pfSense + Cloudflare DDNS
If you do not have a fixed IP, you will need a DDNS.
Sometimes you need a small desktop on the cluster to do stuff. Alpine is a pure Linux OS, it's tiny. Adding a desktop, and it's there, a lightweight, minimalistic and customizable Linux experience in a VM. It uses OpenRC, not systemd. Alpine Linux is widely used
News
Happy New Year, 2025.
News
I wish you all happy holidays and a fantastic new year 2025 🎄🎁
IaC
I will outline the process necessary to set up and utilize Terraform, from HashiCorp, within Proxmox, and also how I spin up VPS instances. And a quick word about what is Ansible's role.
News
Polar Night starts
Sometimes you need to move – to bigger or smaller premises. After all the children moved out, our residence has become excessively large for the two of us. But the network speed for our sites started to be on the edge.
A Quick article on Infrastructure as Code. Infrastructure as Code (IaC) is the process of managing and provisioning computer data center resources through machine-readable definition files.
Proxmox
Our Proxmox lab shall be hidden away from the wife and kids. How to use Software Defined Networking SDN, VXLAN, OPNsense and a VM to run our Lab hided away from the family. Create a personal space for testing stuff. Use Pi-hole as an alternative to other DNS.
It's a harsh environment for any server out there. A fresh installation of the popular Ubuntu Server 22.04 gets a security rating of 63, far from 100. That is why the survival rate is low among home servers.
How to Install and Configure the Proxmox Virtual Environment (PVE).
Security is very important, especially for home labs, we don't have the 24/7 IT-Security Staff to handle things. Several large attacks have recently been utilizing stolen credentials from home users. Yes, home labs are low-hanging fruit for hackers and especially wannabees.
How-to configure networking on a Proxmox host. Using VLAN for segregation, bonding for fault tolerance and some other advanced things.
As SSH is our mostly used tool, we need to make it safe.
LVM is quite complicated and need much knowledge to administer. This is just a quick glimpse into that.
An SSL certificate displays important information for verifying the owner of a website and encrypting web traffic with SSL/TLS, including the public key, the issuer of the certificate, and the associated subdomains. HTTPS relies on certs.
We do not want to use root for everything, actually we can't allow it. We need admin groups and administration accounts. Furthermore, we need to segregate and use other users and groups with lesser privileges on our cluster and servers.
It's common practice to harden any server beyond the typical 60-70% state they are at end of installation. Fail2ban is one of the tools. As all a home lab is a prime target, we need to take extra steps to secure the servers we have, exposed and not exposed ones alike.
Sometimes we need to remove nodes from our Proxmox cluster. It's easy, but doing it wrong it will be hard. Some servers get tiered or outdated, and we want to install a new one, or we need that machine in another cluster.
Running a Kubernetes cluster using Talos on Proxmox. Small, efficient and safe by design. Adding my new favorite to my cluster to replace my K8s and K3s clusters. I will still keep the K0s cluster I have.
Create a Kubernetes cluster to run in local docker/podman using Talos Linux. This is a quick way of testing tings before going for a full production install.
Talos is a unique Linux for distributed systems, designed for Kubernetes. Designed to be as minimal as possible while still maintaining practicality. It's built to run distributed and is immutable and minimal. In having less, Talos offers more: Security, Efficiency, Resiliency, Consistency.