User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
selfhost:architecture [2024/02/01 14:35] willyselfhost:architecture [2024/10/25 08:37] (current) – removed willy
Line 1: Line 1:
-===== My Self-Host Architecture ===== 
- 
- 
-{{ :selfhost:architecture.svg |{{ :selfhost:architecture.svg |}}}} 
- 
- 
-==== Network Architecture ==== 
- 
-You have three different network zones: 
-  * The **external** zone, which is internet or in general anywhere **outside** your home. This will be on the other side of your ISP gateway/router/access point. It's considered dangerous and //hic sunt leones//. 
-  * The **internal** zone, which is your home network, it's considered safe and comfy. Do not let unknown strangers have the WiFi password! 
-  * The gray zone: between your server and the ISP gateway/router/access point. There is nothing here except all your NAT-ed traffic. 
- 
- 
- 
-==== Hardware Architecture ==== 
- 
-==== Software Architecture ==== 
- 
-Local, internal, server at home. It contains most of the services. 
- 
-Remote, external, server hosted somewhere on the network. It acts as a thin client redirecting connections to  
-I have a home server (i will call it "local") and an external front-end server (i will call it "remote"). Everything is stored on the local server, the remote server is a thin lightweight server used only to tunnel back to the local server all the external requests. 
- 
-The advantages of this solution are: 
-  * Secure setup (encrypted tunnel to home, all services exposed trough https, well, almost all) 
-  * Easy maintenance: only an SSH tunnel, the front end has nothing else installed except SSH. 
-  *  
- 
-===== Main services ===== 
- 
-  * webcam / DVR access 
-  * Photo backup and storage 
-  * PRivate files sharing 
-  * Sailing access 
-  * Home Automation services 
-  * GIT and such 
-  * Printer and scanner 
-  * Mobile devices synchronization 
-  * more 
- 
- 
-==== Detailed pages ==== 
- 
-[[selfhost:fileserver|File Server]] Set-up a full fileserver for remote access 
- 
-[[selfhost:router|Router Server]] Set-up your linux router 
- 
- 
-  * Local host setup 
-  * Remote host setup 
-  * Interconnection tunneling 
-  * nginx setup 
-  * certbot (for HTTPS) 
- 
- 
- 
- 
- 
- 
-<code> 
--oHostKeyAlgorithms=+ssh-rsa 
-</code>