๐ AlmaLinux Home Lab Setup: Complete Self-Hosting Guide
Ready to build your own personal IT playground? ๐ฏ Today weโre creating the ultimate AlmaLinux home lab - your gateway to learning enterprise technologies, hosting your own services, and becoming a Linux expert! From virtualization to monitoring, weโll set up everything you need for an amazing self-hosting experience! ๐
๐ค Why is a Home Lab Important?
Building a home lab delivers incredible benefits:
- ๐ Hands-on learning - Practice enterprise technologies safely at home
- ๐ง Career advancement - Build skills employers value most
- ๐ Self-hosting freedom - Host your own services and data
- ๐ Privacy control - Keep your data on your own hardware
- โญ Cost savings - Replace expensive cloud subscriptions
๐ฏ What You Need
Before building your AlmaLinux home lab:
- โ Dedicated computer or old laptop (4GB+ RAM recommended)
- โ AlmaLinux 9 installed (fresh installation preferred)
- โ Ethernet connection for stability
- โ Basic Linux knowledge (weโll teach you!)
- โ Enthusiasm for learning! ๐
๐ Step 1: Initial System Setup and Hardening
Letโs prepare your home lab foundation! ๐๏ธ
Update and Secure Your System
# Update your system completely
sudo dnf update -y
# Install essential tools
sudo dnf install -y epel-release
sudo dnf install -y htop nano vim curl wget git tree net-tools
# Enable automatic security updates
sudo dnf install -y dnf-automatic
sudo systemctl enable --now dnf-automatic-install.timer
# Configure firewall for home lab
sudo firewall-cmd --set-default-zone=internal
sudo firewall-cmd --permanent --add-source=192.168.0.0/16
sudo firewall-cmd --permanent --add-source=10.0.0.0/8
sudo firewall-cmd --permanent --add-source=172.16.0.0/12
sudo firewall-cmd --reload
echo "โ
System updated and secured!"Create Home Lab Directory Structure
# Create organized directory structure
mkdir -p ~/homelab/{services,configs,scripts,backups,docs}
mkdir -p ~/homelab/services/{web,database,monitoring,storage}
# Create useful scripts
cat > ~/homelab/scripts/system-info.sh << 'EOF'
#!/bin/bash
echo "=== Home Lab System Information ==="
echo "Hostname: $(hostname)"
echo "Uptime: $(uptime -p)"
echo "Load: $(uptime | awk -F'load average:' '{print $2}')"
echo "Memory: $(free -h | grep '^Mem' | awk '{print $3 "/" $2}')"
echo "Disk: $(df -h / | tail -1 | awk '{print $3 "/" $2 " (" $5 ")"}')"
echo "IP Address: $(ip route get 8.8.8.8 | awk 'NR==1 {print $7}')"
echo "==============================="
EOF
chmod +x ~/homelab/scripts/system-info.sh
# Test the script
~/homelab/scripts/system-info.shSet Up SSH for Remote Management
# Configure SSH for secure remote access
sudo sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
sudo sed -i 's/#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
# Create SSH key pair (if you don't have one)
ssh-keygen -t ed25519 -C "homelab-$(whoami)@$(hostname)"
# Display your public key for adding to other servers
cat ~/.ssh/id_ed25519.pub
# Restart SSH service
sudo systemctl restart sshd
echo "โ
SSH configured for secure access!"Pro tip: ๐ก Save your SSH public key - youโll use it to access all the services weโll set up!
