At the start of this year I decided to embrace the challenge of building my own home server and going deep into the self-hosted world. I’ve always been interested in open-source and free software, mainly for privacy reasons as I’m a privacy advocate and it always made sense to me to own and control my data, so self-hosting apps and services was a natural fit for me.

Following this, and inspired by The Orange One’s series, I decided to document that process and share my thoughts and learnings along the way. At the moment I’m writing this, I’ve been working on the server for about two months, and I managed to get the main services and tools running, but there’s still some work until it reaches a point where I’m satisfied with it.

I hope to continue to learn and improve my skills, and to share my learnings with others.

System overview

Applications

• Actual Budget - personal budgeting app
• Adguard Home - dns server and ad blocker
• Audiobookshelf - audiobook manager (using Plappa as a player on mobile)
• Authentik - authentication server
• Calibre-Web-Automated - ebook manager
• Glance - dashboard with feeds
• Home Assistant - home automation and monitoring
• Homepage - dashboard for the homelab
• Immich - photo and video manager
• Mealie - recipe manager
• Nginx Proxy Manager - reverse proxy
• OwnCloud Infinite Scale - cloud storage
• Planka - task manager
• Portainer - docker container manager
• qBittorrent - torrent client
• Speedtest Tracker - monitor performance and uptime
• Tailscale - remote access and VPN

Hardware

• HP Elitedesk G4 800 running Proxmox VE
  • 40Gb of RAM
  • Intel i5-8500 CPU @ 3.00GHz

Storage

• 2 HDD (2x 4TB, Mirrored)
• 1 SSD (1x 250GB for cache and quickly accessible data)
• 1 NVME (1x 250GB for OS)

Backups

Still need to implement off-site encrypted backups for critical data, so I will probably be using Backblaze B2 as I’ve been reading about them and the reviews are positive and it seems to have a good price-quality ratio. For now I’m still copying my data from other services to the new server, so there’s not much to lose in case something goes wrong, except configurations.

Automation

About losing configs. I didn´t want to have to tune everything up every time I wanted to change something on the server or on any of the apps, so I’ve been using Terraform to provision the infrastructure of the VMs and LXCs containers in Proxmox and Ansible to configure the apps and docker containers. This is still a work in progress, but I’m pretty satisfied with how it’s going. It has kind of a large learning curve but I think it’s worth it in the long run as it allows me to focus on really using the tools and not having to worry about the underlying infrastructure.

I’ll try to write more about this setup in the future.

Network

For now, as I don’t intend to open my services to the internet, I’m currently using Adguard-Home as my DNS server and Nginx Proxy Manager to be able to access the services using a custom domain, instead of having to memorize the IP addresses and ports of the services.

Nginx Proxy Manager works as a reverse proxy for the services and it also generates a Let’s Encrypt certificate for the custom domain, so I don’t have to worry about getting warnings about the certificate being self-signed everytime I want to access the apps.

Remote Access

For acessing my internal network without opening it to the world, I’m working on implementing Tailscale as a solution.

Next Steps

• Implement off-site backups for critical data
• Work on remote access with Tailscale
• Implement monitoring with Grafana
• Start using my homelab as a replacement for enterprise tools