My OpenWRT Home Server
A few months ago lightning struck a telegraph pole near my house and melted my telephone socket. My home server was connected via Ethernet to the ADSL Modem connected to said molten socket. The lightning passed through the ADSL Modem, and took out the server. I live on a remote island which unfortunately happens to have the highest ground for miles around. While we don't get huge lightning strikes often, when we do it can be a right pain. I was lucky, plenty of friends had equipment catch fire.
I didn't want to build a new server only to lose it by lightning striking twice. Electricity is also really expensive where I live, so I started looking for equipment I already leave permanently switched on.
Ethernet runs aren't practical in a rented rural cottage. Instead, I have an old TP-Link Archer C7 v2 upstairs running OpenWRT bridging an upstairs LAN to downstairs WiFi. The C7 Has 128mb of RAM and two USB ports, which made me wonder if I could use it as a home server. Turns out I can. It's slower than a modern NAS but I used old drawer kit and it works fine as a slice of slow computing.
OpenWRT Home Server Plan
Electricity is expensive here so most of my server needs are met via a dedicated server sitting on the Internet. As such my home server needs are fairly small:
- File Sharing (via SMB, NFS, and if possible APFS)
- Ad-blocking
- Basic media sharing (for during downtime)
- Some kind of big download capability
- Wake-on-LAN
- Some kind of shared backup
- Remote Access
- Netboot support for installation and rescue
I'm currently most of the way through this list. In the interests of writing something about it at some point rather than nothing, I decided to write this up now and add/update as I go on.
Before Starting: Moving OverlayFS to larger storage
OpenWRT uses OverlayFS to store files on a part of the router's flash. This provides better write management, but there's only 16Mb of space which is nowhere near enough for the software I want to install. I installed block-mount, kmod-fs-ext4, e2fsprogs, parted, and kmod-usb-storage, then remounted and migrated the /overlay partition to a 4Gb Pen Drive. As it's just storing configs and binaries I don't really need speed or huge volumes of space. If it dies I'll restore to another drive I wasn't using and swap over.
I also ran the following to move OpenWRT's package lists from tmpfs in RAM to the pendrive:
sed -i -e "/^lists_dir\s/s:/var/opkg-lists$:/usr/lib/opkg/lists:" /etc/opkg.conf
opkg update
This makes RAM usage a bit more predictable and package lists persisting reboots at the cost of more pendrive writes when package lists are updated.
File Sharing
OpenWRT stores config under a hierarchy in /etc/config, and uses a tool called UCI to manage configuration settings. A web interface, LuCI, provides access. I dug out an old 500Gb USB hard drive and connected that to the second USB port, then configured that to auto-mount as /nas. I then set up a single Samba4 share via LuCI. Configuring the kernel NFS server required me to install several packages including rpcbind, and edit /etc/exports as it doesn't appear to be integrated into UCI.
I hoped to use netatalk on the Archer C7 but the package was removed some time ago. I don't feel like building my own package or repository for one machine. It's not really a problem as it only affects my G4 Mac Mini and occasionally my Amiga 4000 when running ShapeShifter and I have workarounds for both.
Ad-Blocking
I installed AdBlock-Fast. It lacks the reporting stats of AdGuard Home or Pi-Hole but that's ok. To log queries, add the following in /etc/config/dhcp under the config section:
option logqueries '1'
option logfacility '/nas/logs/dnsmasq.log'
The first option logs to OpenWRT's logd, while the second optional setting specifies a log directory. If you log to files logs need to be rotated and managed. At some point I'll use syslog-ng to ship logs to an OpenObserve instance for monitoring, alerting and dashboarding.
I'm thinking of creating a second partition on the 4Gb drive and using that for these kinds of files as constantly writing DNS logs stops me from unmounting and unplugging the NAS drive for local file transfers.
Once installed, configuring AdBlock-Fast was straightforward via LuCI. I updated my broadband router to use the Archer C7's DNS server in DHCP leases and enshittification is at least being resisted.
Basic Media Sharing
It's easy to think we need a massive Plex server for transcoding and all that jazz, but my home media sharing boils down to 3 categories:
- Local music for when the Internet is down
- Old SD TV shows and movies
- Photos
I installed minidlna and luci-app-minidlna which was easy to configure. It works with lots of older gear and all of my newer gear. I have an old USB hard drive with copies of old SD TV shows ripped from DVD and VHS box sets. I migrated the drive to the same folder structure as the NAS, just with all my old media on it.
I wouldn't stream 4k video off this thing but I don't have anything capable of displaying 4k anyway.
If the Internet goes down I can just turn the Archer C7 off, swap hard drives, switch it back on and it'll come up like nothing happened. I've enough old tv shows and movies to keep me entertained for a few weeks should I lose another phone socket.
Downloading
I'm not talking about Linux ISOs here, although others have set up that sort of thing. All I want is to be able to kick off the occasional large download of ancient computing arcania, shut down my computer and do something else, instead of needing to keep the computer on. The Archer C7 isn't particularly fast by any modern standards, but neither's my Internet connection.
I installed aria2, ariang, and luci-app-aria2. The latter made setting up ariaNG much easier. Now I have it installed I can just paste a download URL into ariang and I can pick it up when I'm ready.
