2.6 KiB
2.6 KiB
Homelab Todo List
Prioritized list of things Claudio wants to do with his homelab. Last updated: 2026-04-01.
Backup & Restore
- Regular backup for NAS at parents' place
- Proxmox backup
- Paperless backup (and public access)
- Backup test script — verify restores actually work
- Kopia/Time Machine backup for Claudio's + Alena's machines (dotfiles, etc.)
- Backup system across entire lab (321 rule: 3 copies, 2 media, 1 offsite)
Hosting & Apps
- Host Mealie (meal planning)
- Host Nextcloud
- Paperless-ngx public access setup
- Update Pangolin + integrate with Authentik (OIDC)
Infrastructure Cleanup
- Clean up VPS — consolidate from many reverse proxies (pangolin, nginx, caddy, traefik, dokku, cloudflare?) to one proven stack
- Version control VPS setup (docker files + config files in git)
- Fix SSH keys: use single key or few keys instead of many
Monitoring & Documentation
- Glance / Uptime Kuma page showing all hosted services status
- Documentation for everything hosted
- Monthly maintenance reminder + checklist
Access & Networking
- One admin VPN network (evaluate: ZeroTier vs Tailscale vs Pangolin private)
- Invite people (family, friends) to appropriate services
Network Infrastructure
- Define IP ranges properly (e.g., 10.0.0.0/24 for lab, 10.0.1.0/24 for prod, 10.0.2.0/24 for DMZ)
- Set up VLANs: separate prod, dev/staging, IoT, guests
- Document VLAN/subnet map and which services live where
- Firewall rules between VLANs (default deny, explicit allow)
Automation & Maintenance
- Max 1h/month maintenance target — automate as much as possible
- Monthly maintenance reminder + checklist (Orik helps build)
- Automated backup verification (not just "ran", but "actually restoreable")
- Automated health checks + alerts
Environments
- Proper distinction between production, development, and staging
- Dev/staging on separate VLAN from production
- Clear naming conventions for which services are which environment
Notes
Priority direction
Backup foundation first, then hosting apps, then cleanup and monitoring.
VPN evaluation criteria
- Ease of setup + maintenance
- Works on all devices (Claudio's + Alena's)
- integrates with existing Cloudflare/Pangolin setup
- performance on mobile
Monthly maintenance checklist (to build)
- Verify backups ran successfully
- Check disk usage on all nodes
- Review logs for errors
- Test at least one restore
- Update docker images / system packages
- Check SSL certs expiration
- Verify VPN connectivity
- Review access logs for anomalies