/hsg/ Home Server General

/hsg/ Home Server General

>Why should I have a homeserver?
De-botnet your life. Learn something new. Serving applications to yourself, your family, and your firends feels good because service to others feels good. Put your Jow Forums skills to good use for yourself and those close to you. Store their data with proper availability redundancy and backups, don’t let googlel/applel/microshaft botnet them.

>How should I get started?
NAS is how most people get into this. It’s nice have a /comfy/ home for all your data. Streaming your movies/shows around the house and to friends is good feels. Repurpose an old desktop, buy a SBC, or go with cheap used enterprise gear. Lots of options and theres even a flowchart. Ask.

/hsg/ is about learning and expanding your horizons. Know all about NAS? Learn virtualization. Spun up some VMs? Learn about networking by standing up a pfsense box and configuring some vlans. Theres always more to learn and chances to grow. Think you’re godtier already? Setup openstack and report back.

>What software should I run?
install gentoo. Or whatever flavor of *nix is best for the job or most comfy for you. Emby to replace netflix, nextcloud to replace googlel, ampache to replace spotify, the list goes on and on. Look at the awesome selfhosted list and ask.

>Datahoarding ok here?
YES - you are in good company. Shuck those easystores and flash IT mode on your H310. All datahoarding talk welcome.

>Do I need a rack and all that noisey enterprise gear?
No. An old laptop or rpi can be a server if you want.

>Links
github.com/Kickball/awesome-selfhosted
old.reddit.com/r/datahoarder
labgopher.com
reddit.com/r/homelab/wiki/index

Attached: hsg.png (399x1058, 631K)

Other urls found in this thread:

github.com/Kickball/awesome-selfhosted#wikis
pcpartpicker.com/list/X4RxBb
newegg.com/Product/Product.aspx?Item=9SIA6ZP3N68304&ignorebbr=1
elinux.org/RPi-Cam-Web-Interface
twitter.com/NSFWRedditImage

I know that using AWS ruins the fun, but I see fags on Jow Forums saying that they somehow spy on you, except they can never give any proof at all, so I’m posting this in the legitimate quest for some proof that AWS spies on its users.

even if that wasn't true which, which you should assume without proof that it is,
its still just another easy mode nigger plantation for know nothing niggers.
doesn't bother me if you use it.

what do you guys think about my dashobard? Working on adding a display of the last 5 streams/transcodes next so I know who is using the server.

Ram usage is so high because I only have a 8GB stick in there right now. Bandwidth spikes are from speedtest.

Attached: monitoring.jpg (1241x780, 100K)

Pump

This is actually interesting. I want to know more. Can anybody recommend some hardware for it? How much space makes sense? 1 TB or is that too less?
And would a setup with a Raspberry Pie be good enough or does it make no sense?

Thanks for helping out the brainlet

turned my old thinkpad into home server last week. performs perfectly. feels great

Attached: P_setting_fff_1_90_end_500.jpg (500x500, 32K)

Well what are (You) planning to do with it? If it's simple file sharing, anything released in the last 12 years will do. VM Host needs some more grunt, etc.

Well the reason I use AWS is because I use it at work so I can do some pretty crazy shit with it extremely quickly, and I used to admin actual servers anyway so for me it’s more of a privacy thing than a learning experience.

i'm configuring pfSense basically as a router, but i can't get to route internet through pf's dhcp server.
tryed configuring a NAT rule but didn't work.

any ideas what i must be doing wrong?

Attached: 1552657211521.png (500x522, 142K)

Yeah, did the same on my T420, VM Host with a DC server and have been practicing with it, the i5 and 8Gb of ram are plenty for the task. Currently setting a second one up to learn replication.

nevermind, i'll kill myself now

As another user already said, it depends on what you wanna do with it. If you have 1 TB of data you wanna back up, you're going to need at least 1TB of space. Applications obviously also need space but if you don't install lots of different bloatware, data should obviously be your first concern regarding space. But if you some other services, IM, IRC, Email, whatever, stuff other than storage becomes important, although not that much with my examples, I guess.

That's Grafana, right?

Fucking ISP makes it so that you can only use their router to connect to the internet
And they have the nerve to lock AP Isolation to "on". I'm so fucking pissed.

Yes. Data source is influx db written to by telegraf. Pretty standard set up if you google it.

