avatar
Ahmed Zitoun
Blogging about dev, tutorials, life and more
Published on

Building a Micro Homelab on a Raspberry Pi 3B+

Introduction

I had this lonely Raspberry Pi 3 sitting in my drawer for years, just collecting dust. Every time I saw it, I’d think, “I should really do something with this little guy.” But I never did.

I’ve always known about the world of homelabs — and honestly, it always seemed both super cool and super dangerous for my wallet. You start with one small project, then you buy another gadget, then another server, then suddenly you’re neck-deep in rack-mounted gear and wondering how you ended up running a mini data center in your house.

But one day I thought: screw it. Let’s see what I can build — but with one rule: keep it cheap, and just use the Pi I already have. No fancy servers, no buying more stuff. Just me, the Raspberry Pi 3, and whatever free time I could spare.

Just Do It

Considering the Limitations

  • CPU: Quad-core ARM Cortex-A53 running at 1.4 GHz
  • RAM: 1 GB (yes, just one!)
  • Networking: Gigabit Ethernet (but only over USB 2.0, so don’t expect blazing NAS speeds)

It’s not a monster by any means — definitely not something you’d use to run heavy virtual machines or AI models — but it’s still powerful enough for small services if you keep things lightweight.

And the first thing I knew I wanted? Shared storage.

Shared Storage with Samba

I have a couple of external SSDs lying around, and every time I needed to back something up or grab a file, I had to dig one out, plug it into my PC, wait for Windows to mount it, copy stuff over… it was just annoying. Why not make those drives always available on my network?

I looked at a bunch of open-source NAS solutions — OpenMediaVault, TrueNAS, even CasaOS — and while they’re all great, they felt like overkill for my little Pi. Those platforms come with a ton of features: web dashboards, user management, permissions, RAID setup, SMART monitoring, fancy plugins… and honestly, I didn’t need any of that.

So I went with the simplest possible option: a Samba container.

Samba is basically a network file sharing protocol — it lets your Pi act like a little network hard drive that shows up in Windows, Mac, or Linux. No heavy dashboards, no complex setup. Just plug in the SSD, run the container, and boom — shared storage for the whole house.

Self-Hosted Music with Navidrome 🎶

Next up: music.

I listen to music a lot — but here’s the thing: sometimes I stop listening for weeks, even months. And during those “quiet” periods, that Spotify Premium subscription just sits there, draining money. When I added it all up over a year, the cost was… well, kind of ridiculous for something I wasn’t always using.

So I made a rule for myself: if I can replace a subscription with something self-hosted, I will.

That’s when I found Navidrome — an open-source music server. It’s light, fast, and perfect for small setups like mine. You just drop in your music collection, and Navidrome scans, organizes, and serves it up over the network.

Setup was surprisingly easy: one container, point it to my music folder, and done. On my phone, I just installed a compatible app (there are a bunch, I went with one that supports Subsonic servers), logged into my Pi, and suddenly… I had my own little Spotify — except without the monthly bill.

Sure, I don’t get fancy recommendations or algorithm-curated playlists anymore, but honestly? It feels good to actually own my music and stream it anywhere without worrying about another subscription quietly eating into my bank account.

Network-Wide Ad Blocking with AdGuard Home 🛡️

You Shall not Pass After music, I wanted to make my network a little smarter — and a little cleaner. Enter AdGuard Home.

AdGuard is basically a DNS server with superpowers. It blocks ads at the network level, meaning every device on your Wi-Fi benefits without having to install adblock extensions. Phones, tablets, TVs — all of them.

The setup was simple: I spun up the AdGuard container, pointed my router’s DNS to the Pi, and boom — ads started disappearing. There are tons of ready-made filter lists you can add, and the more you stack, the cleaner your browsing experience gets.

Of course, it’s not perfect — it won’t magically skip YouTube ads or block ads that are baked into videos (those need fancy stuff like DNS rewrites or packet inspection), but for 90% of the ads out there, it works beautifully. And the best part? Visibility. I can actually see every DNS request going through my network — and block or allow them as I wish. Super handy if you want to stop certain apps from phoning home or just keep an eye on what’s happening.

Making Things Easy with Nginx Reverse Proxy 🌐

By now, I had several services running — Samba, Navidrome, AdGuard — and things were starting to get messy. Each one had its own port, and I couldn’t remember them all. Was Navidrome on :4533 or :4040? Was AdGuard on :81 or :8080?

Solution: Nginx Reverse Proxy.

