[{"content":"Some things about me This is my first self hosted site where I hope to show some of the services running in my homelab.\nAlthough tinkering with VMs, Docker, LXC containers etc is a hobby of mine for the last couple of years, documentation has never been!\nHope to change that here.\n","permalink":"https://thanosmaris.gr/posts/about/","summary":"\u003ch1 id=\"some-things-about-me\"\u003eSome things about me\u003c/h1\u003e\n\u003cp\u003eThis is my first self hosted site where I hope to show some of the services running in my homelab.\u003c/p\u003e\n\u003cp\u003eAlthough tinkering with VMs, Docker, LXC containers etc is a hobby of mine for the last couple of years, documentation has never been!\u003c/p\u003e\n\u003cp\u003eHope to change that here.\u003c/p\u003e","title":"About"},{"content":"Proxmox Cluster as my Homelab A lot have happened in the last year.\nThe first rule I\u0026rsquo;ve discovered is when you think you\u0026rsquo;ve got everything up and running as you want it, you\u0026rsquo;re wrong! There is always room for improvements and a path to learning new things.\nAs I\u0026rsquo;ve been getting myself familiarized with Proxmox and my storage needs increased, I\u0026rsquo;ve decided to ditch my Asrock X300 -and turn it into a HTPC with Debian 12- and buy and new mini PC into its place. The R1 Pro NAS\nn100 CPU, 16GBs RAM with 2 slots for HDDs I also bought 2 14TB HDDs which I mirrored in a ZFS pool inside Proxmox.\nSince the minimum requirements for a Proxmox cluster are 3 nodes as it needs to maintain quorum at all times I\u0026rsquo;ve also bought a Raspberry Pi4 to act as Corosync Quorum Device (QDevice). Which is a lot of words to say, it gets to vote on the cluster.\nSo, if a node goes down for whatever reason, it doesn\u0026rsquo;t take the other node also with it. I followed this guide to set it up.\npvecm status command\nTo be continued\n","permalink":"https://thanosmaris.gr/posts/proxmox-cluster-as-my-homelab/","summary":"\u003ch1 id=\"proxmox-cluster-as-my-homelab\"\u003eProxmox Cluster as my Homelab\u003c/h1\u003e\n\u003cp\u003e\u003cimg alt=\"Proxmox Cluster\" loading=\"lazy\" src=\"https://thanosmaris.gr/content/images/size/w960/2025/02/proxmoxcluster.png\"\u003e\u003c/p\u003e\n\u003cp\u003eA lot have happened in the last year.\u003c/p\u003e\n\u003cp\u003eThe first rule I\u0026rsquo;ve discovered is when you think you\u0026rsquo;ve got everything up and running as you want it, you\u0026rsquo;re wrong! There is always room for improvements and a path to learning new things.\u003c/p\u003e\n\u003cp\u003eAs I\u0026rsquo;ve been getting myself familiarized with Proxmox and my storage needs increased, I\u0026rsquo;ve decided to ditch my Asrock X300 -and turn it into a HTPC with Debian 12- and buy and new mini PC into its place. The \u003ca href=\"https://blog.briancmoses.com/2024/01/topton-2-bay-nas-r1-pro-review.html\"\u003eR1 Pro NAS\u003c/a\u003e\u003c/p\u003e","title":"Proxmox Cluster as my Homelab"},{"content":"Monitoring Services Slowly but surely you become addicted to your services and from time to time, things can and will break, an update can go wrong, power outage in the middle of the night shuts down your PCs etc.\nWe are all used to things more or less working when we go to google or youtube and not having any downtime but in a simple setup like mine where no redundancy is in place things will stop working.\nSo the question quickly became, how do I monitor if my services are running correctly?\nI mean I don\u0026rsquo;t want to open Plex on my TV for my 5year old to watch his favorite movie and the server is down. Any fathers out there with little boys will understand me and the complete lack of patience involved in this scenario.\nThe solution to my monitoring problem was Uptime Kuma!\nFor the most part I set up simple pings. If the pinged device or service doesn\u0026rsquo;t answer back let\u0026rsquo;s say for a minute then I get a notification on Telegram!