๐ง Step 2: Set Up Virtualization with KVM
Transform your home lab into a virtualization powerhouse:
Install KVM and Management Tools
# Check if your CPU supports virtualization
egrep -c '(vmx|svm)' /proc/cpuinfo
# Should return a number > 0
# Install KVM and virtualization tools
sudo dnf install -y qemu-kvm libvirt virt-install bridge-utils virt-manager virt-viewer
# Start and enable libvirt
sudo systemctl start libvirtd
sudo systemctl enable libvirtd
# Add your user to libvirt group
sudo usermod -aG libvirt $(whoami)
# Logout and login again for group changes to take effect
echo "Log out and back in for group membership to take effect!"Set Up Virtual Network Bridge
# Create a bridge network configuration
sudo tee /etc/sysconfig/network-scripts/ifcfg-br0 << 'EOF'
TYPE=Bridge
BOOTPROTO=dhcp
DEFROUTE=yes
NAME=br0
DEVICE=br0
ONBOOT=yes
STP=on
EOF
# Configure your physical interface to use the bridge
# (Replace enp3s0 with your actual interface name)
INTERFACE=$(ip route | grep default | awk '{print $5}')
sudo tee /etc/sysconfig/network-scripts/ifcfg-$INTERFACE << EOF
TYPE=Ethernet
BOOTPROTO=none
NAME=$INTERFACE
DEVICE=$INTERFACE
ONBOOT=yes
BRIDGE=br0
EOF
# Restart networking
sudo systemctl restart NetworkManager
echo "โ
Bridge network configured!"Create Your First Virtual Machine
# Download AlmaLinux ISO for VMs
mkdir -p ~/homelab/isos
cd ~/homelab/isos
wget https://repo.almalinux.org/almalinux/9/isos/x86_64/AlmaLinux-9.3-x86_64-minimal.iso
# Create VM storage directory
sudo mkdir -p /var/lib/libvirt/images
# Create a test VM
virt-install \
--name test-vm \
--ram 2048 \
--disk path=/var/lib/libvirt/images/test-vm.qcow2,size=20 \
--vcpus 2 \
--os-type linux \
--os-variant almalinux9 \
--network bridge=br0 \
--graphics none \
--console pty,target_type=serial \
--location ~/homelab/isos/AlmaLinux-9.3-x86_64-minimal.iso \
--extra-args 'console=ttyS0,115200n8'
echo "โ
Virtual machine created! Use 'virsh console test-vm' to connect"๐ Step 3: Container Platform Setup
Add container capabilities to your home lab:
Install Podman and Container Tools
# Install Podman (Docker alternative)
sudo dnf install -y podman podman-compose container-tools
# Install Docker compatibility tools
sudo dnf install -y docker-compose
# Enable rootless containers
echo 'export DOCKER_HOST=unix:///run/user/$UID/podman/podman.sock' >> ~/.bashrc
source ~/.bashrc
# Test Podman installation
podman run hello-world
# Create container storage directory
mkdir -p ~/homelab/containersSet Up Container Registry
# Create registry configuration
mkdir -p ~/homelab/configs/registry
# Start a local container registry
podman run -d \
--name registry \
-p 5000:5000 \
-v ~/homelab/containers/registry:/var/lib/registry \
--restart=always \
docker.io/library/registry:2
# Test the registry
curl -X GET http://localhost:5000/v2/_catalog
echo "โ
Local container registry running on port 5000!"Deploy Essential Container Services
# Create docker-compose file for core services
tee ~/homelab/containers/core-services.yml << 'EOF'
version: '3.8'
services:
# Portainer - Container Management UI
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
ports:
- "9000:9000"
volumes:
- /run/user/1000/podman/podman.sock:/var/run/docker.sock
- portainer_data:/data
restart: always
# Nginx Proxy Manager - Reverse Proxy
nginx-proxy-manager:
image: jc21/nginx-proxy-manager:latest
container_name: nginx-proxy-manager
ports:
- "8080:80"
- "8443:443"
- "8181:81"
volumes:
- nginx_data:/data
- nginx_letsencrypt:/etc/letsencrypt
restart: always
# Watchtower - Automatic Updates
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
volumes:
- /run/user/1000/podman/podman.sock:/var/run/docker.sock
environment:
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_SCHEDULE=0 0 4 * * *
restart: always
volumes:
portainer_data:
nginx_data:
nginx_letsencrypt:
EOF
# Deploy the services
cd ~/homelab/containers
podman-compose up -d
echo "โ
Core container services deployed!"
