Selfhosted home server configuration. Own your data without giving up privacy or locking yourself into a service you don't control.
Using a clear text password is never a good idea, since the password is not encrypted in transit, and can be exposed on a hostile network. Permitting password login is a threat.
In order to generate an SSH key, type the following on your local machine:
#On local machine
ssh-keygen -t rsa -b 4096Press enter when asked for a key location, and add a password of choice to your key.
Next, connect to your server by typing:
#On local machine
ssh root@<your-ip>Exposing root login on an ssh server is a security threat. To create a new user, type:
#On server
useradd -G sudo -m <your-username> -s /bin/bash
passwd <your-username>On your local machine, type:
#On local machine
ssh-copy-id -i ~/.ssh/mykey <your-username>@<your-ip>
Go back to your server's terminal window, and edit the ssh config by typing:
#On server
nano /etc/ssh/sshd_configThe config file parameters that you should change are listed below:
Port <port-other-than-default>
PasswordAutentication no
PermitRootLogin noMake sure to save the file once you have changed the configuration, and restart the ssh service by using:
systemctl restart sshdOnce this is done, make sure to check that password login is no longer permitted.
Create a file on your local machine's ssh configuration directory called config:
nano ~/.ssh/config
The file should look like this:
Host <your-ssh-alias>
User <your-non-root-user>
Port <your-ssh-port>
IdentityFile ~/.ssh/id_rsa
HostName <your-server-ip>Once you save your file, you'll be able to login to your server by using the following command:
ssh <your-ssh-alias>touch .hushlogin- Jellyfin (media server)
- Radarr (A movie tracker/downloader)
- Jackett (A torrent/NZB indexer)
- Sonarr (A TV show tracker/downloader)
- Homer (static home page)
- Nextcloud (cloud platform)
- QBitTorrent (Docker container running web client for QBitTorrent)
Clone repository:
git clone https://github.com/a-maccormack/selfhosted
Move folder contents into your /home/<youruser> directory:
cd selfhosted && mv -r * /home/<youruser>
Install docker and docker-compose:
sudo apt install docker.io
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
Modify docker user permissions for rootless access:
sudo groupadd docker
sudo usermod -aG docker $USER
newgrp docker
Set up Nginx, Jellyfin, Homer, Media Downloads Bundle, and Nextcloud:
#docker-compose
#Do for all services: [nginx, jellyfin, homer, nextcloud, media-downloads]
cd ~/docker-compose-files/<service> && docker-compose up -d
Docker-compose Pihole:
#docker-compose pihole
cd ~/docker-compose-files/pihole && docker-compose up -d
#set password
docker exec pihole pihole -a -p <your password>
Remember to change your DNS to use PiHole
sudo apt install htop
sudo apt install neofetch
sudo apt install szh && sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"