Butingtaon's Corner

Posts by type
Other

With ISP's like these...

The past few weeks i've been experimenting with running some server software on my home network and trying to get them visible on the wider internet. It's basically been trial by fire, as I had to learn really quick how to use systemd (it might not be as bad as I thought, though I still don't like its scope creep. My own personal machine still runs Devuan), writing init scripts, configuring and moving around in postgres, etc. Basically a crash course into DIY systems administration .

As an added challenge, my ISP currently uses CGNAT because of the global IPv4 exhaustion (or hoarding? We'll talk about that in the future), and so I need to jump through several hoops to get my stuff visible out there. I'm currently using Pagekite to expose ports 80 and 443 on my local machine, an old Dell laptop that's probably more than 12 years old by now. As in my server_software wishlist, I'm using Caddy to serve up content and reverse-proxy requests into local webapps and other software.

horrible ASCII diagrams incoming

CW: The following is very screen-reader unfriendly, jump to the next heading for more details. 

	    ()()()()()()()()()()() 
( The World Wide Web ) ------> [ pagekite.net ] 
()()()()()()()()()()() <--------+   ^ |
          ^                         | |
		  . 						| V 
		  . 				   [       	] 
          .                    [ My ISP ] -------> [ My ISP-issued router ] 
		  .				       [        ] <---------+    ^  | 
	CGNAT .             	                             |  |
   Bypass .               +------------------------------+  |
		  .   	   [ My old laptop ] <----------------------+ 
		  . 	          ^ |
		  . 	          | V
          .......>[ pagekite daemon ]
				          | ^   +--------------+ Reverse 
						  V |   V +----------+ | Proxy
				   [  Caddy Server ]         V |
				          | ^          [                       ]
					      V |          [ other server software ]
				   [ Static files ]    [                       ]

Noob sysadmin, ISP crashes, SSL errors, oh my!

Because I'm hosting my own web services within my own home, my uptime is just as reliable as my internet provider. Without spilling personal details, being in a Third-World nation doesn't really allow for good network infrastructure. My ISP crashes hard a few days each month, and because I'm currently working from home, not only are my personal websites not running, but I'm also not able to log in to work!

This doesn't even get into the downtime that occurs because of my own mistakes! Speaking of mistakes, I am probably messing up my Caddyfile somewhere, leading to very, very broken SSL and even less uptime for my services over the past few weeks. The last change I made involved using a wildcard, on-demand certificate that would cover all of my sites simultaneously. At the cost of having to keep everything in one, gigantic configuration block. A bit messy, but here's hoping it works long-term.

it didn't.