Updated infra post
All checks were successful
Docker Deploy / build-and-push (push) Successful in 2m50s
All checks were successful
Docker Deploy / build-and-push (push) Successful in 2m50s
This commit is contained in:
@@ -1,8 +1,8 @@
|
||||
---
|
||||
title: "My 2026 Infrastructure"
|
||||
description: "Building a Homelab that scales."
|
||||
pubDate: "2026-02-03"
|
||||
tags: ["devops", "infra", "nas"]
|
||||
pubDate: "2026-02-25"
|
||||
tags: ["devops", "infra", "nas", "nix"]
|
||||
---
|
||||
|
||||
In the year of our lord, 2026, I figured I'd go over how I have set up this website, along with the other services I host for myself and for my business. Hopefully this proves useful to perspective self-hosters out there!
|
||||
@@ -15,15 +15,15 @@ Tailscale is a wireguard based mesh network where your devices connect to eachot
|
||||
|
||||
## Lloyd
|
||||
|
||||
Lloyd is the main machine here. It runs TrueNAS as its hypervisor, and runs a combination of applications built in to the software and docker containers I deploy manually. It, along with everything else on my network, is named after characters from the 1999 PS1 game ```The Legend of Dragoon```. Lloyd is not ever directly exposed from my network, but is instead connected to Tailscale where it connects to the next piece of the puzzle.
|
||||
Lloyd is the main machine here. It runs TrueNAS Scale as its hypervisor, and runs a combination of applications from their "apps" section and docker containers I deploy manually. It, along with everything else on my network, is named after characters from the 1999 PS1 game ```The Legend of Dragoon```. Lloyd is not ever directly exposed from my network, but is instead connected to Tailscale where it connects to the next piece of the puzzle.
|
||||
|
||||
## Haschel
|
||||
|
||||
Following with my theme, my proxy server hosted on OVHCloud is called Haschel. Haschel is responsible for one thing and one thing only: running NGINX proxy manager. Now, typically you would use this to point to local services. This is why Tailscale is so useful, however. Say I need to point to a web server on port ```6969``` on Lloyd. All I would do is point to port ```6969``` and hostname ```lloyd.stinky-panda.ts.net```. Tailscale routes the request to Lloyd, and the only IP address ever exposed in the process belongs to Haschel hosted on OVHCloud.
|
||||
Following with my theme, my proxy server hosted on OVHCloud is called Haschel. Haschel is responsible for proxying using NGINX. Now, typically you would use this to point to local services. This is why Tailscale is so useful, however. Say I need to point to a web server on port ```6969``` on Lloyd. All I would do is point to port ```6969``` and hostname ```lloyd.stinky-panda.ts.net```. Tailscale routes the request to Lloyd, and the only IP address ever exposed in the process belongs to Haschel hosted on OVHCloud. One quirk of Haschel is it is running NixOS, which is a Nix based operating system that can be declaratively configured. This means that everything that runs on Haschel can be defined in [this](https://git.atri.dad/atridad/haschel) git repo, and my continuous integration takes care of connecting to the actual server and re-building with the new configuration. Due to the flexibility of Nix, I can swap VPS providers at any time and be up and running in under an hour.
|
||||
|
||||
## Putting it all together
|
||||
|
||||
This is fairly basic, but I realize that not everyone is familiar with multi-cloud setups or mesh networking, so I made a diagram which I hope will make it clear:
|
||||
I realize that not everyone is familiar with multi-cloud setups or mesh networking, so I made a diagram which I hope will make it clear:
|
||||
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user