Homelab Setup Guide - Proxmox / TrueNAS / Docker Services

Matthias Benaets118 minutes read

Setting up a home server for various services involves hardware selection, software installation, and network configuration, allowing tech-savvy individuals to host their data independently, avoiding big tech companies. Recommendations include using ECC RAM for error correction, NAS-specific hard drives, and configuring BIOS settings for virtualization to enable running multiple services simultaneously at home.

Insights

  • Setting up a home server at home for personal use was discussed, emphasizing the need for proper hardware like multi-core processors and ECC RAM for error correction.
  • Detailed software setup instructions were provided, including installing Proxmox as a hypervisor, TrueNAS for storage, and Portainer for Docker container management, highlighting the importance of local DNS and ad blocking services.
  • Instructions for passing through devices like SATA controllers and video cards for improved performance were outlined, requiring specific configurations in Proxmox and Truenas, such as creating storage pools and datasets.
  • Setting up collaborative editing tools within Nextcloud, running an Nginx website with SSL encryption, and configuring Cloudflare for DNS records and SSL/TLS certificates were discussed for secure online access.

Get key ideas from YouTube videos. It’s free

Recent questions

  • How can I set up a server at home?

    Setting up a server at home involves using basic hardware like a desktop tower computer to run multiple services simultaneously. You will need a processor with multiple cores, sufficient RAM, and ECC RAM for error correction. Specific types of RAM like Unbuffered and Registered are recommended based on usage. Ensure compatibility with motherboards and processors, activate virtualization features in the BIOS, and consider network-attached storage (NAS) for data storage. Install software like Proxmox, TrueNAS, and Portainer for managing services, and configure BIOS settings for virtual machines and hardware allocation.

  • What are the benefits of ECC RAM?

    ECC RAM, or Error-Correcting Code RAM, is crucial for accessing important files with error correction capabilities. It helps in maintaining data integrity and preventing data corruption, especially in critical applications or server setups. ECC RAM can detect and correct single-bit errors, providing a higher level of reliability compared to non-ECC RAM. It is essential for ensuring the stability and security of data stored on servers or systems where data accuracy is paramount.

  • How do I enable virtualization features in BIOS?

    To enable virtualization features in BIOS, you need to access the BIOS settings of your computer or server. Look for options related to virtualization, often found under the CPU or advanced settings. Enable features like Intel VT-x for Intel processors or AMD-V for AMD processors. Save the changes and exit the BIOS to activate virtualization support. Enabling virtualization is crucial for running virtual machines and optimizing hardware resources for efficient performance.

  • What is the purpose of a VPN for a home network?

    A VPN, or Virtual Private Network, serves the purpose of securely accessing the home network from anywhere globally. It encrypts the internet connection, ensuring privacy and security when browsing or accessing data remotely. By using a VPN, you can establish a secure connection to your home network, protecting sensitive information from potential threats or unauthorized access. It allows for safe remote access to devices, files, and services within your home network, enhancing overall network security.

  • How can I make my content available online securely?

    To make content available online securely, open only two ports on the modem and router to enhance security. Utilize services like Nextcloud with Collabora or OnlyOffice for document storage and management as alternatives to mainstream cloud services. Set up Nginx to make a website accessible on the internet, ensuring SSL encryption for secure connections. Consider using SSL/TLS certificates, enabling HTTPS, and creating access lists with usernames and passwords for added protection. Port forward on the modem for ports 80 and 443, and always prioritize secure connections to safeguard your online content.