You're uploading data to a company. To believe they aren't mining it flies in the face of most historical evidence.
That said, you can get creative in finding out. Make a database of URLs with very specific paths and values. Host a server outside of AWS at those URLs and monitor. See if anything goes to those specific URLs.
Something like kfjiottiojsgjioogiasgfa.com/fjgtyiopdgfjasdiogjanmg.php?a=gjiojioffsdjioajiojbhbajio&b=jkfljklljklasfj

seagate ironwolf, toshiba n300, or wd red...
which of these three drives is the best option to buy?
ironwolf and n300 are priced the same for me with reds being maybe 5% more expensive
im looking to buy a handful of 8tb drives, say maybe 6-10 all in all

Attached: 1508996580011.png (1218x838, 233K)

Question is, are you opposed to shucking or not? If you shuck, WD Reds can be had for $180 for 10TB when best buy has a sale on easy stores. If you're outside the US, the WD My Book has the same drives. I've done this many times, and have 8 or 9 shucked drives in my main zpools right now and for the last 1.5 years.

cheapest 10tb external in my country is wd my book and that one is $301, which is $20 more expensive than 8tb ironwolf/n300
not sure about shucking

Do you at least have admin/root access to the router? Thats pretty shitty regardless, since its probably the cheapest/lamest thing they could source. You sure you can't have your ISP put it in pass-thru mode so you can run your own router/dhcp/dns?

You can look into US resalers - I wouldn't be surprised if there are folks buying up the 8/10TB easy stores and reselling them to foreign markets (since best buy only sells them in the US for some damn reason). $160 for a 10TB is the best pricing ever offered (on Black Friday and just a couple weeks ago). A reseller could make $50 profit and charge you $40 shipping and it'd still save you $30-50...

yeah i'll try that but i might end up having to pay 25% import tax on everything thats not shipped from within the EU
though im not necessarily opposed to shucking i think i'll pass on it simply because i'd like to be able to keep the warranty on the drives i buy for as long as possible
thanks for the idea though

Attached: 1551588970122.png (583x720, 273K)

Anyone have any suggestions for a personal wiki?

github.com/Kickball/awesome-selfhosted#wikis
documize looks nice and so does cowyo

Would you recommend InfluxDB over Prometheus?

i want to nakadashi kirino

Gitit looks pretty nice.
(This board is too fast for this thread.)

In the middle of putting void on a raspberry pi with an encrypted btrfs root partition and she in initramfs for funsies

Not sure what I should do with it though.

>btrfs
>Not sure what I should do with it though.
Not use btrfs.

Would like to enter the club but low on money,any suggestions ?

Why is Kirino wearing an idolmaster outfit.

Hopefully this is an appropriate question here... I'm a OSlet and use windows because it just pretty much works. I'm thinking about building a plex/NAS server but the OS recommended on the jdmwaat subreddit for the build is unraid. Is it straight forward enough to learn? The server would not be connected to a monitor-can the unraid server be remoted into with a windows machine? What about for set up? Thanks

Who let the faggot in?

if you pay close attention you'll realize her pantsu are visible, this is very wrong.
Perhaps the moderations staff is not aware of this? Someone should inform them.

>NAS mobo died
>gotta shell out a bunch of cash for a new one
just fuck my shit up senpai

Attached: 1552584900670.jpg (125x107, 2K)

I would generally recommend ZFS, but it's a fucking Raspberry Pi with a microSD card.
Using btrfs on such a toy computer is overkill, unless your only point is to toy with btrfs.

It's a 128GB SD card and I already have a bunch of scripts I used for managing rolling snapshots and backing those snapshots up to my NAS. I can straight up just dump them on the machine and they just work. For what possible reason would I not do so?

'Sup anons
I currently got another internet connection and I'm planning to setup load balancing. I already have an old HP laptop running Debian as a NAS.

Is it doable to setup load balancing on the laptop with a single ethernet adapter? (thinking on device alias here). Or should I go and buy a router with that option?

What are you load balancing?

My 2 net connections

The term you're looking for is bonding, not load balancing. It's probably possible with a single interfacd with vlans but you'd probably need managed switch for that and I don't have the experience to say more.

Can i get a sauce for this kirino doujin

gonna sell my gen8 dl380, I just don't really use it and it's getting older every day. such a pain in the ass to sell but I'll live with it

How's this for a NAS running Plex that will need to transcode occasionally.
pcpartpicker.com/list/X4RxBb

I'm still trying to decide on a hotswap bay for the backup drive. I'm currently looking at newegg.com/Product/Product.aspx?Item=9SIA6ZP3N68304&ignorebbr=1

ohtomo takuji

Nope. Would have disabled it if I could.
There's an admin account up online which could change every other setting including the AP Isolation, but someone inspected the router's firmware and saw that it's hardcoded to turn on AP isolation on startup

Want to make a server for reincoding videos.
Aiming at using the very slow hevc/av1 preset in the future to save space/bandwidth.
What amount of cores/threads is something like ffmpeg able to use?

ffmpeg can scale to anything, so buy as many cores as you can afford

How much of a pleb does using Docker make me?

