blog-content/2023-12-01_Current-Software-Stack.md

---
date: 2023-12-01
title: My Current Software Stack
tags: 
  - homelab
  - software
  - unraid
---
As part of planning [some hardware upgrades](https://blog.mcknight.tech/2023/11/29/Homelab-Upgrades/),
I think it is important to evaluate the software side of things to make sure everything is accounted for
in the new design. This is also a good opportunity to evaluate and prune what I have running before
deciding where to move things around.

## Virtual Machines
I run a few VMs on my Unraid server; many are seldom used but a couple of them I use on a regular basis.
None of these need anything like five-nines availability, but they do need somewhere to run when needed.

- Cura: I have an Ubuntu VM that is dedicated to running Cura for 3D printing. I use several diferent
  computers throughout the day, so being able to slice and print things wherever I am (including from 
  my phone) is really handy.
- Windows 10: This Windows VM has a Bluray drive attached for working with my media collection or the
  odd piece of software that I have on optical media.
- pfSense: This VM is configured with an Intel NIC to be manually spun up before taking my main pfSense
  box down for maintenance. This VM isn't used often but it is essential to keeping the network up.

## Container Services
This is where the bulk of my services exist. Unraid uses Docker with some specialized templating to
provide a nice Web UI for deployment, but I would be happy writing my own [Helm charts](https://helm.sh/) or 
[Docker Compose](https://docs.docker.com/compose/) files to deploy things. There are a lot of containers here
so I'll try and organize them into some logical groups.


### Core Networking
These services are essential to keeping my network up and supporting other services. Outages here 
can bring down other services or parts of my network.

- DDClient: lets my domain registrar know when my public IP address changes
- LetsEncrypt: reverse-proxy for routing traffic to the appropriate container
- Unifi: controller and web UI for Ubiquiti networking
- Mosquitto: MQTT server used to connect ZWave devices to HomeAssistant

### Database and Backend
These provide support for other services. An outage here will affect some specific
other services.

- MariaDB: used by some other containers; I wouldn't mind eliminating or replacing this with Mongodb if I can.
  I know practically no SQL and a little Mongodb
- zwavejs2mqtt: connects to zwave devices to HomeAssistant
- Frigate: security camera monitoring, object detection, and recording

### User-Facing Services
These are the things you probably think of as what a home server is used for. Everything
here has a Web UI or is accessible via client software (or both).

- hexo-blog: this.
- Vaultwarden: password manager for Bitwarden clients
- Plex: media server; I may move to Emby or Jellyfin as media tagging has been less reliable for me lately
  and the recent [watch history debacle](https://www.techhive.com/article/2157803/plex-discover-together-privacy-concerns.html)
  is another nudge to find something better.
- Nextcloud: cloud storage, contacts, calendar, client device backups
- Matrix: [matrix chat](https://matrix.org/) home server
- HomeAssistant: smart home controls/automation and camera monitoring
- Heimdall: web dashboard; I just played with this and don't find myself using it often so I'll probably drop it
- Grafana: monitoring dashboard
- GitLab: self-hosted git; I don't use this much but do like having a GitHub alternative available for private
  projects (yes, I know you can have private repos on GitHub)

### Monitoring
These services monitor the other services. If something goes wrong here I'm likely the only one to notice.

- Influxdb: time-series database used to collect data for Grafana dashboards
- Tautulli: pulls Plex analytics, used to populate Grafana
- Varken: More Plex analytics middle-ware to push analytics to Influxdb
- UniFi-Poller: pulls Unifi analytics into Influxdb for Grafana
- Telegraf: pulls Unraid server analytics into Influxdb for Grafana

### Mostly Unused
A few containers I have mostly spun-down. Some of these are for testing/evaluation and others I just haven't bothered removing.

