Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Help about MediaWiki
FUTO
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Introduction to a Self Managed Life: a 13 hour & 28 minute presentation by FUTO software
(section)
Main Page
Discussion
English
Read
Edit
Edit source
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
Edit source
View history
General
What links here
Related changes
Special pages
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
= Why Build Your Own Sovereign Cloud? = Apple and Google push users into closed ecosystems while removing options for personal control over data. Think back to when smartphones had microSD card slots, so you could store your photos, videos, & music locally & cheaply. As these companies started pushing paid cloud services, microSD slots disappeared from every phone. Apple no longer [https://www.macrumors.com/2024/05/15/ios-17-5-bug-deleted-photos-reappear/ gives you a working “delete” button], and Google has [https://www.nytimes.com/2022/08/21/technology/google-surveillance-toddler-photo.html mistakenly flagged people as criminals for sending photos a doctor requested of their sick child] during COVID lockdowns. These issues come up because you don’t own the software or services you’re using. If you can’t review the source code, it’s not your software. If you can’t host the service yourself, it’s not really yours. <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:lu55028jxaty_tmp_bb449a5f.png File:lu55028jxaty_tmp_1004238c.png </gallery> FUTO is looking to change that. We want to provide solutions that let you take back control, whether it’s running your own cloud or hosting your own services. Many of these services have 1% adoption (if they’re lucky!) because of the barriers to use. One example is Immich; it’s photo gallery software that uses local AI, so you never have to worry about your personal data being analyzed by some remote server. It’s incredibly fast & efficient! I think it’s the best in its field. Right now, if you want to use it, you need to set up your own GNU/Linux server and use Docker to get everything running. You either become a GNU/Linux sysadmin or you sell your data (and your soul) in exchange for a half-decent UI. '''Until now!''' <span id="futos-belief-in-self-managing-your-own-servers."></span> == FUTO’s belief in self managing your own servers. == <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:cluelessimmich.png </gallery> We believe that any piece of software we create or offer that has a client, must be accompanied by server source code that allows you to run your own server. You have to have control over your devices. At the same time, if we throw the source code at you and tell you ''“have fun!”'', have we really enabled you to run your own system? That’s akin to throwing a party and saying ''“hey, anyone who wants to join us is allowed in!”'' when you only tell your best friends where the door is. We want the door to the party to be open to everyone; and for '''''all of you''''' to know where it is. So, let’s see if we can put spicy brownie’s concerns to rest. <span id="the-rabbit-hole-to-hell"></span> === The Rabbit Hole to Hell === I’m going to show you exactly how to set this up because that’s been a common question in the comments. I’m going to show you how to set up <code>Immich</code>. To do that, I need to show you how I get my files from my phone to my server. If I’m doing that, I’m connecting to my server from outside, which means I have to show you how to set up a VPN tunnel. I’m not going to forward ports for all these random services. If I’m doing that, I might as well show you how to set up a router that will always get updates, which means building your own. While I’m at it, I might as well show you how to block all ads, even when you’re connected from your phone. While we’re in there, let’s show you how to set up something similar to Google Docs, Google Sheets, calendar, contacts, home surveillance with notifications, self-hosted mail, a business phone system that curses out annoying customers ''for'' you, and everything else. <blockquote>'''Warning:''' This becomes a rabbit hole very quickly because there are so many items to cover. I’m not going to breadcrumb you. I want to provide you with everything, which means we have to start from the BEGINNING! </blockquote> <span id="a-long-journey-ahead"></span> == A Long Journey Ahead == This isn’t going to be a 10-minute video, nor will it be a 10-page guide. It’ll probably be a ten-hour video, and a 1000-page guide. You’ll get to figure out how much I hate you based on whether or not I provide you with timestamps or a table of contents. <span id="understanding-the-basics-modem-router-switch-and-wireless-access-point"></span> == Understanding the Basics: Modem, Router, Switch, and Wireless Access Point == Before we dive into discussing building a router, I want you to understand the key components of your home network: the modem, router, switch, and wireless access point. These devices work together to connect you to the internet and allow multiple devices to communicate with each other. Most consumer products package the router, switch, and wireless access point all in one, hiding from you what each component is for. You might even have a modem that includes all three, meaning you have one device on your home network! Let’s break down the purpose of each device. <span id="modem"></span> === Modem === The modem is your gateway to the Internet, connecting your home to your Internet service provider (ISP). '''What a Modem Does:''' * Translates the signal from your ISP (e.g., cable, fiber, or DSL) into a format your devices can