Self Hosting

2016-01-25

I’m going to start this post with a little problem I created for myself.

So many computers

Let’s see here. I have a gaming desktop at home, a work laptop at work, a netbook at home for resource-constrained programming and a Raspberry Pi. That’s cool. Daniela also has her own computer, but that’s hers and I simply leave it be. Two weeks ago I caught myself watching The 8-Bit Guy talking about the Macbook Core Duo and seeing if it’s obsolete1. I was really impressed by how capable the machine still is, and also had the Libreboot project sitting in the back of my mind. Specifically, Libreboot mentions 2008 and earlier Intel chips possibly being okay… So that’s arriving on Thursday, presumably. Oh, and I just bought another netbook off of a coworker.

Maybe, just maybe I have a problem.

Did I happen to mention that I’m looking to get a replica Altair 8800, too?2

Power Usage

Okay, time for a little tangent.

One interesting thing about all these different computers is how much power they draw and what they can be used for. Initially I picked up my first netbook for resource-constrained programming, thinking I could do some software rendering optimizations on it. As my collection of computers has grown, my goals for each machine have changed. I now envision an army of servers aided by a couple of special purpose machines. Well, maybe not an army, but definitely two servers (each netbook) plus hooking up my Raspberry Pi as a torrent machine. My desktop will change once again to a hybrid gaming/programming machine - granted I can ever wrangle UEFI dual boot with full disk encryption; and my work machine will remain as-is.

I think the netbooks are great as potential servers because they have pretty low power draw compared to my mammoth desktop. According to some quick searches and rough calculations, I’m looking at power draws of 10-22W, 45W and 3.5W respectively, for each of my Dell Mini 10 (netbook 1), Acer Aspire One (netbook 2) and Raspberry Pi. Compare that with my 500+W desktop with a power supply so large that I know it’s more than 500W, I just can’t remember how much more.

Privacy

The new Macbook is interesting. It is apparently supported by Libreboot.3 I actually didn’t realize this before splurging on it, but it has turned out to be a happy coincidence. I mean, I did have suspicions it would work out… But why do I care about Libreboot? Have you heard about Intel’s Management Engine?4 5 Or how about AMD’s PSP?6 Basically, we’re all screwed. As my good friend Lucas says, “Encrypt Everything.”7 At work I’ve already configured DNSCrypt, and you may have noticed that my website is also served via HTTPS now. This is all part of the big plan.

Self Hosting

Right now I host my website via GitHub pages. I also host all my code projects on BitBucket and GitHub. I have photos up on SmugMug and I stream videos from Netflix. That last one will probably remain, but I will definitely change the others.

Here’s the plan: My brother recently brought to my attention that my router is supported by OpenWRT8. Great!

  1: Install OpenWRT onto router
  2: Install OpenVPN9 onto router
  3: Install DNSCrypt10 onto router

That’ll set up my home environment so all of our locally networked devices have a secure, private connection out to the wide internet. Now, remember all my netbooks? Yeah, those fit nicely into the plan.

  4: Setup OwnCloud11 on netbook 2
  5: Self-host my website on netbook 1
  6: Host code projects via GitLab12 on netbook 1

The final piece will be hacking together a gateway so my webserver is accessible publicly. I may use this solution to cover my OwnCloud server as well.

  7: Get a small VPS instance for $5 USD/mo. from Digital Ocean13
  8: Setup SSL keys between my VPS and home machine(s) via Let’s Encrypt14
  9: Forward appropriate requests from my VPS to my home machines via some wizardry

Well, that’s the plan anyway. Oh, I intend to self-host email as well. But, I believe that option is rife with complexities, and I’m reasonably happy with ProtonMail15 so far.

PS: I pay Private Internet Access for access to their non-logging VPN.16


Footnotes

1The 8-Bit Guy: Is It Obsolete?
2Briel Computers Altair 8800 Micro
3Libreboot: Macbook 2,1
4Hackaday: The Trouble With Intel’s Management Engine
5Libreboot: Intel ME
6Libreboot: AMD PSP
7Lucas Amorim: Encrypt Everything
8OpenWRT
9OpenVPN on OpenWRT
10DNSCrypt on OpenWRT
11OwnCloud
12GitLab
13Digital Ocean
14Let’s Encrypt
15ProtonMail
16Private Internet Access