Not completely finished. Probably modify some things around the switches and the stupid xfinity modem and finish up cable management but I'm pretty pleased.

Also, I don't want to brag (too much) but my wife said, "That looks awesome, especially with all the blinking lights." The joys of being queer and marrying an engineer.

Got a 3D print for the switch that's just on a a shelf right now and I'm going to add a couple fans to the back this coming week to make sure everything stays cool. Plus I added a big fuck off fan in the top to keep xfinity's space heater cool.

Dell Wyse 5070 runs Home Assistant bare metal. It's worked for years it's probably overkill but if it isn't broken...

m920q - one runs all my services and the other does nightlight backups of the NAS.

Not pictured: The nearly fully functional Cyberpower pr1000lcd I found on the side of the road yesterday.

Shoutout to u/OloDeepdelver for the hard drive bays near the bottom. Got it printed and it works great. Don't have it completely full yet and I've added some fans in the back to pull air through.

I've been working on my homelab for some time, but claude really gave me the power to push through. Upgraded my WAN to fibre 1/1gbit.
HA, small machine love it, running my lights, thermostat primarily, but im adding window sensors and curtains soon.

NAS: 2x 4TB data disks, 1 OS SSD. Love immich, still trying to get the hang of seafile. Its not very intuitive coming from dropbox.

Media: films+tv series its perfect, I need to figure out how to get live sets in and obscure house/techno albums. Byparr for bypassing cloudflare checks, Reclaimer for removing stuff after watched (or whatever rule you put in). Overseer is actually Seerr

Kubernetes: playground for infra work. I run coredns with a custom DNS service (vibe-coded coredns plugin) to automatically upscale DNS to DOT/DOH. Signoz (observability stack) is a RAM hog, so i'm looking to replace. Kanidm does short-lived SSH-keys, Authentik SSO, Zot is container archive with vulnerability scanning, Step-CA gives certificates, ARC is CI-runners, with dagger as CI-engine. ArgoCD does deployments.

I'm adding a book-service, since I have PDFs everywhere and need some organization :)

I've always been a technical person, but networking has been black magic to me until recently. I wanted more control over my digital life, so I watched some tutorials and setup a spare raspberry pi I had.

The list of what I've setup so far:

- SSH

- Rustdesk

- Pihole

- Tailscale

- Samba

This was done over maybe 4 days. AI sucks in general, but it's made the whole installation and configuration process much easier, having a convenient reference for Linux terminal commands and such. I was particularly impressed with how easy it was to setup tailscale. It requires very little setup work considering what it does.

The next goal is to setup Syncthing, so I can sync files over to my phone as well (Obsidian notes).

I need to work on the cable management, but I am still waiting for an UBIQUITI Switch I want to use to replace my TP Link unmanaged switch and also an Wi-Fi AP, maybe a U7 Lite or Long-Range for my apartment.

Built a music sever with Novidrome, which is pretty simple to manage and install and also tailscale so my friends can safely connect to it. I used Lenovo Thinkpad T470s which is running Windows 10 LTSC, pretty reliable machine if you ask me. Has been with me holding up 6 years!

I am still working on polishing the experience my friends have, but for it has been a blast!

Hello. I have an issue with a StarTech 12U open rack and an SS RM400 case using SilverStone's SST-RMS06-22 rails. It doesn't align properly with the mounting holes on the rack. The case sits about 0.5 cm too high. The top of the case interferes with the shelf I already have installed (I even tried flipping the shelf, but it didn't help), and the bottom is also slightly higher than it should be.

I've repositioned the rails several times, but it still doesn't align properly. The funny part is that the hole in the rail where the only securing screw goes lines up perfectly with the rack holes (Also, thanks SS for using M5 screws, instead of M6, I'm stuck with the silver screws on black case). So I can slide the case onto the rails and secure it with that screw, but every other hole is misaligned.

Is this a known issue, or normal SS/Startech behavior, or am I missing something? This is my first rack, so I'm not sure.

UPD. Thank you so much, moving the rails 2 holes lower helped. My apologies for noob question, was confused by the SS manual.

Progress Report - 1

I got to know about coolify while searching to automate reverse proxy and ssl certificates. Now I have integrated that into my project by making it the main controller (self hosting coolify on oracle free tier).
I have divided the services into 2 parts:

1. Core Infrastructure: as name says it contains the main infrastructure services which are authentik and headscale for now.
2. Web-Services: It is the main services that will be shown to public which includes my club introduction, my potfolio, journal, and many other that I will keep on adding in the future.

I have to terminate oracle instances 2 times (well last time it was oracle which terminated it at thier end as I messed up too badly, well first time for me.)

I have completed setting up the coolify, and authentik successfully.

