Although I began my home labbing journey with an outdated PC, the tinkering bug in my head forced me to invest in extra paraphernalia. As such, I’ve split my collection of virtual machines and containers across a couple of nodes, with each server running distinct tools for my DIY projects. Well, there’s some overlap in the container stacks of my self-hosting rigs, as I’ve deployed a few QoL Docker apps on every system to make my management tasks a lot less painful.

Portainer

A neat companion for standalone container-hosting nodes

As much as I prefer using terminal commands for my DevOps tasks, controlling multiple containers from a CLI can get rather cumbersome, especially since I use a combination of Docker and Podman when working on DIY projects. Now, both container runtimes include their own GUI apps, but I often deploy containers using VMs with minimal distros and access them from my MacBook and gaming PC.

This makes web-based management interfaces really useful for managing my container stack, and Portainer is the most feature-laden tool for the job. After all, it lets me configure my network stack and storage volumes from a neat web UI, while also providing detailed logs for failed container deployments. Speaking of, Portainer can spin up containers via Dockerfiles, Compose documents, or images, and it works with Docker, Podman, and Kubernetes setups. Portainer also lets me deploy agent containers on multiple servers, so I can control my self-hosted toolkit from a single interface.

Kopia

For my backup needs

In the first few months of my home labbing misadventures, I’d just wipe everything clean and start anew if things went south during my experiments. But as my army of containers started to grow, I had to start looking into backup solutions, or risk wasting hours re-deploying essential services. Proxmox Backup Server is more than enough for creating snapshots of the VMs and LXCs deployed on my PVE host, but I’ve also got a couple of bare-metal setups running other virtualization platforms.

Kopia is my go-to backup utility for these systems, as it’s fairly easy to deploy as a Docker container and supports multiple storage types. I use separate datasets on my NAS as the Kopia repositories for different systems, but it’s also possible to configure Amazon S3, Backblaze B2, Azure Blob, and other cloud platforms. Plus, it uses incremental snapshots to save bandwidth and offers deduplication to ensure I don’t back up the same config file multiple times.

What’s Up Docker

Especially with Watchtower getting archived

Although niche containerized services become abandoned pretty quickly after their release, most of the popular FOSS applications usually receive frequent updates. Unfortunately, updating Docker containers manually is a job and a half. First, I’ll have to pull the latest image for a service and destroy its existing container, while leaving the mapped volumes intact. Then, I’ll need to spin up a new container with this image. Considering all the services I deploy on my home lab, repeating this process for dozens of containers would be really annoying without an automation tool.

Had I written this article a few months ago, I would’ve mentioned Watchtower and advised using labels to ensure the tool doesn’t accidentally update essential containers with broken images. However, since it’s no longer in active development, I’ve switched to What’s Up Docker, which not only improves upon Watchtower’s shortcomings, but also ships with a nice web UI. Rather than automatically updating containers, WUD scans the repos for newer versions of container images and uses custom triggers to act accordingly. Of course, I need to configure these triggers manually, but being able to receive notifications and select whether I want to update my container collection is a godsend for my server nodes.

Tailscale

The simplest way to enable remote access

Whether it’s my 3-2-1 backup configuration involving offsite systems, or the (somewhat rare) times I need to emerge from my tinkering basement and touch grass, I need a way to pair remote nodes with my everyday devices. Self-hosted VPNs like WireGuard would be a solid option, if not for the fact that my home network is afflicted with CGNAT. And I’d rather not pay for a cloud platform when exposing services to the Internet.

Tailscale serves as an antidote for my remote access woes. Truth be told, I currently run a Tailscale subnet router inside a Proxmox LXC, but I’d previously deployed it inside Docker containers on all my server nodes. Well, I still use containerized Tailscale instances on my offsite NAS and PBS units, and it works exceptionally well for my remote backups.

A couple more apps that I run on multiple servers

Aside from the containerized services I’ve mentioned here, I’ve got a couple more tools I run on most of my home lab nodes. Pulse, for example, is typically associated with Proxmox, but it’s also great for monitoring Docker and K8s environments. Technically, I only host the main Pulse web UI as a container, while its agent requires a proper installation via a shell script. There’s also PatchMon, which can patch vulnerabilities across multiple nodes and is great for tracking security updates. Considering that my Internet would go down if my Pi-hole instance breaks, I’ve also deployed it on a second machine and configured Nebula Sync to keep them synchronized.