use. However, typically, the interface for fiber is called an optical network terminal (ONT). * Acts as the bridge between your ISP’s network and your home network. '''Types of Modems:''' * '''Cable Modem:''' Connects to your ISP via a coaxial cable. * '''DSL Modem:''' Connects via a phone line. * '''Fiber Modem:''' Connects via a fiber-optic cable. More properly called an optical network terminal (ONT) <blockquote>'''Important:''' A modem typically has only one Ethernet port, which is why you need additional devices like routers and switches to connect multiple devices in your home. A modem may have a phone jack to attach a standard telephone. </blockquote> <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:lu55028jxaty_tmp_6d85bda7.png File:lu55028jxaty_tmp_60f34d25.png File:lu55028jxaty_tmp_3f4c8a0.png File:lu55028jxaty_tmp_40634abb.png </gallery> <span id="router"></span> === Router === The router manages traffic between your local network (your home devices) and the internet (outside world). '''What a Router Does:''' * Allows you to have more than one device on your network. * If you attach your computer to your modem directly, you are simply connecting to the “outside” world’s network. This is referred to as '''“WAN”''' - Wide Area Network is a network that connects multiple LANs over large distances, while a LAN is a network confined to a local area. This can work, but when you do this you do not have an internal network. The computer you attached to your modem is the only computer in your home that can go online with this configuration. * Routers create a 2nd internal network for your devices so you can attach more than one thing to the internet (WAN). Wouldn’t it suck if you could only have one wired device attached to your home internet? This is why most people need a router! * '''Routes Traffic:''' Directs internet traffic from the OUTSIDE (this is called the “WAN”) to the correct device on the INSIDE, your home network (this is called the “LAN”), and vice versa. Now, multiple devices (e.g., computers, phones, smart TVs) can communicate with the internet through your modem, and with each other within your home. * '''Provides NAT (Network Address Translation):''' Translates your devices’ private IP addresses into a single public IP address provided by your ISP. <blockquote>'''Note:''' The router you get from your ISP or buy from a store, 99% of the time, is a combo device that looks like this: includes a router, switch, and wireless access point all in one box. Understanding their roles separately is key when setting up a more advanced system like '''pfSense'''. </blockquote> <span id="traditional-wired-router"></span> ==== Traditional wired router: ==== Below is a traditional wired router. This combines a router & a switch but has no wireless access point. <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:lu55028jxaty_tmp_62add313.png </gallery> <span id="cheap-walmart-wifi-router"></span> ==== Cheap Walmart Wi-Fi router: ==== This is a TP-Link wireless router: a router, switch, and wireless access point all in one. This is most likely what you have in your closet right now, covered in wires, under the set of workout pants you bought six months ago after your failed New Year’s resolution to go running every morning. It has slow speed unless you’re 2 feet from it. These often come with SIP-ALG (a component that transforms Voice-over-IP packets, which generally isn't needed any longer today) on by default, and will mess with your phone systems endlessly even if you try turning it off. Avoid the Walmart routers. <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:lu55028jxaty_tmp_2a9c98fc.png </gallery> <span id="switch"></span> === Switch === A switch expands the number of devices you can connect to your local network using Ethernet cables. '''What a Switch Does:''' * '''Expands Connectivity:''' If your router only has a few Ethernet ports, a switch allows you to connect more wired devices (e.g., computers, gaming consoles, network-attached storage). * '''Forwards Data:''' A switch is smarter than a basic splitter. It knows which devices are connected to each port and forwards data to the correct device, improving network efficiency. * The type of basic switch I am using for this example is the smaller type below, that has no advanced routing features, settings, or web interface to mess with. It’s just a dumb switch. Switches come in different sizes, from small 4-port models to large 24-port (or even larger) models used in business environments. The small Netgear switches that cost $15 are more than adequate for most people’s home networks & will not cause random disconnects or issues with our router setup. <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:cheap_netgear_switch.jpg </gallery> <span id="cheap-switch"></span> ==== Cheap switch ==== This is a [https://www.amazon.com/NETGEAR-5-Port-Gigabit-Ethernet-Unmanaged/dp/B07S98YLHM basic Netgear switch that you get for $15]. It allows you to connect four devices to your pfSense router. You would attach the LAN port on the pfsense router to a port on this switch ''(any port is fine)'' & then connect your wired devices ''(wireless access point for wifi, computers, etc)'' to other ports on the switch. Some points to note: <ul> <li><p>This switch is gigabit - meaning, 1 gbps.</p> <ul> <li>1 gbps = stuck transferring around 100 megabytes per second real world performance (aka the speed of ten year old hard drives).</li> <li>This means even if you have a fast solid state drive in the server & your personal computer, transfer speed will be around 100-120 megabytes per second.