My home server

Fri, 07 Feb 2025 07:07:07 +0100

Introduction

I use a Raspberry Pi 5 with 8GB RAM as my home server.

The server uses openmediavault (based on Debian Linux) as the operating system, hosts multiple deployed Docker containers, and runs some custom scripts. I connect to my local network with my home server via WireGuard and use tailscale for key exchange and coordination.

I’m amazed by the selection of open-source projects out there and try to contribute even more in the future.

Why do I have a home server?

It is fun to learn more about technology and try out new things
It provides a privacy-friendly alternative to some other services
It can be economically attractive if you have a lot of data (at least my business case is positive 😉)

Deployed services

Beyond using my home server as a network-attached storage (NAS), I deployed the following services.

Photo management

1. Immich

Photo management solution

Document management

2. Paperless-ngx

Searchable document management system & archive

Infrastructure

3. Apache web server with MySQL database

Server to run custom PHP scripts (e.g., daily birthday reminder, advanced calendar reminder)

4. Syncthing

Continuous peer-to-peer file synchronization

5. Gitea

Local git version control server

6. Pi-hole

Network-wide DNS blocking
I use Quad9 as upstream DNS provider

Custom scripts

I also run some custom scripts outside of the Docker containers.

7. Python scripts

A collection of custom scripts to back up my contacts (CardDav server), calendars (CalDav server), and MySQL databases.

Further hardware details

I have a 2TB solid-state drive (SSD) connected to the Raspberry Pi and use the official Raspberry Pi 27W USB-C Power Supply. The data of all deployed services and custom scripts is stored on the SSD.

The SSD is encrypted with the Linux Unified Key Setup (LUKS) to protect it against data loss resulting from theft.

The Raspberry Pi has a 3D-printed case which has enough space for the SSD as well.

Raspberry Pi case

Home server

Backups

openmediavault creates regular backups of the entire operating system partition to the SSD using the openmediavault-backup plugin.

Furthermore, the openmediavault-borgbackup plugin creates regular encrypted backups (see more information here) to a Hetzner Storage Box.

My tech setup

Fri, 07 Feb 2025 07:07:07 +0100

Introduction

My tech setup aims at creating the right balance between privacy, security, long-term accessibility, and convenience.

TL;DR I use Linux on my laptop and run a home server which hosts many open-source services.

1. Hardware

I use a Lenovo T14 Gen 4 with a 2880x1800 (16:10) display.

Technical specifications of my Lenovo ThinkPad

Also, I run a Raspberry Pi as my home server.

My router runs OpenWrt.

I use the YubiKey for two-factor authentication and (sometimes) a travel router with a virtual private network (VPN) when I’m travelling.

2. Operating system

I use Debian 12 as the operating system on my Lenovo ThinkPad. Debian is a Linux distribution. There are many different distributions available but Debian is a good fit for me, mainly given its stability and maturity (e.g., availability of documentation).

I have been a Mac OS user for 20 years but decided to fully transition to Linux in January 2024. Over 10 years ago, I experienced Linux for the first time with Raspberry OS (fka Raspian). In November 2022, I started evaluating whether I want to fully move to Linux. Eventually, in January 2024, I sold my MacBook Air M1 and iPad Pro and ventured fully into the Linux ecosystem.

Why Linux?

Curiosity about getting more into the machine room of an operating system (i.e., having the freedom & understanding to configure even more things)
Strong respect for the outstanding work the open-source community is doing and the urge to experience it from within (and support where I can)
Interest to have more control about the privacy of the operating system

3. Software

I use apt (default for Debian) and also flatpak as package managers. For flatpak, I use the flathub repository.

The following commands install most of my essential applications and tools.

sudo apt install chromium thunderbird vlc wireguard audacity calibre baobab filezilla fuse nmap gimp libreoffice openvpn opensnitch yt-dlp gnome-shell-extension-appindicator borgbackup curl r-base-core evolution-ews plank rclone python3-pip python3-full ssh cmake rsync heif-gdk-pixbuf sshfs syncthing npm php php-dom php-mbstring fprintd libpam-fprintd

sudo apt install flatpak gnome-software-plugin-flatpak

sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo

flatpak install com.vscodium.codium com.bitwarden.desktop com.slack.Slack com.spotify.Client com.todoist.Todoist com.yubico.yubioath info.portfolio_performance.PortfolioPerformance net.ankiweb.Anki org.cryptomator.Cryptomator org.mozilla.firefox org.standardnotes.standardnotes org.zotero.Zotero md.obsidian.Obsidian org.signal.Signal io.github.shiftey.Desktop

In addition, I use RStudio and install some helpful packages to run specific R libraries (e.g., tidyverse).

sudo apt install libssl-dev libcurl4-openssl-dev unixodbc-dev libxml2-dev libmariadb-dev libfontconfig1-dev libharfbuzz-dev libfribidi-dev libfreetype6-dev libpng-dev libtiff5-dev libjpeg-dev

I use the following web browser extensions for Firefox and Chromium:

Decentraleyes
HTTPS Everywhere
Privacy Badger
uBlock Origin
Bitwarden
Rapid Journal Check (Chromium-only)
JSON Formatter (Chromium-only)
Google Docs Offline (Chromium-only)

I use DuckDuckGo as search engine.

For continuous peer-to-peer file synchronization between my Thinkpad, smartphone and home server, I use Syncthing.

I use borg with the Vorta user interface for backups to a Hetzner Storage Box.

You can find further commands to set up my Linux machine here.

4. Services & supporting infrastructure

I use two custom domains for my e-mail addresses to remain provider agnostic (e.g., leonardschwier.com). At the moment, I use Mailbox.org as my e-mail provider.

Furthermore, I use a different e-mail address and password (–> search for “plus addressing”) for each service I sign up for.

I run multiple custom scripts and services to make my life easier (e.g., an URL shortener, an advanced calendar reminder, a self-built blog & newsletter system).

My home server hosts many open-source services.

Leonard Schwier

My home server

Introduction

Deployed services

Photo management

1. Immich

Document management

2. Paperless-ngx

Infrastructure

3. Apache web server with MySQL database

4. Syncthing

5. Gitea

6. Pi-hole

Custom scripts

7. Python scripts

Further hardware details

Backups

My tech setup

Introduction

1. Hardware

2. Operating system

3. Software

4. Services & supporting infrastructure