Posts on Christian LeFlore

Creating an Isolated Network Inside Proxmox

Thu, 20 Nov 2025 12:47:15 -0600

Creating an Isolated Network in Proxmox

There are many tutorials online about creating a separate subnet for your VM, but very little about creating an isolated network.

This network needs to be completely isolated from the “main” or default network of proxmox.

I have a web server that I really didn’t want being able to access my other VMs.

Steps Taken

In Proxmox:

Open the Shell for your Datacenter
Install dependencies apt update && apt install libpve-network-perl ifupdown2 dnsmasq -y
Disable dnsmasq, it’s just needed for proxmox to create the interfaces systemctl disable --now dnsmasq
Click on Datacenter > SDN > Zones
Create one with the ID isol (for isolation)
Click on the isol zone, check the Advanced checkbox, enable automatic DHCP, and click OK
Click SDN > VNets > Create
Name it isonet with the isol zone and click Create
Click on isonet > Subnets (on the right hand side) > Create
- Subnet - Give it a private IP subnet like 10.0.5.0/24
- Gateway - 10.0.5.1
- SNAT - Enabled
- DNS Prefix - Leave blank
- Hit the DHCP Ranges tab and put in your usable addresses, ie 10.0.5.2 - 10.0.5.254
Click OK
Go back to the SDN menu option and hit Apply
Go to a VM’s Hardware Settings > Network Device
Add isonet as the bridge

Now, we have a network in place and your VM should have gotten an IP via DHCP. However, it’s wide open. It’s bridged so it can see any network proxmox can see. We need iptables to sort the rest out.

Running a Self Hosted Mastodon Instance Through Cloudflare

Fri, 14 Nov 2025 09:00:07 -0600

Migrating Mastodon server to Homelab using Cloudflare Tunnels

I was getting charged around $3 a day to host my mastodon server on Azure. I read up on Cloudflare Tunnels. Here are the benefits:

You don’t have to open any ports, just install a client on your web server
It’s proxied behind cloudflare so my home IP isn’t exposed

Steps I followed:

Migrating Mastodon

Spin up a Ubuntu Server in Proxmox
Use this guide to build, but read through this documentation first for important steps.
IMPORTANT - Make sure your mastodon versions match. If they don’t, run a git checkout to the right version. I was running 4.4.7, so I had to run git checkout v4.4.7 and you can list versions by running git fetch --tags && git tag -l
After you install everything, make sure the mastodon user has access to www-data group and vice versa.
Change the ownership of your mastodon home folder so www-data can see by running sudo chown mastodon:www-data /home/mastodon and sudo chmod 0710 -v /home/mastodon
If everything went well, you should see an error 400 or 403 when visiting locally.
Now we need to get mastodon ready to accept connections from Cloudflare, add this to your mastodon user’s ~/.bashrc file at the end:

export TRUSTED_PROXY_IP="103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,104.16.0.0/13,104.24.0.0/14,108.162.192.0/18,131.0.72.0/22,141.101.64.0/18,162.158.0.0/15,172.64.0.0/13,173.245.48.0/20,188.114.96.0/20,190.93.240.0/20,197.234.240.0/22,198.41.128.0/17,127.0.0.1/8,::1/128,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,fc00::/7"

Cloudflare Tunnel Setup

We will need to set up an SSL cert from cloudflare on our mastodon server:

Building a Homelab Mastodon Instance

Thu, 23 Oct 2025 16:59:46 +0000

The why

Mastodon is cool. Really cool in fact. It feels like the last bastion of the old social media experience I grew up with. Bots are labeled as bots, AI content scrapers are discouraged, people are real, admins open their instances from the kindness of their heart and wallet. It has no algorithm to tailor your experience to, it’s just people posting things they want to post. That’s something I can get behind.

DNS Server Bind

Thu, 22 Aug 2024 17:27:44 +0000

Bind Server for RHEL 9

Making a DNS server based on bind is fairly straightforward. The setup can be a little heavy but maintaining the DNS records is easy.

Because the setup is so heavy, I created this documentation to help me or others in the process. You can see example files on my GitLab.

Note: This tutorial doesn’t cover having two or more DNS servers. That’s pretty important for redundancy. This is mostly a tutorial on how to set this up at home or in a lab environment.