Building an homelab with Raspberry Pi 4

I have been thinking about building a home lab for myself for a few months and finally bought a Raspberry Pi 4 (8 GB—model B) this week, inspired by Thorsten Ball and this little conversation. My goal is to experiment and also selfhost few things myself.

First things first, I installed Raspbian Lite OS without desktop since that might be a overhead and not worth it for my requirements.

Thanks again Thorsten!

I installed tailscale to create a secure network via which homelab can be accessed. Few other features I’ve to look into:

Tailnet lock
Tailscale funnels (for public facing services)

I already own the domain manosriram.com, so i just created an A record pointing *.manosriram.com to the tailscale IP. This points all subdomains to the tailscale IP (port 80). mano-dns

And then added an SSL certificate via NPM mano-dns

For all proxy hosts, we can now just select the added SSL certificate and it creates the SSL certificate for that subdomain. mano-dns

All services except tailscale are running inside containers using docker and docker-compose. Tailscale is a separate daemon running outside docker.

To manage proxies, I use nginx-proxy-manager. It helps the routing of subdomains to ports with SSL.

nginx-proxy-manager:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    container_name: nginxproxymanager
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    networks:
      - proxy-network

This runs at default port 80, so *.manosriram.com reaches this service first. NPM is used to assign address to a subdomain and most importantly, and TLS for all *.manosriram.com sub-domains.

To share files, I used dufs. It is a lightweight file server written in Rust. This comes in handy when I want to refer to some files between machines. Instead of mounting the whole filesystem, I created a directory separately for dufs and then mounted it.

dufs:
    image: sigoden/dufs
    container_name: dufs
    network_mode: host
    volumes:
      - /home/manosriram/apps/dufs_shared:/data
    ports:
      - 5232:5000
    command: /data -A

Other services

I have similarly hosted few other services as well:

Vaultwarden (password manager)
Jellyfin (media manager)
Heimdall (dashboard to view all services)
dufs (file system)
Memos (note taking application)
Slash (url shortener - not sure if I’ll keep using this)
Uptime Kuma (service monitoring tool to check the status of each application)