User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
router:external-server [2024/10/24 07:31] willyrouter:external-server [2025/02/19 14:44] (current) – removed willy
Line 1: Line 1:
-====== External server ====== 
- 
-If you have read the [[router:networking|this]] page, you should know why you need at least one external server. 
- 
-I will assume you have two external servers with public IP addresses: 
-  * __external.mydomain.com__ with IP 99.99.99.99 
-  * __failback.mydomain.com__ with IP 77.77.77.77 
- 
-Whether they are commercial servers, rented hardware, virtual servers or some box you plugged in in secret at your uncle workplace, i don't care. All you need is a public IP with a Linux operating system and the subdomain names that you can point to it. 
- 
- 
-===== Selecting an external server ===== 
- 
-The best choice would be a physical hardware with unlimited bandwidth and data cap, and with free network attached console. 
- 
-__Now stop dreaming and get real.__ 
- 
-There are different tiers of servers, and i assume they are all hosted on some networking provider premises (= outside your home): 
-  - Your own hardware 
-  - You rent some real hardware 
-  - You rent some virtual machine on shared hardware (VPS) 
- 
-The first option is probably stupid, as it brings on you the burden of hardware failures and maintenance. It make sense only when you can host it very close to you, where you can phisically go when needed, and if you can do it for free. Renting rack space can quickly cost as much as renting the entire server hardware itself. 
- 
-The second option is the best for privacy, since you actually are the only user on the hardware itself, but it is slightly more expensive. And you can usually install the OS you like. 
- 
-The last option is usually the cheapest option, the only drawback is that the underlying hardware is shared between many VPSes. Also often you cannot choose your OS. 
- 
-Whatever option you choose, depending on budget and whatever preference you have, these are the minimum requirements you want to focus on: 
-  * public IP address (owuld be meaningless utherwise!) 
-  * enough bandwidth (10Mbit/s or better) 
-  * possibly no data-cap, or a reasonable one (100Gbit/months should be fine for light usage) 
-  * Linux operating system 
-  * Remote SSH access to the server (or some kind of VDI access) 
- 
-Things you might want to consider (price for value): 
-  * Access to network console, for when the server doesn't boot and you need good old keyboard&mouse 
-  * Freedom to install your own OS (which will be [[https://www.gentoo.org|Gentoo]] of course!) 
- 
-Things that **don't** need money spent on:; 
-  * Storage (no data will be stored locally, only enough to install OS is needed) 
-  * RAM (8Gb should be more than enough, no services will run on the machine) 
-  * CPU (the smallest one will be more than capable to route IP packets) 
- 
-Of course, pump up storage if you plan to use the server also for offsite-backup storage. 
- 
- 
-===== External server Setup ===== 
- 
-I assume you can install your own OS, so let's install Gentoo. Follow the [[gentoo:installation|Quick & Dirty Gentoo Installation]] but on your external server. 
- 
-You don't need to install **anything** beside the bare minimum of the basic text-only installation. 
- 
-Do not create any additional users except one unprivileged user, because you don't want to login as root remotely. 
- 
-You want also to install **wireguard** and **socat** at this point, since you will need them later on. 
- 
-Repeat as needed on the second external server! 
- 
- 
-===== Domain Setup ===== 
- 
-To access home remotely and securely, using SSL/HTTPS with regular certificates, you must have a domain. Get whatever domain you can, the level doesn't matter but you must be able to add subdomains to your domain. 
- 
-You need to point **all** your subdomains to your external server IP address, using an A record is a good idea, but any other way (CNAME, etc) is just fine. 
- 
-So, assuming you have the following subdomains associated to your home services: 
-  * __mydomain.com__ -> 99.99.99.99 
-  * __home.mydomain.com__ -> 99.99.99.99 
-  * __mediaserver.mydomain.com__ -> 99.99.99.99 
-  * __drive.mydomain.com__ -> 99.99.99.99 
-  * __myotherservice.mydomain.com__ -> 99.99.99.99 
-  * __external.mydomain.com__ -> 99.99.99.99 
-  * __failback.mydomain.com__ -> 77.77.77.77 (of course, this is the only exception) 
- 
-Any new subdomain which needs to point to the home server, will need to be added to your domain DNS management to point to the 99.99.99.99 ip. 
- 
-In case of a serious blackout of the 99.99.99.99, or the ISP1, you can still access your home trough 77.77.77.77, and you can, for prolonged blackouts, switch over your DNS records to this IP. 
- 
  

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information