View all posts →

Build your minimal home server

Home server

In this blog am going to share my learnings and findings on how i build my mini home-server an year back, which am currently using to host my side projects, access my files anywhere from the world, alternate for google drive etc.. This blog will cover only the basic highlevel steps, although i have given all the source links for the setup, but if you are expecting a spoon feed kinda stuff, then this is not for you.

What is Home Server?

Pastly everyone in tech probably knows what a bare metal server is and why do we need it, but nowadays everyone is aware of Cloud Computing, AWS, GCP, Serverless etc stuffs, but just forgot the roots and basic stuffs like what is server and how to host things locally(bare metal) etc, Home server is not any definitive name or anything, its just a computer that sits with us(since in my case its in my home am calling it as a home server).

Why do we need it?

We can make use of our own home-server in multiple ways, like for storing and writing files(like NFS), accessing our system using SSH from anywhere, creating our own web server, hosting our unfinished side projects, also we can get rid of data sucking google drive by having our own FTP server etc(currently am using my home server instead of a traditional google drive),and yeah, there are lot more than this to explore.

Prerequisites or What do we need to acheive this?

> Internet Connection(I know this is dumb but still!), probably a home wifi like ACT, airtel fiber, hathway etc.

> A Public IP address, This can be obtained from our ISP(ACT, hathway etc).
Why we need this? — our public IP showing in whatsmyip, cannot be accessed outside of your ISP, since by default all the ISP will be behind a CG-NAT.
you can learn about CG-NAT in this blog, youtube.

> A domain name for your public ip(this is optional as far as my opinion), if you are ok with accessing your server with ip address like (20.300.400.50) in browser or anyother client, this step is not needed.

> Of course a desktop or a laptop, with any linux distro installed.

How to Configure?

Once you set up your public IP from your ISP, thats it! that is all you need to connect your local desktop/computer to the internet(outside world). To verify the same, find your public IP in whatsmyip, and try to ping your public ip address in your laptop/desktop from a different network other than your ISP(it can be your mobile hotspot).

If you are receiving a sucessful ping, thats all, you can confirm that your desktop/laptop has been publicly connected to internet. its upto us now to decide how to turn our normal desktop/laptop which is connected to internet into a webserver or as an FTP server etc.

If you find your public ip ping is not accessible, most probably you need to enable your ICMP settings on your router/firewall settings.

Using PortForwarding

Port forwarding is one way of exposing your server to the outside world, although this has some secruity flaws, which we need to take care by our self, but for simple tasks like hosting etc this is a good place to start.

Using VPN servers like wireguard, openvpn etc

There is another way of making our desktop/laptop as a FTP server etc, is by using a VPN servers like wireguard, openvpn etc, since in port forwarding approach we are exposing a lot of ports(like 21, 22, 80 etc) to the outside world, there can be multiple ways to hack into any of our open ports.

If we are using VPN based servers like wireguard, we don’t even need to open all the ports. By this way this would be way more secure compared to our previous approach.

Setting up a VPN server with wireguard.

Setting up a VPN service is a easy process, since installing and configuring wireguard is pretty easy with only a minimal amount of steps we need to follow,

> Expose port 51820 on your router settings using port forwarding(Compared to port forward approach, here we are exposing only a single port 51820 where this port is managed by wireguard and can only accessed by legitimate clients that already registered with our server.

> if(firewall_is_enabled) allow port 51820 in the firewall settings as well; else SKIP_THIS_STEP.

> Install wireguard(personally i installed using the official docker image, which is pretty easy)

> Once the above steps are done, now try to access your wireguard UI SERVER:51821 from your internal network, this will open a GUI based wireguard, where you can manage your wireguard clients.

Reference: Wireguard

Yep, this is it! this is how i turned my local desktop into a home server and am using it for the past 10-12months for hosting and alternate for google drive.



View all posts →