dynamicalsystem.com
tinsnip - Homelab Infrastructure Services#
Shared infrastructure services for homelab environments, deployed with proper isolation and security.
Overview#
tinsnip provides essential infrastructure services that multiple homelab systems can share:
- Identity Management (LLDAP)
- More services coming soon...
Architecture#
Host Level:
- User:
tinsnip(UID 1010) - Runs rootless Docker - Manages all tinsnip service containers
- Complete isolation from regular user accounts
Service: LLDAP
- Container runs under tinsnip's rootless Docker
- Inside container: runs as system user
lldap(UID 999) - Ports: 3890 (LDAP), 17170 (Web UI)
- Base DN:
dc=home,dc=local
Quick Start#
# Install tinsnip
curl -fsSL "https://tangled.sh/dynamicalsystem.com/tinsnip/raw/main/install.sh?$(date +%s)" | bash
# Or clone and run
git clone git@tangled.sh:dynamicalsystem.com/tinsnip ~/.local/opt/dynamicalsystem.tinsnip
cd ~/.local/opt/dynamicalsystem.tinsnip
./setup.sh
Service Isolation Model#
User 'tinsnip' (1010) → Runs rootless Docker → Service containers
↓ ↓
Isolated from regular users Each runs as appropriate user
Integration Guide#
For Ubuntu/Debian Systems#
# Configure LDAP client
apt install sssd-ldap
# Point to tinsnip:3890
For Docker Services#
environment:
- LDAP_HOST=tinsnip
- LDAP_PORT=3890
- LDAP_BASE_DN=dc=home,dc=local
Planned Services#
- LLDAP - Identity Management
- Redis - Caching/queuing
- Prometheus - Metrics collection
Design Principles#
- Service Isolation - All services run under dedicated
tinsnipuser - Rootless Docker - No root daemon required
- Easy Integration - Standard protocols and ports
- Homelab Focused - Optimized for home infrastructure