A Stronger HomeLab
Intro
BackUps
Lately I was reading this reddit backup post
Because its not about if, but when a single point of failure will be gone.
- NextCloud
- ProtonDrive
Unfortunately, there is no official https://github.com/donniedice/protondrive-linux
You also have some static/blob storage:
sudo sudo du -h --max-depth=10 /var/lib/docker | sort -rh | head
How about code backups?
Media
Privacy Apps
Some time ago I put together this list of cool security apps: https://jalcocert.github.io/Linux/docs/nix/fav-apps/#secprivacy
- Secure email client via Thunderbird or https://proton.me/blog/proton-mail-desktop-app
wget https://proton.me/download/mail/linux/1.9.0/ProtonMail-desktop-beta.deb
sudo dpkg -i ProtonMail-desktop-beta.deb
sudo apt-get install -f
You can use my protonmail referal: https://pr.tn/ref/RHJ7YZE8BN8G
VPN
To connect to your homelab, having a VPN at home is a nice way.
You can combine it with HTTPs/SSL setup if you have a domain + have this Traefik Setup.
To get started, tailscale is a great way to proceed.
You also have:
- ProtonVPN
- https://protonvpn.com/support/installing-protonvpn-on-a-router
- https://account.proton.me/u/0/vpn/vpn-apps
#https://protonvpn.com/support/official-linux-vpn-debian/
wget https://repo.protonvpn.com/debian/dists/stable/main/binary-all/protonvpn-stable-release_1.0.8_all.deb
sudo dpkg -i ./protonvpn-stable-release_1.0.8_all.deb && sudo apt update
#echo "0b14e71586b22e498eb20926c48c7b434b751149b1f2af9902ef1cfe6b03e180 protonvpn-stable-release_1.0.8_all.deb" | sha256sum --check -
sudo apt install proton-vpn-gnome-desktop
- Mullvad
Or locally:
#https://mullvad.net/en/download/vpn/linux
# Download the Mullvad signing key
sudo curl -fsSLo /usr/share/keyrings/mullvad-keyring.asc https://repository.mullvad.net/deb/mullvad-keyring.asc
# Add the Mullvad repository server to apt
echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable stable main" | sudo tee /etc/apt/sources.list.d/mullvad.list
# Install the package
sudo apt update
sudo apt install mullvad-vpn
- Wireguard
Which you can setup via wg easy as seen with the x300
HTTPs and SSL Everywhere
With NGINX Proxy Manager via UI
With Traefik Programatically!
Passwords
I simply love Bitwarden (which can also be selfhosted).
- It has a nice Android/Linux Desktop App
- You can add 2fa to it as well: https://vault.bitwarden.com/#/login
You also have:
ProtonPass - https://github.com/ProtonPass
KeePass
2FA
Initially, I was using authy as my 2fa app.
I also tried Google auth and microsoft version of it.
They all work fine.
Then I heard about: 2FAS and Aegis, which are OSS.
But just recently, we have https://proton.me/authenticator
curl -LO https://proton.me/download/authenticator/linux/ProtonAuthenticator_1.0.0_amd64.deb
sudo dpkg -i ProtonAuthenticator_1.0.0_amd64.deb
sudo apt-get install -f
#rm ProtonAuthenticator_1.0.0_amd64.deb
- It works cross-device (for real, including linux desktop + android).
- Its OSS and allows direct import/export.
- Allows (optional) to automatic sync via a proton account.
Im using mostly 2FAS (which syncs codes via gdrive)
But im giving a try to ProtonAuthenticator (Synced via protonmail + keeping backup codes handy, just in case)
For business purpose, you can still keep your microsoft auth / Google 2fa
Chats
I like the telegram desktop app, but lately whenever i open it leaves my system frozen for a while.
#flatpak install flathub org.telegram.desktop
Telegram bots are fun to tinker with!
In case that some of the well know chats stop working, you can try these:
flatpak install flathub im.riot.Riot #element
#flatpak install flathub org.signal.Signal
If you like Matrix or Signal, you might find interesting:
Bluetooth mesh chat, IRC vibes
Private AI
AI Apps with Containers and Cloudflare Tunnels
LLMs
Try with Ollama
Alternatively, you can try these LLMs:
Image Generation
- Foocus
- Stable Difussion Web UI
- Easy Difussion
Conclusions
Its a long way to the top if you wanna rocknroll.
Same for homelab security.
Dont forget to clean from time to time the apt packages that you are not using.
To do that via UI, you can try Stacer