Home Network – Home Server

I have had a server at home for more than 20 years. This all started as a simple router back when my flatmate and I got a copper leased line back to the ISP’s office we were working for and used 56kbit/s US Robotics modems on both ends for a permanent Internet connection.

A bit later the home server morphed into a file server and media server setup, and in recent years has become more important for home automation.

Of course hardware, operating system and software has changed over time. So here comes a brief overview of my current setup.

Location

Before I go into the details – the server itself is installed in a small 19″ rack under my house, together with the network switch, controller and a small UPS which can serve the whole rack for about 15 minutes.

This location is not perfect but remains reasonably cool in the Australian summer. I built myself a small ESP based device into a 1RU chassis that measures the temperature under, inside and above the rack, and controls 4 fans in the top of the rack depending on ambient average temperature.

I installed fine wire mesh onto all openings of the rack to at least keep larger dust particles as well as insects out.

Server Rack

Hardware

  • Intel Core i5-6600T CPU, 2.70GHz – this is an ultra-low power CPU.
  • 16GB RAM.
  • Gigabyte GA-H170N-WIFI Mini ITX mainboard – this actually comes with 2x 1GbE ports and for a while I used both in load-balanced link aggregation mode, but it turned out that effectively one port was mainly used for upload and the other mainly for download; I probably rarely need such high throughput anyway, and went back to a single network connection.
  • Samsung 950 Pro 256GB M.2 as the system drive – using a M.2 SSD has system drive has had a significant improvement on boot time, and a full reboot of the whole system now takes just about 1 minute.
  • 2x Western Digital WD80EFZX 8TB drives in a software RAID1 (mirror) setup – I had tried RAID5 in the past, but after two independent irrecoverable failures with different hard drives, mainboard and software RAID version, I gave up and returned to RAID1.
  • 1x Seagate ST3000VX000 3TB local backup drive – I use this to store backups of the system configuration only.
  • 1x Western Digital WD60EZRZ 6TB external backup drive – I use this for a full backup including system configuration and file shares; this drive is USB connected and I only mount this for the duration of the backup.
  • TGC-32380 rack-mountable chassis (3RU).
  • ATEN UCE3250 4-port USB Extender – this is required because the server is in a metal rack under my house but I have two USB sticks connected to run Z-Wave and Zigbee wireless networks and I had to position these two at a more suitable point in the house; this extender supports up to 50 metre distance via CAT5 cabling.
  • Eaton 5S 850 UPS – this does not only cover my home server but also the network switch, and lasts for up to about 15 minutes in case of a power outage.

Operating System

I have always run some flavour of Linux on my Home Server. Many years ago I have settled on Ubuntu Server and its LTS (long term support) version. Almost anything is available as a Ubuntu package, and using the LTS version has not only the advantage that updates and security fixes are available for a longer period of time but also that you don’t have to do a major upgrade every six or so months.

Remote Access

I primarily access my server via SSH, but for the rare occasion that BIOS level access is required, or the server disappeared from the network, I installed a KVM extender that runs over a CAT6 cable into my office where I can connect monitor and keyboard.

Applications

Home Automation

  • Home Assistant: My choice of home automation software connecting to many devices around my house.
  • MySQL: Mainly used for recording Home Assistant states as this scales much better than the default SQLite.
  • InfluxDB: Alternative database used for recording Home Assistant states, in particular for a local Luftdaten particular matter device.
  • Mosquitto: Used as a broker between Owntracks installed on mobile devices and Home Assistant for device location tracking. Actually I haven’t exposed this Mosquitto server to the Internet, but have another Mosquitto instance running on a cloud server and use the built-in bridge mode to replicate messages from the cloud instance to my local instance.
  • Phoscon: Controls a Zigbee network with a local ConBee USB stick.

File Server

  • Netatalk: Used for AFP file sharing, as long as macos still supports it.
  • Plex media server: This mainly serves video content to my Android TV which runs the Plex app.

Backup

  • rsnapshot: This rsync based backup tool creates regular snapshots of local and some remote filesystems and stores deltas on local and portable hard drives.
  • Duplicati: This backup service creates nightly backups of my most important files (documents, photos, etc.) and encrypts and uploads them straight to Microsoft’s Onedrive (using my 1TB free storage from the Office 365 subscription). The total backup size is about 300GB at the moment. The initial upload was a bit painful on a 1Mbit/s uplink, but the software supports incremental backups after that.

Monitoring

  • Netdata: Nice tool to monitor resource usage on the local server, and send alerts if anything happens out of the ordinary.
    Out of all the services I am running on the server, Home Assistant is probably the most crucial one. As a simple health-check I configured a httpcheck probe that checks if the web interface of Home Assistant is available or not.
Netdata System Overview

Security

  • UFW: This is a simple firewall wrapper which allows to create application profiles. You can quite easily add additional profiles when necessary.
    Needless to say, the firewall blocks access to all ports except for the ones I actually need within my network.
  • fail2ban: Monitors certain services – SSH and Apache in my case – for failed login attempts and automatically blocks IP addresses for a period of time. I have taken this a step further and extend the time longer and longer if someone from a certain IP address continuous to attempt to break in.

Future Evolution

The above hardware and software works well overall. However, in a future evolution of my setup I would probably run anything related to home automation on a separate server from the file sharing and backup services. The home automation software has become quite an essential part of life so that I would want to avoid any prolonged downtime due to hard-drive maintenance like filesystem checks.

Outlook

In the next part of this series I am going to dive deeper into the IPv6 world.


Home Network Series

  1. Design Overview
  2. Home Server

Leave a Reply

Your email address will not be published. Required fields are marked *