Personally will be trying to transform my server which is currently in a fractal R5 case, into a small-ish Homelab rack, combined with all my network equipment. Will require complete relocation of all network equipment in the house as well as cables so it will be a bit of a project. Also on the lookout for a good quality rack so let me know if you have any recs. Still unsure if u want to do full width rack or mini. Part of me really want the UDM Pro from Unifi…
What are your goals and thing you want to accomplish during 2025?
You must log in or # to comment.
Got a 3 year old kid with another on the way. I just need it to be reliable so the kid can watch Sesame Street and the lights keep working.
I want to move my whole server to NixOS. It’s gotten to the point where I have no idea where all the Ubuntu config files went, and handling half of it via Docker vs baremetal. I hope this will allow me to set up proper backups as well, and maybe get better at Nix! I started a few days ago using the VM feature, but it’s tricky to work on for now, perhaps I haven’t found the right workflow.
I went this route from the start and love it. In case you need some resources:
- VimJoyer is excellent: https://www.youtube.com/watch?v=a67Sv4Mbxmc
- Do secrets using SOPS: https://www.youtube.com/watch?v=G5f6GC7SnhU
- NixOS and Restic are an amazing combination, full backups in 20 lines of config. This article was my best find for this: https://francis.begyn.be/blog/nixos-restic-backups . Tip: you can easily write systemd services to trigger each software’s preferred backup strategy and simply schedule them to run before the Restic backup - I have them all copy the backups to one folder that then Restic backs up, works great for me!
Hope this helps a bit. I found the effort to be very worth it, but took me almost half a year to get comfortable with it.
Thank you! It definitely does, I will be using that Restic article for sure! I actually use NixOS on my main laptop, which I found via Vimjoyer’s videos. It’s great, though I wish documentation for more advanced usage was more readily available. I started making the server, currently my biggest roadblock is testing the infrastructure without going live (I made the flake generate a VM for now but it takes a long time to build it every edit and I can’t even get ssh working) and figuring out how I’ll eventually install it with minimal downtime.
On the topic of build times, it took me too long to learn that nixos-rebuild supports remote build workers and targets.
For example, if I am editing on my laptop, want to build on my desktop, and apply the build to my file server, then I’d run…
me@laptop$ nixos-rebuild test \ --flake ~/wherever-it-lives \ --build-host desktop \ --target-host file-server \ --use-remote-sudoThe host names should match the name of the nixosConfiguration output from your flake. If they don’t I think you can specify like,
--target-host .Remote sudo avoids having to SSH as root.
Bonus tip: Having Tailscale on every machine makes this work reliably from anywhere, network speed as the limit.
Is there a reason(s) you’re doing NixOS over something like ProxMox? A friend of mine has been moving his lab over to ProxMox containers so i was thinking to do the same thing, but curious about NixOS since I’ve seen a few people mention it. Thanks!
The entirety of Nix configuration is in somewhere between 1 and 3 files depending on how you like your poison.
It’s immutable, so stuff can’t just change on you.
Every change you make is stored into a new configuration and you can roll back to any configuration you’ve ever done with a reboot, so it’s kind of hard to brick it.
Apps can’t just go in and modify your users or your host table or any of the other configs so it’s got an extra layer of security. But then, the package system has more packages than God and is maintained by a million randos with very little oversight.
It has some substantially neat tricks. I moved from one box to another by just doing a fresh install, moving its three configuration files and letting syncthing rebuild my home directory from my other box.
I think, if I were going to use Nix as a home server, I just install all of the services directly on the OS. Updates and configurations for everything would be maintained by Nix itself.
No reason you can’t use NixOS in a VM on Proxmox.
My container host OS is another immutable, uCore, which I run in a VM on Proxmox.
Never said you couldn’t I was assuming OP was running VMs inside of Nix
Nix is great if your fine with the packages and configuration they provide. If you want other stuff or features not provided it is a giant pain in the ass and not worth it. And you’ll get oh just write a flake or just write a package file for it.
