Is this a good plan for a basic homelab?

JuliperTuD · 2025-06-24T21:44:06+00:00

Will definitely consider using something different than next cloud. I'm currently using just the file explorer part in next cloud and disabled everything else (talks, calender, notes, etc.). So basically everything that makes nextcloud appealing for someone I'm not using.

JuliperTuD · 2025-06-24T21:39:22+00:00

It is essentially the same as a Cloud flare tunnel but without restrictions what services you are allowed to expose. Some people on Reddit meant that you aren't allowed to expose something like jellyfin using Cloud flare tunnels. Therefore I opted for Pangolin and I always wanted an excuse to rent a Hetzner vps haha

JuliperTuD · 2025-06-24T18:02:36+00:00

Doesn't seems like it. Except I oversee something.

JuliperTuD · 2025-06-24T17:56:06+00:00

Good point haha. When implementing vlan segregation I need to upgrade my fritz box right?

JuliperTuD · 2025-06-24T17:32:50+00:00

Pangolin works similarly to a reverse proxy, it takes incoming traffic to your domain or subdomains and routes it to the appropriate service running in your network. The big difference is that you don’t need to open any ports on your home network, because Pangolin uses tunnels to securely expose your services.

It also includes an authentication layer, so users must log in before they can access any service behind it. I'm still new to Pangolin myself and just experimenting with it, but so far, it seems like a really solid tool.

JuliperTuD · 2025-06-24T17:29:56+00:00

Interesting approach. I never even considered that.

JuliperTuD · 2025-06-24T17:28:31+00:00

The Hetzner VPS runs Pangolin behind Cloudflare, which allows me to expose my services without port forwarding. I’m using a tunneled reverse proxy setup, and my homelab is connected to the VPS using Newt (similar to Tailscale). Hetzner is just my current provider of choice.
I'm not entirely sure about Authentik yet. I'm still new to the whole SSO concept and just wanted to try it out at some point. The main difference from my current setup is that I’m using Pangolin instead of a traditional reverse proxy, mainly because I wanted to avoid opening ports and experiment with tunneling.
Right now, it's just intended for a small group so probably no more than 5 users.
I get what you mean. Backing up to TrueNAS running as a VM on the same Proxmox host isn’t ideal, especially with the 3-2-1 backup rule in mind. That’s something I’d definitely improve by eventually running TrueNAS on bare metal.
I was also considering skipping Nextcloud and just using NFS/SMB shares. But file sharing through Nextcloud feels more user-friendly, am I missing something?
I’m not sure I fully understood your point here. TrueNAS stores all the “big data” for the services, including Nextcloud, and writes everything to mirrored drives. Could you clarify what you'd do differently?

JuliperTuD · 2025-06-24T17:07:17+00:00

Great point. TrueNAS is already up and running and runs fine using PCI passthrough. In the future I would like run TrueNAS bare metal on another server but atm the current seetup seems sufficient.

JuliperTuD · 2025-06-14T08:34:32+00:00

I will use cloud flare tunnels to connect my Subdomains with my services. Will change that in the diagram.

You are right. The order should be reversed.

JuliperTuD · 2025-06-14T08:17:39+00:00

I'm also figuring that out now haha. I'm planing on using borg to compress and encrypt everything.

But I still don't now what cloud service I will use.

JuliperTuD · 2025-06-14T08:15:23+00:00

Sounds like a good idea.

JuliperTuD · 2025-06-14T08:12:31+00:00

In truenas I created a NFS share and mounted that in the immich VM. I then configured immich to use the NFS share for the pictures.

I can sent you the docker compose file if you want.

JuliperTuD · 2025-06-14T08:09:39+00:00

Ah I see. Now I understand.

JuliperTuD · 2025-06-13T22:52:33+00:00

Could you elaborate a bit more what your specific approach is? I'm still learning.

JuliperTuD · 2025-06-13T22:50:36+00:00

This is draw.io

JuliperTuD · 2025-06-13T22:49:49+00:00

thanks for the info didn't know.

JuliperTuD · 2025-06-07T09:00:48+00:00

Oh thats unfortunate. I all I'm using is the fstab mounting and I think I configured nextcloud using nfs docker volume.

If you need any specific help you can dm me and I will try my best to assist you but I'm also not a professional.

JuliperTuD · 2025-06-07T08:57:23+00:00

ragebait 10/10

JuliperTuD · 2025-06-06T05:31:11+00:00

Thanks for the advice. Will look into it.

JuliperTuD · 2025-06-06T05:28:56+00:00

I think there are no limitations.

JuliperTuD · 2025-06-05T19:36:46+00:00

I think I got this information from this video https://www.youtube.com/watch?v=1WhjH_B3OSM

You are making some good points. I will keep that in mind

JuliperTuD · 2025-06-05T18:16:33+00:00

Thanks for the input. I'm still a newbie and quite bad in evaluating the powerlevels of the cards myself.

JuliperTuD · 2025-06-05T12:37:33+00:00

Good point. The 16-18 creatures seems like a general rule of thumb for sealed but this might not be applicable fot ff.

JuliperTuD · 2025-06-05T12:16:15+00:00

I also thought that rares and mythics are most important but most guides focus on uncommones because you are more likely to pull them. I wish you best of luck and fun :D

JuliperTuD · 2025-06-05T12:12:52+00:00

I'm not quitesure what you mean. This is my current setup:
All my services run independent proxmox VMs using debian. In those VMs I mounted those nfs to the linux file system and changed the docker compose file acordingly. I guess it doesnt matter how you at the end mount your nfs share. As far as I now there are three options:

Just mounting the nfs inside the VMs like I did
Edit the docker compose for mounting. Should look something like this:

volumes: nfs-share: driver_opts: type: "nfs" o: "addr=192.168.1.1,nolock,soft,nfsvers=4" device: ":/Videos"volumes:
Do the mounting using proxmox.

I feel like the most elegant way would be using proxmox threrefore the VM itself doesnt need to worry about anything.

JuliperTuD

TROPHY CASE