so simple and Nginx has great performance overall.
Of course, a service map comes handy, just another simple way of getting it done. What I meant with the proxy was using e.g. jellyfin.example.com and portainer.example.com instead of the ports. Not to mention that two apps might have the same default port.
For those with a multi-machine setup, like running the easy stuff on a 1L machine and having backupservice at multiple locations or the LLMs on a big setup that might even use WakeOnLan the proxy will keep you from having to remember the IPs as well.
That doesn't sound like a bad idea, but it's just as easy to create a bunch of LXC containers with their own MAC address and IP for me (and thus own hostname per service).
Heck you can even cobble stuff together with Home Assistants and various door/window/presence/water/humidity sensors. I was able to build a notification system when doors, windows, or fence gates are open. Same with panic buttons that alert my SO if any of us need assistance when putting kids to bed without whipping out the phones.
All of that can be loaded into HASS using a $26 Sonoff Zigbee dongle and various Zigbee devices like Aqara and others.
ADT; there’s a program through my employer where employees get deals and so I made first contact with them. I chatted with a salesperson who walked me through a sign up process before I could ask any questions (I made contact saying I wanted to inquire about services and then said we couldn’t talk until he collected all my information).
He said normally it’s $100/mo but with this deal, it’s $75/mo.
No thanks. $900/yr to $1200/yr + installation fee for home security kinda stinks. I was told the equipment wouldn’t work if I didn’t have the subscription.
I’m sure I was taken for a ride too, being told false information (the equipment really wouldn’t work? It’s really $75/mo?). I indeed felt like I was being treated like a mark. At the end I said delete my information but honestly I doubt they did. But who cares because now I got myself into this pretty fun world of home automation and security through Home Assistant and self hosting.
Jellyfin has been amazing for physical media backups. It’s nice to experience old VHSes and DVDs in a user friendly way.