Hello!

I’ve been wanting to start this project and have my own lab for a while now. However, there were some requirements to consider. First, I wanted it to be energy-efficient, even if it meant sacrificing some performance. When I tried using my old Intel 4th gen K series computer, I realized it wouldn’t be feasible due to power consumption costs. The second requirement was that it had to be small in size. The third requirement was that it had to be affordable, but Orange Pi and Raspberry Pi are quite expensive these days.

During my research, I came across the Armbian project, and the challenge was to find devices available on national e-commerce that would work. After three attempts, I finally found a functional and affordable model. For now, this first device will focus only on VPN and DNS, using Tailscale and Pi-hole. For devices connected to the Tailscale network, all network traffic will pass through it, while others will use the DNS only through my internet provider’s router. This device is connected to the router via a Cat 6 patch cord.

As I plan to isolate functions, the second device will be responsible for serving applications on my network, so it will have protection configurations, observability, and more, such as UFW, Fail2Ban, Netdata, Prometheus, and Grafana. On this second device, I’ll plug in my external hard drives and centralize data availability, all within the Tailscale network.

Now, I’m thinking about isolating the exposure of services outside the private network on a third device, using Funnel. Another addition to the homelab will be an uninterruptible power supply (UPS). As for numbers, Pi-hole is currently blocking 25% of requests, and this number is likely to increase once I connect to the VPN service (remote work).

I’m documenting the process, but basically, I’ve used Armbian, Multitool, SD card, and these cheap TV boxes.