Today I decided to build a little Home Server.
In order to save some money (and electricity) I decided to ditch my huge-ass PC tower with 3 graphics cards in order to have a nice and small home server that I can experiment with.
This little Intel NUC will also be the local self-hosted solution for our git repositories, so we are going to install the provided Docker image.
Hardware
The hardware is a little specific in my case, because I'm currently on a trip to remove all noisy fans in my work environment. Technically, any Intel NUC will suffice, but in my case I went for the fanless case first and then got the matching NUC mainboard.
Additionally I wanted to have a second SSD so that all data can be easily cloned or
replicated with
dd
, whereas the OS and all other stuff is on a separate SSD.
The Akasa Max MT6 is a little quirky because its USB cables are too long and too sturdy, so if you don't remove the plastic around the cables they will probably rip-off the USB soldered connectors on the board.
In my case, I got two simple SATA 512GB SSDs because they were the cheapest for the volume. Prices kinda explode when you go for 2TB and upwards, but 512GB for my git repositories is enough. I'm using an external 8TB WD Purple hard drive for my movies collection anyways.
/dev/sda
will be theboot
and/ (root)
partition./dev/sdb
will be the/home
folder./dev/sdc
during boot will be the USB installation flash drive, after installation it will be the USB hard drive.
Hardware Bill of Materials :
The bill of materials is pretty small. Most of the items I got on eBay. Overall, I spent around 500 EUR on this project. As I'm going to experiment a lot with this Intel NUC in the future, I decided to max out the possible RAM with 2x 8GB DIMMs.
- Intel NUC
NUC5i3RYH
, see specifications - (optional) Akasa Max MT6 fanless case, see specifications
- (optional) 2x 8GB
DDR3L-1600 1.35V SO-DIMM
- (optional) 2x Intenso 512GB SATA III SSD
Software
Installation of Arch Linux
ArchLinux will be the host operating system.
As the Intel NUC comes with a
Visual BIOS
and
UEFI boot
support, the installation
is quite easy and we don't have to deal with
GRUB
and its legacy
BIOS
boot quirks.
We're going to still use
GRUB
instead of
systemd-boot
though, as I want to reserve
the possibility of replacing the second SSD with another operating system on it, so that
we can have a multi-boot setup without having to change any configuration files. It's
an experimental Home Lab setup after all.
TODO : NOTES UNSORTED
fdisk /dev/sda; # create sda1 as root and sda2 as 8309 (LUKS) cryptsetup luksFormat /dev/sda2; cryptsetup open /dev/sda2 root; mkfs.ext4 /dev/mapper/root; mkdir /mnt; mount /dev/mapper/root /mnt; mkfs.fat -F32 -n BOOT /dev/sda1; mkdir /mnt/boot; mount /dev/sda1 /mnt/boot; mkdir /mnt/boot/efi; pacstrap /mnt base base-devel linux linux-firmware vim; genfstab -... blkid -s UUID /dev/sda2; # edit /etc/crypttab with # root UUID=... none
arch-chroot /mnt; pacman-key --init; pacman-key --populate archlinux; echo "en_US.UTF-8" > /etc/locale.conf; locale-gen; export LANG="en_US.UTF-8"; ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime hwclock --systohc --utc; echo myhostname > /etc/hostname; # TODO: edit /etc/hosts with standard hosts entries pacman -S grub efibootmgr; grub-install --target=x86_64-efi --root-directory=/mnt --efi-directory=/mnt/boot/EFI /dev/sda; pacman -S networkmanager openssh; useradd -m -g users -G wheel cookiengineer; passwd cookiengineer; umount -R /mnt;
TODO : Installation from Flash Drive
Installation of Pi-Hole FTL DNS Resolver
Pi-Hole's Faster Than Light DNS resolver is available as a standalone package on AUR. So we're going to install the package and its dependencies.
First, we are installing the Pi-Hole FTL Package from AUR :
sudo pacman -S base-devel; # Install Pi-Hole FTL mkdir -p ~/Packages/pi-hole-ftl; git clone https://aur.archlinux.org/pi-hole-ftl.git ~/Packages/pi-hole-ftl; cd ~/Packages/pi-hole-ftl; makepkg -sf; sudo pacman -U pi-hole-ftl-*.pkg.tar.zst;
Then, we are installing the Pi-Hole Standalone Package from AUR :
sudo pacman -S base-devel; # Install Pi-Hole Standalone mkdir -p ~/Packages/pi-hole-standalone; git clone https://aur.archlinux.org/pi-hole-standalone.git ~/Packages/pi-hole-standalone; cd ~/Packages/pi-hole-standalone; makepkg -sf; sudo pacman -U pi-hole-standalone-*.pkg.tar.zst;
Configuration of Pi-Hole FTL DNS Resolver
We need to make sure that the Pi-Hole FTL Service uses the correct
gravity.db
file, which contains our generated list of blocked advertising domains.
As the
gravity.db
file is generated via the
pihole -g
command (and the now
already installed weekly
pi-hole-gravity.timer
), we have to let the FTL
service know where exactly it can find it.
Additionally we don't want to log DNS queries to our server for longer than
a week, so we set
MAXDBDAYS
to
7 days
.
# /etc/pihole/pihole-FTL.conf SOCKET_LISTENING=all RESOLVE_IPV6=yes RESOLVE_IPV4=yes DBFILE=/etc/pihole/pihole-FTL.db GRAVITYDB=/etc/pihole/gravity.db MAXDBDAYS=7
If we enable and start the
pihole-FTL.service
now, we're fully setup with
our adblocking DNS server. We now can use the Network Connection settings
on other devices to manually set the DNS to the static IP of our homeserver,
and it will automatically block all advertising DNS requests and answer them
with
NULL
(
0.0.0.0
).
If we run
nmap
to verify that the service is running, we can see that the
DNS server is active on port
53
.
# Manually update the gravity.db for the first time pihole -g; sudo systemctl enable pihole-FTL; sudo systemctl start pihole-FTL; # Verify that pihole-FTL is running nmap localhost;