A look at my homelab at the end of 2022.
Apologies for the lack of update on my homelab in the past… 2.5 years! There has been a lot that went on to both my homelab as well as my life. For one thing, I moved. I have also added a lot of new equipment and improved my homelab in a lot of ways. In this post I’ll give an overview of the current state of my homelab and briefly talk about some notable changes.
Although I’m still using the same 2 laptops as my computing units, the rest look quite different than in 2020.
Some major changes in networking and hardware:
DNS Protection: Cloudflare Free cache and DDoS protection
- Cloudflare offers free DNS management that includes DNS caching and DDoS protection, allowing my server’s IP to stay hidden.
Reverse Proxy: Using Caddy2 is a breeze
- I tried using Traefik before but I just couldn’t wrap my head around it. I particularly dislike mixing reverse proxy settings with the docker compose settings.
- I later tried using Caddy2 and had a terrific experience. To be fair, Traefik today looks a lot more different than before so my experience are likely irrelevant now.
Firewall: Repurposed my old HTPC (the big silver SilverStone PC case in the photo) into a pfSense box
- The HTPC has a 2nd gen Intel i5 with 8GB DDR3 so it isn’t good for much. But after getting a cheap 4 port NIC and installing a 80GB PATA HDD from an old laptop, it makes a pretty sweet pfSense box. This is actually a bit of an overkill both in terms of compute power and space (look at how small they could be) but I try to make the most out of it as you can see below.
Routers: Got 2 Asus routers (RT-AX86U and RT-AX88U) running Asuswrt-Merlin
- I was running old routers of different brands that form a crappy mesh and doesn’t support seamless hand-off. With Asus routers, their AiMesh allows me to add any Asus routers to a mesh and not just the “mesh routers” which usually has 1 LAN ports or 4 in rare circumstances, unlike “traditional routers”. My RT-AX88U has 8 LAN ports and RT-AX86U has 4, thus eliminating the need to get separate switches.
Routers: Use my Linksys EA7500 to serve Guest WIFI and Camera WIFI running OpenWrt
- Although Asuswrt-Merlin is great, one of its biggest drawback is its guest WIFI has a major flaw. Joining a guest WIFI usually means you cannot access devices connected to the main WIFI. However, this is NOT the case for Asuswrt-Merlin thus rendering the guest WIFI feature basically useless! Besides, I need something that support VLAN which Asuswrt-Merlin doesn’t (but pfSense does!)
- Upon discovering OpenWrt have gone through a major overhaul since the last time I looked at it, I installed it on my Linksys EA7500 and it has been smooth.
- It serves 2 WIFI:
- a guest/IOT WIFI that doesn’t allow access to Main WIFI
- a camera WIFI that doesn’t allow access to Main WIFI, Guest WIFI, or the internet, but just to my NVR on the IdeaPad
DNS Adblocker: Replaced Adguard Home running on a RPi0 with pfBlockerNG
- This was done mainly in the interest of reducing the number of devices. pfBlockerNG is a pfSense package that can be easily installed in pfSense. It is basically functionally identical to Adguard Home and Pi-hole (which I used to run before switching over to Adguard Home). I still recommend Adguard Home over other solutions due to its ease of install and slick UI.
Inbound VPN: Replaced WireGuard with Tailscale
- I was getting sick of administrating the WireGuard service installed on my ThinkPad and client devices. Tailscale (one of many apps that uses WireGuard for its backend) and its voodoo magic came to the rescue.
Outbound VPN: NordVPN with WireGuard in pfSense
- While running NordVPN with OpenVPN on my D-Link DIR-882 router, my internet speed was abysmal as the router just couldn’t handle the traffic. This improved a lot when I set it up on my pfSense box since it is way more powerful than the router.
- But the real hero was when I switched from OpenVPN to WireGuard. Internet speed can reach close to gigabit (my internet connection’s limit) while the CPU usage hardly budged.
NAS: Replaced JBOD of USB-HDDs with Synology DS1621+
- I installed 6 x WD Ultrastar DC HC330 10TB drives running on Synology Hybrid Raid (SHR) using 2-drive fault tolerance. This means it allows up to 2 drives to die simultaneously without any loss of data. This NAS gives me a whooping 40TB of useable storage.
- Repurposed the USB-HDDs for NAS backups and also use a cloud backup service.
Looking at the list of changes above, the last 2 years have definitely been a big leap in my homelab setup. Many major components have received an upgrade of sorts. The great thing about homelab is, I’ve also gained a few upgrades during the process. Troubleshooting networking problems used to take me hours and days, and is the most painful experience that I always dread. Now, I can usually find the problem in tens of minutes, though it still feels painful, just slightly less.
(Title image of this post was generated on Stable Diffusion 2.1 with prompt “home server”)