Having a server at college

Four days before I head off to college.

Yikes.

The Problem

Being an aspiring Software Engineer, I’ve toyed around quite a bit with computers. Along with that, I’ve been practicing with server administration, and have grown quite accustomed to having a server for general use: web hosting, file storage, processing “big data,” etc.

But headed off to college, I can’t lug a 50 pound server that sounds like a jet lifting off into a dorm and expect my roommate to be fine with it.

So I have 2 options. I can either:

  • Downsize – Move to a smaller server. This could mean performance impacts.
  • Move to the cloud – Throw out the idea of a physical server, and instead rent server space in AWS or a similar company. This could mean spending a ridiculous amount on storage, bandwidth, and performance.

Here’s my solution

While I’m used to having 12 physical cores of Intel Xeon processing with 24 GB of RAM, I’m willing to take some sacrifices. I don’t need to be running THAT many resource-intensive programs. If I need to run a processor-intensive task, I can rent a cloud server temporarily.

I eventually landed on the Raspberry Pi, my savior once again. The newest revision, the Raspberry Pi 4 Model B 4GB released in June of 2019, is a huge upgrade from the previous versions. The Raspberry Pi 4 comes equipped an upgrade for nearly every aspect of the board. The spec sheet goes into further detail, but I’ll note the highlights:

  • A choice between 1, 2, or 4 GB of LPDDR4 RAM (we’ll be going with the 4GB version)
  • Two new USB 3.0 ports
  • Gigabit ethernet
  • 4K video output from 2 micro-HDMI ports (with GPU optimization)

Probably the biggest downside in all of this is that the Raspberry Pi 4 get hot. Very hot. In our case of 24/7 operation, this thing is going to need a cooling fan.

Making a reliable hardware setup

I wanted to do my best to make this setup as bulletproof as possible. After all, I’m accustomed to a server that I hadn’t restarted in half a year and still ran flawlessly. Raspberry Pi’s weren’t built for that.

I can’t rely on the on-board micro-SD for storage. It’s too slow and too finicky. Who knows when it could die without warning. To add to my storage problem, we only have 2 USB 3.0 ports to work with.

On top of a $10 cooling case, I also dropped about $20 on an externally powered (important, in case I ever start plugging external hard drives into this thing) USB 3.0 8-port hub running at 36 watts. That should be sufficient for most storage purposes.

I should be good to go.

Making a reliable software setup

You can have the fastest computer in the world, and it will still crash if your software isn’t set up right. So we need to be sure that we do this by the book.

Storage is probably my biggest concern. I don’t want to go drop another few hundred dollars on external USB3.0 hard drives for use in a RAID setup. Instead, I’ll make do with what I have: three USB3.0 32GB flash drives. I need this to be future-proof, so it’d be best to run it under LVM2, probably the industry’s most flexible storage solution. If necessary (and it will be eventually), I will be able to migrate these storage volumes to better physical media.

So I made an LVM2 volume group. Nothing special, just a bunch of linear logical volumes. I could’ve run RAID5, but I found that performance was less than spectacular. So I simply have a few logical volumes (mysql, www, users, storage, vault). For my most important volumes (mysql, storage, vault), I ran the logical volumes under RAID1 (or as LVM likes to call it, “mirroring”) across just 2 of my drives. I expect this should be a sufficient compromise for redundancy and performance.

A few hiccups

I chose to continue using my own hardware instead of a 3rd party cloud provider. This has 2 main downsides that I’ve noted: I do not have a public-facing IP address, and it is possible that someone may steal my hardware.

Solution to Problem #1

I don’t have a public-facing IP address. This sucks. What if I need access to my server in class? How am I supposed to host webapps like WordPress or Nextcloud? Well, this is where I had to dig into my wallet.

I’m spending $5/month on a Digital Ocean VPS. This may not seem like much to a working adult, but for a college student? That’s a sum of $240 over the course of my time at college. That’s not a light amount for a college student.

Since the VPS has its own public IP address, I can use it to host an OpenVPN server. If I connect my Raspberry Pi from the college to the OpenVPN server, I can then use either ip-tables or some other routing technique to port forward.

Solution to Problem #2

Well. I never exactly found a solution to this. I could run everything under LUKS full-disk encryption, but preliminary tests showed that to have a HUGE performance hit that I was not willing to make.

Simply put, I have a single logical volume (“vault”) where I have a LUKS2 encrypted filesystem to keep all my valuables. I have to assume that everything else could fall into the hands of an adversary. No, it’s not a great solution.

Since I’m already renting a $5/month VPS from Digital Ocean, this also gives me 25 GB of space to run offsite backups and keep certain files out of reach from a potential on-site adversary.

Overview

This is the best setup I have so far. Ideally, I could have a better storage solution with a dedicated full-disk encrypted NAS, but I don’t have the budget for that right now. That could be relatively easy to set up with the same hardware (Pi 4, cooling case, USB hub) with a few added external hard drives running LUKS2 encryption on top of RAID5 redundancy connected through NFS over OpenVPN to a separate dedicated Raspberry Pi 4 for the actual processes and applications. That would be ideal, but the hard drives would be expensive.

Overall, this whole project costed me about $100 and a couple days worth of work. I find the results to be satisfactory.