mark down pastes
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

64 lines
6.6 KiB

  1. ## Setting up a Home Server
  2. ### Launching the server application on your computer
  3. - Most server applications do not come with graphical user interfaces -- but they DO output logs describing how they are doing, if they started up properly or not, etc. So you will probably want to run the server application from the terminal in order to see its log output.
  4. - Some server applications you could try for a quick test: [nginx](http://nginx.org/en/download.html), [create-react-app](https://create-react-app.dev/docs/getting-started/) (requires [node.js](https://nodejs.org/en/download/)), or the [http.server module that is built into python](https://developer.mozilla.org/en-US/docs/Learn/Common_questions/set_up_a_local_testing_server#running_a_simple_local_http_server).
  5. - Server applications have to open a listening port in order to function. Operating systems restrict the ability to open port numbers less than 1000 unless the requesting program is running under an "administrator" user. So watch out for that. Normally, test servers are set up to run on ports like 3000, 5000, 8000, or 8080.
  6. - Once the server application is running, you should be able to connect to it by typing `localhost:<portnumber>` into your web browser's URL bar and navigating to it.
  7. - For example, like `localhost:3000` or `localhost:8080`.
  8. ### Making your computer accessible on the internet, so internet users around the globe can connect to it
  9. - Computers connected to "end-user" networks cannot be directly dialed (connected to) from the outside world.
  10. - This is because [NAT (Network Address Translation)](https://en.wikipedia.org/wiki/Network_address_translation) is used on pretty much all end-user networks.
  11. - The router for the network usually can be directly dialed, however.
  12. - You will have to be able to log into the administration panel of your router. Most routers have instructions on how to do this printed on them somewhere, or at very least they should have the default username and password for the admin user printed on them.
  13. - You can usually find the IP address of your router by asking the operating system.
  14. - MacOS:
  15. - Preferences > Network > TCP/IP where it says "Router"
  16. - <img src="default-gateway-mac.webp" width="500"/>
  17. - OR: Run in Terminal: `netstat -nr | grep default`
  18. - <img src="default-gateway-mac-netstat.webp" width="500"/>
  19. - Windows:
  20. - run in cmd.exe: `ipconfig`
  21. - scroll down to where it says "Default Gateway. . . "
  22. - <img src="ipconfig-default-gateway.webp" width="500"/>
  23. - Once you have found the routers IP address and its username and password, you should be able to log into it. Simply type the router's IP address into the address bar of your web browser and navigate to it.
  24. - You should land at the login page for the router administration panel, here is an example of what this looks like for a centurylink router:
  25. - <img src="centurylink-router-login.png" width="500"/>
  26. - Next you will have to obtain the IP address of **your computer** on the LAN (local area network) that the router creates.
  27. - MacOS:
  28. - Preferences > Network > TCP/IP where it says "IP Address"
  29. - <img src="a_ip_address_mac_2.png" width="500"/>
  30. - OR: Run in Terminal: `ifconfig | grep inet`
  31. - Windows
  32. - Run in cmd.exe: `ipconfig`
  33. - scroll down to where it says "IPv4 Address. . ."
  34. - <img src="a_ip_address_win.webp" width="500"/>
  35. - Almost all routers have a feature called "port forwarding". You will want to navigate to that feature and create a port forwarding rule for the port that your server application is listening on, and the LAN IP address of the computer running the server application.
  36. - Some routers, whether thru malice or incompetence, [make this a lot harder than it needs to be](https://beta.sequentialread.com/forwarding-port-443-on-centurylink-technicolor-c2100t-modem/).
  37. - Screenshot of what this looks like on my router. Note that each router is different.
  38. - <img src="port-forwarding.png" width="370"/>
  39. - Last step, we need to test it. First, we need to know what your router's _Public_ IP address is. The easiest way to figure this out would be to use a service like https://www.whatismyip.com
  40. - You may or may not be able to access your server right now by copy and pasting the public IP address into your browser's address bar. (And appending the appropriate port number, for example, 12.23.80.231:8080).
  41. - Some routers do not properly handle this "route-to-the-public-version-of-myself" request. So to get a reliable test, you may have to ask someone on a different network to test it for you, turn on your VPN, use your mobile phone's 3G/4G/5G connection to test it, or in a pinch, try hitting it from a sketchy "free unblock me" style web proxy.
  42. ### Setting up a Domain Name for your server
  43. - You can pay about $10 a year to register a real domain name from a provider. My favorites are gandi.net or namecheap.com.
  44. - For a quick test you can use a free provider like freedns.afraid.org
  45. - Once you get the account set up with your provider of choice and get the domain registered, you will want to create an "A Record" for the domain having your router's public IP address as the value for the record.
  46. - DNS can take anywhere from half a second to 24 hours to "propagate". So if you can't reach your server at your domain name right away, don't panic, and don't start changing things willy-nilly.
  47. - Try resolving the domain name manually to see if it has propagated to you yet.
  48. - For a quick test you can use a web-based free service like https://www.whatsmydns.net
  49. - There are also command line tools to do this like `nslookup` and `dig`.
  50. - Finally, you should be able to type your domain name and appropriate port into the web browser's address bar and see your website. For example:
  51. - my-domain.com:8080
  52. ### Setting up TLS/HTTPS with a free certificate from Let's Encrypt
  53. - This is a bit more of an advanced topic, but luckily there are plenty of tools that make this easier. Let's Encrypt developed two great tools to make it easier, one of them is called certbot, and the other one is called Caddy.
  54. - `certbot` is a python script that you have to manually invoke to generate certificates.
  55. - make sure to turn off your web server application before you run Certbot, as Certbot may need to listen on the same port that your web server is already listening on.
  56. - [Caddy](https://caddyserver.com/) **IS** a web server application and it automatically generates certificates for you, as long as your Router and DNS are already set up correctly. You can also configure Caddy to forward to another web server on your computer. This is called "reverse proxy".