15 December 2024
A Homelab is a server or collection of servers that reside locally in your control where applications can be hosted for personal use. I started with a basic setup about two years ago but have stepped up my game over the last three weeks. The Homelab Chronicles is a series of posts where I’ll write about the evolutions my setup has gone through. In this first post, I’ll write about: my original setup, my network upgrade, the introduction of the Mac mini M4 to my setup, self-hosting an application with Docker, and the setup of a reverse proxy so I can access my services in a more sane fashion. This project has been the most fun I’ve had on computers since the 1990s when we got online for the first time and I spent all day making random websites.
In the age of the DVD, I collected vast amounts of them. I loved having access to so many more movies, but when streaming services were launched I gave up control for the convenience. This ended up working well while venture capital was flowing into the services but when they had to start accounting for financial realities, the services started to enshittify. The last straw for me was when services started to remove their content1.
Movies and TV shows were my primary concern. I had a decent collection of physical media so the goal was to be able to serve them through my local network and through the internet if I wanted. I settled on Plex after hearing so much about it on my various podcasts I listen to. The problem is that I use laptops as my primary computing device. I couldn’t install the Plex server on it and have it online reliably. The other concern was storage. Building up a large collection of movies and TV shows can take up considerable space.
I ended up buying a NAS. I purchased the Synology DS920+ with four-16 TB Seagate IronWolf Pro NAS drives. I went with Synology because it had the drives connected to my network as well as its ability to run various services. Over the ~two years it was my primary Homelab, I ran only two services on the Synology:
I had an Eero network. My primary computer was wired through ethernet. The NAS was also setup through ethernet. I didn’t know what I was doing at the time, so I’d argue I didn’t do a very good job if you saw the pile of cables in my basement. It was servicable though. Internally, everything was running well. The downside is when I started to allow friends and family access to the Plex server. My internet is ok, 1 GiB down and 40 MiB up. I’d get complaints that the video files wouldn’t stream well. I tried to explain that if they try to stream a 4K file, my internet couldn’t keep up so Plex would need to re-encode the video. The Synology was underpowered so it would take forever. This went on my list of things to improve in the future.
At the tail-end of 2023, I started a project to renovate my home office. It involved painting, new flooring, new furniture, and of course a new network. Like most house projects, it took me a very long time. I didn’t complete the project until November 2024. The first step was replacing the Eero network. I decided to go down the Ubiquiti rabbit hole. I purchased a gateway, some smaller switches, and a Wifi access point. Over Thanksgiving break, I took my network offline and ran some additional ethernet cables. I bought 1000 feet and learned to crimp it myself. I re-dropped the cables from my primary desk and living room, and then dropped new cables for the Wifi access point and a second desk in my office.
As of writing this setup is working well. It currently only supports 1 GB, but in January I’ll be adding new equipment and upgrading several of my devices to support 2.5 GB.
At the same time, the new Mac mini M4 arrived…
I had wanted to get an actual computer to run my applications for a while. The idea was that if I chose to run Plex, it would still source the data from the NAS but the application itself would run on the computer rather than the NAS. If it had to reencode the video it could. I settled on the new Mac mini M4 because it was tiny as hell and the base model at $600 was a steal! I did choose to upgrade the ethernet to 10 GB, so in the future I could take advantage of 2.5 GB and eventually get to the full 10 GB ethernet. Before doing that though, I needed to get experience hosting applications.
Docker was daunting to me. My primary issue was that I couldn’t conceptualize it when trying to containerize my own Python scripts in the past. It turns out I had nothing to worry about. I chose to install Pihole, a local DNS that can block requests to advertising or trackers. Pulling the Docker image from DockerHub was so simple. It was just this:
docker run -d \
--name pihole \
--net=host \
-e TZ="America/Chicago" \
-v ~/pihole/etc-pihole:/etc/pihole \
-v ~/pihole/etc-dnsmasq.d:/etc/dnsmasq.d \
-e WEBPASSWORD="yourpassword" \
--restart=unless-stopped \
pihole/pihole:latest
I was primarily concerned with how starting and stopping would work because you literally delete the container and re-create it. If you look at the docker run command, the -v are volumes where the folders on my local machine are mounted within the container. As the container writes data into those directories, they are saved on the local machine. With the Docker app set to launch on startup, the restart=unless-stopped will ensure that it comes back.
Then I could go to my local IP address and add /admin to the URL to access the admin console.
I chose to set the DNS on my Unifi network to use the Mac mini as the DNS server. Things went alright. At least until they didn’t, but that will be a tale of Chapter 2.
At this point, I had several services running on the Synology and the Mac mini. I had bookmarked the web addresses but it was difficult. I had URLs like:
This was less than ideal because I was referencing the local IP address. I could access them with my Tailscale network, but then I’d have to reference the Tailscale IP address. However, modern browsers really like sites that are served by SSL.
Enter a reverse proxy. It’s a server that then routes traffic to the right service. I purchased a domain name from my registrar, Hover. I setup several subdomains and put the A record to my local IP address. Then I needed a server. During research I found I could nginx and caddy. I had experience with nginx as that is what the server that runs this website uses. However, I settled on caddy because it was much simpler and automatically would handle the SSL certificates without having to use something like certbot with nginx. Again, I was able to host caddy through Docker. All it needed was a Caddyfile that would look something like this:
syncthing.mysecretdomain.com {
reverse_proxy 192.168.1.2:8384
}
pihole.mysecretdomain.com {
reverse_proxy 192.168.1.1
}
On the network, I needed to ensure my hardware had a static local IP address. Caddy also needed port forwarding so that only port 80 (HTTP) and 443 (HTTPS) are open and forwarded to the server running Caddy.
I was shocked when everything just worked.
My first setup worked well, but there were several things that needed buttoning up:
Do a search of your favorite streaming service with keywords like removing or pullling. This article: HBO Max Is Still Taking Stuff Down Without Warning from Vulture is what set me down this path. ↩