echo "Portainer: http://your-ip:9000"
echo "Nginx Proxy Manager: http://your-ip:8181"โ Step 4: Monitoring and Observability Stack
Keep track of your home lab health:
Install Prometheus and Grafana
# Create monitoring stack
tee ~/homelab/containers/monitoring.yml << 'EOF'
version: '3.8'
services:
# Prometheus - Metrics Collection
prometheus:
image: prom/prometheus:latest
container_name: prometheus
ports:
- "9090:9090"
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml
- prometheus_data:/prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--web.console.libraries=/etc/prometheus/console_libraries'
- '--web.console.templates=/etc/prometheus/consoles'
restart: always
# Grafana - Visualization
grafana:
image: grafana/grafana:latest
container_name: grafana
ports:
- "3000:3000"
volumes:
- grafana_data:/var/lib/grafana
environment:
- GF_SECURITY_ADMIN_PASSWORD=homelab123
restart: always
# Node Exporter - System Metrics
node-exporter:
image: prom/node-exporter:latest
container_name: node-exporter
ports:
- "9100:9100"
volumes:
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /:/rootfs:ro
command:
- '--path.procfs=/host/proc'
- '--path.rootfs=/rootfs'
- '--path.sysfs=/host/sys'
- '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
restart: always
volumes:
prometheus_data:
grafana_data:
EOF
# Create Prometheus configuration
tee ~/homelab/containers/prometheus.yml << 'EOF'
global:
scrape_interval: 15s
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- job_name: 'node'
static_configs:
- targets: ['node-exporter:9100']
EOF
# Deploy monitoring stack
podman-compose -f monitoring.yml up -d
echo "โ
Monitoring stack deployed!"
echo "Prometheus: http://your-ip:9090"
echo "Grafana: http://your-ip:3000 (admin/homelab123)"Set Up Log Management
# Install and configure rsyslog centralized logging
sudo tee /etc/rsyslog.d/10-homelab.conf << 'EOF'
# Home Lab Logging Configuration
*.info;mail.none;authpriv.none;cron.none /var/log/homelab.log
# Remote logging (optional)
# *.* @@192.168.1.100:514
EOF
# Create log rotation
sudo tee /etc/logrotate.d/homelab << 'EOF'
/var/log/homelab.log {
daily
missingok
rotate 14
compress
delaycompress
notifempty
create 640 root adm
}
EOF
# Restart rsyslog
sudo systemctl restart rsyslog
echo "โ
Centralized logging configured!"๐ฎ Quick Examples
Example 1: Home Media Server Setup ๐ฌ
# Deploy Jellyfin media server
tee ~/homelab/containers/media-server.yml << 'EOF'
version: '3.8'
services:
jellyfin:
image: jellyfin/jellyfin:latest
container_name: jellyfin
ports:
- "8096:8096"
volumes:
- jellyfin_config:/config
- ~/homelab/media/movies:/movies:ro
- ~/homelab/media/tv:/tv:ro
- ~/homelab/media/music:/music:ro
environment:
- JELLYFIN_PublishedServerUrl=http://your-ip:8096
restart: always
volumes:
jellyfin_config:
EOF
# Create media directories
mkdir -p ~/homelab/media/{movies,tv,music}
# Deploy media server
podman-compose -f media-server.yml up -d
echo "โ
Jellyfin media server: http://your-ip:8096"Example 2: Development Environment ๐ป
# Set up development tools
tee ~/homelab/containers/development.yml << 'EOF'
version: '3.8'
services:
# GitLab - Git Repository
gitlab:
image: gitlab/gitlab-ce:latest
container_name: gitlab
ports:
- "8022:22"
- "8880:80"
volumes:
- gitlab_config:/etc/gitlab
- gitlab_logs:/var/log/gitlab
- gitlab_data:/var/opt/gitlab
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://your-ip:8880'
restart: always
# Code Server - VS Code in Browser
code-server:
image: codercom/code-server:latest
container_name: code-server
ports:
- "8080:8080"
volumes:
- ~/homelab/projects:/home/coder/projects
environment:
- PASSWORD=homelab123
restart: always
volumes:
gitlab_config:
gitlab_logs:
gitlab_data:
EOF
# Create projects directory
mkdir -p ~/homelab/projects
# Deploy development environment
podman-compose -f development.yml up -d
echo "โ
Development environment ready!"
