I am working on setting up a home server but I want it to be reproducible if I need to make large changes, switch out hardware, or restore from a failure. What do you use to handle this?
You must log in or register to comment.
Terraform and Puppet. Not very simple to get into, but extremely powerful and reliable.
I was getting into a similar form with Terraform (well, OpenTOFU now) and Ansible before I had to pack up my homelab about a year ago. New place needs electrical work before I can fire it back up.
How is Puppet to work with?
I’m the only user of my setup, but I configure docker compose stacks, use configs as bind mounts, and track everything in a git repo synchronized every now and then.
Using Forgejo as a base is really nice.
Snapshots largely, most everything is VMs and docker containers. I have one VM set aside for dev work to test configs before updating the prod boxes as well.
I got a bunch of docker compose files and the envs documented so its easy to spin things up again or rollback changes. It works well enough if I’m good about keeping everything all up to date and not making changes without noting it down for myself later.
MicroOS is a decent choice, because it can cold boot off a configuration that uses ignition and combustion files. https://microos.opensuse.org/
And they have this file configurator so you don’t have to manually type all the syntax for your configs.
I use snapshots, once a month an image is made of the entire drive, and I have Duplicati that backs up to cloud. Whatever choice you make tho, remember 3,2,1, and backups are useless unless tested on a regular basis. The test portion always gives me anxiety.
I’d really like to know if there’s any practical guide on testing backups without requiring like, a crapton of backup-testing-only drives or something to keep from overwriting your current data.
Like I totally understand it in principle just not how it’s done. Especially on humble “I just wanna back up my stuff not replicate enterprise infrastructure” setups.
You can use qemu utilities to convert your Linux disk image to VDI which you can then import into VM Workstation or Virtualbox:
qemu-img convert -f qcow2 -O vdi your-image.qcow2 your-image.vdiOne thing you might run into is that Ubuntu server images often use VirtIO drivers, So you may have to make adjustments for that. Or you may run into the need for other drivers that VM Workstation or VirtualBox don’t provide.
https://documentation.ubuntu.com/server/how-to/virtualisation/qemu/#qemu
https://systemadministration.net/converting-virtual-disk-images-qemu-img/
ETA: There is also StarWind V2V Converter
With NixOS, you get a reproducible environment. When you need to change your hardware, you simply back up your data, write your NixOS configuration, and you can reproduce your previous environment.
I use it to manage all my services.
Proxmox on the metal, then every service as a docker container inside an LXC or VM. Proxmox does nice snapshots (to my NAS) making it a breeze to move them from machine to machine or blow away the Proxmox install and reimport them. All the docker compose files are in git, and the things I apply to every LXC/VM (my monitoring endpoint, apt cache setup etc) are all applied with ansible playbooks also in git. All the LXC’s are cloned from a golden image that has my keys, tailscale setup etc.
This is pretty much my setup as well. Proxmox on bare metal, then everything I do are in Ubuntu LXC containers, which have docker installed inside each of them running whatever docker stack.
I just installed Portainer and got the standalone agents installed on each LXC container, so it’s helped massively with managing each docker setup.
Of course you can do whatever base image you want for the LXC container, I just prefer Ubuntu for my homelab.
I do need to setup a golden image though to make stand-ups easier…one thing at a time though!
So you make in proxmox container (LXC) the docker container?
Yes, essentially I have:
Proxmox Baremetal ↪LXC1 ↪Docker Container1 ↪LXC2 ↪Docker Container2 ↪LXC3 ↪Docker Container 3Or using real services:
Proxmox Baremetal ↪Ubuntu LXC1 192.168.1.11 ↪Docker Stack ("Profana") ↪cadvisor grafana node_exporter prometheus ↪Ubuntu LXC2 192.168.1.12 ↪Docker Stack ("paperless-ngx") ↪paperless-ngx-webserver-1 apache/tika gotenberg postgresdb redis ↪Ubuntu LXC3 192.168.1.13 ↪Docker Stack ("teamspeak") ↪teamspeak mariadbI do have a AMP game server, which AMP is installed in the Ubuntu container directly, but AMP uses docker to create the game servers.
Doing it this way(individual Ubuntu containers with docker installed on each) allows me to stop and start individual services, take backups via proxmox, restore from backups, and also manage things a bit more directly with IP assignment.
I also have pfSense installed as a full VM on my Proxmox and pfSense handles all of my firewall rules and SSL cert management/renewals. So none of my ubuntu/docker containers need to configure SSL services, pfSense just does SSL offloading and injects my SSL certs as requests come in.
deleted by creator
I went the nuclear option and am using Talos with Flux to manage my homelab.
My source of truth is the git repo with all my cluster and application configs. With this setup, I can tear everything down and within 30 min have a working cluster with everything installed automatically.
Are you using selfhosted git? Which one?
I have a similar setup, and even though I am hosting git (forgejo), I use ssh as a git server for the source of truth that k8s reads.
This prevents an ouroboros dependency where flux is using the git repo from forgejo which is deployed by flux…
I’ve got a forgejo instance setup but I haven’t migrated everything to it yet.
Incus and ansible
deleted by creator
I think it gets some flak but I’ve been super happy with Unraid.
Migrated hardware by moving the usb drive over to the new system and it didn’t blink that everything but the HDDs was different. Just booted up and started the array and dockers. The JBOD functionality is great. Drive loss is just an excuse to add a bigger drive.
Carefully
Terraform and ansible. Script service configuration and use source control. Containerize services where possible to make them system agnostic.
How do you decide what’s for Terraform and what’s for Ansible?
They’re good at different things.
Terraform is better at “here is a configuration file - make my infrastructure look like it” and Ansible is better at “do these things on these servers”.
In my case I use Terraform to create proxmox VMs and then Ansible provisions and configures software on those VMs.
Ansible.
I use docker for most of the services and Ansible to configure them. In the future I’ll migrate the server system to NixOS and might slowly migrate my Ansible to NixOS, but for the time being Ansible is working with relative ease.