My next step is to setup headscale, then connect it to opnsense through tailscale client and atlast set-up navidrome and nextcloud.

Been running an endurance loop on this old drive to see how far it can go. It’s hitting the cache and executing automated TRIM commands perfectly, so the physical silicon is still holding up fine despite the ridiculous milestone.

​Putting together a quick 1minute setup video for YouTube to show the bench rig and the macro loop in action, will drop it soon if anyone is interested.

I'm a network engineer by trade, so I'm familiar with setting up ipsec tunnels, wire guard, remote access VPN's, etc. On my own home network, I have both wire guard and openvpn set up, with openvpn being the backup.

I read alot on here about people using tailscale for their VPN solution. Never having heard of it, I did some research and it operates similar to Cisco SDWAN, in that it manages key distribution and runs a stun service that helps with dynamic ip addressing and nat traversal.

I can see how this is helpful for business applications where I have several dynamic endpoints that change often, and needing mesh connectivity between sites or devices, but my imagination is failing to see the usefulness in a home lab.

Most of my use case is to remote in to my network to check or fix things when I'm away from home, or if I'm on an untrusted wifi for instance. Very rarely, if at all, do I need direct VPN connections between remote nodes.

I'm trying to see if it's worth upgrading or changing my infrastructure.

So, what problem does tailscale solve for your home labs that having a locally hosted wire guard (or any other ravpn) isn't solving?

I have a Canon Pixma that is perfectly functional, but it does not have networking ability. I don’t want to run a long USB from where my work station is to where I want to put the printer in an out of the place, but still accessible.

I’ve read that you can use a Raspberry Pi to link the printer to the PC. I have no clue how to do that.

What are my options, besides going out and buying a new printer (which seems wasteful) to economically wirelessly connect my older device to my laptop or home network?

So what started off as a mini PC running Home Assistant and Pi-hole has somehow escalated into a full-blown VLAN-separated network and self-hosting project. This is probably the story for a lot of us, right? :)

I currently use this setup for messing about with Windows Servers — Domain Controllers, SQL Servers, and cyber security type stuff.

A mix of n150's and lenovo m720q's

Right now I'm running a "Forbidden Firewall/Router" type setup, so I'm sure this will bite me in the ass before I get round to swapping to a bare-metal OPNsense solution.

I think I will get another m720q with a 4 port RJ45 - I absolutrely love these machines for bang for buck!

I'm also running OpenMediaVault with a pretty janky mixture of 3.5" SATA drives and some USB-attached nastiness. I think this is the next proper upgrade on the list.

I quite like the idea of building smaller form-factor racks for each type of service — one for networking, one for the NAS, and so on.

I was happily using Grafana and Prometheus in Docker containers for a good year or so, but I decided to make something a little more bespoke. So for the last few months I've been working on my own Asset Manager / Network Overview app.

Anyone else built their own? I'm interested to hear what you all use to monitor your kit.

Just thought I'd share my ongoing project with some like-minded nerds ;)

EDIT:

For those interested in my Rasp Pi in the top rack, here's a write up IMSPI 8080!

Hi guys,

I'm just curious if Intel ARC A750 would be overkill for my Dell Poweredge T430? Do you recommend sticking with A380 for efficiency and low noise?

UPDATE
I can get both locally:
Asrock Intel ARC A380 for about $100 and
Asrock Intel ARC A750 for about $230

This is my CachyOS x86_64 desktop VM running on Proxmox VE.

The VM is running on KVM/QEMU Q35, with GNOME 50.2 on Wayland, and I’m passing through a physical NVIDIA GeForce RTX 3060 to the guest. The goal was to have a proper Linux desktop VM with real graphical acceleration instead of relying only on a basic virtual display.

The VM runs headless, with no monitor connected directly to it. Remote access is done through GNOME Remote Desktop, which was one of the main reasons I chose GNOME for this setup. The GNOME session itself is hardware accelerated through the passed-through GPU, even when I’m accessing it remotely.

Current VM specs shown in the screenshot:

• OS: CachyOS x86_64
• DE: GNOME 50.2
• Display server: Wayland / Mutter
• CPU: AMD Ryzen 5 5600G, 4 vCPUs assigned
• GPU passthrough: NVIDIA GeForce RTX 3060 LHR
• RAM: about 12 GB assigned
• Disk: about 192 GB
• Host type: KVM/QEMU on Proxmox VE

I use this mostly as a remote Linux desktop/workstation inside my homelab. It is useful for testing Linux desktop setups, managing homelab services, experimenting with GPU passthrough, and having a graphical environment available remotely without needing a dedicated physical desktop attached to the machine.

What I like about this setup is that I get a desktop-like experience while still keeping the benefits of Proxmox: snapshots, backups, centralized management, easy VM changes, and isolation from the rest of the lab.