Tried it didn’t like it. To much work to get somethings working. Went back to docker.
Might get around to tidying this 20-year-old mess up a bit - tho I’m not sure where to start lol.
I am not a proud man.
I appreciate you posting your balls like this.
Fuck it it works. Lol
Start setting one up.
Have fun!
Same!
I think what I need to do correctly on my homelab this year, is setup off-site backups. I currently only backup to seperate drives and machines inside my own home. I need to setup something at my parents place to take weekly and monthly backups.
Other than that, my media server needs a bigger storage drive.
Hetzner storage box is super cheap and works with rclone. They have a web interface for configuring regular zfs snapshots too so you don’t have to worry about accidental deletions/ransomware.
True. I’d have to get the €11/month box for it though. It’s cheaper to set up one of my Raspberry Pi’s with an external drive I already have. I just need to figue out how it’s best to transfer and dedublicate the data. :)
Nope, you don’t need any VPS to use it, it comes with an SFTP interface.
https://www.hetzner.com/storage/storage-box/
offsite backup for $2/TB and no download fees, 1/3rd the price of B2.
Yeah. I would need the 5 TB one for my stuff, so that is the €11/month box.
Ah, ok I see.
Personally I’d recommend restic and backblaze b2 if I were you. Dedup and quick.
only need dedup if your data is duplicated
Which they expressly said they wanted in the comment I responded to…
I got no backups ao ur doing better than me. If 1 ssd dies there goes all my data.
Backups are key! Need to work on this myself too!
I snagged an old fiber LTO5 drive… just got to work out how to get it powered and then spend hours fiddling with silly old tapes.
I did this recently. Opendrive is free up to 5 gb and works with rclone. All I’m backing up is the config and data needed to recreate my containerized services. I’ve even had to recreate them from the backup, once.
Buying a 16 TB hard drive for… purposes.
You can say piracy here, it’s a safe space. Or, ya know, porn.
Learn how to design an implement effective segmentation for my network, get better with OPNsense, and get my private website up and running
I had a blast learning and configuring vlans for my smart switch and putting all the IOT devices on their own network.
Do you happen to remember what learning resources you used?
get around cgnat finally
Tailscale? 👉👈 🥺
That’s what I’m currently using and it doesn’t cut it, especially for streaming movies
Literally just finished configuring headscale on a free (pay as you go) oracle vps because I’m behind cgnat. Getting tailscale on pfsense to connect to a headscale server was a chore but finally got it.
I’m using tailscale now and yeah, their relay servers are very spotty. I do have an ampere free tier just sitting around that i was planning to use as a relay for an overlay network, but that’s all been in the planning phase all year.
To start - moving services from bare metal to rootless Podman containers running via quadlets. It’s something I have had in mind for a while but keep second guessing the distro choice. Long-ish release cadence, systemd-networkd and a recent Podman version in the native repos, well supported, and not Ubuntu.
So far openSUSE Leap seems like the winner. A testing machine is up to install everything, write some deployment scripts, and decide on a storage layout and partitioning scheme.
If anyone has another distro to recommend that checks these boxes let me know!
I like rolling release for the desktop, but only want critical patches in any given month for this server, and a major upgrade no more than every 3-4 years. Or an immutable server distro. But it doesn’t seem like networkd is an option for the ones I’ve looked at (Fedora CoreOS, openSUSE MicroOS), and I am not sure if I want to figure out Ignition/Combustion right now.
Next project - VLANs on Mikrotik.
OP - Navepoint makes good racks for reasonable money. I have a Pro series 9u from them and it went together without any problems. It’s on the wall with a pretty big ups in it.
Thanks for the recommendation!
If I hadn’t been using Unraid for my server I too think I’d be rocking OpenSuse, but probably MicroOS as you mentioned.
