CategorySBC

State of The Networks – Jan 2020

A quick rundown on the state of the home-servers I run or applications I host on the cloud.

Last week I opened up my Nextcloud instance for external access. Now, since my brother’s RPi4 was already exposed on the same network, I had to setup a reverse proxy on another RPi3 to access both simultaneously behind the router. Here’s the current setup:

Proxy server: An RPi3 running on Raspbian Buster Lite with HAProxy installed to handle the reverse proxy. Here’s the gist of the code that’s handling all the heavy lifting. Since SSL is handled by the other servers themselves, all I needed was a quick pass-through handshake from HAProxy.

Server 01: An RPi3 running on NextcloudPi essentially serving Nextcloud for all my file needs. Data is simultaneously backed up on a couple machines within the network. Decided against a remote backup [S3/Backblaze] for now.

Server 02: An RPi4 running on Diet-Pi and serving Pi-Hole and a Nextcloud instance. I’ve turned off DHCP on the Orbi router and delegated that to the Pi-Hole. Both the Pi-Hole and the router have static IPs assigned to the SBCs and my trusty Dell machine based on their MAC address. I’m debating if I should move the Pi-Hole over to the Proxy Server…

Beyond the home-lab, I have a droplet with DigitalOcean serving this website and a few other portals I manage. ServerPilot runs in the background on that droplet taking care of all the critical needs. I do intend to shift this over to a home-lab once I get hold of my ODroid XU4 which is currently in the Uganda shipment several thousand miles away in Chennai!

Early this year, I also procured a Hetzner cloud instance to test its stability and see if I could move over certain portals to it. Should say I’m pretty impressed! Running on Debian Stretch and powered by Yunohost, I installed PixelFed and Wallabag. Installation has never been any easier! One drawback for sure is that the code-base may be a bit lagged as it gets deployed on Yunohost. Nevertheless, it’s pure magic to see things getting installed with just a few clicks and not much back-end work.

And then, I manage a Moodle Bitnami instance running on an AWS instance. I intend to move it over to the Hetzner cloud over the next month or so.

Bringing the cloud home

I finally got my Shoebox server setup working! I now have three Single board Computer [SBC] working in tandem behind my home router to accomplish what I’ve been wanting to do for quite sometime now – Setting up an easy-to-maintain, in-house server for all my data and web hosting needs. Fixing this all together has been a tremendous learning experience. I still need to weed out some pesky issues but I believe I have the bearing right now.

Here’s my current setup:

  1. NexcloudPi installed on a Raspberry pi 3B+ board
  2. Yunohost installed on an Odroid XU4 board
  3. Diet-Pi installed on another Raspberry pi 3B+ board

I’ve been using Nextcloud as my data storage solution for more than a year now. It does what I expect it to do and much more. NextcloudPi handles the intricate details and takes out the hassles that come with hosting data on personal servers.

On the ODroid-XU4, I installed debian stretch as the base OS and then manually installed Yunohost as my web server. I use ServerPilot on my Digital ocean servers and was looking for a close match while self hosting. Love YHs web-ui and they did seem to support quite a few web apps. I also have my eyes on cozy and caprover. Might explore these at a later point in time if decide to switch to a different SBC.

Both NextcloudPi and Yunohost have letsencrypt tools to setup and manage certificates for the domains/sub domains. While super useful, I realised to benefit from that feature, I had to rely on haproxy. With some pointers from the Nextcloud forum, I decided to use another pi to front as the main server. Installed Diet-pi on it since it’s just something I really liked and configured haproxy on it to map to the corresponding server based on the hostname. While at it, I also added in a switch between the router and various servers.

I still need to work on making this more robust. One niggling issue is the speed is heavily compromised. I’m guessing it’s do with my haproxy config and I should be able to fix it pretty soon. Once I have this sorted out, I need to spend some time hardening the security of the server, further configure Yunohost, device my backup strategies and finally moving my websites over from Digital Ocean.

ODroid XU4 SBC

Meena and my family gifted me an Odroid XU4 SBC earlier last month as a Christmas/B-day gift. One of my projects during the year-end holidays was to setup a robust home server; Essentially getting my webservers home from Digital Ocean, where they are currently hosted. This would be a terrific companion to the nextcloud fileserver that I setup earlier using a raspberry pi.

Earlier this week, I chanced upon DietPi and decided to launch it on the eMMC chip. One of the first things I did was to install Pi-Hole. With uBlock addons’ that should be some good riddance to ads across my home network! Would be interesting to keep track of these network pings to see what devices are needlessly calling ‘home’.

I’ve ported my web applications to the Odroid board and am currently testing out the server internally before I ‘turn on’ the traffic switch. All looks super-promising so far! Over the next few months, I’ll have to tweak the settings and tune this mini-beast a bit for performance. For now though, I’m more than happy with what it’s delivering!