HomeLab Updates 12/16/2024

• Proxmox
  • Created a few templates of VMs and LXC containers for ease of use
  • Enabled Firewall Rules both globally and on a VM/LXC basis
    • The rules created and enabled are not super restricted. Just disabling Port 22 for any except for the cluster and 1 internal machine, restricting RDP to 3 machines to the cluster, 2 of which are in the cluster.
    • The Global rules for Firewall Overrule anything that is on a VM or on the OS settings. This makes everything a little more secure. All other ports are allowed for now until I dial in and figure out what ports I need to allow and which ones I need to block.
  • Created HA (high availability) for my Slurp Stack and my LXC-Management machine which hosts my NginX proxy manager app.
• Hardware
  • I have decommissioned 4 machines that are sucking power and no longer needed.
    • MCServer-02 has been decommed since nobody uses it anymore, if I need a secondary MC server, I will use a ProxMox node.
    • MCServer-01 has been converted to a ProxMox node running 1 Windows VM for the modded server whenever needed.
  • I have added a larger fan for the server room
• Software
  • I have released my link shortener using a different program. This can be found at https://smollq.cc
  • Docker has been secured a little bit with a socket proxy on the public access LXC
• DNS
  • I have Added 2 Adguard server and an Adguard Sync Server
• Firewall
  • My firewall has now been updated to only allow 3 ports through
  • I have removed my obscure RDP port for security reasons
• Apache Guacamole
  • Since I no longer have RDP port forwarded with an obscure port, I needed another solution for RDPing into my network from my work machine since I am not allowed to install OpenVPN so I went with Apache Guacamole. This is an RDP/SSH/Telnet gateway that runs in the browser that I have now implemented. Anyone who has access to my network will eventually get access to this as well as the VPN in case they would want it.

There are still some future updates that I wish to complete, the ones that I already had in separate posts are irrelevant for the most part now. I plan for a few more things to happen.

• Setup Docker Proxy (specific type of proxy that does not require the exposure of ports on a container and just exposes a url type.
• DNS filter
  • Need to upload more lists to my DNS blocker to block ads for YT and other services
  • Need to add all DNS records for Machine names, services, devices, etc
  • Adding DNS proxy for HTTPS access
• Game Cache
  • Setting up Steam, Epic, GoG, Battle.net, and Ubisoft caching servers in a Docker LXC
• Setup CloudFlare DDNS script to update all Subdomains with Proper IP addresses.

There are some nice to haves that will be coming soon as well. The most important being ATT fiber. There is talk of ATT fiber in my area and ATT has been coming out to service my street so I should have this soon. One of the things I get is a 5G/5G plan for the same cost as a 1G/1G plan so I intend to have a 5G connection to my house allowing for faster downloads and faster access to everyone.

Hardware wise, I do plan to get another Dell r730 or MD1200 for storage since my VM storage is not enough for what I would like to have. I do want to have a NextCloud server that everyone can access and use at their leisure, but this will not be able to be completed until a server falls into my hands.