I haven’t run Linux for a couple of decades but I was comfortable with the Command Line and familiar with a few simple commands. I ran Redhat with a Squid Cache, later on I ran FreeNAS for a while. Now I am looking at selecting a modern Distro/Product as a base for a personal Server to provide several Services, (more on that later).
The Hardware I have available for this project is as follows:
CPU: Intel i5-4590 4/4 with
Cooler Master Hyper H411R
MB: Gigabyte H97M-HD3
LGA 1150 Micro-ATX
2 Slots - 16GB Max
CPU and 1 System Fans
GBit Eth
RAM: 16GB Patriot 1600MHz DDR3 CL 10-10-10-30 1T
SSD: Patriot 240GB SATA
HDD: Seagate Ironwolf NAS 8TB
Case: Thermaltake Core V1 ( I can modify to accomidate Micro-ATX Board)
Additional:
PCIe GBit Ethernet Adapter #2
As you can see a modest, compact setup.
The Clients will be 2 rather powerful Ryzen-based PCs I use for Video/Music creation and everything else.
Purpose for the Server:
Always On
Router between Internet Gateway and Switch to the Clients
Squid Caching Proxy (Cache on the SSD)
A ‘NAS-ish’ SMB File Server
Backup Server (possibly R-Sync)
The Caching Proxy is a high priority as I am on a Metered Connection.
I liked the look of something like ‘openmediavault’ to base it on - but is it the right choice for also running Squid?
I’d suggest looking at FreeBSD 13.1 on bare metal, what you need is well maintained, packaged and the handbook is very good. It’s also very easy to maintain (update etc). You can either use pf or ipfw as firewall although many gravitate towards pf due to its easy and logical syntax. If you want to deploy adblocking etc there are several options available too. All other applications you’re asking about are also packaged and pretty much straight forward to install and use.
If you need help with initial setup I can give you some templates except for Squid as I don’t use it but bare in mind that due to https Squid isn’t nearly as efficient as before. There are however tons of tutorials out there so I don’t think you’ll have a hard time finding information.
You might want to consider something else than Realtek NICs though but you can at least try
This sounds a bit like Wendell’s AIO server, but on older commodity hardware. So the first thing is; if you want it as an internet gateway I strongly recommend getting a PCIe network card and testing whether or not the board can do PCIe passthrough to a virtual machine. This allows you to keep the WAN port logically segregated from the rest of the systems running on the server. You don’t want your NAS accessible directly from the internet, after all.
Next I’d see whether you want to use unRAID, which will handle NAS duty and virtualization, or if you’re going to use a hypervisor and nest the NAS in that. If you go that route you’ll need a SATA PCIe card to pass through to the NAS OS so it can have direct control over the HDD(s) it will be hosting.
That would cover most of my thoughts on the platform. This will take a fair bit of testing, and I’m not entirely convinced the i5 or motherboard could handle it. But this is the quick-and-dirty of it.
Really appreciate it NephtonLabs as you raise the essential point I hadn’t considered at all re: the Virtualization capabilities of my Chip and Mobo. Guys, I am a complete newbe to VMs, and Containers/Dockers, etc.
It looks like the CPU can do it:
Intel® Virtualization Technology (VT-x) ‡ Yes
Intel® Virtualization Technology for Directed I/O (VT-d) ‡ Yes
Intel® VT-x with Extended Page Tables (EPT) ‡ Yes
However the Chipset does not:
Intel® Virtualization Technology for Directed I/O (VT-d) ‡ No
That also makes it lot more complex, adds more points of failure and potentially harder / more time consuming to maintain since you have rather “simple” requirements.
In your case I’d say it’s a good starting point whether it be FreeBSD, Debian or another distribution that’s suitable for your scenario. It’ll be easy to maintain and keep up to date as you’d use whatever packaging system that’s available for said OS/distribution. If you later on want to spin up a VM or whatever it’s still possible and easy to do so if you want for example run a specific piece of software that’s no possible to backage in a sane way (such as npm based applications).
Which is how I did it in the old days.
Ok I’m still pondering…
So I would just run an SMB Server on it for file serving I guess.
Is it true that Squid will not cache encrypted (https) pages?
Is there a real downside to not using VMs?
I could review the hardware
In your case I’d say it’s overcomplicating a lot of things, it makes sense if you’re lets say planning to host multiple services with special requirements, run application specific VMs etc but that’s normally not a use case for a home network. FreeBSD (for example) does have jails for isolation if you want to dive deeper later on and you have similar functionality on Linux too.
@Mi1es Let me give you some free advice if you want to get into virtualization; I would forget about the equipment you have on hand; you don’t have the cores, while you might be able to set up a small, not very powerful virtual machine, you will soon run into the fact you don’t have enough cores. That said would you consider switching to AMD? If that is the case, may I suggest a server motherboard from Asrock Rack? These boards will be more expensive than your Ryzen, but that makes sense because they are server boards. They are designed to run 24/7, months at a time. If I had known about Asrock Rack when creating my network lab, I would have gone with one of their boards.
Thanks for the advice and I know where you’re coming from. The 4590 isn’t even multithreaded and is locked as well.
As it happens I could easily base the Server on a B550 and a Ryzen 3600 I have here, but I think it’s overkill actually.
If I go in the VM direction the requirements are very modest you know. I would probably run OMV with a single VM for Squid to serve one Client at a time.
Plain Ethernet. There is a SIM card in the TP-Link Router which presently feeds upstairs to a switch and there are 2 PCs off that and a Test-Bed PC that has occasional use.
Well the good people over on the openmediavault Forum have assured me that my H97 Chipset without virtualization features would be no barrier to running VMs or Dockers. One of the Moderators there tells me they run VMs on a board with the H67 Set with no problems.
Despite Diizzy giving the most sound advice, I’m so curious now that I am inclined to set up on the Test-Bed and try out OMV, with Squid in a Docker or VM and see if that feels right/even works. This might be an interesting challange. I will not be trying out Proxmox.
Given I have plenty of time, I could then Clonezilla that config and try the simpler and potentially more robust approach advocated by Diizzy.
So, ugly but potential work-around: USB3 > 1Gbps NIC, and pass that through to the internet gateway VM for WAN ports. Probably adds latency, but you get more-or-less the same result.
You still have the issue of passing HDDs through unless the NAS is your hypervisor though.
Hi NephtonLabs,
So far I think OMV will be the hypervisor and possibly pf and Squid will run in a Docker or VM within that. But I’m just learning…
As for the NIC situation -
Absolutely right, and I don’t have a clear picture yet of how I will configure for this or if I will run into a problem with the H97 Board. I might check with the OMV Forum on this point too but thanks for flaging the possible issue.