After setting up a series of complex platforms, I needed a means of getting alerts to me should any of these fail. While a centralised platform such as Slack is normally better for operations teams, it doesn’t really work out that way for a home network and email will do the trick, but since I want things to be centralised I’ll need a mail server first. Since there’s no need . . .
This project came off the back of a requirement to create a single gateway which provided an encrypted tunnel which could act as a gateway to all traffic on a network, rather than setting up a client VPN on each endpoint. There are better ways to do this, I’m a particular fan of pfsense which provides functionality to configure an OpenVPN endpoint inside the application and route all traffic, however . . .
This project came from the back of my desire to learn more about public key certificates ahead of deploying a two tier PKI for an enterprise network, ahead of this I thought it would be prudent to try something a little smaller scale and see how the nuts and bolts worked and try and deploy a simple single tier PKI at home and see how it could be leveraged. Cryptography . . .
After seeing this configuration deployed in enterprise I struggled to understand how it worked, so I picked up a UniFi AC-AP access point second hand and set around seeing how to do it using open source platforms. Knowing that this required a certificate authority to work and RADIUS I figured I could eventually get it to work, but having never used RADIUS it wasn’t without it’s pain, but eventually I . . .
Once upon a time I used to rely on nothing but a Secure Shell for access to my internal network, however this became more and more impractical the more things I stood up on the network and the more things I needed access to from my phone the less time I spent carrying a laptop with me. Given my long time favouritism for OpenVPN and how much the platform had . . .
My personal infrastructure has gone through a number of iterations. Starting as a 450mhz Pentium 3 Ubuntu 7.04 server running SMB on a single 5400 RPM IDE disk cobbled together through a BT home hub and some cheap megabit switches, it later became an Ubuntu 14.06 host on a laptop with a broken screen and gigabit switches, then a Pentium 4 desktop and then a lightweight Gigabyte Brix mini-PC before . . .