echo "GitLab: http://your-ip:8880"
echo "VS Code: http://your-ip:8080 (password: homelab123)"Example 3: Network Security and VPN ๐
# Install WireGuard VPN
sudo dnf install -y wireguard-tools
# Generate server keys
cd ~/homelab/configs
wg genkey | tee server-private.key | wg pubkey > server-public.key
# Create server configuration
sudo tee /etc/wireguard/wg0.conf << 'EOF'
[Interface]
PrivateKey = $(cat ~/homelab/configs/server-private.key)
Address = 10.0.0.1/24
ListenPort = 51820
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o enp3s0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o enp3s0 -j MASQUERADE
[Peer]
PublicKey = CLIENT_PUBLIC_KEY_HERE
AllowedIPs = 10.0.0.2/32
EOF
# Enable IP forwarding
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
# Allow WireGuard through firewall
sudo firewall-cmd --add-port=51820/udp --permanent
sudo firewall-cmd --reload
echo "โ
WireGuard VPN server configured!"๐จ Fix Common Problems
Problem 1: Services Wonโt Start After Reboot โ
Symptoms:
- Containers donโt automatically restart
- Services are down after system reboot
Try this:
# Enable lingering for your user (keeps containers running)
sudo loginctl enable-linger $(whoami)
# Create systemd service for auto-starting containers
mkdir -p ~/.config/systemd/user
tee ~/.config/systemd/user/homelab-containers.service << 'EOF'
[Unit]
Description=Home Lab Containers
After=network.target
[Service]
Type=oneshot
RemainAfterExit=yes
WorkingDirectory=%h/homelab/containers
ExecStart=/usr/bin/podman-compose up -d
ExecStop=/usr/bin/podman-compose down
[Install]
WantedBy=default.target
EOF
# Enable the service
systemctl --user enable homelab-containers.service
systemctl --user start homelab-containers.serviceProblem 2: Network Issues with Containers โ
Try this:
# Reset Podman network
podman network prune -f
podman system reset
# Recreate default network
podman network create default
# Restart containers
cd ~/homelab/containers
podman-compose down && podman-compose up -dProblem 3: Running Out of Storage โ
Check these things:
# Check disk usage
df -h
du -sh ~/homelab/*
# Clean up container images
podman system prune -a -f
# Set up log rotation
sudo logrotate -f /etc/logrotate.d/homelab
# Move large directories to external storage
# Example: sudo mount /dev/sdb1 /mnt/external
# ln -s /mnt/external/media ~/homelab/media๐ Simple Commands Summary
| Task | Command |
|---|---|
| ๐ Check VMs | virsh list --all |
| ๐ง Container status | podman ps -a |
| ๐ System resources | ~/homelab/scripts/system-info.sh |
| ๐ Restart services | podman-compose restart |
| โป๏ธ View logs | podman logs container-name |
| ๐ Check networks | podman network ls |
| โ SSH to VM | virsh console vm-name |
๐ก Tips for Success
- Start small, grow gradually ๐ - Begin with basic services, add complexity over time
- Document everything ๐ - Keep notes on configurations and passwords
- Backup regularly ๐ - Use scripts to backup configurations and data
- Monitor resources ๐ - Watch CPU, memory, and storage usage
- Network security ๐ - Use firewalls and VPN for remote access
๐ What You Learned
Congratulations! Now you can:
- โ Set up a secure AlmaLinux home lab foundation
- โ Deploy virtualization with KVM and manage VMs
- โ Run containerized services with Podman
- โ Implement monitoring and logging solutions
- โ Create development and media server environments
๐ฏ Why This Matters
Your AlmaLinux home lab provides:
- ๐ Real-world experience with enterprise technologies
- ๐ Career advancement through hands-on skills
- ๐ Self-hosting capabilities for privacy and control
- โก Learning platform that grows with your expertise
Remember: Your home lab is your personal IT playground - experiment, learn, break things, and fix them! This is how you become an expert! โญ
Youโve built an amazing AlmaLinux home lab! From virtualization to monitoring, you now have a professional-grade infrastructure for learning, development, and self-hosting that rivals enterprise environments! ๐
