Immich/PhotoPrism/whatever you use for image backup. Cloud providers are snooping through your shit.
Plex/Jellyfin for streaming
Sonarr, Radarr, Prowlarr, SABnzbd, qBittorrent to support the streaming service(s)
The only one I haven’t seen mentioned here that is a requirement for me is OPNsense. I’ve been using it for a couple years, and pfSense before that for a very long time. Never going back to commercial routers and their shitty / buggy / backdoored software. I highly recommend OPNsense over pfSense for the UI improvements alone, but there are other reasons to use/support OPNsense over pfSense.
On my network it handles internet firewall, internal firewall, and all routing across 5 VLANs and between two internet gateways. It does 1-1 NAT for my public IPs, inbound VPN, outbound VPN for my *arr stack, and RDNS blocklists with the data source being a script I wrote that merges from several sources and deduplicates the list. It is my internal certificate authority (I don’t miss you at all, Windows CA), DHCP for the guest wifi, and does pihole-like ad blocking via DNS for my entire network. And it does all that running in a VM with 2GB of RAM, of which it only uses about 60% on my install.
It is an incredibly powerful tool, not terribly difficult to learn, has a pretty damn good UI for FOSS, and in my opinion is a fantastic foundation for a complex home network / homelab. Unlike pfSense, which corrupted itself twice over the years I ran it, it has never let me down. And every update has been painless over the years.
I understood some of those words. It make network go?
It make network go very good.
Second OPNsense. pfSense also is maintained by some pretty shitty individuals.
Why “shitty individuals”?
https://web.archive.org/web/20160314132836/http://www.opnsense.com/
This was the website that pfsense maintainers made as soon as OPNsense was announced. They sniped the name, derided the project and only ended up handing over the domain after they were legally compelled to.
One person affiliated with Netgate in particular can be seen around forums and social media and has serious axes to grind. He’s… not pleasant.
Add to that Netgate’s practices (IIRC secret proprietary blob required to build pfsense, double-check that fact / unremovable installation tracking) and the picture painted is one of petulance and anger.
[edit] oh yeah, and this gem! https://arstechnica.com/gadgets/2021/03/buffer-overruns-license-violations-and-bad-code-freebsd-13s-close-call/
Damn, now I get where is your “shitty individuals” coming from. Thanks for the info.
No one’s mentioned Forgejo yet? Solid git and artifact repository.
vaultwarden, jellyfin, freshrss, nextcloud, and wireguard
How is fressrss?
I am also running readarr and bookshelf
It’s perfect, better with themes
I used freshrss for quite some time, but the themes always looked a bit “off” for me. Went to miniflux and its awesome in its minimalism.
Paperless-ngx
The rest is already in the other comments
In no particular order, the most essential ones are those I constantly use throughout my day and also weekly.
Proxmox holds all of these in different LXC’s and VM’s
- Home Assistant
- Pocket-ID - https://github.com/stonith404/pocket-id (Exclusive Passkey login system as in -no un/pw just your Passkey which - doubles as an OIDC provider)
- Homepage (By Ben Phelps of gethomepage.dev)
- Vaultwarden
- TechnitiumDNS which handles all of my DHCP and Adblocking in a one system, extremely capable software especially useful for SOHO too.
- Baserow - Airtable alternative. It holds certain items of importance like what MAC address each device in my home network holds and what IP It uses in an intelligent view. I also was using it for a while to log issues with my sleep where I deal with insomnia, so I logged how well I slept, how many times I woke up, how long it took me to fall asleep etc. That was a simple form I created using drag/drop in Baserow and called by a URL.
- OpenVSCode server - makes editing my Homepage (above) yaml and my docker-compose files a breeze! It’s especially nice when you edit it something and it auto saves almost instantly. Makes some of my services change in real-time!
- UptimeKuma - Simply one of the best out there for me
- Gotify - I get alerted to my Tuya based dehumidifer tank being full via Home Assistant, Downtime alerts from UptimeKuma and a variety of other services which I deem higher priority alerts over “fix when you can” ones.
Aside from that, i do have other services I use every so often like Memos, Joplin Server (holds most of my notes), Pingvin and a few others.
Does Technitium support DNS rewrites like Adguard Home?
I’m about 99% sure it does, I don’t use it that way but It does allow DNS zones. For example:
It’s a lot more technical then Adguard Home for sure. Both work just fine though, I came from Adguard Home as I use a PXE server to provision some of my devices and Technitium is super easy to configure that.
I tried Baserow a while ago but decided not to use it because it started downloading the application after running the container and required an online account (that could also be NocoDB). How has your experience been after using it for longer?
I had to create an account as per the usual process for these types of apps, but it was all local. I never had to do one to connect to their servers. I know it generates a unique instance ID which I believe phones home to their servers but I don’t mind personally.
As for my experience, a lot of it is locked behind their paid plans, so I just keep it limited to what I use which is fine. I do like it as it does better than NocoDB for my needs (the input forms is what I needed) and it does better there. I don’t recall the other reasons for not using NocoDB otherwise, but it’s a long while.
Their pricing is here: https://baserow.io/pricing
So, that’s mostly what is locked behind. My sleep form I built which feeds the database:
Overall, it does meet my needs so that’s all I ask. :)
+1 for UptimeKuma. Works great.
Arr stack plus Jellyfin/Plex, Nextcloud and Gitea.
- AdGuard home (usable also as private DNS on Android)
- JellyFin
- Homeassistant
-
Samba (I can move files now, sweet!)
-
Jellyfin (I can watch stuff, sweet!)
-
Qbittorrent-wireguard (for pirating copyrighted material from the internet illegally)
-
Somesuch Wireguard solution (for accessing the backend and doin stuff)
-
A proxy somewhere else
The rest is extra. This gets my usual goals completed pretty well.
-
It’s not very exciting, but: Network UPS Tools (NUT).
Keep everything in good shape in the event of a power outage.
For me it’s the first thing i learned how to self host: Nextcloud …which in turn allows me to sync Joplin notes, which I use constantly
WireGuard on my VPS, because otherwise I’m stuck behind CGNAT and can’t access anything in my network from elsewhere. Or Tailscale, but that’s not really self-hosted.
Adguard home
and Wireguard pointed at AdGuard for DNS
Set the mobile app to enable WireGuard connection when not on home network and then you have AdGuard everywhere
I’ve pointed my domain to my wireguard tunnel VPS IP, same result. I can just set my private DNS in settings pointing to my AdGuard domain
Plex, channels, mail, calendar, contacts, wiki
Audiobookshelf, Calibre-Web, Plex/Jellyfin, FreshRSS, NextCloud, DokuWiki.