\nSetting up the bot in order to get notification on my phone from Telegram was straight forward and almost all inside Uptime Kuma.\nThat means if a device or a service stops responding I instantly get a Telegram message with that info wherever I am as long as I have internet.\nLast problem I had to solve was the following:\nIf my entire server is down that means all services - including Uptime Kuma - are down so I can\u0026rsquo;t get notified.\nFortunately I stumbled upon https://healthchecks.io/\nSetting it up in Uptime was pretty easy and free:\nThe way this works is simple, really. Healthchecks.io expects a ping every minute from my server. If it doesn\u0026rsquo;t get one it waits 5 more minutes for a ping. If that also is not successful it sends an email and also a Telegram notification.\nThis has helped a lot to identify any problems and solve them immediately.\nOf course all the services I\u0026rsquo;m running are not critical in any way but it\u0026rsquo;s a good feeling knowing everything are running as they should without me having to actively check that.\nhealthchecks.io - most months are ~1hr downtime usually due to maintenance from me\n","permalink":"https://thanosmaris.gr/posts/monitoring-services/","summary":"\u003ch1 id=\"monitoring-services\"\u003eMonitoring Services\u003c/h1\u003e\n\u003cp\u003eSlowly but surely you become addicted to your services and from time to time, things can and will break, an update can go wrong, power outage in the middle of the night shuts down your PCs etc.\u003c/p\u003e\n\u003cp\u003eWe are all used to things more or less working when we go to google or youtube and not having any downtime but in a simple setup like mine where no redundancy is in place things will stop working.\u003c/p\u003e","title":"Monitoring Services"},{"content":"Pi-hole and NGINX Reverse Proxy I love my Pi-hole instance. From network wide adblocking, to local DNS records is one those very few softwares that I cannot think how things worked before it.\nUsed to run it on 1st gen RaspberryPi with a 4GB SD card but now is part of my Proxmox server as a container.\nMy routers DNS settings point to the IP address of my Pi-hole, so every request from my network devices has to go through it.\nAdding adlists to it means that every time a device tries to load an ad or a known malicious site it will be blocked. You also get to see in real time your DNS queries, which device is making those queries, % of blocked queries etc. Everything just works! But, even if the do not work as desired, e.g. my wife kept wondering why clicking on the 1st result on Google didn\u0026rsquo;t work, that is easily solved as you can whitelist certain domains.\nAnother cool thing you can do with Pi-hole is local DNS records. Pair that with NGINX and you get custom domains instead of IP addresses!\nI have a Shelly Plug to monitor energy on my homelab. Instead of typing the devices IP address - 192.168.2.58 - to access it through my browser I can point that IP address to plug.local on Pi-hole. So, no need to remember IPs to access your services.\nBut if your service is running on a specific port, there you will need NGINX proxy manager!\nLet\u0026rsquo;s say I want to access my Home Assistant which is running in http://192.168.2.61:8123/. I can\u0026rsquo;t point Pi-hole from home.thanos to an IP with a specific port (8123 in this case). Instead, I point it to NGINX IP address - 192.168.2.76 - and from there it gets the port number.\nThe end result is really worth it, as I don\u0026rsquo;t have to remember all my IP addresses or constantly visit my Homarr instance.\nJust type thanos.local from any device connected to my network and voila!\nInternet usage really becomes unusable without Pi-hole. So much so that I find myself constantly connecting to my wireguard VPN or Tailscale when I\u0026rsquo;m away from home!