Posted on Thursday, 3 Dec 2020 by Andrei Z Crnkovic
The time is finally here. The 2020. is over and my infrastructure is at it’s best. Currently we can’t imagine life without it as it’s slowly replacing all third party services. But before we get into the details here is the list of services we run.
- Git server
- DNSCrypt Proxy
- Network share
- Home Assistant
Some of this services I use for work and some for private stuff.
After a long stunt with Mikrotik, I’ve went ahead and replaced the whole network with Unifi things. It’s far from perfect but it’s set nad forget which is very important to me. I don’t want to spend hours maintaining the infrastructure I need for daily life.
The router is Unifi Dream Machine Pro with a 6TB hard drive for video surveillance. This router also provides IPSec/L2TP VPN access to home for our devices when we are on the road. We connect to internet via PPPoE connection.
The switch is Unifi USW 16 port POE. It has 8 PoE ports which is enough for all the cameras and access points for the house. At this switch we also terminate all of the CAT6 runs thru the house.
All ports in the house are labeled and marked using the following system:
X is a room number, and
YY is a port
number. So if, let’s say, kitchen is room number 1 the third port would be
Wifi is provided by two Unifi UAP AC Lites that run two Wifi networks, one main, and one emergency.
Currently I’m running one Unifi G4 bullet cam for outside, and three G3 Instant cams. Currently the camera records 24⁄7 and the motion detection is used in a few automations done by the Home Assistant server. E.g. the inside cameras are not recording when we are at home.
Main server is running UnRAID on IntelNUC. It’s not hyperspec’d but it’s enough for my scale:
- Intel i7
- 32GB of RAM
- 1.14TB of SSD storage
This server hosts my development/test VMs. I have a few for my work running Ubuntu and a few running OpenBSD with different versions and setups. Since most of this VMs are short lived I place no "production" services on them and just use them for testing.
I run Home Assistant on a RaspberryPi 4 with 4GB of RAM. This controls a bunch of IoT stuff that I’ll explain in a another blog post later. Outside access is provided by Nabu Casa subscription since I wanted to support the team at Home Assistant.
The configuration is backed up on Tarsnap as well, since this is the single most important service we run in the house. This is controlling our alarm system, home temperature, lights, media, etc.
Janko - our do everything Raspberry PI
This RaspberryPi hosts dnscrypt proxy, Bitwarden, and an OpenVPN server for access into the network when IPSec/L2TP is not supported on some networks. I use docker images to setup everything but the data is hosted on my Synology NAS NFS share.
Synology Rackstation RS819 NAS
This is my newest addition to host all of our documents, photos, backups, and server data. I've went with a low spec NAS since I host all other services on other servers/machines and I only needed something that will run Samba/NFS shares for my network.
The NAS is running 4x 2TB WB Red disks in a RAID5 configuration.
This is the whole system in it’s glory. The iteration you just read about is a culmination of a lot of hours spent learning and building everything in the past cca 8 years of me maintaining my own infrastructure.
The color coding of the cables is straight forward:
- Blue is for the main internet connection
- White is for internal connections
- Black is for my Thinkpad
The whole setup is using around 100W of power when running full tilt.
As with everything, this is far from being completed. I’m still working on a few projects that will make our life easier:
- DLNA server for music