Bouni's blog

random bits and pieces

A new home server [part 1]

Back in 2016 when we completed building our house I installed a home server in my basement networking rack which I always refer to as the “open wound” 😁 That’s because It is mounted on a laser cut sheet of zinc coated sheet metal that forms a rack mount shelf and looks hacky as hell. These pictures are from day 1 and some things have changed in the meantime. At the moment the setup consists of:

Split docker compose files

All my services that I selfhost are docker containers which I manage using docker compose . Until recently I had all of them in one big docker-compose.yaml file which started to be a hassle to manage. For a while I looked for ways to split the file into multiple files but nothing really statisfied me. I even mad an attempt to to have a bash script that makes use of the -f parameter to merge multiple files which kind of worked but had some strange side effects such as containers were not added to networks every now an then and depends_on didn’t work.

Omada Controller with caddy as reverse proxy

I switched from Mikrotiks wAP accesspoints to TP-Link Omada EAP650s a while ago (check out my blog post ). As explained in that post, I started self hosting Omada controller which is the management software for these APs. But I never mangaged to get it working behind caddy , my webserver / reverse proxy. So it ran as a docker container on my home server with exposed ports without HTTPS.

DNS Ad-blocking with Blocky

I ran Pi-hole as a docker container for several years now in order to block various unwanted DNS requests in my home network. That kind of worked but I had a lot of issues that I wasn’t able to solve or at least to figure out what caused them. A few days ago this went sideways in a way that my entire network became unusable. So I decided to get rid of Pi-hole and use the normal DNS servers provided by my ISP.

Getting LinuxCNC with ethercat running on a Beckhoff CX2040

I got an old Beckhoff CX2040 that was no longer in use into my hands and decided to try if I can get LinuxCNC with EtherCat support running on it. My setup consists of the CX2040 itself and a CX2100-0004 45W power supply that also features the E-Bus connector for additional I/O terminals. I had an EL3255 5 port pontentiometer terminal and a EK1110 bus connector laying around and used those for a first test.

Inform DHCP server of hostname on Arch linux

I run a Mikrotik router in my home network setup and several Arch linux machines. It bothered me that the hostnames of the Arch linux machines didn’t show up in the Mikrotik DHCP server leases table. Almost all the other network devices showed up nicely which makes it quite easy to identify them. I fiddeled around witch avahi, systemd-resolve and varous config files but nothing seemed to work. After a lot of searching I finally came accross this post in the Arch linux forums.

Monitor disk space with Uptime Kuma

I use Uptime Kuma as my self hosted monitoring solution and it worked perfectly find so far. But every now an then I run out of disk space on my Hetzner cloud server because they have only 15G in the smallest variant. Thats very annoing but on the other hand I hesitate to run a full blown monitoring solution. So today I realized that Uptime Kuma now has the ability to add a so called passive monitor where it does not actively ping a resource but receive a request.

SSH config conditions for Wireguard on Windows

I’m forced to work on a Windows machine sometimes, which was a pain in the but in the past but got much better with Windows 11. None the less I use Wireguard to connect to my network which works super good for me with the official Windows client. The downside was that my ssh_config had a config for one of my servers that looked like this: Host osiris HostName osiris.bouni.de Port 2222 User bouni When I connected to my Wireguard VPN I wasn’t able to connect any more with ssh osiris.

Caddy - Hetzner DNS challenge

It took me quite a while to figure out how to get Let’s encrypt SSL certificates for my subdomains that are not accessible from the internet. I struggled to find the right resources so I thought it might be a good idea to document my findings here 😄 According to the caddy docs , the DNS challenge is the way to go if you want SSL certs for a servie thats not accessible from the internet.

Upgrading my home network

I’m in the process of upgrading my home wireless setup and here I document the proccess, maybe it helps some of you. Current setup 🔗Router 🔗I use a Mikrotik hAP AC Lite as my router. That decision was based on the fact that I got a direct fiber connection to my home when we built it back in 2015/2016. My ISP installed a media converter box which gave me a single ethernet port, so my router had no need for a DSL modem, a simple PPPoE client is enough to connect.