25
votes
Any homeserver operators out there?
I am a long time homeserver operator and was just wondering if there was anyone else around that is into server hosting and system administration like me.
if you do, feel free to share any stories you may have about being a homeserver operator.
If anyone is wondering I own a dell poweredge r410 and a few HP workstations
Yep!
I used to have an old rack running a few older 2U servers and a bunch of switches.. turns out they use a heap of power so last year I condensed it down to a single tower PC (i7-2770k, 16gb ram). I've been lucky enough to get Gigabit fibre with a static IP + IPv6 /56 subnet, so have been having fun getting everything working on IPv6 recently.
Currently have the following setup on it:
I do have a story to put on this too. A bit of background: I used to self-host a bunch of gaming servers for friends/LANs/etc, I used to run a teamspeak server for everyone as well.. Anyway I had setup and installed LogWatch so would get daily emails of all my logs / ssh access / sudo access / etc - I noticed that my teamspeak user (ts3) had recently been logging in via ssh (what?!?!). After a few hours of digging I noticed someone had dropped some bash irc botnet in /tmp and had it auto running in the ts3 users crontab. After backing up important docs, I trashed the whole install and started fresh, couldn't risk anyone having a backdoor that I wasn't sure about.
The lesson I learnt that day? Never ever have your password the same as your username (ts3:ts3), and make sure that users don't have shell access (/sbin/nologin). I completely forgot that new users automatically would get ssh access. Oops.
Anyway, always interested in setting up and trying new things if anyone has any cool ideas!
Don't you have trouble because it is on a consumer ISP(thus not having the PTR record)?
I thought it would cause me issues but it hasn't yet!
I do have SPF / DKIM / DMARC all setup through.
did you have problems on your first sent emails? for me every email was getting into gmail spam box
I did originally, but after messing with DKIM/SPF for ages it seems to be good.
What did you change exactly?
I might try to redo a mail server, it is pretty cool to have own email server
I set it up months ago and have no idea what I did. I'll see if I can find the guide I used at the time!
It's definitely a huge experience.
meanwhile i tried again, i guess the other time i forgot DMARC, to gmail it is accepted, but to tutanota it goes to spam, i gotta contact them and see what they consider spam
So it is DMARC,DKIM,SPF and MX thats needed dns wise
Yep! Those 4 records should be enough.
reminds me of a story i have,
i host a discord bot for a friend and a really early version of their bot had an open eval...
needless to say someone rm rfed the home folder lul
Ouch, yeah there's a always a risk with that kind of thing. Docker has helped isolate things a bit more recently. But still reminds me of a time I thought I was inside a sub-folder and ran
rm -fr *turns out I was in my home folder and wiped.ssh/authorized_keys. Freaked me out when I couldn't log back in, but good news was nothing important was lost.Yeah that friend has the eval locked to certain people now etc and I also have all the accounts separate on the server now,
learned from that mistake ill tell yah
This is exactly why I've never tried to run my own email server or anything. I would inevitably screw something up and all_my_stuff.rar would be downloaded without my knowledge.
Oh that's pretty cool - probably pretty power efficient too!
I've been looking at setting up a Matrix instance recently, how're you finding it?
Which client are you and friends using to connect?
Great, thanks!
Yeah, I recently moved from a Slack server to a self-hosted Rocket chat server and just managed to get a lot of work mates and friends to move (20~ people). Main reason for the switch was because we couldn't search older chat logs after we hit the 10k messages.
Matrix looks like a good alternative though.
I messed with matrix before but saw some issues with implementation (not super fast, heavy on resources, painful to configure, doesn't have a capabilities info exchange between servers I believe, does not scale well, not accounting for tech we have in 2018 like Cloudflare, weird AF cert thing).
Later I tested XMPP (ejabberd) and honestly I'm in love with it, I even host a public XMPP server now. Fast, not as heavy as matrix, works under bad internet connections, scales well, relatively easy to configure, does proper cert stuffs. It's a bit dated and does not account for CF either, but I'm not complaining.
I used to run servers off an old desktop I had, I've only recently upgraded to a proper rack server.
I'm running a little bit of gear at home. I've got a 42u rack, populated with the following.
Edit: forgot to add a few things in
I have a DL380G5 running with a single E5420 and 10GB of ECC DDR2, though I'm considering getting an upgrade. I used Arch Linux before but I moved to Proxmox after bizarre systemd bugs that popped up after a couple months on Arch.
Right now I'm hosting:
I also used to host:
I'm considering building a cheap desktop to replace it.
+1 for cheap desktop. I repurposed an old i7-2770k and it's way quieter/cheaper to run.
From my personal experience go with proxmox
I second Proxmox! Have used it before and it was really nice to use.
Thirded! I use proxmox heavily and I love it.
I had a raspberry as a home server (i still have, though i don't use it anymore), now i have my desktop running as a server (amd ryzen 7 1700, 16GB RAM, 250GB ssd NVME, 1TB HDD), i use it
for sync and file editing (nextcloud/collabora),
seedbox (transmission),
some personal websites (httpd/php),
as a IPTV box (not sure if that is the right name, i have an antenna to catch FTA channels and then with tvheadend i can transmit those channels to all my home devices),
as a vpn(openvpn, making transition to wireguard)
as a IRC bouncer (znc)
as a host for a windows virtual machine (libvirt/qemu/kvm with pci pass-through, i rarely use it)
and maybe other stuff that i don't remember :D
My networking setup is quite basic, i have my isp router (which is pretty shitty and almost without any control to the user) and a tplink archer c20 (which i regret buying cause there are no drivers for the 5Ghz radio) connected to the isp router, it is serving as a AP and switch
I did til a couple weeks ago, when it kinda died.
Just a tiny Raspberry Pi B+. But, it hosted a couple web services, git, a wiki, DNS, and SSH (with a decent SOCKS5 setup) for myself and a couple friends. Was looking into email but was having issues with LetsEncrypt only sometimes seeing a response on the IP. Not enough to finish the handshake.
My whole setup seemed to be a mix of shell, cron or systemd. It ran itself, 95% of the time.
Until the 4yro SD card gave up the ghost.
Sort of. I self-host most of what i use, but I do it on VPS's, not on a server in my house, as it's cheaper to run a VPS than a server at home.
I have email, a wiki, IRC, pi Hole, image hosting, DNS, and some other stuff that i can't remember right now
I've been considering setting one up. I have the hardware. I upgrading my desktop a while back and decided to turn the old hardware into a small server. Now I have a box, but I never actually got around to installing anything! It's been about a year or so since I constructed it, so I'd have to go inspect it to figure out what hardware it has, but I know it has an i5 processor and at least 8GB of RAM. I think it has a couple of 1TB WD Reds arranged in RAID.
Honestly, I'd probably run an sftp server, some chat bots, some game servers, and maybe a small website where someone could log in to start and stop said game servers. Nothing too intensive. Anyone have any software or best practices they recommend?
If you're looking for a killer way to host your own security cameras check out the free version of Milestone XProtect Essentials+ or whatever they're calling it this week. It has really great hardware acceleration, a great client, and generally runs well with everything I've ever thrown at it.
You have to run it on Windows (boo) but it makes Zoneminder and BlueIris look like high school science fair projects.
y'know i've actually been wanting to get into setting up my own security cameras ill definitely look into this