a scene of a bathtub

Allo

portainer dashboard filerun home page nginx proxy manager dashboard windows terminal with ssh and 2FA executed

Home Server

Creators: Augusto Mota Pinheiro
Start Date: ~ 06/2021
End Date: N/A
Medium & Tools: Ubuntu Server | Ansible-Nas | Docker | DynV6 | Nginx Proxy Manager

Project Summary

When Google announced that it would be limiting Google Photos usage for non-paying users, I decided to create a home server to host all of my friend's and my favorite game clips. I could also host our Minecraft server on it which was a great bonus! It would be a really cool learning opportunity as well as a great way to have a similar service for lower costs in the long run.

After some research I found out that the easiest way for me to get started would be to use Ansible, an automation framework running on Ubuntu, more specifically Ansible-Nas, an implementation of Ansible specific to "NASes"! I got a cheap workstation from 2010 at a local computer store, installed Ubuntu and Ansible-Nas and got Filerun and Minecraft up and running in a Docker container for each. I also got a few SAMBA shares for the internal network so that I could backup my PC on it weekly as well as a shared internal folder.

I had a few key points I wanted to hit with this project, namely having access to it from outside my home network (for my friends to use) and be easy to maintain. Good news on the latter, Docker was the best solution for me! However, making it secure was a whole new challenge that took me a while to figure out.

I won't go into too much detail for security purposes, but my setup goes a little like this: I got a DDNS from DynV6 to point to my router, forwarded random ports for SSH, Minecraft and NPM, setup 2FA for SSH and used NPM to manage HTTPS traffic to the right places which is just Filerun for now. With everything running in their own Docker container! And to manage all of the containers in a more streamlined way I'm using Portainer!

Possible Improvements

It was the first time I had ever used Docker and Linux for extended periods of time since I had played with both those tools in the past, but nothing serious. From this, if I had the opportunity of restarting (and I probably will in the future), I would do a couple of things differently:

  • an automation framework like Ansible-Nas is a bit overkill for my purposes.
  • it would've been easier to run everything in Docker containers on a clean installation of Ubuntu Server.
  • making regular backups of my configuration files as well as my data is a great way to avoid panicked afternoons, thinking I lost everything while in reality my drive wasn't automatically mounted.

That being said, I'm very proud of what I achieved and will definitely be working on improving it in the future :)