\n","permalink":"https://thanosmaris.gr/posts/pi-hole-and-nginx-reverse-proxy/","summary":"\u003ch1 id=\"pi-hole-and-nginx-reverse-proxy\"\u003ePi-hole and NGINX Reverse Proxy\u003c/h1\u003e\n\u003cp\u003e\u003cimg alt=\"Pi-hole\" loading=\"lazy\" src=\"/images/imported/image-3.png\"\u003e\u003c/p\u003e\n\u003cp\u003eI love my Pi-hole instance. From network wide adblocking, to local DNS records is one those very few softwares that I cannot think how things worked before it.\u003c/p\u003e\n\u003cp\u003eUsed to run it on 1st gen RaspberryPi with a 4GB SD card but now is part of my Proxmox server as a container.\u003c/p\u003e\n\u003cp\u003eMy routers DNS settings point to the IP address of my Pi-hole, so every request from my network devices has to go through it.\u003c/p\u003e","title":"Pi-hole and NGINX Reverse Proxy"},{"content":"VPN to your homelab Tailscale easiest VPN to set up\nSince I had little to no knowledge on how to access my home network and opening ports on my router was a big no-no from a security perspective, googling around I found Tailscale!\nBeing a complete novice, that was the best solution! Really easy to install and even easier to configure with apps for every platform (yes, even Windows!).\nSetting it up on my Proxmox server was just as easy thanks to their great documentations explaining installation and how to set up an exit node and advertise routes on Linux so you can access your home network outside of it even if you are behind CG-NAT!\nFrom the client end, just download the app if you\u0026rsquo;re on your phone, log in to your free account and you\u0026rsquo;re connected!\nOnly big downside was speed when being behind CG-NAT which is the case on my mobile carrier - Vodafone Greece. Also the android app tends to consume a lot of battery even in idle so I turned my Tailscale VPN on only when I wanted to access something on my home network.\nThose two drawbacks led me to figure out Wireguard (which Tailscale is also based on)!\nWireguard I managed to get Wireguard working on Portainer using this template\nThings aren\u0026rsquo;t as easy as Tailscale, but even me being an idiot got it running.\nI had to open the required port for Wireguard - UDP protocol - on my router: Register with a free account on duckdns.org a subdomain: Deploy a docker container in Portainer in order to automatically keep my IP address updated on duckdns.org so I don\u0026rsquo;t have to manually input it every time it changes Deploy the Wireguard container on Portainer filling the port I opened and as WG_HOST the duckdns subdomained I created Profit! ✌️ And that is pretty much it. From the web UI of the new container I can add clients and generate the necessary QR codes without having to dive deep in the Wireguard protocol.\nOn the client side of things, I just downloaded the android Wireguard app, scanned the QR code on my screen and got connected!\nThe 2 major drawbacks of Tailscale now gone. I get my full upload speeds even behind CG-NAT and no more battery drainage on my Pixel.\nAlthough now I rarely use Tailscale I still keep both of my VPNs for redudancy. Each is running in separate machines so if one goes down, I have the other one as a backup for remote access.\n","permalink":"https://thanosmaris.gr/posts/vpn-to-your-homelab/","summary":"\u003ch1 id=\"vpn-to-your-homelab\"\u003eVPN to your homelab\u003c/h1\u003e\n\u003ch2 id=\"tailscale\"\u003eTailscale\u003c/h2\u003e\n\u003cp\u003eeasiest VPN to set up\u003c/p\u003e\n\u003cp\u003eSince I had little to no knowledge on how to access my home network and opening ports on my router was a big no-no from a security perspective, googling around I found Tailscale!\u003c/p\u003e\n\u003cp\u003eBeing a complete novice, that was the best solution! Really easy to install and even easier to configure with apps for every platform (yes, even Windows!).\u003c/p\u003e\n\u003cp\u003eSetting it up on my Proxmox server was just as easy thanks to their great \u003ca href=\"https://tailscale.com/kb/1019/subnets\"\u003edocumentations\u003c/a\u003e explaining installation and how to set up an exit node and advertise routes on Linux so you can access your home network outside of it even if you are behind CG-NAT!