I finally negotiated a 600/600 ftth connection and wanted to take the opportunity to add a server to run:
Router with pfsense or similar
Sync copy of important data from work pc (currently 2 raid 0 HDDs)
Maybe openthread border router
Some other small stuff like an obisidan or git server
I currently have an old system with Maximus IV Extreme and 2600k in a Corsair 800d. Lots of pcie and sata but kinda don’t want to run it because of like 70w idle consumption from a dated CPU. I was thinking of selling the components and just getting a new build inside the case or possibly downsizing.
I’m not in a rush so can hunt for things on eBay but this isn’t really my area of expertise in CS so I was hoping you could suggest what to look for and/or some resources. I don’t mind keeping even an e-atx if that broadens the sensible options. My priority would be something like: avoiding an aneurysm > uptime > noise > performance per watt > price > aesthetics > size > technical proficiency required.
In essence I feel like there is so much garbage on YouTube and blogs for homelab stuff and so many intricacies with the commercial side that I’m at a loss when turning the metaframework into a working solution.
Sorry, missed the sticky on my phone.
Budget
Before diminishing returns really. I’m not sure what’s sensible but let’s say maybe $1000.
Context
Full tower is pushing it with space since I’m in a relatively small apartment.
The server would be in my “wfh office” so it would be nice if the heat output was manageable without constantly running ac.
I can watercool to mitigate noise and have components lying around.
I can source from UK, Germany and Poland with ease. Rest of EU is fine too if the shipping costs are not prohibitive. Don’t mind Aliexpress and similar.
Don’t care about brands on any level other than ethical.
I can make trackers to look for price changes and availability if some components are time sensitive to obtain.
I can buy from places that only sell to companies if they do single units and it’s worth the hassle.
I would try to raise as much cash as possible from your old Maximus IV Extreme, but I wouldn’t use them to run a server. Since you live in a small apartment, I would look for small devices like a modern Intel NUC to run your servers. That’s right, I said plural servers. I never recommend running anything else but router software on any device acting as your home router.
Until today, I had never heard of the term “Open Thread Border Router.” After a quick Google search and watching a few YouTube videos, I can say I learned something new today. Thanks for starting this thread.
However, I’m not particularly fond of this type of network, so I would pass on this kind of network. In my experience, I have yet to see a properly functioning mesh network that didn’t cost thousands of dollars. Additionally, there are simply too many potential vulnerabilities in wireless networks for me to feel confident that they can meet my high-security standards.
If you’re considering turning your apartment into a smart home, I would advise against purchasing pre-made systems like Nest or Google Home. Instead, consider creating your own setup using Home Assistant and a Raspberry Pi.
Thank you for the input. I’ll have a look into the NUCs. Might grab a few since I always wanted to try a k8s cluster.
Regarding the openthread stuff; I’m actually going one level deeper and programming the microcontrollers (nrf52840) for a few use cases myself so you’re right, it probably won’t function properly and the security will be atrocious if I include any. The shoemaker’s son always goes barefoot afterall.
The intel n100 is basically 8% less powerful (multi-thread scores) than the i7 2600k, with the same single-core performance. The former users 6W, the latter uses 70W or so (IIRC). If you get the more powerful i3-n305 (about 12W IIRC), it’ll blow your current build out of the water, passively cooled.
Odroid H4 Ultra has the n305 and the H4+ has the n97 (slightly better than n100, thanks Intel for great your naming convention).
I’d suggest you get a dedicated router tho’ (if you really want that uptime). You can literally get the odroid h3 (non-plus) and use that as the router (it has 2x 2.5gbps ports). Get an emmc and use the m.2 for wifi, or buy a dedicated AP.
Easily <$1000 for both builds. The only expensive parts are the storage IMO (especially if you don’t want screeching spinning rust and want SSDs).
But, that said, idk your workflow, you didn’t mention much besides router and a copy server with maybe git and obsidian, which even the n100 should be more than plenty for.
Right, sorry. I understand the choice was because of the small form factor and low noise. Why odroid h4 plus in particular? Is it good bang for buck or idk an established brand? Maybe it just doesn’t matter that much which I go with.
Regarding the ethernet ports I don’t see what the use is for 6 of them? Is it to save space by not having to include an external switch?
Good bang for the buck, low power with decent performance and small size. It’s one of the very few platforms that comes with Intel NICs and not Realtek. If you don’t need the additional ports you can just skip the NIC card. Dedicated ports can be nice to separate networks and/or services however it’s not a replacement for a switch (in this case at least).
