Hosting Server @ Home
Why a Home Server?
The first question is why do you want a computer separate from the computer you are using, and then choose where this 2nd machine should run. It can be at home, you can rent a remote server, or you can subscribe to a service, such as Dropbox or iCloud.
The advantages of a home solution are:
- Your data is kept in your own country, meaning that it is your country’s privacy laws that control data access.
- It can be cheaper, especially if you already have a computer lying around
- There are more options of what you can do, A home server does not only store my backup files, but can also host a website, run a plexserver, and act as an entry point to my home network. You will need to setup the security correctly
- You can take your files with you for remote access. I can disconnect the external hard drives and access all my files directly should the need arise. Also access across the home network is much faster than pulling files from a remote server.
Disadvantages:
- Requires more setup, especially if you are only after remote file access. Solutions such as oneDrive, Dropbox, pCloud amoung others will be easier to setup and more reliable
- Your files are at home, meaning they can physically stolen or destroyed
- If something goes wrong you have no one else to blame but yourself
My home server first used CentOS 8 but now I using Debian. Some of the sections of the guide have been not been updated so be sure to double check if the commands run on your server.
Home Network with Debian
This guide is for setup and administration of a home server to be used for backup, Samba file sharing and to host a non-critical websites. Non-critical in the sense that if it is down for a week no one will be affected.
I am using an Inspirion 1545 from 2009. The advantages of an old laptop are:
- it does not restart during power outages
- Can easily access the OS directly
- Free.
CentOS Setup
Confirm the version of CentOS you have installed with:
$ hostnamectl
Static hostname: inspire
Icon name: computer-laptop
Chassis: laptop
Machine ID: cd274e46c17e49d3900e131a379b6f5a
Boot ID: 61a6679d2ced4ab28916179d679e3097
Operating System: CentOS Stream 8
CPE OS Name: cpe:/o:centos:centos:8
Kernel: Linux 4.18.0-193.28.1.el8_2.x86_64
Architecture: x86-64
The version of linux determines which command can be used to check the version. Some alternatives are:
$ cat /etc/os-release
$ lsb_release -a
$ hostnamectl
Install Ethernet Driver
To install the ethernet driver identify the hardware device you have and the find the correct driver using the device ID and name.
No ethernet device detected
$ nmcli device status
See all PCI devices
$ lspci
Search online for the correct driver and match the version with the installed version of CentOS, in my case 8.2
install the driver with rpm -i kmod*
reboot, and it works.
You will now need to add the repository so CentOS knows to look for updates.
sudo rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
sudo yum install https://www.elrepo.org/elrepo-release-8.el8.elrepo.noarch.rpm
Set Hostname
hostnamectl set-hostname NAME
Mac Address retrieval
ifconfig -a #CentOS
and look for ether value under your ethernet device name.
Speed checks
sudo dnf install iperf3
iperf3 can also be installed for windows. To use iperf3 run it in server mode on one device and client mode on the 2nd.
# server mode
iperf3 -s
# client mode
$ iperf3 -c $IP_ADDRESS
iperf can be used to check how your wireless speed changes in your home. I found that there is a 20Mbps drop between the office and the living room.
SSH log
journalctl -u sshd
Mount External drive
Get the location
$ lsblk
Mount external hard drive
$ mkdir /mnt/extdrive
$ mount /dev/sda1 /mnt/extdrive
Check file format of all drives
$ df -Th
Mount drives on boot using UUID
$ sudo blkid
$ vim /etc/fstab
And add the drives along with the mount point and diskformat to the bottom of the file. Now on reboot the external drives will be mounted.
UUID=20f70136-acf2-11ec-b909-0242ac120002 /mnt/drive1 btrfs
UUID=28c5d5cc-acf2-11ec-b909-0242ac120002 /mnt/drive2 ext4
UUID=2cb1fbe8-acf2-11ec-b909-0242ac120002 /mnt/drive3 ext4
Mac Partition
To read a mac partitioned external hard drive:
yum install kmod-hfsplus
yum install hfsplus-tools
Format partition to ext4
First you need to unmount the drive if you have been using it. For example:
umount /dev/sda2
Choose which device you want to format. In the case of sda1, use:
mkfs.ext4 /dev/sda1
Shell Configurations
Identify Shell
echo $SHELL
Symlinks
ln -s file1 link1
Symlinks are shortcuts in Linux speak.
Alias
With an alias you can assign a name to any custom command.
alias $SHORT_NAME="CUSTOM COMMAND
To make the alias permanent you first need to know which type of shell you are using, “Identify shell” and edit the matching profile.
If using bash, the file to edit is ~/.bashrc
If using zsh, the file is ~/.zprofile
Once the alias is added you need to log out or source ~/.bashrc
Samba to Share Files on Home Network
Samba shares a chosen directory from your server with your home network. I use it to share movies with Apple TV and to run backups over the network.
#install samba
sudo yum install samba samba-client
# start samba and nmbd. nmd part of samba to connect to Windows machines.
sudo systemctl start smb.service
# start samba on startup
sudo systemctl enable smb.service
# allow through firewall
sudo firewall-cmd --permanent --zone=public --add-service=samba
sudo firewall-cmd --zone=public --add-service=samba
# create a samba account with access for existing user
sudo smbpasswd -a adam
# enable the user
sudo smbpasswd -e adam
Update the config file /etc/samba/smb.conf to:
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
[Shared]
path = /mnt/drive1/Shared
public = yes
guest ok = yes
guest only = yes
guest account = nobody
browsable = yes
[ServerDrive]
path = /mnt/
browseable = no
read only = no
force create mode = 0660
force directory mode = 2770
force user = adam
valid users = adam
and restart the samba service sudo systemctl restart smb
This config shares the /mnt/ directory to a user named adam. To connect to this drive from MacOS open Finder and press CMD-K and the login in smb://192.168.0.110/ServerDrive. It requires a password to connect.