- ActualServer and Firefly-III: personal budgeting apps since [Mint](https://support.creditkarma.com/s/article/Intuit-Mint-and-Credit-Karma)
  is going away; neither really does what Mind does for me but I need an alternative since Mint is shutting down at the end of the year and
  CreditKarma doesn't appear to be getting budgets which is what Mint did for me.
- Handbrake: video encoder; I will probably run this in a VM if I move containers to k8s since I only run this as an Unraid container to 
  easily leverage all of my server's cores
- Genea: family tree builder, because that's the kind of data I won't put into a random webapp on the internet
- element-web: a Matrix client; I installed this with Matrix but never use it
- RabbitMQ: MQ server that I setup once in the early days of the [Diana backend](https://github.com/NeonGeckoCom/neon-diana-utils) I made
  for work.
- Wireshark: packet sniffing and more network stuff; realistically I would run this on a workstation if I need it

## Other
Aside from VMs and Containers, there is some basic functionality that needs to be addressed, namely data shares and VPN access.

### Network Shares
Unraid exposes SMB shares with some basic user access control. Shares on Unraid can utilize separate Cache and Array storage pools; 
both pools offer redundancy but the smaller Cache pool is faster than the larger Array pool. I'll go into storage in more detail when
I look at solutions for storage.

### WireGuard
Unraid includes a WireGuard server which I use to remote into my network when travelling if I need to access the filesystem or a shell
directly. This is particularly helpful if I need to restart a container or find something on a network share that isn't served via Plex
or Nextloud.

## Putting It All Together
This was all a long way of getting to what I really need in my software stack:
- Virtualization with device passthrough, i.e. a [KVM](https://www.linux-kvm.org/page/Main_Page) Hypervisor
- Container support, likely [k3s](https://k3s.io/)
- VPN access. I might delegate this to pfSense since that would allow for remote access in the event the cluster
  is offline so long as the router is on
- Network shares

I already mentioned [in my previous post](https://blog.mcknight.tech/2023/11/29/Homelab-Upgrades/) that upgrading my pfSense router
and picking a storage solution. I found some old network appliances repurposed to run pfSense [on ebay](https://www.ebay.com/itm/186181814221)
and plan on picking one up for a relatively inexpensive, low-power, and (hopefully) reliable solution.
Add existing content 2023-12-20 19:52:09 -08:00			`---`
			`date: 2023-12-01`
			`title: My Current Software Stack`
			`tags:`
			`- homelab`
			`- software`
			`- unraid`
			`---`
			`As part of planning [some hardware upgrades](https://blog.mcknight.tech/2023/11/29/Homelab-Upgrades/),`
			`I think it is important to evaluate the software side of things to make sure everything is accounted for`
			`in the new design. This is also a good opportunity to evaluate and prune what I have running before`
			`deciding where to move things around.`

			`## Virtual Machines`
			`I run a few VMs on my Unraid server; many are seldom used but a couple of them I use on a regular basis.`
			`None of these need anything like five-nines availability, but they do need somewhere to run when needed.`

			`- Cura: I have an Ubuntu VM that is dedicated to running Cura for 3D printing. I use several diferent`
			`computers throughout the day, so being able to slice and print things wherever I am (including from`
			`my phone) is really handy.`
			`- Windows 10: This Windows VM has a Bluray drive attached for working with my media collection or the`
			`odd piece of software that I have on optical media.`
			`- pfSense: This VM is configured with an Intel NIC to be manually spun up before taking my main pfSense`
			`box down for maintenance. This VM isn't used often but it is essential to keeping the network up.`

			`## Container Services`
			`This is where the bulk of my services exist. Unraid uses Docker with some specialized templating to`
			`provide a nice Web UI for deployment, but I would be happy writing my own [Helm charts](https://helm.sh/) or`
			`[Docker Compose](https://docs.docker.com/compose/) files to deploy things. There are a lot of containers here`
			`so I'll try and organize them into some logical groups.`


			`### Core Networking`
			`These services are essential to keeping my network up and supporting other services. Outages here`
			`can bring down other services or parts of my network.`

			`- DDClient: lets my domain registrar know when my public IP address changes`
			`- LetsEncrypt: reverse-proxy for routing traffic to the appropriate container`
			`- Unifi: controller and web UI for Ubiquiti networking`
			`- Mosquitto: MQTT server used to connect ZWave devices to HomeAssistant`

			`### Database and Backend`
			`These provide support for other services. An outage here will affect some specific`
			`other services.`

			`- MariaDB: used by some other containers; I wouldn't mind eliminating or replacing this with Mongodb if I can.`
			`I know practically no SQL and a little Mongodb`
			`- zwavejs2mqtt: connects to zwave devices to HomeAssistant`
			`- Frigate: security camera monitoring, object detection, and recording`