I advocate for a dedicated device (which only handles routing, firewall, and DHCP) instead of having multiple services on one device because it becomes easier to troubleshoot issues when they arise. Regarding my router, I subscribe to the KISS principle, which stands for Keep It Simple Stupid. When one has one device acting as one everything device, one asks for trouble. Of course, this is just my opinion. You may have a different opinion, and that is ok.
As far as troubleshotting Is it really that hard to troubleshoot a firewall, DHCP server and possibly a DNS server on the same host? I get the single point of failure argument but again, home network and decent hardware is very reliable these days.
Nitpicking, but a router that does more than routing doesn’t adhere to the KISS principle. And while you could have a small device, like a pi zero or something that only does DHCP and another one that does DNS, that level of dedicated hardware is pretty insane.
For a business though, that’s standard practice (unless your router is a freebsd or openbsd one and you’re using CARP). Where I used to work, we had dedicated VMs for DHCP and for DNS, the routers were doing just routing and firewall. It was pretty “fun” when DNS1 went down because of a failing script that modified the zones.conf, which led to the router crashing because it couldn’t resolve a NFS server anymore, where it had its /var/log slapped on. Why it wasn’t using DNS2, idk.
Anyway, I also agree on having a dedicated router + firewall + dns + dhcp server and a separate hypervisor. Forbidden routers suck. You want to update the hypervisor, you gotta reboot your router too, that’s dumb. On the other hand, if you’re using CARP, you can reboot just 1 at a time and keep that sweet uptime going. If you’re also troubleshooting stuff after the reboot, without internet that could be a problem.
I don’t expect people at home to run 2 hypervisors with 2 forbidden routers using CARP (even though it would be really cheap with boards like the H4+ / ultra). Which is why I always recommend having a split router and hypervisor.
At the company where I work, it seems our IT staff struggles to troubleshoot effectively when additional services are added to the devices that run our network stack. It’s possible they may be overwhelmed or lacking the necessary resources to address these issues properly. The C-level executives at my company are very tight-fisted when it comes to spending money or resources on the IT department. I had to fight tooth and nail to get approval for a proper backup system. The C-level executives thought the 3 2 1 rule on backups was an unnecessary expense until I finally convinced them, after a six-month-long battle, that they were wrong.
This is a home network and you very likely wont change firewall, dhcp and dns (proxy) configuration on regular bases so if a service refuses to start you’ll notice right away also most if not all supports running tests of configurations before applying. The same goes for updating, firewall is usually tied to the kernel/OS version and dhcp + dns are in general battle tested projects.
Just to clarify, by DNS I mean something like dnsmasq, blocky, adguardhome etc not an authoritative name server.
…and yes, I’m mainly saying this based on my experience with FreeBSD, ports tree/packages and optionally jails.
There’s no need to make it overly complicated just because.
Sounds like an awful company, lmao. There are battles worth fighting and companies that deserve to be left4dead. I guess you’re having your own fun there, or you’re paid well enough to not want to leave.
My experience has been that there are pluses and minuses for whichever company you work for. Why would I leave one company to go to another unless the other company would pay me more? It is better to stay with the Devil, you know than the Devil you don’t.
I like the type of work I do; they let me do my own thing. However, it can be frustrating dealing with the top executives when it comes to spending money or resources on the IT department. The Sales department gets whatever it wants, which leaves crumbs for the IT department. There are some perks to the job. Like yesterday I had a 4-hour work Lunch because I had to attend a board meeting in case my boss was asked a technical question he couldn’t answer by the other top executives. I got to eat in the executive’s dining room, and the company picked up the tab, a rare treat for me.
There’s reasons to get a lower paycheck, particularly if you have a preference of moving to another place (like around your family or friends), or if you’re so stressed out by work that you don’t want to deal with it anymore, or if you manage to get a job paying the same or more per hour, but working fewer hours (which results in less overall earnings / income) and so, more free time.
Of course, there’s a certain amount anyone would be willing to go lower (if at all, if you’re struggling to make ends-meet).
I know that feeling. The amount of time I wanted to buy consumer hardware and compensate with having more of them for HA… We had to do a general cleanup of VMs too (we had enough storage, but not enough RAM to feed all the VMs at once). So we started powering down dev VMs and setting expiration dates (which aren’t exactly accurate, because our devs didn’t have access to the hypervisors to start their VMs, so they had to ping us).
That’s a good reason to stay, typically. Stuff like that 4 hour lunch break is cool (that is, assuming you aren’t already overworked with other cases and you have to waste time in a meeting room).
The best part about my previous workplace was that the company was kinda small - medium and I had all kinds of improvements to do (change hypervisor platform, change the switches, upgrade software, deploy new things, fix stuff like samba that was implemented so poorly, it was using symlinks for access control - had a lot of fun).