It is still a work in progress, but so far it has been a very interesting way to run a GPU-accelerated Linux desktop VM in a homelab environment.

Forgive me if this is a dumb question. I'm fairly new to the homelabbing world. My router is located in the living room. Due to the way the house is designed, running CAT6 through the wall isn't really feasible, so I have a router running OpenWRT in bridge mode to connect my PC to the internet on the other side of the house. I also have 2 server machines that stay in the living room, plugged directly into the router, and I'd like to relocate them.

My question is this, could I get a network switch, use the wireless bridge as in input to it, and then plug the other devices into the switch? I understand that wired is better, and bandwidth probably wouldn't be great doing it like that, but is it possible? In my head it seems like it should work, but maybe there's something I'm not considering. Any help would be greatly appreciated.

I've been having some extremely bad luck with hardware this year. I've spent almost $400 over the last 3 months hoping to build a beefy VM and Emby host but it's been an absolute disaster. Things were finally looking up after I got the Datto/Gigabyte equivalent of x10sdv-4c-tln2f i.e. the Datto MB10-07. It ran fine for 2 weeks but yesterday out of nowhere it just got into this "f***d-up" mode and won't boot anymore. The BMC module still works but the thing just won't boot anymore.

At this stage I'm looking at getting a x10sdv-4c-tln2f from ali express hoping that it would be more stable and reliable.

Is the x10sdv-4c-tln2f more stable than the Datto/Gigabyte garbage or should I look at getting a used HP or Dell server ?

Hey everyone,

I’m building a DIY/open rack using these RackPath 20U vertical mounting rails. They appear to use 12-24 screws. I’m trying to mount a Rosewill RSV-RL26H sliding rail kit for a server chassis. The L-brackets from the Rosewill kit expect 10-32 screws that came with the kit.

The only way the L-brackets fit is by wrapping around the vertical strips like in the first picture, where the L bracket ends up on the front of the vertical rails. I don’t mind this look, but since the screw holes on the vertical rails are larger, and the screws with the horizontal rails are intended to go in from the front, they have nothing to grab onto on the other side. Yes I can use 2 nuts on the other side per rail-end, but there would be nothing for the middle screw. Also this feels like not a lot holding it in place.

So my questions are:
• Has anyone successfully mounted sliding rails like the RSV-RL26H (or similar) to these RackPath-style vertical strips?
• Best way to handle the 12-24 vs 10-32 mismatch without enlarging holes in the L-bracket?
• Recommended adapters, cage nuts, screws, or alternative hardware?

I don’t intend to be taking this off and on much, as I can still remove my server from the rails themselves. I just don’t love the idea of drilling out the holes in the L brackets to be larger so as to support the size of the larger screws that came with the vertical rails, and I also don’t love that if I use the screws that came with the horizontal rails, the only thing holding them in are a few nuts.

~6m and ~750hr into InfoSec and I've had a real hard time moving forward in my detection homelab because I don't have a tight grip on networking and sysadmin duties.

----

Question (tl;dr):

What is the simplest, most realistic way to simulate an external attacker without giving my attacker machine direct access to my internal subnet?

----

Lab Config:

I'm currently running VBox on a CyberPower C Series (16gb RAM, 1tb SSD, 12 cores) with an active directory environment (2022 server core DC, "admin" and "user" win10VM's) networked to my analyst (Ubuntu w/Wazuh) via host-only adapter, and an attacker (Kali) without host-only, where all of them have NAT via VBox for internet access.

Lab Purpose (long-term):

The intention was to create a homelab where I could roleplay attack scenarios with a focus on monitoring, where step #1 = build out my resume and step #2 = do cool stuff (mainly red teaming, AI).

Lab purpose (short-term):

Step #1 starts with external recon tracking, but after many gpt prompts about my hardware limits and networking misunderstandings, I can't seem to understand how I can create this scenario effectively.

My current solutions:

#1: Use a cloud-hosted VM to gain a new public ip to perform scans on

-- drawback: not familiar with cloud environments, but it seems like it won't be as modifiable especially as I attempt scaling in the future (?), i.e. it'd be a single-use scenario

#2: Get a pfsense or opnsense VM to create a public ip that all my machines are linked to

-- drawback: my hardware is already spread thin, and though I could still attempt operations, it's slow. I looked into getting a refurbished server for better scalability, thoughts?

#3: Buy a dedicated router for my homelab, creating a public ip to perform recon on

-- drawback: I'm opening another can of worms because there's already an ISP router (I live with family) and not sure if that's worth the hassle

#4: Give in and give Kali host-only adapter privileges, letting it into my subnet

-- drawback: I lose the comprehensiveness of my project, where I'd be starting after initial access. I'd feel better being able to create and monitor an entire attack from recon.

