atridad/atridotdad
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
46c42cd7658db74e377c42a7b8c73ebb95c35585
atridotdad/src/content/posts/2026-infra-setup.md
Atridad Lahiji 63282cf34d
All checks were successful
Docker Deploy / build-and-push (push) Successful in 5m59s
Details
New year, new post!
2026-02-03 10:29:03 -07:00

3.0 KiB
Raw Blame History

title, description, pubDate, tags
title description pubDate tags
My 2026 Infrastructure Building a Homelab that scales. 2026-02-03
devops
infra
nas

In the year of our lord, 2026, I figured I'd go over how I have set up this website, along with the other services I host for myself and for my business. Hopefully this proves useful to perspective self-hosters out there!

The Network

One word: Tailscale.

Tailscale is a wireguard based mesh network where your devices connect to eachother on a "tailnet". Each device can access eachother directly via a name and a tailnet domain you are assigned. For instance, if your device is called megatron, you might connect to it through another machine on the network using megatron.stinky-panda.ts.net. It's that easy! This is the glue of the network, which allows me to expose services from my home without exposing my home IP.

Lloyd

Lloyd is the main machine here. It runs TrueNAS as its hypervisor, and runs a combination of applications built in to the software and docker containers I deploy manually. It, along with everything else on my network, is named after characters from the 1999 PS1 game The Legend of Dragoon. Lloyd is not ever directly exposed from my network, but is instead connected to Tailscale where it connects to the next piece of the puzzle.

Haschel

Following with my theme, my proxy server hosted on OVHCloud is called Haschel. Haschel is responsible for one thing and one thing only: running NGINX proxy manager. Now, typically you would use this to point to local services. This is why Tailscale is so useful, however. Say I need to point to a web server on port 6969 on Lloyd. All I would do is point to port 6969 and hostname lloyd.stinky-panda.ts.net. Tailscale routes the request to Lloyd, and the only IP address ever exposed in the process belongs to Haschel hosted on OVHCloud.

Putting it all together

This is fairly basic, but I realize that not everyone is familiar with multi-cloud setups or mesh networking, so I made a diagram which I hope will make it clear:

Diagram of Endinet

Feel free to reach out if you have any questions about how I got everything working. I can be reached by email at me@atri.dad.

Reference in New Issue View Git Blame Copy Permalink