The config also shares /mnt/wdpassport/Shared with all users on the network.
To connect from Windows, select Add Network location from This PC context menu and add //192.168.0.110/Shared
At first, I couldn’t see one of the directories. Check if SELinux is the cause by turning it off.
$ sudo setenforce 0
Then turn it back on and adgd a tag to share the directory.
$ $ sudo chcon -Rt samba_share_t $SHARED_DIRECTORY
Which took 25 minutes to run, so maybe there was a better way.
Modified from sources among which was linuxize.
To check machines currently connected to the Samba server you can use:
sudo smbstatus -S
Sometimes the samba server stops working, and the quickest fix is to restart the server. This is quite a pain as the internal drive is encrypted and requires physical access to the machine. I need to find another way to share files.
Restarting the samba service is not enough. I couldn’t find anything useful in the log, only that it was awaiting connection.
VPN Setup
So the machine connects via a VPN service instead of directly.
As a Client
sudo dnf install openvpn
First check if connecting works as you expect: I used expressVPN and downloaded the my_expressvpn_denmark_udp.ovpn from the members area
sudo openvpn --config expressVPNconfig/my_expressvpn_denmark_udp.ovpn
You will then be asked for your username and password available from the same address as the ovpn file.
To check your ip has been changed you check your public IP with website like
wget –O –q https://checkip.amazonaws.com
To check your torrent traffic is being routed through the VPN you can use ipMagnet.
DNS settings
Your DNS settings controls what websites are available to your machine by restricting which urls are converted to IP addresses. There are DNS that can block adult websites and advertising addresses, meaning your company cannot access these, instead of blocking these sites.
To change your DNS you first need to stop Network Manger from changing the DNS. To edit Network manager /etc/NetworkManager/NetworkManager.conf add dns=none under [main]. Then you can add your own nameserver line in /etc/resolv.conf.
Emacs
$ dnf install emacs
Connect Directly to Tmux Session
Scripts for connecting to tmux session
ssh -t $SERVERNAME "tmux attach-session -t adam || tmux new-session -s adam"
Kill all tmux sessions
tmux kill-server
Kill process
kill -9 ID
Disable Screen
If you know how to disable the screen without installing GUI let me know, otherwise after trying vbetool, xset, randr, disabling the backlight, and disabling the video driver I ended up installing GUI and having the power saver disable the screen.
Tried dnf group install "Legacy X Window System Compatibility" to get xrandr to see the display but no luck.
Finally what worked was installing CentOS with a GUI, and setting it as default, systemctl set-default graphical.target. The power saver then turns off the display.
To start the GUI from console use $ startx
Sleep and Wake
To sleep, $ sudo systemctl suspend
To wake the server I need the MAC address available from
$ ip addr show
00:25:64:5f:45:0b
To enable wakeonlan ethtool needs to enable it on the connection.
Get the device name with nmcli
Check if wake on lan is enabled on the Wake-on setting in
$ sudo ethtool $DEVICE_NAME
# Enable Wake-on by using g
$ sudo ethtool -s $DEVICE_NAME wol g
The change in ethtools does not persist reboot. I shared a working solution on the CentOS forum
To send a wakeonlan signal from MacOS you need to install wakeonlan. I use (brew)[https://brew.sh].
$ wakeonlan $MAC_ADDRESS
Remote Suspend
Sleeping the PC remotely required root access to the machine and running systemctl suspend . I added my laptops public key to the servers root ssh access. External networks do not have direct access to the server. All connections are done via my raspberry pi introducing proxy jumps, as an alternative to key forwarding.
~/.ssh/config
Host raspberryPI
HostName $PUBLIC_IP
User $USER
port $OTHER_THAN_22
Host root-server
HostName $LOCAL_IP
User root
port 22
ProxyJump raspberryPI
Uploading with sftp
To upload to a remote server use sftp connect with:
sftp user@server-address
Then use the put command with the following form
put -r src/path/to/local/dir dest/path/to/server/dir/
Useful installs and Commands
Adding libraries
$ sudo yum install wget #Download files from URL
$ sudo yum install epel-release #Extra Packages for Enterprise Linux.
Install from source(not recommended)
When installing a package from source run checkinstall so that it can be removed with the package installer. However in a packaged Linux version, doing this can lead to problems down the line says CentOS forum admin.
Group Installs
yum group list install many packages at once, for example yum group install server with gui
Useful packages
dnf-automatic
Learnings Along the Way
libpci.so is library that allows applications to access the PCI subsystem. Source
Hibernating with $ systemctl hibernate requires decrypting the disks when starting up
Change Password passwd
Check inhibitors
systemd-inhibit --list
Plex Server
Plex Server uses TheTVDB for metadata to its files.
Clear CLI Screen
$ setterm -clear all > /dev/tty1
Useful Links
Other
Automator Service JXA script to wake server from Touch Bar via an always on raspberry pi:
var app = Application.currentApplication();
app.includeStandardAdditions = true;
app.doShellScript('ssh raspberryPI "wakeonlan $MAC_ADDRESS" &');
Automator Service JXA script to suspend server from Touch Bar via an always on raspberry pi:
var app = Application.currentApplication();
app.includeStandardAdditions = true;
app.doShellScript('ssh root-server "systemctl suspend" &');