Related videos

Summary

00:00

"Home Server Setup for Tech Enthusiasts"

  • Setting up a server at home for various services like cloud storage or hosting a website was discussed with a friend facing challenges in starting.
  • A mini-course was suggested to help tech-savvy individuals host their data themselves, avoiding reliance on big tech companies.
  • Home Labbing was recommended as a server setup for personal use, focusing on running a server at home using basic hardware like a desktop tower computer.
  • The hardware requirements for running multiple services simultaneously were detailed, emphasizing the need for a processor with multiple cores and sufficient RAM.
  • ECC RAM was suggested for error correction in accessing important files, with compatibility checks required for motherboards and processors.
  • Specific types of RAM, like Unbuffered and Registered, were highlighted based on consumer or enterprise hardware usage.
  • CPU support for ECC RAM was specified for AMD Ryzen and Intel Xeon processors, with virtualization features needing activation in the BIOS.
  • Recommendations for network-attached storage (NAS) included using NAS-specific hard drives and ensuring sufficient SATA connectors on the motherboard.
  • BIOS settings like virtualization and IOMMU group pass-through were explained for enabling virtual machines and hardware allocation to them.
  • Software setup involved installing Proxmox as a hypervisor, TrueNAS for network storage, and Portainer for managing Docker containers, including Pi-hole for ad blocking and local DNS services.

18:11

"Setting up Local DNS and VPN"

  • Setting up a local DNS allows assigning a URL to an IP address for easy access.
  • A VPN enables accessing the home network from anywhere globally.
  • Nginx Proxy Manager aids in managing the local DNS for easy navigation to specific sites.
  • To make content available online, opening only two ports on the modem and router enhances security.
  • Nextcloud with Collabora or OnlyOffice serves as an alternative to OneDrive or Google Drive for document storage and management.
  • Nginx is utilized to set up and make a website accessible on the internet.
  • Downloading Proxmox VE ISO from the Proxmox website is the initial step.
  • Installing the Proxmox ISO on a bootable drive using tools like Rufus or Etcher is essential.
  • Configuring the network settings, including choosing the hard drive, time zone, password, and email during Proxmox installation.
  • Removing the Enterprise repository and adding the No Subscription Repository in Proxmox to receive updates and manage settings effectively.

37:39

"Creating and Managing VMs in Proxmox"

  • To create a VM, provide a name and ID, and select the node if multiple nodes are available.
  • Before uploading an ISO, store it in the local storage section under ISO images.
  • Templates for containers can be uploaded or selected from available options like Debian 10 or Debian 11.
  • Additional templates like GitLab or WordPress are accessible for specific services within Proxmox.
  • When creating a VM, ensure it boots up automatically by adjusting the power-on settings.
  • Allocate at least 8GB of RAM for a VM like Trueness, which stores frequently accessed files in RAM for quick access.
  • Enable QEMU agent for smoother virtual machine shutdowns within the web interface.
  • Create a virtual disk for storage, with options to enable SSD emulation and dynamic disk growth.
  • Adjust CPU settings based on the number of cores needed for the VM.
  • Access the web interface of Trueness post-installation to manage settings and storage configurations.

57:30

Configuring AMD Processor for Virtual Machine Passthrough

  • For AMD processors, enable IOMMU in GRUB by changing it to "AMD underscored iommu equals on."
  • Additionally, enable necessary kernel modules within Proxmox by updating the GRUB configuration to generate a new image for the next boot.
  • Before restarting the virtual machine, add kernel modules vfio, vfio underscore IO mmu, vfio underscore type 1, vfio underscore PCI, and vfio underscore vfio for Q f t in the Etsy modules.
  • Blacklist drivers for video cards in Proxmox by adding NVIDIA FD, NVIDIA, Radeon, and Nouveau to mob probe D PVE Dash blacklist.com.
  • To pass through devices like a SATA controller or video cards, reboot after making changes and proceed to add PCI devices in Truenas.
  • Identify disks connected to the server using LSL Dev disk by ID and pass them through to Truenas by setting scuzzy IDs in the Shell from PVE.
  • Create a storage pool in Truenas by selecting disks and choosing RAID levels like RAID C1 for data redundancy.
  • Create a dataset within the pool to store data, ensuring correct ownership by creating a new user and assigning permissions.
  • Make the dataset available for network access by setting up an SMB share in Truenas and connecting to it from a computer using the IP address and share name.
  • Verify the connection by creating a folder in the SMB share and checking its presence in the Truenas Shell under the specified directory.

