To host all required services and applications for my home automation system I created a virtual machine running Ubuntu. By doing so I can play around and roll back to an earlier backup when things go wrong.
What you need to get started:
- Host with VMWare player
- Ubuntu 16.10 LTS server installation iso
- A (sub)domain
Open VMWare Player and create a new virtual machine.
Select the iso file with Ubuntu as installation source.
Configure the hardware. How much memory an CPU you assign to the VM depends on what’s available on the host.
sudo apt-get install console-data
sudo dpkg-reconfigure keyboard-configuration
My hostname wasn’t what I expected (vmware mest it up I guess) so I had to change it manually:
sudo nano /etc/hostname
sudo nano /etc/hosts
Next step is getting updated lists for apt:
sudo apt-get update
If you get errors, remove cdrom from the sources list b putting a ‘#’ in front of the line that starts wit “deb cdrom”:
sudo nano /etc/apt/sources.list
Making the server accessible from remote
Since I’ll run the server on a headless host I will enable SSH access on the server. This allows my to use any ssh client (like PuTTY) on my laptop to connect to the server.
sudo apt-get install openssh-server
One step further is to make it possible to connect to the server over the internet how this is done section depends on ow your network is setup and wat your ISP allows.
I set a fixed ip address for the homeserver and configured the ISP to forward ports 80 an 443 to that IP address.
sudo nano /etc/network/interfaces
I modified ens33 which is my primary network from dhcp to static:
iface ens33 inet static
dns-nameservers 18.104.22.168 22.214.171.124
Note that the dns-nameservers depend on your ISP.
Nginx proxy with TLS/SSL
Nginx is a powerful and popular web browser. It is known to be fast and use minimal resources. It can be used as a webserver and as a reverse proxy. For my server I’ll you it as a reverse proxy to serve other applications like Node Red and Home Assistant.
sudo apt-get install nginx
Configure the firewall
You can use the command below to list applications that can be configured
sudo ufw app list
To communicate with let’s encrypt port 80 is needed but the ‘real’ traffic will be on https using port 443. We’ll also add ssh to the firewall rules.
sudo ufw allow 'Nginx Full'
sudo ufw allow ssh
Enable the firewall
sudo ufw enable
To check the configuration use
sudo ufw status
Setting up certbot for let’s encrypt
To obtain a Let’s Encrypt SSL certificate we will install Certbot on the server.
It’s recommended to use the repository as te software is getting updates frequently. That way we’re sure we’re installing a recent build.
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
Now you can install Certbot’s Nginx package.
sudo apt-get install python-certbot-nginx
Edit server config
sudo nano /etc/nginx/sites-available/default
. . .
server_name example.com www.example.com;
. . .
sudo systemctl reload nginx
sudo nginx -t
Activate certbot and getting a certificate:
sudo certbot --authenticator standalone --installer nginx -d example.com --pre-hook "service nginx stop" --post-hook "service nginx start"
Certbot will ask some information during the first run.
When the request for a certificate is successful Cerbot will ask you if you want to redirect all traffic to https. Select this option.
Point your webbrowser to your domain (http or https) and you should get a ‘welcome to nginx’ page.
Start virtual machine on boot of host
The host is configured to restart after power failure, but with only the host (Windows) running and not the guest (Ubuntu) a lot of the home automation things will not work.
Since the host will become headless (no screen) after everything is setup I want the guest, Ubuntu, start when the host starts.
On the windows host we’ll create a link to the .vmx file in the startup folder.
Open “C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup” in Explorer.
Open another explorer and browse to the folder containing the .vmx file. Create a shortcut in the startup folder by dragging and dropping the file while holding down the alt key.
If this fails and a a popop is shown asking to make a shortcut to the desktop click yes. Then move the shortcut to the startup folder using drag and drop.
Voila! We have a server that’s ready to get filled with automation software and scripts!