A Stronger HomeLab
TL;DR
Because its not about if, but when a single point of failure will be gone.
BackUps
Lately I was reading this reddit backup post
- NextCloud
- ProtonDrive
Unfortunately, there is no official https://github.com/donniedice/protondrive-linux
You also have some static/blob storage:
sudo sudo du -h --max-depth=10 /var/lib/docker | sort -rh | head
How about code backups?
Media
Privacy Apps
Some time ago I put together this list of cool security apps: https://jalcocert.github.io/Linux/docs/nix/fav-apps/#secprivacy
- Secure email client via Thunderbird or https://proton.me/blog/proton-mail-desktop-app
wget https://proton.me/download/mail/linux/1.9.0/ProtonMail-desktop-beta.deb
sudo dpkg -i ProtonMail-desktop-beta.deb
sudo apt-get install -f
You can use my protonmail referal.
VPN
To connect to your homelab, having a VPN at home is a nice way.
You can combine it with HTTPs/SSL setup if you have a domain + have this Traefik Setup.
To get started, tailscale is a great way to proceed.
You also have:
- ProtonVPN
- https://protonvpn.com/support/installing-protonvpn-on-a-router
- https://account.proton.me/u/0/vpn/vpn-apps
#https://protonvpn.com/support/official-linux-vpn-debian/
wget https://repo.protonvpn.com/debian/dists/stable/main/binary-all/protonvpn-stable-release_1.0.8_all.deb
sudo dpkg -i ./protonvpn-stable-release_1.0.8_all.deb && sudo apt update
#echo "0b14e71586b22e498eb20926c48c7b434b751149b1f2af9902ef1cfe6b03e180 protonvpn-stable-release_1.0.8_all.deb" | sha256sum --check -
sudo apt install proton-vpn-gnome-desktop
- Mullvad
Or locally:
#https://mullvad.net/en/download/vpn/linux
# Download the Mullvad signing key
sudo curl -fsSLo /usr/share/keyrings/mullvad-keyring.asc https://repository.mullvad.net/deb/mullvad-keyring.asc
# Add the Mullvad repository server to apt
echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable stable main" | sudo tee /etc/apt/sources.list.d/mullvad.list
# Install the package
sudo apt update
sudo apt install mullvad-vpn
- Wireguard
Which you can setup via wg easy as seen with the x300
HTTPs and SSL Everywhere
With NGINX Proxy Manager via UI
With Traefik (v3.3 is great) Programatically!
Passwords
I simply love Bitwarden (which can also be selfhosted).
- It has a nice Android/Linux Desktop App
- You can add 2fa to it as well: https://vault.bitwarden.com/#/login
You also have other interesting pwd managers:
ProtonPass - https://github.com/ProtonPass
KeePass
2FA
Initially, I was using authy as my 2fa app.
I also tried Google Auth and microsoft version of it.
They all work fine.
Then I heard about: 2FAS and Aegis, which are OSS.
But just recently, we have https://proton.me/authenticator
curl -LO https://proton.me/download/authenticator/linux/ProtonAuthenticator_1.0.0_amd64.deb
sudo dpkg -i ProtonAuthenticator_1.0.0_amd64.deb
sudo apt-get install -f
#rm ProtonAuthenticator_1.0.0_amd64.deb
- It works cross-device (for real, including linux desktop + android).
- Its OSS and allows direct import/export.
- Allows (optional) to automatic sync via a proton account.
Im using mostly 2FAS (which syncs codes via gdrive)
But im giving a try to ProtonAuthenticator (Synced via protonmail + keeping backup codes handy, just in case)
For business purpose, you can still keep your microsoft auth / Google 2fa
Chats
I like the telegram desktop app, but lately whenever I open it leaves my system frozen for a while.
#flatpak install flathub org.telegram.desktop
Telegram bots are fun to tinker with!
In case that some of the well know chats stop working, you can try these:
flatpak install flathub im.riot.Riot #element
#flatpak install flathub org.signal.Signal
If you like Matrix or Signal, you might find interesting:
Bluetooth mesh chat, IRC vibes
Private AI
AI Apps with Containers and Cloudflare Tunnels.
LLMs
Try with Ollama
Alternatively, you can try these LLMs:
Image Generation
- Foocus
- Stable Difussion Web UI
- Easy Difussion
Conclusions
Its a long way to the top if you wanna rocknroll.
Same applies for a homelab security.
Dont forget to clean from time to time the apt packages that you are not using.
To do that via UI, you can try Stacer
sudo add-apt-repository ppa:oguzhaninan/stacer
sudo apt-get update
sudo apt-get install stacer