My Self Hosted Systems

February 2019 ยท 4 minute read

Lately I have been inspired to setup a few self-hosted systems again, all hosted on a spare computer I previously used as a lab environment, it’s running running Debian with QEMU/KVM + libvirt and have a number virtual machines running locally (stored as qcow2 files). I aim to only run Open Source software of course, that’s just how I roll. Right now you’ll find the following services running on separate VMs:

Pi-hole1 is an internal pre-configured nameserver with a huge black-list for domains which blocks ads, trackers etc. It’s pretty much set and forget, but there’s a very pretty WebUI available, should you want to make and changes to the default configuration. I have activated the built-in DHCPD and added a couple of community list234. The server is now blocking close to 3 million domains, so that’s pretty cool.

I also setup my own blacklist as a separate txt file. Instead of hosting it somewhere else I simply put it on the pihole webserver as /var/www/html/internal.txt. It can then be added via the URL pihome.domain.tld/internal.txt under Settings > Blocklists in the admin gui. Note that you could of course simply use the built-in blacklist tool.

Hugo5 have generated the post you’re currently reading which your browser download from my Apache2 instance. All pages are stand-alone HTML-files without any JS at all, and yes that obviously makes me cool. I use david hamp-gonsalves’ Black & Light theme6 with some minor changes to the CSS, navigation and URLs. Everything is served over HTTPS with a Let’s Encrypt wildcard certificate and a few custom fail2ban filters. E.g. is any kind of GET *.php instantly banned, since there’s no such dynamic/code content at all.

Nextcloud7 is a fork of ownCloud and very similar to Dropbox. I sync files, contacts, calendar et al between my tower, laptop and phone. There are other plugins (apps) available as well, but most of them are only usable in the WebUI, which by the way is clean and responsive. No public access.

Wireguard8 is without a doubt the VPN to use right now. Really simple to setup and feels both faster and more resource efficient when compared to OpenVPN. Note that Wireguard isn’t production ready yet though, but I see no point in waiting to run it at home. I have wg-client installed on my both my phone, tower and laptop, so I always have access to the systems hosted at home.

There will be some sort of guide published here9 in the near future, on how to install Wireguard that is.

Funkwhale10 can be classified as an alternative to Spootify, Soundcloud, Google Music and other similar music streaming services. The difference is of course that you have to provide your own content rather than streaming what’s available from a third-party. It was a bit finicky to install this one, since the documentation is kinda cofusing. All you need to know is in there though, and Funkwhale have been working without a hitch since I got it up and running. By the way android apps are available of F-droid. Keyword subsonic (apparently de facto API).

Audioserve11 is Funkwhale for audiobooks. I chose it over the more powerfull Booksonic since the last commit to that project was two years ago, according to their repo on Github12. Audioserve doesn’t provide any fancy features besides the streaming part really, and it’s a bit annoying to fill out info about authors and books manually. I didn’t mind importing my mp3’s since my library isn’t that big really, but I can see it being an issue if you have a huge collection of audiobooks.

Firefly III13 handles personal finances. Transactions, loans and other exciting things I’d rather ignore. There’s some automation in there, recurring expenses and the like, but the point of the software is to fill stuff out manually to be more aware on how you spend your money.

That’s it! I’m actively looking for other usefull software to host though. Not that I need anything else really, but it’s quite nice to have a little environment running at home. I highly recommend it if you’re looking to learn more about Linux and/or systemd administration.

545e98ab21e9f1d1aa20f581fb5be5ea62bdb28e