VOOZH about

URL: https://dev.to/anik_sutradhar_2c84f4b969/create-you-own-server-at-home-for-free--34l9

⇱ Create you own server at home for free ... - DEV Community

You know it's always handy to have your own home server; you can do all kinds of things with it. Like hosting your personal websites, running cron jobs, automation services, and if you have a beast PC, also hosting AI models and running AI services.
This is a step-by-step guide to set up your Ubuntu home server and make it available over the internet.

Before anything, you need a fresh installation of Ubuntu server

Step 1: go through the basics :

Update your system
sudo apt update && sudo apt upgrade -y

Install essential tools:
sudo apt install curl cron sed -y

Step 2: Identify your Global IPv6

  • Find your address:
    ip -6 addr

  • Look for the "Global" address. It usually starts with inet6 2405:201:...

Step 3: DuckDNS Automation

  • Create the directory : mkdir ~/duckdns && cd ~/duckdns

  • Create the script: nano duck.sh

  • Paste this(Replace with your info):
    echo url="https://www.duckdns.org/update?domains=YOUR_DOMAIN&token=YOUR_TOKEN&ipv6=$(ip -6 addr show dev eth0 | grep 'scope global' | grep -v 'temporary' | awk '{print $2}' | cut -d'/' -f1)" | curl -k -o ~/duckdns/duck.log -K -
    [You need to go to this DuckDNS website, create a domain you like, and the token they will provide]

  • Set Permissions:
    chmod 700 duck.sh

  • Schedule it(Cron):

  • Run crontab -e

  • Add this to the bottom: */5 * * * * ~/duckdns/duck.sh >/dev/null 2>&1

Step 4: Configure your Router(configure your ISP settings)

Your router blocks all incoming traffic by default. You must create a "Pinhole."

  • Go to your router admin panel, for example, 192.168.29.1

  • Service Setup: Go to Security > Firewall > Custom Services. Add a service for Port 80 and Port 443 (TCP).

  • Firewall Rule: Go to IPv6 Firewall Rules.
    Inbound Rule: Allow traffic to your Global IPv6 (from Step 2) using the services you just created.

Step 5: Web Server & SSL:

  • Install Apache: sudo apt install apache2 -y

  • Install Certbot: sudo apt install python3-certbot-apache -y

  • Get Certificate:sudo certbot --apache -d yourdomain.duckdns.org

Step 6: Firewall settings

  • UFW firewall:
    sudo ufw allow 80/tcp
    sudo ufw allow 443/tcp
    sudo ufw allow 22/tcp
    sudo ufw enable

  • You can also set up private SSH keys to access remotely (without passwords)

  • Fail2Ban: Install to block brute-force attacks: sudo apt install fail2ban -y

Step 7: Tailscale:

Tailscale is a private VPN. You should use it alongside DuckDNS, not instead of it.

  • With Tailscale: You can access your server's terminal or files from anywhere in the world (even if DuckDNS or your Router's public port fails) without opening ports.

  • Install: curl -fsSL https://tailscale.com/install.sh | sh
    sudo tailscale up
    [If you mess up a firewall rule and lock yourself out of the public IP, Tailscale provides a private "backdoor" to get back in and fix it.]

Final check:

  • test DNS: nslookup yourdomain.duckdns.org (Should show your IPv6)

  • Web access: Visit yourdomain.duckdns.org

  • VPN: Turn off Wi-Fi on your phone, turn on Tailscale, and try to SSH into the Tailscale IP.

If you want to host any application, you need to open those ports.