</li> <li>If you have a gigabit internet connection & are downloading a file at 1 gbps, you can also grab a file from your server without slowing your download.</li></ul> </li> <li><p>This has no Power over Ethernet (PoE)</p> <ul> <li>If you want to power wireless access points, office voice over IP (VoIP) phones, or cameras, you have to plug them into something or get a PoE injector later.</li> <li>A Power over Ethernet switch can power devices you plug the ethernet cord into which is very cool for setting up security cameras, because you only have to run 1 wire to each camera.</li> </ul> <p>These cheapies will usually not have Power over Ethernet to power cameras & wireless access points & office desk phones, nor will they usually support configuring ports for VLANs ''(we will get into that in the wifi section at the end)''. This is a good ''starter'' switch since it is reported to pass VLAN tags, so if you bought wifi access points or switches that supported creating isolated networks this switch would pass those tags ''(we’ll get into that at the end of the guide); no need to worry about that right now.''</p> <p>These cheap switches work great, and also come in 8 port versions for a few bucks more.</p></li></ul> <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:expensive_netgear_switch.jpg </gallery> <span id="expensive-switch"></span> ==== Expensive switch ==== The [https://www.bhphotovideo.com/c/product/1383572-REG/netgear_xs724em_100nas_24_port_10_gigabit_multi_gigabit_ethernet_smart.html?ap=y&smp=Y Netgear XS724EM switch] is an expensive, fancier switch. * Speed ** Supports 2.5 gigabit or 10 gigabit per second Ethernet on its ports. ** If you have a network interface card (NIC) that supports 2.5 gbE on each end ''(these are becoming more common)'', you can get over 270 megabytes per second transfer rate ''(more than 2x a normal gigabit switch)'' ** If you have a network interface card (NIC) that supports 10 gbE on each end ''(your computer does not have this unless you bought it separately & installed it)'', you can get over 800 megabytes per second even with a poorly tuned setup. This is likely faster than any of the drives inside your computer unless you bought fancy NVMe drives. * Power ** Can power a bunch of cameras, phones, wireless access points over Ethernet. * Ports ** Has 24 ports instead of 5, can connect a lot more stuff. ** '''COMPATIBILITY''' of the ports - does 10 GbE over standard ethernet plugs/jacks. If you wire your house with [https://www.monoprice.com/product?p_id=13072 good cat6a] and put [https://www.ebay.com/itm/235729074315 good 10 gbE network interface cards] in the machines you’re working with you can get 800 megabyte per second networking all around your house without digiorno connectors. * Virtual LAN support ** Allows you to create separate networks on the same switch. ** Can keep your untrusted internet of things (IoT) devices like cheap light bulbs & cameras & thermostats on isolated separate networks from your trusted devices. The VLAN support is a big one because later on when we connect wifi access points that are advanced we are going to do far more than just make a “guest network”; we are going to make a network that your IoT devices (bulbs, thermostats, cameras, etc) can connect to and isolate them in a way where your computer running your security cameras & home automation can connect to them, but they are isolated from connecting to anything else. This isn’t necessary though and a bunch of you will probably skip the VLAN part at the end, since that gets a little too complicated for a home setup. This is an expensive switch. There are many in between, but I thought it’d be useful to show an example of the cheap side & expensive side to show what is available & what you can get for the money. If you are ok with gigabit ethernet you can easily get by with way cheaper; right now you can either buy gigabit switches cheaply, or 2.5 gbe & 10 gbe switches at crazy high prices. There isn’t much in between. <span id="wireless-access-point-wap"></span> === 4. Wireless Access Point (WAP) === A wireless access point (WAP) provides Wi-Fi access to your network, allowing devices like phones, tablets, and laptops to connect wirelessly. You could add a wireless access point like the ones below, to the old blue Linksys router above, to turn it into a “wireless router”. '''What a Wireless Access Point Does:''' * '''Provides Wireless Connectivity:''' The WAP connects to your router (or switch) and broadcasts a Wi-Fi signal, letting wireless devices connect to your network. * '''Doesn’t Route Traffic:''' It’s important to note that a WAP doesn’t perform the same function as a router. It simply extends your network by adding wireless connectivity. <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:lu55028jxaty_tmp_e4850c8b.png </gallery> These are mesh network access points. They allow you to connect each to your switch and place them in separate areas of your home to make sure you have great connectivity everywhere. <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:tplink_mesh_example.jpg </gallery> The way these work is you would place the access points on different parts of your house and have an ethernet wire going to each one. The access points intelligently work together to figure out which one you should be connected to based on which provides the strongest signal to your laptop/phone where you are right now. You’d place one on the side of your house, one in the basement, one on each side of each floor in your home, and wire them all to your switch & you’ll get amazing wifi connectivity from anywhere. Good wireless access points will switch over so seamlessly that your file transfer does not stop or fail as