With a reverse proxy, I gave each service a nice, human-friendly name. So instead of typing:

http://192.168.1.19:81

I just type:

http://adguard.local

Same for Navidrome, and even Nginx itself. Much cleaner, much easier to remember, and it feels a bit like I’m running my own mini-internet at home.

Secure Remote Access with WireGuard VPN 🔑

Wireguard Logo

At this point, I had a lovely little setup running — file sharing, music server, ad-blocking, reverse proxy — everything felt great.

But there was one big limitation: I could only access it from home.

It would be awesome to stream my music or grab a file from work, or even when I’m out with just my phone. But that means somehow reaching my home network over the internet.

Now, I know what you might be thinking: why not just expose each service to the internet? Well… that’s a terrible idea.

Exposing a service means exposing your entire network — and no matter how secure you think your setup is, there’s always some vulnerability waiting to be discovered. All it takes is one exploit, and suddenly someone you don’t know has full access to your files, your devices, maybe even your router. Hard pass.

Instead, the smart solution is a VPN.

A VPN (Virtual Private Network) works like a secure tunnel between your device (phone, laptop, work computer) and your home network. Everything that goes through that tunnel is encrypted, so even if someone is snooping on the traffic, they can’t read it. And since you’re technically “inside” your home network when connected, you can access all your services safely — just like if you were sitting on your couch.

I went with WireGuard, which is super fast and modern, but I won’t lie — this was the hardest part to set up so far.

Here’s what I had to do:

  • Install WireGuard on the Raspberry Pi.
  • Generate public/private key pairs for each device I wanted to connect (laptop, phone, etc.).
  • Configure the server and client files properly (this part is a bit finicky).
  • Forward a port on my router to allow the VPN traffic in.
  • And finally — set up a DNS name for my home IP address.

This last step is important because my home IP address changes all the time. I can’t exactly call a family member every time I need the new IP to connect remotely. The solution?

I grabbed the cheapest domain name I could find, connected it to Cloudflare, and created a subdomain just for my homelab. Then I set up a small script on the Raspberry Pi that updates the DNS record every 5 minutes with my current IP (and made it run as a service so it survives reboots).

Now I have a nice, easy-to-remember domain name that always points to my home network — no matter where I am. I open my WireGuard app, hit connect, and just like magic, I’m “inside” my home.

Being able to securely access my files, music, and dashboards from anywhere feels incredibly satisfying — like I built my own little private internet.

Bonus: Portainer to Manage Everything 🛠️

By now, my Raspberry Pi was running quite a few containers — Samba, Navidrome, AdGuard, WireGuard, Nginx reverse proxy… and managing them manually with docker ps, docker logs, and editing docker-compose.yml files was getting a bit tedious.

So, as the cherry on top, I spun up a Portainer container.

If you haven’t used Portainer before, it’s basically a beautiful web dashboard for Docker. It lets you see all your running containers, restart them with a click, check logs, update images, and even deploy new stacks — all from a browser.

No more SSH-ing into the Pi every time I want to restart a service or check why something isn’t working. I just open http://portainer.local, and there’s my entire homelab neatly organized in one place.

It’s a small thing, but it makes managing the whole setup much less painful and way more fun.

Perfect — here’s a great conclusion that ties it all together and leaves readers inspired:

Wrapping It Up 🎯

And that’s my little homelab — all running on a humble Raspberry Pi 3B+.

What started as a dusty little board sitting in a drawer turned into a mini powerhouse that handles file sharing, music streaming, ad-blocking, remote access, and more. And the best part? I did it all without spending more money on hardware.

Along the way, I also played with other fun tools that didn’t make it into this post — like ntfy, which lets me send push notifications to my phone, or a little Python script that uses a USB webcam to detect motion, record footage to the NAS, and ping me when something happens. There have been a lot of experiments, a lot of tinkering, and yes… a lot of breaking things and fixing them again.

This whole process taught me a ton about networking, containers, DNS, and just how far you can push a Pi 3B+ if you stay lightweight. It’s incredibly satisfying to have something that feels mine — a little corner of the internet I control.

Of course, this is also how the homelab rabbit hole begins… I already catch myself thinking about upgrading to a more powerful board or maybe even a small NUC, adding proper monitoring, maybe hosting a couple of cameras for security. But for now, this Pi setup does everything I need — and it’s been an absolute blast to build.

If you have an old Raspberry Pi lying around, I can’t recommend this enough. Start small, keep it cheap, and you might be surprised how much you can do with it.