homelab.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/hi-capper on 2025-12-18 11:44:30+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/ItssPanda on 2025-12-18 06:21:53+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/Careful_Today6179 on 2025-12-18 04:39:07+00:00.

We're about halfway through December, and I've hit some big goals of my own (hard-line Cat6 throughout the house, Wi-Fi roaming w/centralized AP Management) and figured we share in some of the wins, big or small!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/xbufu on 2025-12-18 07:38:40+00:00.

Just read this in r/cybersecurity:

Docker released their hardened images cataglog under the Apache 2.0 license for anyone to use for free: https://www.docker.com/blog/docker-hardened-images-for-every-developer/

Seems like a drop-in replacement, since you can simply change something like traefik:v3 to dhi.io/traefik:v3

Seems pretty awesome, I think I will be gradually rolling this out in my homelab.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/RationallyDense on 2025-12-18 03:14:13+00:00.

Ok, so right now my home network is 192.168.88.0/24. This is fine. But I'm thinking for purely organizational reasons, I might want to start having DHCP assign ip addresses in the 192.168.88.0/24 range and reserve something like 192.168.10/24 or something for devices with static ips. (The NAS, 3d printer, etc...)

I know it's not necessary. Is there any reason I should not do it?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/b4d1t on 2025-12-17 21:46:06+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/No_Injury_1057 on 2025-12-18 01:05:27+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/Escha_Mali on 2025-12-17 19:31:59+00:00.

This is my setup.

Only a few years before finishing my IT degree (software dev oriented), I started feeling anxious about how much I didn't know about IT, in general.

After getting a few Optiplexen from my internship's IT team, I got motivated to play sysadmin at home. I started lurking on this sub and r/sysadmin to get an idea on where to start. Then slowly tackled disciplines one by one.

I didn't progress as much as I'd have liked, but I had a lot of fun doing all that.

I'll show you what I've done until now, because I want to try changing pace and focus.

Sorry, but I don't have any graphs, yet.

In short, I'm running:

• 1 Lenovo m720q Tiny as my OPNsense box

\- serves as a firewall, a VPN, and a DNS server

• 2 Dell Optiplex 3070 micros as my Proxmox nodes

\- they run a few services, of which I'll send details in the comments

• 1 Dell Optiplex 3070 micro as my OpenMediaVault server

\- it runs Forgejo and Immich inside Docker containers

• 1 Frankensteined Dell Optiplex XE3/3050 SFF as an on-prem backup server

\- with Bareos as a backup solution

The Optiplex 7080 micro and 7060 micro you can see on the picture are unused; I plan to use them later.

I want to learn a lot of subjects before I get my degree: Kubernetes, AD, CICD, etc... Idk what to focus on, from february 2026 onwards. So, I'll scour the internet for clues.

Don't hesitate to comment, If you have tips and/or questions :)

https://preview.redd.it/apqr8d91gt7g1.jpg?width=4273&format=pjpg&auto=webp&s=96f67deadeeb5df3c436f50e31c0dc7add00b546

https://preview.redd.it/za0gee91gt7g1.jpg?width=2608&format=pjpg&auto=webp&s=63132196703d14224379ade6a87e419062311972

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/FullMetal2803 on 2025-12-17 23:21:13+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/minezbr on 2025-12-17 20:14:31+00:00.

My main goal is just have time to shut down my proxmox server (mainly harddrives!) and run my wifi router, since where i live i have pretty regular power outages.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/FullMetal2803 on 2025-12-17 18:41:20+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/ThunderBull00 on 2025-12-17 18:19:41+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/kavkasavich on 2025-12-17 20:06:42+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/RocketMarvel-100 on 2025-12-17 18:54:57+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/CoderStone on 2025-12-17 15:13:41+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/PanSalut on 2025-12-17 17:22:08+00:00.

Hey!

Built a grocery list app for me and my wife - wanted something lightweight that wouldn't eat resources on my server.

Why I built it:

• Other apps were too bloated or required subscriptions

• Needed real-time sync while shopping together

• Wanted full control over my data

Specs:

• ~16 MB on disk

• ~2.5 MB RAM (yes, really)

• Go + SQLite + HTMX

• Single Docker command:

Features:

• Real-time sync via WebSocket

• Organize items into sections

• Simple password login

• Mobile-friendly

GitHub: https://github.com/PanSalut/Koffan

⚠️ Still in active development - feedback welcome!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/GreenReporter24 on 2025-12-17 09:21:32+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/BouncyPancake on 2025-12-17 07:49:52+00:00.

