homelab
- install Newt on my home server
- connect it to the Pi
- profit
- host your own Netflix with Jellyfin
- share your photos with family and friends using Immich
- block adverts with Pi-hole
Pangolin works on my IPv6 only Pi 🎉
I’ve got some tidying up to do, then it needs a write-up.
Pangolin on a Pi project progress
Most things in tech play out like that scene from Malcom in the Middle, where Hal’s trying to do one thing and then he needs to do another, and another, until he’s forgotten where he started.
Pangolin on a Pi started off as a quick little test that turned into a week long adventure.
Pangolin
Pangolin is an app that lets you tunnel into a private network, securely, from the outer internet. This means you can run your own apps and services at home and use Pangolin to let your friends and family connect to them.
You can do the same thing with Cloudflare tunnels except that way Cloudflare can read everything that goes through the tunnel and they don’t want you using it for movies, so you’re not supposed to use it for Jellyfin or Plex.
I’m not planning on using it for Jellyfin, but I like that the option’s there with Pangolin, and that it’s hosted on my own server.
Hosting
Except it’s not my own server, because I don’t have one of those huge internet cables like the big companies do, so I have to rent access to one from them.
It doesn’t need to be a big server, only 1GB of RAM and 1 vCPU, which you can get for $1 per month if you go with RackNerd.
Which is great if you live in the US, since you’re close to any one of the 6 data centres you can choose from for that offer, but I don’t, I live all the way across the pond.
UK Hosting
The closer this server is to where I am the better. In the UK server hosting mainly happens in London, which is close enough to me to be super fast, even if there are other places I could choose.
Like Manchester, which is closer to me than London. I was surprised to find they had their own data centres I could host from. I could only find one company that offered it publicly though, which was ran by an American company.
I don’t want to talk about recent events, but I don’t want to spend my money with a company that pays its taxes to a government that just bombed the country my friend’s family lives in. I’m not getting involved in any of this. I will choose a different company.
Preferably one in the UK; as I’ve aged I’ve realised it’s up to us to keep this island afloat.
Mythic Beasts
A quick Reddit search led me to Mythic Beasts, an independent, privately owned company based in the UK, with lots of good reviews.
They even had a blog, and it didn’t take long to find a post titled “Supporting the Open Rights Group”.
Yep, that’s all I need to read, I’m hosting my server here with these beasts.
Pi?
Mythic Beasts have their own rack of Raspberry Pis you can rent from.
Hosting on someone else’s computer isn’t a natural fit for the self-hosted way of doing things. But doing it on a Pi? That feels better for some reason.
Time to do a little test…
Terraform Provider?
I could have just clicked on the website to order a Pi. Maybe I should have.
Mythic Beasts have an API, so you can script your order and the management of the Pi, not that it needs much management. What they don’t have, which surprised me a little, is a Terraform Provider.
A Terraform Provider is the bit that connects Terraform, an industry standard tool for writing down servers as code, to the API of the server provider.
An ex member of staff started one using the older version of the Terraform Provider code, but they had archived it and since left the company.
Which gave me an idea.
I will write one!
I was looking for a chance to practise writing Go, as well as create a project to put on my GitHub, which had gotten a little quiet recently, and now I’d found one.
How hard could it be?
WHY AREN’T THE DOCS ACCURATE?!
A small gripe, if I may, is that it helps if your API documentation is accurate. The docs I was reading were mostly accurate, and I could get around whatever differences there were, but it had been a while since I’d coded against someone else’s API and I’d forgotten this happens.
IPv6?
Since there are no more IPv4 addresses left the Pis are IPv6 only. Mythic Beasts host proxies that let you get into the Pis from IPv4 connections, which works for websites, but Pangolin needs a different type of access.
Newt?
Pangolin is the website part of the project, it’s the bit the users see and is hosted on the Pi. It works by letting only the right users into the secure Wireguard tunnel that goes into your home network.
The thing that you host at home that sets up the other side of the tunnel is called Newt. It uses Wireguard for the tunnel, and that speaks to the Pi on a particular port which isn’t proxied by Mythic Beasts.
Another proxy?
Maybe you could get another proxy for this, but then you’re hosting a tunnel for your tunnel.
So no.
IPv6!
You don’t need a proxy if you can connect to the Pi through IPv6.
Except I couldn’t.
I’ve known for years that we’ve ran out of IPv4 addresses and that they’re being passed around from company to company for larger and larger amounts of money.
Somehow IPv4 still works and we’re still using it, so I always thought I could deal with it when it became a problem.
Like it just had.
…
I now have IPv6 working at home which means I can connect to the Pi without a proxy 🎉.
I will write up what I did another time, this quick update is over 1,000 words already.
The next steps are:
Why would you want a home server?
Some thoughts to help you work out if you want a home server.
What’s a Home Server?
If you thought servers were big black boxes with blinky lights in noisy rooms then you’d be mostly correct, but a growing number of us are running them at home and they’re smaller and quieter than you think.
If you just want to block adverts with Pi-hole then you don’t need that much power and you can get away with a teeny tiny Raspberry Pi Zero that fits in your hand and costs £15.
A home server is any machine that lets you host things in your home.
Self-hosting
There’s a bunch of things you can self-host.
Services
Some services are only available by self-hosting them.
Blocking adverts in the browser alone means you still had to download the advert, even if you didn’t see it. Pi-hole blocks adverts by stopping your network from fetching the advert in the first place, which makes your browsing experience faster.
Jellyfin lets you host your own Netflix, and apps like calibre-web and audiobookshelf do the same for your books and podcasts.
Having a home server lets you make the most of your own media.
Applications
There are open source versions of loads of apps you’re already using, like Word processors and spreadsheets and stuff, as well as new ones you didn’t realise you’d need.