it is happening. These setups are more expensive since proper mesh equipment that works right costs more & you are buying multiple access points. <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:lu55028jxaty_tmp_62add313.png </gallery> This is an ancient wired router with no wifi. <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:lu55028jxaty_tmp_dad6faba.png </gallery> This is a cheap ass wireless access point. I don’t recommend any of these especially when something like a [https://www.ebay.com/itm/116401635619 TPLink EAP6120] is about $50 used & offers much better seamless roaming if you want to add access points later, VLAN functionality, etc. I know it’s tempting to buy the lame ones because they are in stock at best buy & walmart for instant gratification but you’ll regret it later. <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:lu55028jxaty_tmp_4bc4c5a.png </gallery> This is an ancient wireless router that is a legend. The unbreakable, unbeatable, Linksys WRT54G. It is a router, a switch, and a wireless access point all in one. <span id="internet-protocol-addresses"></span> === Internet Protocol addresses === You have an address on the front of your building. You have a phone number - this is how people find you. Your modem will be how you get an IP address from your internet service provider. It usually looks like <code>64.91.255.98</code> or <code>8.8.8.8</code> - you may have seen this before. Most of you with a home internet connection have something called a '''Dynamic IP'''. This means that your IP can change. Your IP address may change for a number of different reasons: * When you unplug your modem [for a long period of time]. * When you plug your modem into a new router. * Every day, just for the hell of it! This can make things more difficult than when you have a '''static IP''' - static IPs do not change. You get an internet protocol address, and that’s what you’re stuck with, for better or for worse. For home users, most people don’t need a static IP. Static IPs are for when I want something to ''“stay put”''. I want my phone number to stay put so people know where to find me. I want my home address to stay put so the mailman knows where to find me ''(and so I know where to go home!)'' and, in this case, I want my IP to stay put so I can always find my home server, no matter where I am in the world. If you are reading this - you likely have a '''dynamic IP''' provided by your home internet service provider. We will have a workaround for this that allows you to be able to find your server at the same place every time you go to use it no matter how often its IP changes. <span id="how-these-devices-will-work-together-in-your-setup"></span> == How These Devices Will Work Together in Your Setup == For this setup, you’ll use a dedicated '''pfSense''' router instead of the combo device provided by your ISP. Here’s how the connections work: <span id="modem-to-router"></span> === 1. Modem to Router === * The modem takes the signal from your ISP and passes it to your '''pfSense''' router via an Ethernet cable. * The modem will be connected to the WAN (Wide Area Network) port on the router. <span id="router-to-switch"></span> === 2. Router to Switch === * Your '''pfSense''' router manages traffic between your devices and the internet. * Since the Intel NUC running '''pfSense''' has only two Ethernet ports, you’ll connect the second port (the LAN (Local Area Network) port) to a switch to connect multiple devices. <span id="switch-to-devices"></span> === 3. Switch to Devices === * The switch is connected to the LAN port of your '''pfSense''' router. * Any wired devices (like computers, gaming consoles, or network storage) can be connected to the switch using Ethernet cables. * This allows multiple devices to communicate with each other and access the internet through the '''pfSense''' router. <span id="adding-wireless-access"></span> === 4. Adding Wireless Access === This will allow your phones, laptops, and other wireless devices to connect to the network without wires. * If you only plan to have wireless devices on your network, you can attach your wireless access point directly to the LAN port on your '''pfSense''' router. * If you wish to have a combination of wired & wireless devices on your network, you would attach a wired switch to the LAN port on your '''pfSense''' router, and then plug the Wi-Fi access point into a port on your switch. * If you have no plans to have wireless devices on your network, you do not need a wireless access point. <span id="a-common-home-network-setup-vs.-your-new-setup"></span> === A Common Home Network Setup vs. Your New Setup === '''Common Setup (with ISP Combo Device):''' * Modem → ISP-provided combo device (modem + router + switch + WAP) * All devices (wired and wireless) connect to the combo device. '''Your New Setup (with pfSense):''' * Modem → '''pfSense''' Router (dedicated firewall/router) * '''pfSense''' Router → Switch (for wired devices) <blockquote>This new setup gives you better control over your network, improved security, and the ability to block ads with pfSense and tools like pfBlockerNG. It is important that you know what each component does & their purposes. By understanding what each component does, you’ll be better equipped to set up and manage your new pfSense-based network! </blockquote> <span id="why-build-your-own-router"></span>
Summary:
Please note that all contributions to FUTO may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
FUTO:Copyrights
for details).
Do not submit copyrighted work without permission!
To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:
Cancel
Editing help
(opens in new window)