After several years of growth and change in my personal infrastructure, I’ve eventually hit enough bottlenecks on my N36L Microserver to need to upgrade, as usual this led to a full overhaul enough fun to make it a proper project, however with the complexity I’ve managed to build up over the years of projects and different services I’ve introduced (along with the unsupported hack of an SSD in my existing . . .
After setting up a series of complex platforms, I needed a means of getting alerts to me should any of these fail. While a centralised platform such as Slack is normally better for operations teams, it doesn’t really work out that way for a home network and email will do the trick, but since I want things to be centralised I’ll need a mail server first. Since there’s no need . . .
When my infrastructure grew to a certain level of complexity, I realised I was having to remember a lot to keep it all together. For some time I’d been (and still am) a big fan of Zim Desktop Wiki however this is less than practical for using multiple machines and doesn’t work at all if you’re connecting over a remote connection, really I needed something web based. MediaWiki is a . . .
This project came off the back of a requirement to create a single gateway which provided an encrypted tunnel which could act as a gateway to all traffic on a network, rather than setting up a client VPN on each endpoint. There are better ways to do this, I’m a particular fan of pfsense which provides functionality to configure an OpenVPN endpoint inside the application and route all traffic, however . . .
This project came from the back of my desire to learn more about public key certificates ahead of deploying a two tier PKI for an enterprise network, ahead of this I thought it would be prudent to try something a little smaller scale and see how the nuts and bolts worked and try and deploy a simple single tier PKI at home and see how it could be leveraged. Cryptography . . .
After seeing this configuration deployed in enterprise I struggled to understand how it worked, so I picked up a UniFi AC-AP access point second hand and set around seeing how to do it using open source platforms. Knowing that this required a certificate authority to work and RADIUS I figured I could eventually get it to work, but having never used RADIUS it wasn’t without it’s pain, but eventually I . . .
Once upon a time I used to rely on nothing but a Secure Shell for access to my internal network, however this became more and more impractical the more things I stood up on the network and the more things I needed access to from my phone the less time I spent carrying a laptop with me. Given my long time favouritism for OpenVPN and how much the platform had . . .
Update: The host mentioned in this infrastructure has since been replaced with another the upgrade process is covered here. My personal infrastructure has gone through a number of iterations. Starting as a 450mhz Pentium 3 Ubuntu 7.04 server running SMB on a single 5400 RPM IDE disk cobbled together through a BT home hub and some cheap megabit switches, it later became an Ubuntu 14.06 host on a laptop with . . .