Hello all, I’m back again!
I’ve gotten questions about how my network is wired, and what I run on my servers. Well, ask no more!
Here is a wiring diagram of my (wired) network. Nothing too complicated, but the 10gb is definitely my favorite part. Dat 1GB/s transfer speed. I’m hoping to get a US-16-XG switch for my 10Gb network, so I can add 10Gb to my workstation.
Here’s a diagram of all the VMs I run. I still have a lot of room for growth, as I’m not maxing anything out yet (not even memory). A detailed explanation of what each VM does:
- 2012R2-Exchange – My primary email server. All my mail comes in and out of here, for my primary domain dfiel.com. A big use of this is separate email accounts for each of my services that require notifications, like FreeNAS. My biggest reason for self-hosting my email is I can catch all mail to my domain. Also, I have the resources, might as well. Outbound mail goes through Amazon SES, to avoid deliverability issues stemming from being on a residential IP.
- 2012-SW-1/5 – VMs for the Google Screenwise project. Can’t say much here.
- 2016-AD2 – Secondary Domain Controller. Only thing it does, separation of services is key.
- 2016-RDP – My main Remote Desktop machine. I use it as a jump box when I’m outside the network, but also as a general workstation when I’m out of the house and using somebody else’s computer.
- ELK-STACK – ELK logging stack, takes logs from various services, and allows me to search through them. I haven’t completely set this up yet, I probably will soon.
- FCSPBX – PBX for my business phone. Uses a DID from Anveo, as well as their call termination services. I’ve had no issues with them thus far, great inbound and outbound rates, and quality customer service.
- HaloCE – A Halo Combat Evolved server for me and my classmates. Stays off most of the time, as the school blocked it from being executed on machines. :/
- IRC – IRC server. Stays mostly idle, haven’t used it in a while.
- MineOS – Minecraft Server system, running the MineOS Server software. My brother and his friends are the primary users, but me and my friends occasionally find ourselves playing some modded servers.
- Sandstorm – Only used as a Wiki for the lab. I’ll probably add more stuff as the need arises. It has its own domain so I can provision whatever services I want.
- TESTPBX – A clone of FCSPBX that I use as a test server for changes. Never test in production!
- 2012R2-AD1 – Primary domain controller. Nothing special
- DASH-MQTT – Running MQTT-Dasher, it sends a message to Home Assistant when any of the various Dash Buttons around the house are pressed.
- DISCORDBOTS – Music and Text bots for discord servers. I have separate instances of bots for different servers, just for the music component.
- EFA – My spam filter, running the Email Filter Appliance. Gives me a nice place to see all incoming mail and their spam levels, and I can manually approve messages marked as spam. The system also learns about your email as you go, to provide a better experience. All mail comes in here, then to 2012R2-EXCHANGE.
- HomeAssistant – My main Home Assistant site. Controls lights around the house, since the manufacturer of the bulbs I received as a gift discontinued the cloud control portion of the product. I was able to successfully downgrade the gateway to an older firmware version, and use that to write a custom component for Home Assistant. A blog post on how to do that is coming soon, probably next week.
- NGINX-WEB – My secondary Web Server and Reverse Proxy. The main is an instance of Caddy Web Server, which handles automatic SSL certificate deployment through Lets Encrypt. Nginx servers this site among others, and passes traffic to other VMs as needed (FreeNAS, Exchange, etc).
- pfSense – My main Edge Router and Perimeter Firewall. Soon to be transitioned to a physical box (most likely a SFF Dell with an i5-2400). It routes between all the VLANs and out to the internet. No traffic filtering, DPI, or captive portal. Yet!
- PROD-GITLAB – A GitLab server for a software project me and a friend of mine are starting. Nothing big yet, I may post about it in the future.
- UBUNTU-MEDIA: Plex and Media Acquisition apps for the whole house and some family/friends. Based heavily on guides from HTPC Beginner. Dont want to get in trouble by listing the apps I run, I’m sure my ISP wouldn’t like to know.
- UNIFI – The UniFi Controller for my switches and Access Points. I know it isn’t necessary to run it all the time, but its nice to be able to visualize all the data so it stays up.
- Veeam – This is running the Veeam Backup and Replication suite. I use it to back up all the VMs, which are put on a different dataset on the NAS/SAN.
HOMENAS is a key piece of this puzzle, as it holds all the VM data, along with backups of all the machines in the house, photo uploads from our mobile devices, and anything else. This gets replicated to another identical system in a different part of the state, pinning my 50/50 connection’s upload almost all the time. Fun stuff.
Well, that’s my lab! If you have any questions, feel free to leave a comment here, or on reddit, if you have any questions. I’d be happy to answer them!
Until next week,