This setup also lets me unmount the NAS and then mount the drive on any EXT4-capable system. As long as there aren't any open files, it's easy.
Wake-On-LAN
I installed etherwake and luci-app-wol to handle Wake-On-LAN, which works great. I just go to the web interface, pick the host from the drop-down and send the packet.
You can use
etherwakevia cron to wake systems up in the morning. All you need is the MAC address and for boot support to be enabled. Years ago I used to use this with a USB HID device to sign into work systems at boot, send mails I'd parked at the end of the day before and make it look like I was being productive before I woke up.
Backup
Let me just start by saying that Syncthing is amazing. For years I watched my Owncloud, then Nextcloud set up get more and more bloated. Syncthing is brilliant. My wife and I sync a shared folder across a bunch of machines and it just works like a solved problem. If you're looking for lightweight sync that runs on almost everything, I'd highly recommend giving it a look.
That all said, Synchronization isn't backup.
There are two types of backup I want to do:
- Offline backups of
/overlayon the router so I can restore later. - Offline backups of
/nasin case the drive dies.
While a Time-machine type setup might feel nice, I don't really need it. Syncthing handles my data and thanks to the way I've structued it that all gets backed up several times anyway.
My main online server has a backup function of it's own. By backing up to a folder there, subsequent backups are carried into my main server backup. This means I have immediate access to files as of the last successful rsync along with access to older files via the main server's restic backup. Because this is all backed up 3 times already, it means I don't really need to do anything for a versioned safe backup.
I initially set up RSync via two nightly cron jobs, so I could back up at different frequencies. I realised I could use --exclude-from to exclude paths from the backup and tweak this over time. I've now merged the cron jobs into a small script run nightly while I sleep.
Additional Services
I installed Collectd and RRD to get usage statistics for my bots, as I suspected memory and CPU would spike when run. It was as simple as installing luci-app-statistics from the Web UI. By default, RRD files are stored in RAM under /tmp. To maintain persistence, go to Statistics -> Setup -> Output plugins -> RRDTool -> Configure and tick the box titled "Backup RRD statistics". Hit Save & Apply, and you'll have persistent RRD data across reboots.
Remote Access
I've used lots of different VPN-type tools in the past from IPSEC to Wireguard but I'd like to get my own headscale setup working. If this would let me access the NAS and downloader remotely, that would be cool. I just haven't had the time yet.
Netboot
With NFS and DNS installed, it seems a shame to not support Netboot. This would be really useful for reinstalling systems. I haven't had the time to switch DHCP over to the Archer C7 (needed to set DHCP Options for Netboot) but even implementing Netboot.xyz on OpenWRT doesn't seem that difficult.
Other things I've done
I installed tmux, htop, openssh-client, openssh-keygen, and various python packages for quality of life features and to run small scripts and tools. I also installed avahi-dbus-daemon to locally advertise network services.
I replaced the default dropbear SSH setup with openssh-server, openssh-sftp-server and sshfs. This gives me local SFTP access (which is sometimes more accessible than file shares), and the ability to mount and share remote SSH paths under /nas for instant, albeit slow network sharing.
I installed luci-app-hd-idle to spin down drives when not used. It introduces a lag on file access but I'm rarely in a rush with this machine.
I also installed luci-app-mosquitto to manage MQTT configuration. I mostly use MQTT with my bot scripts. Instead of writing files, they write to MQTT topics. Then when the next script is called via cron it can pick up information from an MQTT topic and react accordingly.
Drawbacks and Limits
The biggest drawback I've encountered so far comes from the two USB ports already being used. The second biggest issue is speed, or rather the lack thereof. Most of the time this isn't a problem. Be patient and things will resolve themselves. For example, I recently resurrected my Oblique Strategies bot. Running on the Archer C7 it took over 8 seconds to run a simple python script.
root@ansible:/nas/local/scripts/oblique# time python obliquebot.py
real 0m 8.64s
user 0m 7.60s
sys 0m 0.38s
I suspect Perl and Lua will be faster but I don't mind. Slower computing is an act of patience, not frustration. If something needs speed it probably shouldn't be on this system.
The setup's final drawback is RAM. Most of the time it's not a problem. With all services running I have about 24-32mb of free RAM left, which is enough for cron jobs and scripts, but not for complex tmux sessions running long term processes. That's fine though, I have a bigger box for that sort of thing.
Things I'd Like To Try
Obviously Headscale and Netboot are on the list but there are other things I'd like to try as well. As an always-on home machine there are things I can get it to do such as:
- Check for new devices and tell me when they're on the network
- Run regular speed/latency tests and graph them
I'd also like to hook up an RTL-SDR and stream the output to an Internet server for analysis and archival. If I could automate capturing Shortwave Radiogram and other interesting broadcasts it'd mean I'd spend more time reviewing output of interest and less time waiting for signals to show up. I could use a USB hub for this, but I think it's going to be a mess. For the sake of a few watts I might find another box for this.
Conclusion
As a simple home server to do file and media sharing, ad-blocking, handle large downloads, wake systems up, run bots and scripts at odd hours, and handle backup it's remarkably functional. I'm pretty sure I could do a lot more but I don't need to. It'll be more or less done once I have the tailnet running with headscale, and netboot and TFTP setup. I'll give it a kick and update the firmware once a year but other than that I largely expect it to look after itself.