\u003c/p\u003e","title":"VPN to your homelab"},{"content":"Home Lab Overview Current Setup Update 31/1/2025\nAll of this are pretty much obsolete as I\u0026rsquo;ve moved everything to a 2 node proxmox cluster with raspberry pi 4 for quorum.\nI\u0026rsquo;ve also migrated a lot of services from Docker to LXC containers for easier backups and high availability.\nWill update the post as soon as I can with all the infos!\nBelow is a screenshot of my current services running. I\u0026rsquo;ve left a few of them out since I\u0026rsquo;m constantly trying new things.\nThat\u0026rsquo;s the overview of the software side of things.\nNow for the hardware side of it\nModem and router are not really interesting and won\u0026rsquo;t get into them a lot. My modem is the standard issued from my provider, since I have to use it, and the router bridged to it just covers my home needs without a problem. The 2 mini PCs currently running are:\nHP G3 Elitedesk AMD PRO A6-8500B R5 - 2 core 2 thread CPU with a base clock of 1.6Ghz and a boost of 3Ghz 8GB of DDR4 RAM 256 GB nvme for Proxmox 1 TB SSD as an SMB share\nNot a powerhouse. But more than capable running Proxmox VE with multiple containers and a Home Assistant VM without breaking a sweat, all while sipping power at \u0026lt;10W.\nASRock X300 Deskmini AMD Ryzen 3200G - 4 cores 4 threads with a max boost of 4Ghz 32GB DDR4 RAM 4TB total storage - 1 nvme and 2 SSDs - with a spare nvme slot for future upgrades I\u0026rsquo;m pretty happy with the performance and stability (yes, even on Windows) with the system again drawing \u0026lt;15W at idle\nOverall a great platform and a great mini pc.\nThe beginning A little bit of history on how I got here\nSomewhere around December 2021 I stumbled upon Home Assistant wanting to take control of my smart home devices which were from different companies, all with a different app making things more complicated than it needed to be.\nSince Home Assistant runs as an OS, I tried it on my Windows machine through VirtualBox. That was the first rabbit hole. I also had an old Raspberry Pi Model B, which I had bought in 2012 and not used in a decade or so. I installed DietPi in it and ran PiHole for network-wide adblocking and DNS which in turn taught me a lot about networking in general.\n1C/700mhz CPU, 512mb RAM and a 4GB SD card was more than enough for pihole\nNext came Docker, which I had never heard before. Got it running on the same machine with WSL and installed Portainer to manage containers.\nThen came Reddit and r/selfhosted. After that Awesome-Selfhosted\nPlex, VPN solutions, monitoring etc. all soon followed\nNow I get to watch and share my movies with friends and family, listen to my audiobooks and podcasts, block intrusive ads, run my smart home devices locally and other cool stuff like even self hosting this webpage!\nAs I add more articles documenting the services I\u0026rsquo;m running I\u0026rsquo;ll update this page also.\n","permalink":"https://thanosmaris.gr/posts/home-lab-overview/","summary":"\u003ch1 id=\"home-lab-overview\"\u003eHome Lab Overview\u003c/h1\u003e\n\u003ch2 id=\"current-setup\"\u003eCurrent Setup\u003c/h2\u003e\n\u003cp\u003eUpdate 31/1/2025\u003c/p\u003e\n\u003cp\u003eAll of this are pretty much obsolete as I\u0026rsquo;ve moved everything to a 2 node proxmox cluster with raspberry pi 4 for quorum.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Proxmox Cluster\" loading=\"lazy\" src=\"https://thanosmaris.gr/content/images/size/w1000/2025/01/image-8.png\"\u003e\u003c/p\u003e\n\u003cp\u003eI\u0026rsquo;ve also migrated a lot of services from Docker to LXC containers for easier backups and high availability.\u003c/p\u003e\n\u003cp\u003eWill update the post as soon as I can with all the infos!\u003c/p\u003e\n\u003cp\u003eBelow is a screenshot of my current services running. I\u0026rsquo;ve left a few of them out since I\u0026rsquo;m constantly trying new things.\u003c/p\u003e","title":"Home Lab Overview"}]