Neat
Also is there a difference between the CPU requirements of clients to decode the slower presets ?
I can't seem to find any benchmarks about this but it should increase when files are encoded with the slower presets right ?

Any specific Raid config you're going for? Why not shuck 10tb easy stores? ~170 for 10tb 7200rpm drive

Finally found a use for my Pi Zero W as an Octoprint server with an attached webcam to remotely control and monitor my 3D printer. It's massively more convenient than putting gcode on an SD card and putting that into the printer.

Quite. But at least you use orchestration, and make meaningful commits in git for your infrastructure?

Attached: 684ovparm2721.jpg (600x500, 29K)

Hello fellas, do you guys have some tips for server hardening ?
How do yo guys fight the botnets ?

Here's what I've done yet:
ufw
sshguard
ossec
exim:
spamassassin
clamav
ssh:
changed ssh port
forbid root
still not sure about restrincting to ssh key, too scared to lose the key

todo:
finnish exim setup dor DKIM and DMARC

maybe:
install a dns server with dnssec

Attached: interrogation.png (1024x1024, 9K)

ded thread is ded

What did you expect? Most people in Jow Forums can't even set up a fileshare, don't expect them to post in a thread that requires basic technical background.

>don't expect them to post in a thread that requires basic technical background.
that or people are busy doing something else than posting on Jow Forums
maybe I should do the same

That's something I'd like to know as well. I'll look up the doujin, someone surely posted it already

how many ports do you have open and who are you hardening against? if its just a few basic services (ssh and the like) and you dont have any APTs on you, I've found the most milage by changing to non-default ports. I too don't use the key-only, because I ssh in from all kinds of boxes all over the place. Are you seeing bots trying to log in even on a non-standard port? If so, fail2ban is another great one to check out

Pi Zero w's make surprisingly good cameras. Check out RPi cam web interface if you haven't already. It's as cheap as those shitty Chinese cameras from Ali or bangood, but without the botnet. Exactly what we're all about around here

elinux.org/RPi-Cam-Web-Interface

>reddit links
this thread is a joke

Have a better source of information regarding data hoarding? Have a better homeserver/homelab wiki? Selfhost us a wiki and populate it with the same or better information and the copy pasta will happily link to that instead.

>muh aws spying on us
yeah i can see them doing that when only you can acess your files with your private-key.

I changed ports for ssh but not for mail related stuff, I am not sure if they need to stay default for it to function well.

For now 80 is not open but it will soon be.
I'll need another port for websocket too

Most of the bots I see right now are on mail.
> fuck [email protected]

about fail2ban, doesn't ossec do the same things ?

About hardening, ultimately I'd like it to be safe from botnets and governments, tho i know the re is a long way to go.

What do you mean with "APT" ?

APT = Advanced Persistent Threat. Basically someone skilled targeting you specifically. If you have someone actively trying to break into your shit, you've got bigger fish to fry, as its only a matter of time till they breach you. If that is the case, an IDS (like ossec, or security onion for another good one) will tell you when that happens, and is a good idea anyways as its a great thing to learn. If you're just concerned with bots, its easy to stay ahead of them with obscurity (like you've done, changing your ssh port to non-default). fail2ban will autoban an IP if it has too many failed login attempts regardless of username attempted. It works well if a bot does find your non-default port (something that has never happened to me in running ssh for 10+ years). I run non-sensitive stuff on 443 and 80 and haven't had any problems. Mail I'm not sure about though since I have no personal experience running a mail server.

The only thing on my server connected to the outside world is my netdata instance, which is on port 443 for SSL. I have it setup so that only my dedicated VPN IP can connect to it.

I wont be able to count on anonymity as this server will be public, with all the crap it implies.
I am not really worried by bots and I am not actively target for attack, though It seems that my domain name has been found by a botnet
that is trying to mess on the mail server, there are some servers from the same clouds and a suspicious amount of windows machines (as seen by the host).
I can lock them out based on the mail address they use on the server, but if they change methods they might obtain more things.
You gave me an idea by the way, i'll check what they are trying to send I might find some more info.

what are some good and affordable UPS:s?
you DO have one for your server, right?
>inb4 le first world country

Attached: 1549372106914.jpg (1172x840, 54K)

bump

Attached: 1538012016398.png (278x284, 112K)

They're all pretty affordable and under $200. Measure how many watts your server uses, compensate for an additional +200W and find something in that range.

Any alternatives to ampache I can use to stream nusic from outside my home network?

What dont you like about ampache? I've heard plex/emby can work as well. I'd like to get off the spotify/applemusic/amazon music streaming tit myself, but still have access to the full catalog. How do you keep your collection constantly updating? Ideally I'd just have a clone of spotify on my NAS...