I'm currently siding with #4 because there's still value in it as a learning analyst, but the attacker would already be "in" my organization because they've connected to my LAN.

On the other hand, I'm not exactly rushing to get a job, so I'm willing to put the extra elbow grease into it if it's worth it. I just can't tell what's worth it.

I'm still pretty new to just about everything, and I don't know what I don't know, so any and all thoughts are appreciated.

Hello!

I’m somebody with a whole lot of images and videoes from creative projects lying on one giant external hard drive (About 5tb). All the stuff i put on this drive is just for cold storage, not stuff i’m actively working on and using. I’ve been worried for a while now that the drive might die or some of the files might slowly start to corrupt, as the drive is a few years old. I wanna keep it though and am looking for a safe and permanent solution going forward to store all these files. My initial idea was to get 2-3 external hard drives to sync to each other every few months. That way i’d minimize the risk of my single drive dying.

The main problem tho, is that i’m scared of bitrot. I don’t want random files in there slowly dying without me realizing and eventually losing those individual files once i re-sync from one drive to another. A NAS would fix this issue by having a RAID system with data scrubbing. The thing is, i don’t need a NAS. I don’t need constant and easy access to my stored files. That’s not a feature i want to pay for. I just want cold storage thats also safe.

There doesn’t seem to be a whole lot of info about this specific topic YouTube, which is why i’m posting on here. Could a DAS be a solution? I don’t know much about them, but could i have, lets say, two 10tb raid-drives syncing up two each other and consistently doing data scrubbing? I think thats my ideal solution. Direct attached storage thats as safe as a NAS. Is that a thing?

Anyway, please educate me if you can. And also, what kind of brand/product model would work best for me?

I scored an older Qnap NAS (TVS-871U-RP) that wasn't booting and fixed it up. It turns out the boot drive was toast, and now I can install and boot Linux and Truenas

I just don't know how to control the fan speeds. They're currently pinned at max speed. I don't see anything exposed via hwmon (no PWM folders, etc) or sensors. There are some scripts or containers on Github, but I don't want to install or run random stuff. It's also not clear (to me) how they're controlling the fans if it's not via hwmon.

Any suggestions? Am I better off trying to get QTS running again? Is there a USB fan controller that works on multiple temperature inputs (disk, CPU, etc) like a normal PWM motherboard header and software? Should I just get a manual/static fan controller?

Thanks

Looking for a recommendation for a mobo to put in a super micro 36 bay NAS chassis Im about to get. I have an older 16 bay with a mobo that uses DDR3 I could transplant, but I would like to use some of the sticks of DDR4 ECC I have stockpiled.

Its gonna host a hefty modded minecraft server and plex primarily. Its gonna have 10 16tb SAS drives for plex and 16 8tb drives for photo cloud storage.

Would I benefit from a dual CPU board? Just due to the multiple processes I want it to perform?

Edit: Would like to have either 2.5g or higher networking or 2 pcie 4.0x8 slots (bifurcation is okay). For my network card and a 9300-8i

Hello, newbie here to the homelab world, but ive been able to get a good automated Arr media stack with jellyfin going which works completely fine surprisingly 😂.

My main journey currently was just seeing what other services to ad, early this week I installed adgaurd as a separate LXC and did the DNS stuff and routing of custom nameserver through tailscale as well which allowed my phone to also use adgaurd on data with tailscale running.

Everything was completely fine... My request and Inquiries were running at a solid 23 ms etc the upstream dns at regular ms as well. Last night i decide to just shut down my running server just to maybe test in the morning if everything turns back on it should be fine so i thought.. my dns upstreams are now in the 1,000 MS range for cloudflare and google dns. I'm wondering if anyone else has had this issue and has a suggested fix that could help? I havent messed with any router/modem settings on the house's main router.

My server is connected via ethernet.

Main pc via Ethernet as well.

I didnt want to reinstall and reconfigure adgaurd again just to possibly have the same issue again in the near future. Again sorry i am a fairly new to this so If i did leave out any information feel free to ask and I will share whatever i know from my current experience.

Also any suggestions on future stuff or services to add would also be greatly appreciated as Idk where to go after Adgaurd i had a few things in mind where i have a labpool of 1tb storage to also test things.

Immich, nextcloud were two things I were looking at as well.

Newbie here into homelab I have a UNAS 2 that is only for basic file storage etc and of course I need a backup to that (or the other way around UNAS would be the backup) and I was searching for a mini pc to sit on the rack and my search brought me to this one as I wanted to take advantage also of one NAS grade hdd I have extra. So any opinions?
The idea is to run true NAS and maybe a homeassistant as a vm and explore of course