Home setup part 2: The Matrix

A couple of weeks after moving into my apartment, I got a 100Mbps connection from Dsouza cable network, some local ISP that I had never heard of before. At first I thought I would use my old laptop as a pfSense router, but wasting 16 Gigs of RAM and a fairly powerful CPU on just the rotuer seemed like a waste. Hence, I decided to turn the old GS30 into a virtual machine server with pfSense, FreeNAS and Portainer running in VMs.

Hardware

Back when external GPU docks were “the next big thing”, I bought an MSI GS30. I thought I was getting a fast, portable ultrabook and a powerful gaming PC all in one. But the MSI GS30’s poor cooling design lead to stable clock speeds of 1.6GHz under sustained load, and under 2 hours of battery life undocked. Carrying that fragile laptop in my college bag lead the the screen turning into a scuffed mess. Pretty, isn’t is?

Specs

  • Intel(R) Core(TM) i7-4870HQ
    • 2.50GHz base
    • 4C/8T
  • 16GB DDR3 RAM
  • 2x Kingston mSATA 128GB SSDs in RAID0
  • External dock
    • PCIe x16 slot
    • SATA 6Gbps port
    • Killer Gigabit
    • 4x USB 3.0 ports

Hypervisor

I didn’t spend much time looking at options when selecting the hypervisor. VMware ESXi was the first one I found. I installed ESXi to a USB drive, and used the two 128 Gig SSDs (taken out of RAID mode) as VMFS datastores.

Physical disks: Datastore:

pfSense

I passed through the Killer Gigabit PCIe device to the router VM (Primarily becasue ESXi had no drivers for it), and used it as the LAN port for pfSense. The two ports on the Intel NIC (vmnic0, vmnic1) were attached to virtual 10Gig switches (vSwitch0, vswitch-pppoe) vswitch0: vswitch1: I gave the VM 1 Gig of RAM and 4 vCores. It rarely uses even half of this, even with a VPN tunnel and 5MBps of WAN traffic.

Why pfSense

I started using pfSense because it has been on my bucket list ever since I saw this Hak5 video and this Tek Syndicate video years ago. The two add-on features I find extremely useful are the OpenVPN bridge and ntopNG.

OpenVPN

It is to set up openVPN using the OpenVPN client exporter plugin. Once I had the VPN set up, I could easily access my NAS, containers and ESXi server even when I’m away from home. I could be sitting at work, yet access everything in my home network as if I was plugges in at home.

ntopNG

ntopng provides a variety of intuitive and informative ways of displaying traffic passing through your router. It can easu=ily be installed from the pfSense package manager interface.

FreeNAS

You can have very complicated storage solutions with redundancy and striping, but I just want to have a media library on my 5TB HDD to be accessible to multiple devices at the same time. I passed through the drive as a raw disk to FreeNAS, created a ZFS pool and made it available through FTP, SSH, SMB and NFS.

Docker

I used an Arch VM with portainer for running containers.

mkdir /root/portainer/data
docker run -d -p 9000:9000 -v /root/portainer/data:/data -v /var/run/docker.sock:/var/run/docker.sock portainer/portainer

Deluge seedbox

I mounted the NAS on Arch with an entry in /etc/fstab and started a deluge docker container.

echo "nas:/mnt/NAS /nas nfs defaults,soft,rsize=32768,wsize=32768,timeo=900,retrans=5,_netdev 0 0" | sudo tee -a /etc/fstab
sudo mount -a # remount volumes in fstab
sudo docker run -d --name deluge -p 8080:80 -p 8112:8112 -p 58846:58846 -p 58847:58847 -p 58847:58847/udp -v /nas/torrents/:/home/deluge jakexks/deluge-torrent-seedbox

The embarrassing AP VM

I haven’t bought a WiFi AP yet. I tried to pass through my laptop’s WiFi card to a VM, use hostapd to make an access point. For now, I just need WiFi in my room, and figuring this out isn’t worth the effort. So I just gave up, started an ubuntu desktop VM and made a hotspot on it.

The final layout

It was getting hard to keep track of what is connected where. I did the only thing any level headed person would do, and spent a couple of hours charting out every physical and virtual connection in this mess. This is what it looks like as of now:

2021

Back to Top ↑

2020

My worst one-liner yet

5 minute read

I have a habit of writing excessively long bash one-liners well beyond the threshold of it making more sense to write a script. Chaining commands and transfo...

Back to Top ↑

2019

Back to Top ↑

2018

Home setup part 3: IWS

5 minute read

I have a strange list of requirements, and a limited amount of hardware to satisfy them with. I needed: a Windows desktop for windows only software and ga...

Home setup part 2: The Matrix

3 minute read

A couple of weeks after moving into my apartment, I got a 100Mbps connection from Dsouza cable network, some local ISP that I had never heard of before. At f...

Home setup part 1: The Oasis

2 minute read

For the lat couple of months, I’ve been spending my weekends setting up my home PC, network and other infrastructure. Over this series of blog posts, I will ...

Back to Top ↑

2017

Back to Top ↑

2016

Headless access on Pine64

1 minute read

Quickly setting up headless access on linux SBCs like the pine64 This is a quick guide to enabling headless VNC access on the pine64 using USB serial.

My github blag

less than 1 minute read

My Github Blag I’ll mostly be posting how-tos on things that took me a long time to figure out, in case I need to do them again

Back to Top ↑