Mealie is one of my recent favourites, it’s a recipe management app that lets me do meal planning and then generate a shopping list with all the ingredients I need.
I use FreshRSS to keep up to date with RSS feeds as well as keep my phone and laptop clients in sync with each other.
Wireguard lets me access my home server from anywhere.
You can find more at Awesome Homelab and on Reddit.
Storage
If you’ve read my Why would you want a NAS? post you’ll know whether you need something for storage.
What I didn’t mention is that the line between a home server and “a NAS” can be a little blurry.
“NAS” just means network storage and “a NAS” usually refers to the machine you dedicate to doing NAS things. You don’t have to own “a NAS” to have NAS.
NAS + self host
Most NAS software has the ability to run custom apps somehow, so if you mainly wanted storage and only wanted to run a few apps you could get away with using your NAS device as a home server.
You can run your own apps even on the consumer NAS devices like the ones from Synology.
Home server + Network Attached Storage
If you wanted the opposite, mainly to self-host with a little bit of network storage, you could get away with plugging in some drives to your home server and making them available over the network.
This could be as small as a Raspberry Pi 5 with an NVME plugged in to it.
Home server with NAS virtualised
Some people set up their home server for virtualisation and use a virtual machine to run their NAS software and then use other virtual machines for self-hosting, which means the same device is now both “a NAS” and “a home server”.
Home server and a NAS
I personally have different machines for my NAS and my home server, and I think I’m right, but then my NAS is sat idle 99% of the time, so maybe I’m not.
Why would you want a NAS?
Some thoughts to help you work out if you want a NAS.
What’s a NAS?
NAS stands for Network Attached Storage, which means you can connect to storage on another computer in your network.
It’s like Dropbox, Google Drive or iCloud except it’s your computer and not theirs.
When you buy “a NAS” you’re buying the computer that makes storage available over the network. They usually don’t come with any actual storage, you have to buy that separately.
You can also build it yourself, at the end of the day it’s just a computer.
Why would I want Network Attached Storage?
When you have a single computer managing the storage for it is pretty easy. You run out of room, you buy a USB stick, or an external hard drive, plug it in, and get more storage.
It’s when you fill up that extra storage or have multiple computers in the same household that you start looking for a better solution.
Instead of buying and managing more external drives you designate a computer to act as storage and plug in all your drives to that one and make it available over the network.
You might not even need to buy anything at all, most modern routers allow you to plug in an external drive and make it available over your network, and that might be all you need.
Benefits
Having storage available over the network means you’re able to do a few things:
Centralise your storage
You can store all your files in one place and access them from all your devices.
When you treat your storage like one giant drive then adding new disks increases the total storage you have, not just giving you another smaller disk to manage.
No more juggling USB sticks and label makers or emailing files to yourself.
And if you install media software like Jellyfin or Plex then you can watch your media content on your TV without plugging in your laptop every time.
Backups and redundancy
NAS software allows you to set up redundancy for your data, so you always have an extra copy available. Some will allow you to configure your drives into a RAID array which means you can survive one or two of them failing. RAID is not a backup, but it does give you an extra layer of redundancy.
For a better backup solution you should store a copy of your data in an external location. The benefit of having a NAS is that you can set it up to do this for you, so now all you need to do is get that data onto your NAS and then it’s automatically backed up.
Avoid the Apple Tax
I like Apple, you might as well, but I do think their storage upgrades are expensive.
Take the cheapest Mac mini they have right now, which is £599 for 256GB of storage. Upgrading it to 512GB is an extra £200. 1TB is an extra £400.
You can buy a Raspberry Pi 5 starter kit, an NVME adapter, and a 1TB NVME drive for £200.
For just over £400 you could upgrade the 1TB drive to 4TB.
It’d be slower, I admit that, but if it suits your needs then it means you get 4 times the storage for the same price.
Bonus: Homeserver
A NAS can also double up as a capable server where you self-host your own apps and services.
You could:
and plenty more.
Convinced yet?
Maybe that helped you work out if you wanted a NAS or not.
I’ll be writing more under the #homelab tag, including which NAS is right for you as well as self-hosting your own apps and services on a home server.
Talos defaults to adding the node.kubernetes.io/exclude-from-external-load-balancers= label to all control plane nodes, which are all I’m using in my Turing Pi, so that meant none of them were in the MetalLB VIP and is why I couldn’t connect to them.
I wish I knew this two hours ago.
Why Talos and not Ubuntu and K3s for Turing Pi RK1
Now that I want to use the RK1s in my Turing Pi to host a Kubernetes cluster I have a few different options on how to do it.
Ubuntu
My goto is usually Ubuntu because I know how to use it. I can configure it using Ansible and debug it when things stop working, so of course I would use it. I didn’t really think about it.
This time I’m using RK1 modules, which are powered by Arm, and don’t have “official” Ubuntu images. The ones it does have are locked to Ubuntu 22.04, or are a community effort, and reading into it all made me question what I really needed.
K3s
K3s is an obvious choice for running Kubernetes on low powered machines because it’s a stripped back version of Kubernetes, containing only what it needs to run and nothing else.
I like the sound of this approach; it’s made me wonder if I really need Ubuntu for this.
Talos
Enter Talos, a secure, immutable, minimal OS that just runs Kubernetes.
Instead of the almost 3,000 binaries included in Ubuntu, Talos has only 12, and with those you can run a distributed Kubernetes cluster on bare metal.
There’s even an official “overlay” that adds Rockchip support, which includes my RK1s.
Sure, it won’t all be plain sailing, and there will be plenty of things to learn along the way, but the reasons mentioned above are why I’m currently re-flashing my RK1s from Ubuntu to use Talos instead.