01:16:12

Setting up Storage in Proxmox and TrueNAS

  • In Proxmox, navigate to Data Center and then Storage.
  • Add a new storage location by selecting SMB/SIF.
  • Enter the server address (192.168.0.122.85) and login credentials.
  • The system will automatically detect the data share.
  • Customize the storage options for disk images, ISO images, container templates, backups, and containers.
  • Adjust the async IO setting to Native or Threads for optimal performance.
  • Consider changing settings like async IO to prevent errors or hanging in virtual machines.
  • To create virtual machines and services without Proxmox, install TrueNAS on bare metal.
  • Use TrueNAS to set up applications and services, creating a data set for storage.
  • Install Docker and Portainer within a container for efficient service management.

01:36:14

Setting up secure web interface and VPN

  • The web interface uses ports 9443 and 8000, with 9443 being the correct one for the agent, requiring HTTPS for safety.
  • Portena allows for password selection and username changes during setup.
  • Utilizing a stack setup is preferred for ease, with Docker Compose being useful for consistent setups.
  • Instructions for setting up a service called "pile" for ad blocking and local DNS are detailed.
  • The Docker Compose file for "pile" includes setup details like image pulling, network creation, and volume storage locations.
  • Setting up a network for "pile" involves specifying IP addresses and subnets.
  • Instructions for setting up a Wireguard VPN service are provided, including changing settings like puid, time zone, and server URL.
  • Port forwarding for Wireguard involves opening port 51820 and directing traffic to the appropriate IP address.
  • Wireguard allows for generating specific device certificates to control access to the network.
  • Configuration details like DNS settings, allowed IPs, and internal subnets are outlined for Wireguard setup.

01:56:19

Efficient Setup and Management of Containers

  • To recreate the stack, navigate to containers and access the logs where a QR code should be generated for easy setup.
  • The QR code facilitates app usage by scanning it for quick configuration.
  • Access the terminal or console icon to manage settings, possibly using Bash commands.
  • Utilize boilerplates with specific instructions for installation and configuration.
  • In the wiregot stack, store configurations under root why I got config for easy access.
  • Generate and share config files for different devices like MacBook, phone, or ThinkPad.
  • Enable ipv forwarding via CTL in the container and Proxmox to connect to the local network seamlessly.
  • Ensure persistence by enabling net.ipv4 ipv4 winning equals one in the config file.
  • Set up nginx proxy manager for efficient web traffic management on Port 81.
  • Configure next cloud with redis and mariadb, ensuring correct variable settings for smooth operation.

02:16:00

Mounting Data in Virtual Machine Directory

  • The text discusses mounting data to a directory in a virtual machine.
  • The process involves creating a directory on the virtual machine before setting everything up.
  • Accessing files from a different location requires editing the Etsy f-step file.
  • Specific parameters like IP address, SMB share name, and mount location need to be defined in the f-step file.
  • Additional details like username, password, uid, and other parameters are necessary for proper setup.
  • Enabling features like underscore net Dev and no fail is crucial for smooth operation.
  • After editing the f-step file, restarting the virtual machine is required for the changes to take effect.
  • Setting up collaborative editing tools like Collabora or Only Office within Nextcloud is explained.
  • Connecting Nextcloud to Only Office requires configuring settings in the administration panel.
  • Running an Nginx website involves setting up a virtual machine, installing Nginx, and configuring the proxy manager for SSL encryption.

02:36:03

Setting up SSL Certificates and Access Control

  • To set up SSL certificates, include all zones, normal domain names, and wildcards, generating an API token for use. Propagation time can be left empty, accepting terms of service to load a new certificate.
  • Within Cloudflare, direct traffic to the server by creating DNS records, including domain names, wildcards, and IP addresses. Temporarily disable proxy for IP addresses when generating certificates to ensure connectivity.
  • Port forward on the modem for ports 80 and 443 to connect to the website securely. Enable SSL/TLS certificates and always use HTTPS for secure website connections.
  • For additional security, create access lists with usernames and passwords for services like Plex Media Server. Use SSL certificates generated to secure connections and manage access rules for added protection.
Channel avatarChannel avatarChannel avatarChannel avatarChannel avatar

Try it yourself — It’s free.