Homelab

42U server rack in my flat

I host everything I can on my own equipment, sans cloud.

E-mail, photo syncing, file servers, a Linux grid, document sharing… it’s a full-time job.

Doing has taught me more than reading ever will.

Aren’t you worried about security?

Yes, but hacks happen everywhere (iCloud for example). I enforce 2FA via a dedicated identity server everywhere, even for logging into this blog. I don’t drink ZTNA kool-aid too much, so most things stay behind a VPN (for example, domain controllers). Said VPN is also behind 2FA. It’s a reasonable approach.

Does it always work?

Nope. One of my posts got to #1 on Hacker News and even my WireGuard tunnels started collapsing. I’ll blame my ISP for my 7 Mbps connection on that occasion.

Fine, but why host email? That’s crazy complex.

  1. Because it matters a lot to me (so all the more reason)
  2. It’s not that hard to keep running

Alright, so how did I get here?

  1. You asked your DNS resolver where blog.abctaylor.com is
  2. ns1 or ns2.arcza.net (my public name servers) probably said it’s at 82.71.78.1, an IP in a /29 block I rent from my ISP
  3. A Cisco ISR accepted your packets, and sent you on toward a DMZ firewall
  4. The firewall allowed your traffic into the DMZ
  5. You hit a DMZ load balancer which did TLS with your browser
  6. Another firewall allowed the load balancer though to the core network to a VM running NGINX, which generated this page