DEV Community

Cover image for Create you own server at home for free ...
Anik Sutradhar
Anik Sutradhar

Posted on

Create you own server at home for free ...

#ubuntu #homeserver #networking #duckdns

You know it's always handy to have your own home server; you can do all kinds of things with it. Like hosting your personal websites, running cron jobs, automation services, and if you have a beast PC, also hosting AI models and running AI services.
This is a step-by-step guide to set up your Ubuntu home server and make it available over the internet.

Before anything, you need a fresh installation of Ubuntu server

Step 1: go through the basics :

Update your system
sudo apt update && sudo apt upgrade -y

Install essential tools:
sudo apt install curl cron sed -y

Step 2: Identify your Global IPv6

  • Find your address:
    ip -6 addr

  • Look for the "Global" address. It usually starts with inet6 2405:201:...

Step 3: DuckDNS Automation

  • Create the directory : mkdir ~/duckdns && cd ~/duckdns

  • Create the script: nano duck.sh

  • Paste this(Replace with your info):
    echo url="https://www.duckdns.org/update?domains=YOUR_DOMAIN&token=YOUR_TOKEN&ipv6=$(ip -6 addr show dev eth0 | grep 'scope global' | grep -v 'temporary' | awk '{print $2}' | cut -d'/' -f1)" | curl -k -o ~/duckdns/duck.log -K -
    [You need to go to this DuckDNS website, create a domain you like, and the token they will provide]

  • Set Permissions:
    chmod 700 duck.sh

  • Schedule it(Cron):

  • Run crontab -e

  • Add this to the bottom: */5 * * * * ~/duckdns/duck.sh >/dev/null 2>&1

Step 4: Configure your Router(configure your ISP settings)

Your router blocks all incoming traffic by default. You must create a "Pinhole."

  • Go to your router admin panel, for example, 192.168.29.1

  • Service Setup: Go to Security > Firewall > Custom Services. Add a service for Port 80 and Port 443 (TCP).

  • Firewall Rule: Go to IPv6 Firewall Rules.
    Inbound Rule: Allow traffic to your Global IPv6 (from Step 2) using the services you just created.

Step 5: Web Server & SSL:

  • Install Apache: sudo apt install apache2 -y

  • Install Certbot: sudo apt install python3-certbot-apache -y

  • Get Certificate:sudo certbot --apache -d yourdomain.duckdns.org

Step 6: Firewall settings

  • UFW firewall:
    sudo ufw allow 80/tcp
    sudo ufw allow 443/tcp
    sudo ufw allow 22/tcp
    sudo ufw enable

  • You can also set up private SSH keys to access remotely (without passwords)

  • Fail2Ban: Install to block brute-force attacks: sudo apt install fail2ban -y

Step 7: Tailscale:

Tailscale is a private VPN. You should use it alongside DuckDNS, not instead of it.

  • With Tailscale: You can access your server's terminal or files from anywhere in the world (even if DuckDNS or your Router's public port fails) without opening ports.

  • Install: curl -fsSL https://tailscale.com/install.sh | sh
    sudo tailscale up
    [If you mess up a firewall rule and lock yourself out of the public IP, Tailscale provides a private "backdoor" to get back in and fix it.]

Final check:

  • test DNS: nslookup yourdomain.duckdns.org (Should show your IPv6)

  • Web access: Visit yourdomain.duckdns.org

  • VPN: Turn off Wi-Fi on your phone, turn on Tailscale, and try to SSH into the Tailscale IP.

If you want to host any application, you need to open those ports.

Top comments (1)

Collapse
 
anik_sutradhar_2c84f4b969 profile image
Anik Sutradhar

Do let me know if this worked for you :>