Just use mpd

>Any specific Raid config you're going for?
RAID 0, using the 12TB for offsite backup.
>Why not shuck 10tb easy stores? ~170 for 10tb 7200rpm drive
While that does sound like a pretty economical way to get a lot of storage, I don't see myself needing that much for quiet a while. I don't even know how you would go about backing up such a large amount of data either.

what about compatibility?

What do you mean? You just plug your server power cables into the UPS and you're good to go. APC/CyberPower models are all recognized if the server uses NUT for status info and auto-shut down.

> RAID 0, using the 12TB for offsite backup.
You're memeing, right?

unless there is a reason to use something else, I want to set up a l2tp/ipsec vpn to access my shit while away and only expose 1 or 2 ports to the wan.

Should I use strongswan?

I tried setting it up and got it to connect and pass through my cellphone to the wan, but all traffic for my lan seems to be blocked no matter what I do, help please

RAID is not a back up, so I fail to see the point in RAID 1,10,5 or 6 if availability isn't critical.
So I figure that in that case, it's best to configure the drives as RAID 0 and then do periodic backups of the array to something else.

I was thinking about what it would take to push the Home Server meme to the general public, and i think it primarily comes down to this:

>Easy to buy and install pre-built servers on the market
E.g. something nice looking, cheap and almost ornamental in the home you set up, with no more difficulty than setting up a smartTV.

>API's for as many code-bases as possible
Once created, any level of app developer should be able to plug the service into their app in order to offer a 'de-botnet' option to their app (if the user has a HS of course), defaulting to cloud crap otherwise.
The service then asks for whatever identifiers are required from the human user (if this ends up being nothing more than 'please go to your home server and scan the QR on the front', or having it as a constant background service setup just once on any phone/tablet/PC that then informs requesting apps with one affirmative permission as you would allow an app access to your camera or GPS)

After that, i can imagine even the most norm of the normies that are even slightly libertarian would eat it up.

All the pieces are there, it just needs a nice interface, body and comfy API.

reddit bad

Attached: npc.png (2712x2083, 117K)

How exactly do I expand storage capacity?

add more drives

Download more RAM

I'm serious. With complicated file system or raid setups.

Have you considered storing your valuable files in ramdiscks? Almost never hear of ram failing unless its budget or a million years old.

>RAID
Christ.

Well, for starters, get your new drive in the machine itself and seen - some servers that aren't self-built refuse to see new drives until you enable them in the BIOS.

How much more of an expansion is it(what's the base, what's the upgrade)?
You might find it's easierto just migrate everything to the expansion disk or an intermediate, then rebuild the drives.
I'm not sure what the point of RAID is anymore when there are ways of having an OS just mirror everything on one drive to another automatically.

> if availability isn't critical.
You get jack shit instead of availability, anything from 5% to 10% of failure. RAID is not a backup in a sense that if your data will be deleted, it will be as deleted as on a normal drive. Then couple it with the fact that you'll need that 12TB to work while you are restoring it, and if your backups are corrupted or HDD died (just RAM it lol), your data is gone. Don't rely on backups, it's the last resort and it's easier to keep data intact.

What if you run out of sata ports tho

How can I pool lots of drives under one "root"? So instead of having /mnt/drive{1,2,3,4...} and having to keep track of where my files are I get exactly one / that grows as I add or replace drives.

Add an HBA card, LSI card go for $30 on Ali or Ebay.

LVM. But again, if a drive fails, it fails and it may corrupt the entire filesystem.

Is there something that spreads files all over the place and duplicates them so that failures can be recoverable?

RAID 5 or 6, depending on your drive size. 5 has one spare drive, 6 has two.

CEPH.

You can combine an array of drives as one single drive, but like says, if shit fails, it can be like walking over a rope-bridge with woodrot, at any moment a plank could break, the whole bridge is still a bridge, but something (or someone) valuable could have been on that plank.

At the end of the day there's nothing wrong with that so long as you have some variety of mirror or backup targeting valuable data.

So I've got a couple boxes of random shit leftover from past projects sitting in a couple boxes. Basically any component that isn't a case. Any ideas for getting rid of this garbage? Current plan is ebay anything worth over ~$20 and drop the rest at the local electronics recycling.

Attached: 1537433676100.jpg (960x720, 116K)

I can't seem to get it to stream to my phone. I update my collection about once a month.

I will check this out.

Anyone use this at home?

put some cpu historical usage figures in there, I like so see what's been raping my resources during the day.
I would alos get rid of all the boxes and just have a page where DOWN services appear.

I'm playing around with graphana for home automation, pretty fun.