			`### User-Facing Services`
			`These are the things you probably think of as what a home server is used for. Everything`
			`here has a Web UI or is accessible via client software (or both).`

			`- hexo-blog: this.`
			`- Vaultwarden: password manager for Bitwarden clients`
			`- Plex: media server; I may move to Emby or Jellyfin as media tagging has been less reliable for me lately`
			`and the recent [watch history debacle](https://www.techhive.com/article/2157803/plex-discover-together-privacy-concerns.html)`
			`is another nudge to find something better.`
			`- Nextcloud: cloud storage, contacts, calendar, client device backups`
			`- Matrix: [matrix chat](https://matrix.org/) home server`
			`- HomeAssistant: smart home controls/automation and camera monitoring`
			`- Heimdall: web dashboard; I just played with this and don't find myself using it often so I'll probably drop it`
			`- Grafana: monitoring dashboard`
			`- GitLab: self-hosted git; I don't use this much but do like having a GitHub alternative available for private`
			`projects (yes, I know you can have private repos on GitHub)`

			`### Monitoring`
			`These services monitor the other services. If something goes wrong here I'm likely the only one to notice.`

			`- Influxdb: time-series database used to collect data for Grafana dashboards`
			`- Tautulli: pulls Plex analytics, used to populate Grafana`
			`- Varken: More Plex analytics middle-ware to push analytics to Influxdb`
			`- UniFi-Poller: pulls Unifi analytics into Influxdb for Grafana`
			`- Telegraf: pulls Unraid server analytics into Influxdb for Grafana`

			`### Mostly Unused`
			`A few containers I have mostly spun-down. Some of these are for testing/evaluation and others I just haven't bothered removing.`

			`- ActualServer and Firefly-III: personal budgeting apps since [Mint](https://support.creditkarma.com/s/article/Intuit-Mint-and-Credit-Karma)`
			`is going away; neither really does what Mind does for me but I need an alternative since Mint is shutting down at the end of the year and`
			`CreditKarma doesn't appear to be getting budgets which is what Mint did for me.`
			`- Handbrake: video encoder; I will probably run this in a VM if I move containers to k8s since I only run this as an Unraid container to`
			`easily leverage all of my server's cores`
			`- Genea: family tree builder, because that's the kind of data I won't put into a random webapp on the internet`
			`- element-web: a Matrix client; I installed this with Matrix but never use it`
			`- RabbitMQ: MQ server that I setup once in the early days of the [Diana backend](https://github.com/NeonGeckoCom/neon-diana-utils) I made`
			`for work.`
			`- Wireshark: packet sniffing and more network stuff; realistically I would run this on a workstation if I need it`

			`## Other`
			`Aside from VMs and Containers, there is some basic functionality that needs to be addressed, namely data shares and VPN access.`

			`### Network Shares`
			`Unraid exposes SMB shares with some basic user access control. Shares on Unraid can utilize separate Cache and Array storage pools;`
			`both pools offer redundancy but the smaller Cache pool is faster than the larger Array pool. I'll go into storage in more detail when`
			`I look at solutions for storage.`

			`### WireGuard`
			`Unraid includes a WireGuard server which I use to remote into my network when travelling if I need to access the filesystem or a shell`
			`directly. This is particularly helpful if I need to restart a container or find something on a network share that isn't served via Plex`
			`or Nextloud.`

			`## Putting It All Together`
			`This was all a long way of getting to what I really need in my software stack:`
			`- Virtualization with device passthrough, i.e. a [KVM](https://www.linux-kvm.org/page/Main_Page) Hypervisor`
			`- Container support, likely [k3s](https://k3s.io/)`
			`- VPN access. I might delegate this to pfSense since that would allow for remote access in the event the cluster`
			`is offline so long as the router is on`
			`- Network shares`

			`I already mentioned [in my previous post](https://blog.mcknight.tech/2023/11/29/Homelab-Upgrades/) that upgrading my pfSense router`
			`and picking a storage solution. I found some old network appliances repurposed to run pfSense [on ebay](https://www.ebay.com/itm/186181814221)`
			`and plan on picking one up for a relatively inexpensive, low-power, and (hopefully) reliable solution.`