What a tangled web we weave (with local integration)

I have been doing spring cleaning of my home network. It started when my primary router (Untanged on Protectli FW4B) started to have random reboots and looked like it was some type of hardware failure. Ordered a FW4C to replace the FW4B installed and uploaded my configuration and everything was going well. Found out that it was the memory module in the old unit so I got new memory replaced and stress tested and it ran just fine.

Well what does one do with a 4 port fanless computer that has some time on their hands? Install Proxmox on the box and see how many of the raspberry Pi's and scattered containers I have on my network can be migrated to Linux containers on the Proxmox.

  • Grafana
  • InfluxDB
  • Weewx
  • Echo Speaks Server
  • 3 PiHole instances
  • 3 DNSCrypt instances
  • Time Server prod
  • Time Server dev
  • SDR Radio server
  • Mosquito MQTT
  • Nginx Proxy
  • NUT Server

The first step was to re-think the VLANs and ended up with 4:

  • Work/PC
  • IoT
  • Guest
  • Servers

Got the router and DHCP servers all done and that was pretty easy Then had to think about what do with Proxmox . Ended up using 3 of the network ports.

  • Management (Port 1)
  • Bonded LAGG (Ports 2 and 3) with VLAN passthrough

Now with that config I can create VLAN aware networks at the container layer spreading the load out on the bonded LAGG

The cool thing was getting DNS services running with just one PiHole. With the Bond and VLAN passthrough I put 4 interfaces on that container one per network and had PiHole configured to listen to all origins. It worked great and no up and over though the router to get to DNS. Next to create the containers for Unbound or DNSCrypt so AT&T can't monitor my DNS lookup's. Created it as a sperate container and pointed PiHole to it's server address and it just worked. That was so easy.

Now the hard parts were deciding which of the remaining services would be Proxmox vs. Docker which would be on my Synology. That was easy to answer based on how apps use storage. Grafana and InfluxDB would be moved from the Pi's to the Synolgoy and WeeWx and Network services to Proxmox.

In the end I retied two Pi's with this one little fanless device, have more flexibility and a cleaner network. But then things that I integrated with had to be reconfigured. Time server address changed, NUT server address changed, WeeWx ports and addresses were updated to standards, proxy updates to allow connections etc. And every day I discover one more thing I forgot about.

Yesterday I decommissioned my old WeeWx MQTT server and last night when it got dark due to rain the indoor lights didn't come on like normal, oh shoot forgot to update the MQTT WeeWx listener on the Hubitat. While in the Hubitat NUT showed not connecting and had to update many NUT clients to change the addresses, Friends that use my weather service couldn't connect, had to update port forwarding and Cloudflare...yada yada yada.

It was a fun project but I can just say that if I forgot about some of these integrations you have to wonder how others are weaving their web of connections. And if you are interested on how I configured the Pi-Hole on ProxMox I have documented it on the Pi-Hole forums:

4 Likes

And I thought I was doing a lot. :smiley:

I recently consolidated a bunch of stuff from RPi's over to docker/VMs on my NAS. The one running my SDR dongle I thought was going to never happen but sure enough you can share the USB device to the VM and it works. :slight_smile:

I'm running about the same services on a very old Mac Mini. I was looking at the 6 port models as a replacement. It's nice to hear you can get by on a 4 port. I was hoping to run a router and Proxmox on the same box. Thanks for posting.