tofuwabohu

Almost forgot before going to bed but I feel bi-weekly is a good rhythm for this.

Let us know what you set up lately, what kind of problems you currently think about or are running into, what new device you added to your homelab or what interesting service or article you found.

It's Sunday somewhere already so why wait?

Let us know what you set up lately, what kind of problems you currently think about or are running into, what new device you added to your homelab or what interesting service or article you found.

I'll post my ongoing things later/tomorrow but I didn't want to forget the post again.

I'm currently planning to build a low power nas for my upcoming minirack (10").

It's going to store daily proxmox vm disk snapshots, some image files and some backups from my laptop, all via NFS. Plus some more in the future, but generally, it's going to idle 95% of the day. Not decided on the OS yet, probably TrueNAS Core or OMV.

I already have an Olmaster 5,25" JBOD in which I'll put 3 x 2,5" 2TB SSD via SATA. The JBOD needs a single Molex connector for powering all SSDs. So I need at least 3 SATA + Boot.

Some recherche led me to this post and I tend towards a similar build with a J4105-ITX (cheaper, probably little less power consumption, enough CPU ofr NAS).

These officially are limited to 8GB RAM but seem to work fine with more if you don't update your BIOS which is not optimal but acceptable if everything else works fine. I'd like 16G for efficient ZFS but I guess even 8 are fine if it's not doing much else (2GB base + almost 1 for each TB storage + OS), just don't tell TrueNAS forum users.

While I don't plan 10G ethernet now, the PCIe slot should leave that possibility open.

I read good things about PicoPSUs, but that depends on which case I get as they usually already got some PSU.

The case question remains open - I tend to get something like the LC-1350MI-V2 as it's cheap, contains a 72W PSU and fits into the 10" rack nicely. In that case, I would need to go out of the case with the SATA cables and rack the JBOD on it's own - which is fine since there's pritable files for exactly that. Other possibility would be to get a case with bays for the 2,5" (seems unnecessary since I already have the JBOD and don't want to add more requirements to the PSU) or get a case with a 5,25" bay (rare in cases this size).

I'm mostly asking for advice regarding the case/PSU thing but nothing is set in stone other than the SSD/JBOD combo. I'd like to keep the rest < 150€ and prefer used hardware, at least for the case. I'd be glad for your thoughts and ideas!

I thought of a weekly thread to post about what you set up lately, what kind of problems you currently think about or are running into, what new device you added to your homelab or what interesting service or article you read.

So I decided to just try it. Maybe we find a format that works! It doesn't have to be me, feel free to create this post on Sunday if it's not up already.

I want to establish a second LAN at home. It's supposed to host different services on different infrastructure (vms, k8s, docker) and mostly serving as a lab.

I want to separate this from the default ISP router LAN (192.68.x.0/24).

I have a machine with 2 NIC (eno1 plugged in at ISP router and eno2), both with corresponding bridges and proxmox. I already set up the eno2 bridge with a 10.x.x.x IP and installed a opnsense vm that has eno1 as the WAN interface in the 192 network and eno2 as the LAN interface as 10. network with dhcp server.

I connected a laptop (no wifi) to eno2, got a dhcp lease and can connect the opnsense interface, machines in the 192 network and the internet, same for a vm on the eno2 bridge, so that part is working. There's a pihole in the 192 network that I successfuly set as the dns server in opnsense.

Here's what I am trying to achieve and where I'm not sure about how to properly do it:

• Block access from the 10 network to 192 network except for specific devices - I guess that's simply firewall rules
• Make services (by port) in the 10 network accessible to the internet. I currently have a reverse proxy vm in the 192 network which got 80 and 443 forwarded by the ISP router. Do I need to add a second nic to the vm or can I route some services through the firewall? I want to firewall that vm down so it can't open outgoing connections except for specific ports on specific hosts.
• Make devices in the 10 network available for devices in the 192 network - here I'm not quite sure. Do I need to a static route?
• Eventually I want to move all non-enduser devices to the new LAN so I can experiment without harming the family network but I want to make sure I understand it properly before doing that

I'd be glad for any hints on this, I'm a bit confused with the nomenclature here. If you have other ideas on how to approach this, I'm open for that too.