- don’t break stuff
- upgrade to microOS from Leap, without violating step 1
- reduce the physical footprint of my server (currently in a massive case, would like to go to mini-ITX)
My city is also planning to roll out fiber, so upgrading my network may become a priority if that happens. My current ISP is limited to 100mbps, but I should be able to get 10gbit once they hook me up (though I’ll probably stop well short of that).
Hardware perspective i need a nas. I got myself some piece of acer oem thats not too shit just need a case and some drives (i dont wanna just make stack of drives on top of the stack of old oems i call a homelab).
Am getting starlink installed cos shitty rural aussie internet is shit. So gonna have to do some fucking around to make that work.
Would like some local media reccommendation algorithm (can probs just write some code to dump jellyfin into openwebui and task an llm).
Gotta set up an image gen ai and hook that up to openwebui.
Gotta set up an email server to make authelia notifications not just dumped to a file.
Ohh and i got literaly no backups of anything (well except my docker composes that are on git).
Other than that we will see what i want.
- Deprecate the Raspberry Pi entry point for incoming traffic, move to NUC instead.
- Switch from PiHole to Adguard
- Move IoT equipment to separate VLAN
What are the reasons for the Pi Hole to Adguatd switch?
Adguard has a more polished UI and has a bunch of nicer features that Pi Hole doesn’t. The most important one for me being able to use it as a DNS remotely (eg: my phone) without a VPN.
Hopefully I can finally get the IPv6 stack fully working.
OPNsense works, Proxmox works, LXC works, Docker works but Docker Swarm does not.
Either I move away from Docker Swarm or a miracle happens and they finally fix their IPv6 support in 2025.
As a networking noob: what are the benefits to having/using an IPv6 stack? I realize that eventually we all have to move to IPv6, but any point in being early on it?
IPv6 is pretty much identical to IPv4 in terms of functionality.
The biggest difference is that there is no more need for NAT with IPv6 because of the sheer amount of IPv6 addresses available. Every device in an IPv6 network gets their own public IP.
For example: I get 1 public IPv4 address from my ISP but 4,722,366,482,869,645,213,696 IPv6 addresses. That’s a number I can’t even pronounce and it’s just for me.
There are a few advantages that this brings:
- Any client in the network can get a fresh IP every day to reduce tracking
- It is pretty much impossible to run a full network scan on this amount of IP addresses
- Every device can expose their own service on their own IP (For example: You can run multiple web servers on the same port without a reverse proxy or multiple people can host their own game server on the same port)
There are some more smaller changes that improve performance compared to IPv4, but it’s minimal.
The no NAT thing really messed with my brain and was probably the hardest thing to overcome for me.
Well this certainly has me intrigued!
I love havingipv6. Hard to learn and had roadblocks but now that it’s set up works fine.
Does it matter no but just nice to know I have it figured out.
Get a domain and set about moving over to HTTPS with Let’s encrypt and Nginx.
Learn to write an Nginx config. NPM just works so good though.
Fix my permission issues. I have my media zpool on 777 so all the LXCs work and I have to run Libation in a VM as root. I’ve been banging my head against this on and off for a while.
Figure out why paperless isn’t saving to the correct place. Also, figure out where Paperless is saving to.
Containerise Libation.
I give friends and family access to my server via a relay, just a raspberry pi 0 with Tailscale, pihole and nginx on it. I have reasons for going this route. Anyways, get a couple more of those into the wild. Also streamline the process somewhat.
Learn to and create an ACL config for tailscale so I can have services access nothing, users access services, and admins access everything.
Check out traefik as an alternative to nginx or npm
Why not caddy?
Momentum really. I’m on NPM now, it works and it’s great. I didn’t put much thought into it. I’m generally happy with npm, it’s mostly just something to learn next and plain nginx made sense.
Hardware-wise:
- Reorganize my networking closet and rack up my switches
- Replace my core switch with 10 gbit, connect up 10Gbit fiber to my laptop dock and one of my nodes still on copper
- Add 3 more nodes to my cluster with nvme storage so that I can start an erasure-coding pool in ceph.
Software wise, too many projects to count lol
