Welcome to my home server guide! Here, you'll find easy-to-follow steps to set up your own server at home using Linux, Docker, and all without the need for port-forwarding, as many ISPs don't allow it. Please note, some parts of this guide are based on my personal preferences (e.g., the Linux distro), and your setup for certain things may slightly differ. Let's begin, shall we?
After following this tutorial you will have:
- Secure access to your locally hosted services using tunnels.
- Remote access to your server by VNC and SSH from any device you want.
- Shared folders using Samba.
- Preconfigured, isolated & selfhosted cloud, media server, dashboard and "service managment center" using Docker and Portainer and as many more as you want.
- Minecraft server with mc.your-domain.com
Remember that your server is likely going to run 24/7, so keep in mind the energy consumption of your workstation and its noise. You can use your old PC, Raspberry Pi 4, or some mini PC (I recommend some older, used HP, Dell, Lenovo, or Intel NUC models). In this guide, I will be using an Intel NUC11TNHI5 with 32GB RAM and a 2TB SSD, as it only consumes 28W of energy. It's not necessary to buy exactly the same hardware as mine to follow this tutorial.
In terms of hardware, here are my recommendations:
- CPU: at least 9th generation Intel Core i3 or i5 or AMD equivalent; 4+ cores.
- GPU: don't run the server with a gpu (unless you want your own gaming cloud) as you won't need it and it will greatly increase power consumption.
- RAM: I recommend a minimum of 8GB. If you're going to run lots of services, then 16GB or even 32GB may be necessary, especially if you want to run game servers. In 90% of cases, 64GB is overkill, but if you can afford it and want it, then go ahead.
- STORAGE: I recommend either going full SSD (at least 512GB) or using an SSD for the OS (128GB or 256GB) and an HDD (min. 512GB) for data. SSDs are more energy-efficient but also more expensive.
To fully follow this tutorial you need:
- Your own domain.
- A Cloudflare account.
- A workstation where the server will be running.
This step will be different depending on your hardware. Just google "bios download" and your motherboard name or name of your machine (PC, laptop).
For the Linux distro, I will use EndeavourOS, but you can use any Arch-based distro (e.g., Manjaro, Garuda, or plain Arch) to essentially copy-paste commands. I chose EndeavourOS, because it comes with some useful stuff (that I will eventually need) installed and already configured and it has ISOs with many DE (KDE Plasma, Gnome, Xfce4 and more). If you opt for a non-Arch-based distro, you will need to find equivalent instructions for your chosen distribution.
-
If you are using EndeavourOS just run
yayin your terminal and typesudopassword. For other distros find equivalent instructions. -
This depends of your distribution and your graphical enviroment. Just google how to do that. It shouldn't be complicated.
-
This is just my preferance. You can completely ignore that step.
Change your default shell to zsh and enable plugins wiht oh-my-zsh
Setup VNC and SSH to remote access your soon-to-be headless server.
-
-
- Install RealVNC Viewer on your client (in my case Windows 11 Home).
-
- Install RealVNC Server on your server:
yay -S realvnc-vnc-server
sudo systemctl enable vncserver-x11-servicedsudo systemctl start vncserver-x11-serviced
After you do this, login to your RealVNC account on RealVNC Server. Make sure you check
SHA-256encryption. Reboot and boom! You have encrypted VNC connection! -
-
Install
SSHand connect to it.sudo systemctl enable sshdsudo systemctl enable sshdthen you can connect from any device within your LAN to your server by command:
ssh <username>@<hostname/ip-address>
for example:
type password for your user nad congrats! You are connected via SSH!
Setup Docker with Docker Compose and add your user to "docker" group.
-
yay -S docker
sudo usermod -aG docker $USERnewgrp docker
sudo systemctl enable dockersudo systemctl start docker
-
Visit offical docker website for instructions for your distribution
DOCKER_CONFIG=${DOCKER_CONFIG:-$HOME/.docker}mkdir -p $DOCKER_CONFIG/cli-pluginscurl -SL https://github.com/docker/compose/releases/download/v2.19.1/docker-compose-linux-x86_64 -o $DOCKER_CONFIG/cli-plugins/docker-composechmod +x $DOCKER_CONFIG/cli-plugins/docker-compose
Install and enable firewall to prevent common attacks:
yay -S firewalldsudo systemctl enable firewalld.servicesudo systemctl start firewalld.serviceInstall Samba package:
yay -S sambaAs Samba doesn't come with config file, we need to create one. I will use official config file from Samba repository.
Paste this config here:
sudo nano /etc/samba/smb.confIn the section [global] change workgroup to following:
workgroup = WORKGROUPso it will match Windows's default one.
-
In order to access your samba share from other computers, you must change your firewall's setting:
firewall-cmd --permanent --zone=public --add-service=samba
firewall-cmd --reload
systemctl enable --now smb.servicesystemctl enable --now nmb.service -
Create
sambausersgroup and add yourself to it:sudo groupadd -r sambausers
sudo usermod -aG sambausers YOURUSERNAME
Create samba password for your shares:
sudo smbpasswd -a YOURUSERNAME
-
I will use my
Jellyfinlibrary as example yet practical share.Scroll to the bottom and add:
[Jellyfin] comment = Jellyfin's media path = /home/docker/jellyfin/media writable = yes browsable = yes create mask = 0700 directory mask = 0700 read only = no guest ok = no
At this point make sure that directory you specified in share's path actually exists! If not run Jellyfin service or create it:
sudo mkdir /home/docker/jellyfin/mediaChange directory ownership and permissions:
sudo chown -R :sambausers /home/docker/jellyfin/media
sudo chmod 1770 /home/docker/jellyfin/media
Setup Portainer with Cloudflare Tunnels to allow access to your services outside your home network, then add as many services as you want.
-
Here are details for setting some services. You can find all configs in services folder. Paste all of them in Portainer.
- Jellyfin - The Free Software Media System
- Jellyseerr - Application For Managing Requests For Your Media Library
- NextCloud - A Safe Home For All Your Data
- Homarr - customizable browser's home page for your homeserver
- Dashy - A Self-Hostable Personal Dashboard
- Mealie - Recipe Management For The Modern Household
- Linkding - Self-hosted bookmark manager
- Uptime Kuma - A Fancy Self-Hosted Monitoring Tool
- Minecraft - Minecraft server with your own IP
- dash. - a modern server dashboard
- Watchtower - update your Docker containers automatically
- qBittorrent - qBittorrent BitTorrent client
- Starr Apps - collection managers apps with similar functionalities for anime, tv shows, movies, music and ebooks
- Home Assistant - open source home automation that puts local control and privacy first
- Custom service