Wanted: Fully Functional Home Network

Posted

Due to everything blowing up and going awry over multiple computer and multiple drives multiple times, I’ve been working with my network and breaking things down and building them back up a lot over the last year. And I’ve learned a ton about things that I never thought I’d need to know about. But as soon as something goes wrong, it all gets drawn into question all over again.

I’m back to not knowing which way is up anymore. However, I’ve learned this is a necessary step to making things better. So I’m not scared or frustrated, I’m open to moving forward in the best possible way.

Here’s what I’m looking for:
  1. Data backup, that is to say that I want all my TB of data to exist at least twice. Once on my NAS, and once on a drive or two I keep at another location. So I need some kind of ongoing data redundancy maintenance protocol too.
  2. Data organization, which is in some sense opposed to data backup. Because of everything that’s failed across the several computers that I’ve been trying the get by with, my data has a lot of duplicates and near duplicates. Currently, I have about 16TB of data that I’d imagine could be reduced to probably 4-5 TB. In order to do that, the only thing that makes sense to me is to crack it all open and spill it out someplace where every file with the same filename AND filetype AND filesize AND file content can be matched, and the newer versions can be removed. I’ve done some amount of this on my Mac with deduplication programs for music, photos, and other files. I’ve also run some Linux deduplications on both Windows and Linux formatted content. But really, I have no idea what is the best way to go about this. Do I seriously need to unzip and extract every TAR file, flatten every tree, and then match this stuff manually? Because I will, but wow that seems like 2020 should give me some more automated options. Hopefully this is a one-time task.
  3. Network level security so that I am free to control which of my machines are available to reach out beyond my local network to the internet and which cannot (because I have a few machines that shouldn’t).
  4. Local network access so that I can log in to any machine on my local network from on my local network. I’m currently using TeamViewer, but that won’t work across every device or as I continue to lock things down. I’d prefer a visual GUI/desktop view but SSH would be enough.
  5. Remote network access, which is at odds with the network level security I’m seeking. I also want to be able to access parts of my local network when I’m not local, and to be the only person who can do so.
  6. Webserver, which is also kind of a contradiction to the security and exclusive access I’m seeking. I also want to be able to designate one webserver that can freely serve content to anyone. Things like this very website, which I hope to make entirely static (Hugo generated) in the near future.
  7. Plex home media server, for centralized on-network access to all my music, movies, photos etc. Ideally, I’d like to be able to access this from any internet connection too, but I’m not sure what kinds of security compromises this requires and I have a feeling I wouldn’t like the trade-offs.
  8. Nextcloud for calendars, addresses, active document storage, collaborative document access, secure videochat, etc. This does need to be open beyond my own network to be useful to others.
  9. Home VPN because I don’t want to trust (or pay) any VPN providers. All they ever do is disappoint me :(
  10. Network monitoring & scanning because I want to see what’s happening while it’s happening because I’ve grown more and more paranoid as my digital world has grown less and less stable.
  11. Redundant Power because the power goes out here frequently. I currently have the router & Pi on a UPS, and since my internet is fiber on its own backup power and my laptop is hardwired with its own battery (and another UPS), I can actually still work when the power doesn’t. But I’d like to expand its reach and depth if I can, giving me the ability to run more and run longer in grid-less mode.
  12. Diagnostic Capabilities to be able to to say for sure when a drive has failed, when a kernal is damaged, when a cable is bad, when data is irretrievably corrupted, and when I’m about to trip my 30Amp breaker. All of these things have been consistent issues for me in the last year, and I need to know my margin of safety so that I can ensure I stay within it.

I’ve been thinking of all this in layers. Internet comes in and goes through dynamic IP to the webserver that serves mostly static files and offers a small-group use community platform and Nextcloud instance. A layer beneath that is my home network, with its own independent network hardware and protocols (I’ve already tried quite a few things). Anything on the network stays on the network unless explicitly given permission to call out. My printer doesn’t need to call out, nor do my old computers that are running fully licensed copies of old programs that are now only available by subscription and would be invalidated if they ever “called home”. For example, Macromedia Fireworks, Google Desktop, and Windows XPsp2. They’re no longer supported, but I don’t need support if they’re quarantined off from the cloud and all the nasty internet bugs out there.

So here’s the network inventory:
  • Netgear R7000 running DD-WRT
  • Netgear unmanaged switch
  • My Rasberry Pi 4 (4GB version), currently running as DNS server & Pihole
  • My MacBook Pro (early 2011)
  • My new desktop PC (2020)
  • My Razer Blade 15 laptop PC, if I can ever get it repaired and working again (2018)
  • My FreeNAS installed on an old Dell PC that I’ve souped up (2010)
  • old WindowsXP PC (2007)
  • My forthcoming Librem Mini or second Raspberri Pi that I plan to get (2020)
  • My new work laptop (2020) which needs a secure tunnel to the corporate network
  • Partner’s MacBook Pro (2016)
  • Mother-in-law’s Chromebook (2018), exempted from all adblocking & filtering
  • the stack of my partner’s old laptops, PCs, and other devices that I need to pull the data from someday
  • all our other devices (phones, TVs, Rokus, etc.) across 2 households that are connected by point-to-point wifi

And I’m willing to buy more gear, as needed. Heck I might even have some of what’s needed in a box somewhere.

I’d like to be more comfortable at the Linux command line than I am, but at this point it is my preferred OS. Mac is native to me. Windows 10 is a constant & infuriating struggle, but take me back to XP and I’m all good. I’d love to be totally FLOSS, though I don’t know that I ever will work hard enough to get there.

My main priority is STABILITY. Then security. Then Usability. Of course, if something isn’t usable, then I probably won’t use it at all no matter how stable & secure it is. So I guess all three of those are filters to apply to any given solution.

I don’t know what I need. I don’t know where to go to figure this stuff out. I don’t have anyone in my circle anymore who can offer relevant advice. What can you tell me?

Author
Categories ,