atridad/atridotdad
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

New year, new post!
All checks were successful
Docker Deploy / build-and-push (push) Successful in 5m59s
Details

Browse Source
This commit is contained in:
Atridad Lahiji
2026-02-03 10:29:03 -07:00
parent 3eac226630
commit 63282cf34d
3 changed files with 109 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/content/posts/2026-infra-setup.md Normal file
View File

@@ -0,0 +1,30 @@
---
title: "My 2026 Infrastructure"
description: "Building a Homelab that scales."
pubDate: "2026-02-03"
tags: ["devops", "infra", "nas"]
---
In the year of our lord, 2026, I figured I'd go over how I have set up this website, along with the other services I host for myself and for my business. Hopefully this proves useful to perspective self-hosters out there!
## The Network
One word: Tailscale.
Tailscale is a wireguard based mesh network where your devices connect to eachother on a "tailnet". Each device can access eachother directly via a name and a tailnet domain you are assigned. For instance, if your device is called ```megatron```, you might connect to it through another machine on the network using ```megatron.stinky-panda.ts.net```. It's that easy! This is the glue of the network, which allows me to expose services from my home without exposing my home IP.
## Lloyd
Lloyd is the main machine here. It runs TrueNAS as its hypervisor, and runs a combination of applications built in to the software and docker containers I deploy manually. It, along with everything else on my network, is named after characters from the 1999 PS1 game ```The Legend of Dragoon```. Lloyd is not ever directly exposed from my network, but is instead connected to Tailscale where it connects to the next piece of the puzzle.
## Haschel
Following with my theme, my proxy server hosted on OVHCloud is called Haschel. Haschel is responsible for one thing and one thing only: running NGINX proxy manager. Now, typically you would use this to point to local services. This is why Tailscale is so useful, however. Say I need to point to a web server on port ```6969``` on Lloyd. All I would do is point to port ```6969``` and hostname ```lloyd.stinky-panda.ts.net```. Tailscale routes the request to Lloyd, and the only IP address ever exposed in the process belongs to Haschel hosted on OVHCloud.
## Putting it all together
This is fairly basic, but I realize that not everyone is familiar with multi-cloud setups or mesh networking, so I made a diagram which I hope will make it clear:
![Diagram of Endinet](https://msrc.atri.dad/img/pako:eNqFVF1v2jAU_SuWeWmlgEw-gORhUtVNo1NhaDA0LfTBTW7AqrGRbQYM-O9zQvkO3c3LtX3uufbxidc4kSngCGdcLpIJVQY9_xgJZEPPX8eKziboUQpDmQCF4i8itYl52SHySJmCxDApDnV5HLOfGtTd3ZMwoGzh_X0Z5tBpQBm3KBTniU4oB9QFs5Dq7aTj7a55tKlOJsDj89mTleuF78M2Gvb61wvdr0_dX6in5HKFOlTQMahz0MWunrlcpSWdi_nr6YGaQ_eh_yFl6eFQtfpps9tWj2q9uWwAwg7Or6AoaQ8Gvf7mKETJDTzMZhrFfVB_WAIa5QLn3GUHtZRV1K_HPVBaCspRnxm4DXRj6yM954aJ8X-gXvwNOF9lTNzG-PGQWrIFVSl8AAvijjVsomhmUH4qUC8XOl0Ips3Kuu5o-YxxHlWyIhxtlHyDqOJ53nteXbDUTCJ3tnQSyaWKKoSQHdMp397Y72xh_pWxpVTbf1DRVYQCFJwy7K9-xwD1LMjgwEDcZvM1PYXvJDhs3gNyAEPWSAjBDh4rluLIWBc6eApqSvMhXuc0I2wmMIURjmyaQpZLPcIjsbVlMyp-SzndVyo5H09wlFGu7Wg-S6mBz4xaOx0hVl9Qj3IuDI78sKDA0RovceS6taZP6g2vRbw6IUGr4eCVBXlBLSQk9MLQr_uk4QZbB_8tupJa4LpBvdHyQxJ4Td9rORhSZqTq7F6y4kHb_gPvu2Kz?type=png)
Feel free to reach out if you have any questions about how I got everything working. I can be reached by email at [me@atri.dad](mailto:me@atri.dad).