Hello, how do you document your home lab? Whether it’s a small server or a big one with firewall and more nodes. I have a small pc with Proxmox and there I have a VM with OpnSense. After I’ve entered my VPN as a interface in OpenSense, I noticed that I slowly lose the overview with the different rules that I have built in my firewall. And I know that my setup is relatively easy in comparison to others here in this community. I want to have a quick Overview at the various VMs, like the Lxc container, Docker containers that I have in this and the IP addresses that I have assigned to them. I search for a simple an intuitiv way for beginners.

  • foggy@lemmy.world
    link
    fedilink
    English
    arrow-up
    23
    arrow-down
    5
    ·
    edit-2
    5 months ago

    I operate on the philosophy that it is better for me to relearn things than lean on old documentation that may no longer be accurate/relevant.

    The best way to implement a safe connection to my home lab today might not be the safest way tomorrow.

    Old dog, new tricks, etc.

    Also! Your documentation is an attackers wet dream.

    NB: this philosophy doesn’t scale.

    • Unforeseen@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      I do this continually for work as well, I approach every new project assuming best practice or approach options have changed. It doesn’t matter how experienced I am in what I’m doing, I still loop back and check.

      It’s such an automatic thing I don’t even think about it, but honestly not sure if it’s because of interest or because of fear of being called out for doing something wrong lol

    • CapitalNumbers@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      while security might be compromised if an attacker found your documentation, it could equally be compromised by having zero documentation

      the easier it is for you to get things back up and running in the event of a data loss / corrupted hard drive / new machine / etc, the less likely you are to forget any crucial steps (eg setting up iptables or ufw)

      • foggy@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        5 months ago

        Having 0 documentation doesn’t mean you have no DLP strategy. That’s amateur hour.

        And again, NB: this does not scale.