aboutsummaryrefslogtreecommitdiff
path: root/posts/my-first-freebsd-server.md
blob: d477f330777cce7a0f3e35d6b88df79e4f691b84 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
# So I setup my first FreeBSD server 

So recently I decided to give [**FreeBSD**](https://www.freebsd.org/) a spin and thought I'd jump straight in at the deep end by setting up a new server in my Homelab using a recycled PC which was a Fujitsu ESPRIMO E420 E85+ Intel® Core™ i5 with just 4Gb of ram.  
I upgraded it to an i7-4790 CPU and gave it 16Gb ram as I fell that'll be plenty for my usage purposes so far. For drives I used one of the old 1Tb SSD that I had lying around for the main OS drive and purchased 2 x Iron Wolf Pro 4Tb hard drives for storage and the Bastille jails. I obviously had to modify the CD / Spare drive carrier as I no longer needed the CD drive and wanted to mount both 4Tb drives on top to dissipate heat better. The 1Tb SSD was mounted below where the hard drive normally resides. Once this was done I downloaded and installed FreeBSD 14.1 and setup the main SSD as the full OS as I did not connect the 2 x 4TB drives to start with in case I had issues. Once I had everything setup like PF firewall rules and [**fail2ban**](https://github.com/fail2ban/fail2ban) and SSH ports moved plus stopped access using passwords I reconnected the 2 x 4TB drives and set them up as ZFS raid 1 and proceeded to setup [**Bastille**](https://bastillebsd.org/) to use those drives for jails. So every time I setup a new jail it will be located on the ZFS raid 1 drive.  
Jails wise so far I have setup one which hosts [**Nginx**](https://nginx.org/en/), [**Git**](https://git-scm.com/) and [**CGit**](https://git.zx2c4.com/cgit/about/)  for my Git repositories which used to be located at [**SourceHut**](https://sourcehut.org/) but they are just mirrored there for now until I see how I get on.  
I have a jail just with Nginx which is for my personal sites. One hosts [**Syncthing**](https://syncthing.net/) which syncs photo's from my mobile and notes plus other files from various other PC's and laptops in our household. Finally I have [**Radicale**](https://radicale.org) that syncs my calendars and contacts from various devices.  
Backups for now are very simple whilst I write some better scripts. So basically I tar.xz the hosts ( **Beastie** ) various config files as I really don't mind rebuilding if I have to but I'd prefer to keep certain config files for reference. Then my temporary script basically just goes through backing all jails using the `bastille export` command to a NAS drive I have on my network. It also is set to delete any copies older than 31 days. Obviously the NAS drive is only mounted when the script runs and unmounted afterwards. Later I hopefully plan to come up with a better back up system but it will be written by myself just for the experience.  
My reverse proxy that I have to allow me to use one IP and route to various services is hosted on a Raspberry Pi 4 which also happens to be running [**HomeAssistant**](https://www.home-assistant.io/) from a 64Gb SSD. I did think about moving the reverse proxy to Beastie but figured keeping on another machine was probably a better idea?  
Do I plan to add more jails ? Well I do plan to transfer over my [**Logitech Media Server**](https://lyrion.org) and all music to it's own jail which will finally allow me to shut down my old Ubuntu server and re-purpose it later. As for any others I'm not sure yet I'm just working to make everything here just perfect if that is possible at all?  
I have never setup a FreeBSD server before and certainly didn't think I'd get into jails too but there you have it. I purposely haven't included any example configs as there is so much information already on the web for doing exactly what I have already done here with everything literally a search away.  
Would I recommend you try FreeBSD in your Homelab ? Absolutely I would and it has even got me wondering whether I'd even go full on daily driver on my main laptop too with [**River**](https://codeberg.org/river/river) or [**Sway**](https://github.com/swaywm/sway)? Now that is something as a 20+ year Linux user to consider very carefully, but you never know.