I was thinking about it the other day and kind of realized that some supermarkets, utility companies, etc are cooperatives that are either owned and operated by the employees or consumers, or even both (like a hybrid I guess?).

Why isn't there a datacenter or hosting provider out there that is operated and owned by the people, instead of by a board of shareholders / stakeholders? and what is the likelihood of making something like that possible?

I imagine like a community / people run datacenter that gains to benefit the customers and employees, not shareholders.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/LoanWhole5698 on 2025-12-17 13:54:23+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/umanouski on 2025-12-17 12:53:06+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/abasara on 2025-12-17 11:34:34+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/youngguslarz on 2025-12-17 09:47:48+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/ttkciar on 2025-12-17 09:34:06+00:00.

I don't know how many people remember the ISA cards with a DB9 serial port, a DB25 parallel port, IDE (PATA) sockets, and a floppy drive socket on them They were typically called "I/O cards" and no PC build was complete without one.

What would the modern equivalent of that look like? I'm imagining a PCIe card with USB ports, ethernet port, SATA ports, and an M.2 socket on board.

Looking around Newegg, the closest thing I found to this had an M.2 socket and a single SATA port on a PCIe card.

It seems to me that an "everything on it"-card might be handy for expanding the capabilities of a SFF system that only has one PCIe slot.

Does anyone know of other PCIe cards with an interesting variety of devices on them?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/Proper_Ear2830 on 2025-12-17 08:27:26+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/WraytheZ on 2025-12-17 07:54:56+00:00.

I've been building a custom firewall in my home/lab.

Built ontop of Alpine linux, leveraging a heck of a lot of python - suricata, unbound, influxdb, mongo and a few other components.

Web Filter is entirely handled via NFQueue with a python daemon behind. Inspects the HTTP host + server ip, and TLS SNI + server ip

App control is handled via a Suricata integration. Currently have ~ 146 apps loaded and working.

Web/App filters support schedules.

Devices can be associated to users, users can be referenced in rules. Rules can enforce web/app filter policies.

Still a long way from production ready, but having a great time building this out.

Anyway, screenshots !

Dashboard. Simple right now.

Interface/Zone configurations

IP/ARP - Mapping devices to users

Firewall rules

NAT rules. The 2 DNS intercept rules are created automatically if "DNS Intercept" is enabled on the interface. The UI isn't showing the source interface, however the backend API does have this info. Need to update this page at some point to reflect it.

Web Filter profiles

Web Filter logs

Customizing the profile

Application Filter Profiles. This uses suricata as the 'engine' to identify applications based on the signatures on the firewall. Currently have ~ 146 app signatures configured.

App Filter Logs

DHCP

DNS - local records

Bug in the API call this page references.. Hence Upstream servers isn't populating. It's on my 'fix list'

Users

User Permissions / Roles

DNS Query log. I'm working to enrich this with user identity where available

https://preview.redd.it/g8osm8qdwp7g1.png?width=629&format=png&auto=webp&s=43632ff988f373daa22080ad9643783a3b32a7f7

https://preview.redd.it/m7tpe5wuwp7g1.png?width=1163&format=png&auto=webp&s=34762b109ea7420482d4f7ef4565a04473e1a7e3

https://preview.redd.it/y8ciix4xwp7g1.png?width=673&format=png&auto=webp&s=156ecd2d28eb68bc6d3b2f5e3fbeed2431a30dd8

Lagging a bit behind the web UI on available columns - e.g user, filter profiles, hits

Overall the CLI is a little behind the web UI. They both engage the same backend API.

Having a lot of fun figuring this all out :-)

My TODO list has a lot on it - captive portal, QoS, WAN Failover/Load Balancing, Netflow, embedded grafana. Also want to enable HA. The database, and application is structured to accomodate VRRP/HA

Toolset

• Unbound (DNS)

• isc-dhcp-server (DHCP)

• Iptables - firewall rules

• Iptables + NFQueue + Python daemon (Web-Filtering)

• NFQueue + Suricata + Python integration (App Filtering)

• MongoDB (Database)

• InfluxDB (metrics and web/app/dns logs) - i may switch the logs elsewhere later

• Python API to control everything

• NextJS Web UI

• NGINX doing reverse-proxy to the api/webui

My dev environment consists of Virtualbox + Vagrant on an ubuntu desktop.

I do not pretend to know everything - this has been an R&D exploration in my free time :-) So please be kind.

Credits to Claude for helping with scaffolding the web ui - i am terrible at anything frontend.