As part of planning some hardware upgrades, I think it is important to evaluate the software side of things to make sure everything is accounted for in the new design. This is also a good opportunity to evaluate and prune what I have running before deciding where to move things around.

Virtual Machines

I run a few VMs on my Unraid server; many are seldom used but a couple of them I use on a regular basis. None of these need anything like five-nines availability, but they do need somewhere to run when needed.

  • Cura: I have an Ubuntu VM that is dedicated to running Cura for 3D printing. I use several diferent computers throughout the day, so being able to slice and print things wherever I am (including from my phone) is really handy.
  • Windows 10: This Windows VM has a Bluray drive attached for working with my media collection or the odd piece of software that I have on optical media.
  • pfSense: This VM is configured with an Intel NIC to be manually spun up before taking my main pfSense box down for maintenance. This VM isn’t used often but it is essential to keeping the network up.

Container Services

This is where the bulk of my services exist. Unraid uses Docker with some specialized templating to provide a nice Web UI for deployment, but I would be happy writing my own Helm charts or Docker Compose files to deploy things. There are a lot of containers here so I’ll try and organize them into some logical groups.

Core Networking

These services are essential to keeping my network up and supporting other services. Outages here can bring down other services or parts of my network.

  • DDClient: lets my domain registrar know when my public IP address changes
  • LetsEncrypt: reverse-proxy for routing traffic to the appropriate container
  • Unifi: controller and web UI for Ubiquiti networking
  • Mosquitto: MQTT server used to connect ZWave devices to HomeAssistant

Database and Backend

These provide support for other services. An outage here will affect some specific other services.

  • MariaDB: used by some other containers; I wouldn’t mind eliminating or replacing this with Mongodb if I can. I know practically no SQL and a little Mongodb
  • zwavejs2mqtt: connects to zwave devices to HomeAssistant
  • Frigate: security camera monitoring, object detection, and recording

User-Facing Services

These are the things you probably think of as what a home server is used for. Everything here has a Web UI or is accessible via client software (or both).

  • hexo-blog: this.
  • Vaultwarden: password manager for Bitwarden clients
  • Plex: media server; I may move to Emby or Jellyfin as media tagging has been less reliable for me lately and the recent watch history debacle is another nudge to find something better.
  • Nextcloud: cloud storage, contacts, calendar, client device backups
  • Matrix: matrix chat home server
  • HomeAssistant: smart home controls/automation and camera monitoring
  • Heimdall: web dashboard; I just played with this and don’t find myself using it often so I’ll probably drop it
  • Grafana: monitoring dashboard
  • GitLab: self-hosted git; I don’t use this much but do like having a GitHub alternative available for private projects (yes, I know you can have private repos on GitHub)

Monitoring

These services monitor the other services. If something goes wrong here I’m likely the only one to notice.

  • Influxdb: time-series database used to collect data for Grafana dashboards
  • Tautulli: pulls Plex analytics, used to populate Grafana
  • Varken: More Plex analytics middle-ware to push analytics to Influxdb
  • UniFi-Poller: pulls Unifi analytics into Influxdb for Grafana
  • Telegraf: pulls Unraid server analytics into Influxdb for Grafana

Mostly Unused

A few containers I have mostly spun-down. Some of these are for testing/evaluation and others I just haven’t bothered removing.

  • ActualServer and Firefly-III: personal budgeting apps since Mint is going away; neither really does what Mind does for me but I need an alternative since Mint is shutting down at the end of the year and CreditKarma doesn’t appear to be getting budgets which is what Mint did for me.
  • Handbrake: video encoder; I will probably run this in a VM if I move containers to k8s since I only run this as an Unraid container to easily leverage all of my server’s cores
  • Genea: family tree builder, because that’s the kind of data I won’t put into a random webapp on the internet
  • element-web: a Matrix client; I installed this with Matrix but never use it
  • RabbitMQ: MQ server that I setup once in the early days of the Diana backend I made for work.
  • Wireshark: packet sniffing and more network stuff; realistically I would run this on a workstation if I need it

Other

Aside from VMs and Containers, there is some basic functionality that needs to be addressed, namely data shares and VPN access.

Network Shares

Unraid exposes SMB shares with some basic user access control. Shares on Unraid can utilize separate Cache and Array storage pools; both pools offer redundancy but the smaller Cache pool is faster than the larger Array pool. I’ll go into storage in more detail when I look at solutions for storage.

WireGuard

Unraid includes a WireGuard server which I use to remote into my network when travelling if I need to access the filesystem or a shell directly. This is particularly helpful if I need to restart a container or find something on a network share that isn’t served via Plex or Nextloud.

Putting It All Together

This was all a long way of getting to what I really need in my software stack:

  • Virtualization with device passthrough, i.e. a KVM Hypervisor
  • Container support, likely k3s
  • VPN access. I might delegate this to pfSense since that would allow for remote access in the event the cluster is offline so long as the router is on
  • Network shares

I already mentioned in my previous post that upgrading my pfSense router and picking a storage solution. I found some old network appliances repurposed to run pfSense on ebay and plan on picking one up for a relatively inexpensive, low-power, and (hopefully) reliable solution.