Virtualized with libvirt:
- Nomad (3 nodes)
- Consul (3 nodes)
- Vault (3 nodes)
- Gitlab + CI
- Nextcloud
- Sonarr, radarr, bazarr, jackett, deluge
- Prometheus
- opensearch
- puppet
- powerdns (international authoritive main + replica), unbound (internal recursor), ntp (2 nodes)
- powerdns (public authoritive replica)
- haproxy (2 nodes)
- nfs, samba
- Seaweedfs (S3) (3 nodes)
- rsnapshot
- package repositories (deb, rpm - plain dirs/files served by apache, with some scripts to manage repo metadata)
- postgresql + patroni (2 nodes)
- container registry (to investigate replacing with zot)
- openldap, keycloak (2 nodes)
- unifi controller
In nomad:
- Grafana
- Vaultwarden
- Tandoor
- Matrix
- Puppetboard
- Prometheus exporters for various things
Offsite rpi @ parents
- Rsnapshot, samba
Rpi doing router duties, to be replaced with rb3011 when I finalize it's config in terraform
VPS:
- Powerdns (public authoritive primary), haproxy, postfix (secondary MX)
- Postfix (primary MX), dovecot, spamassassin, opendmarc, opendkim
Old laptop: k8s playground for learning
Short-term todo:
- Homeassistant
Public dns names have A records pointing to haproxy vps, which proxies to home over tunnel, and AAAA records pointing straight to home (I have static ipv6 prefix, but no static ipv4 address)
Selfhosting mail with redundancy is easy. Staying of blocklists and filtering spam out is less easy.
There are some pretty good guides available online, and since dovecot and postfix are old and stable, years-old guides are still relevant. I'm on mobile though, so can't immediately link any. (Almost all of them are standard deb/rpm+systemd based, no docker. But if you really want docker, building those containers is pretty easy, it's just a package, a few configs and a service after all...)