Linux

There’s a lot of potential apps to host in a homelab. I’ve started investigating which ones to deploy first! Also some info on getting Ceph and Proxmox up and running at home. I was hitting all kind of ceph “OSD” delays when working on things in my Proxmox cluster. Stumbled upon this gem pointing out that the Proxmox kernel has old Solarflare drivers that may affect Ceph performance. No delays since! With the storage working, I decided to start bind mounting my CephFS mounts in Proxmox LXC containers. Some useful dotfile for setting up a fresh Linux install. Askbot is an open source take of StackOverflow that you can host at home. Polr is a neat looking link shortener. Cachet is an open source status page you can self-host. Plex added support for Tidal, an interesting merging of home and cloud media streaming. Ceph has “S3” support via their RadosGW. Next Ceph project will be to configure that, and see how performance works with “Goofys” as a file-system on S3. Hashicorp Vault is on my to-do list, came across some videos from Hashiconf. Some performance testing of different Kubernetes plugins running on hosts with 10G network interfaces.

I didn’t get a ton of work done in the lab this week, but I did write about using subelements with Ansible. Also spent some time working with Graylog and Hashcorp Vault earlier in the week. Vault looks like it will be a bigger project, but the structure is really interesting. An interesting look at how devops has changed companies over the last few years. A lot of sections highlight how general awareness of tech needs and processes is better. I use ssh-copy-id pretty often, however it’s really really useful to know how to manually setup authorized_keys on a remote hosts. Remember: “mkdir .ssh” && “chmod 700 .ssh” && “chmod 600 .ssh/authorized_keys” This many-to-many VPN looks pretty slick and is coming to the kernel soon! I use quite a few different cloud vps services and it would be awesome to have a secure way for them to talk to each other. Someone posted this list of “selfhosted” apps on the Homelab reddit. There’s so many things on there I’d love to add to my lab! I’ve resigned that NFS is always going to be slow, but these changes highlighted by Phoronix indicate a performance boost in the future. Ansible Vault is a great built in way to manage secrets, these tools add some really nice integrations with Git that make it a ton easier to use. Time synchronization is pretty important for most apps. While standard NTP is great, I really like Chrony and use it in my lab. This is a Chrony setup guide that showed up in my feeds. Setting up a VPN to access your Homelab can be a complex process and takes a while to get right. I’ve found that using an SSH SOCKS proxy is a great way to access things while you’re away until you have the time for building a full VPN server. Security Onion, the all-in-one security solutions for monitoring network traffic is migrating from Ubuntu to docker containers. They released a tech preview and explains some of the process of migrating recently. I have a couple Ansible roles to clean up so I can put them on Galaxy this week. Enjoy your week!