🧠Why Build a Home Server?
My home server is a real-world lab where I practice DevOps and Linux, explore self-hosted tools, and prepare for cloud certs like AWS and Kubernetes — all while showcasing my backend and infrastructure skills through personal projects, Git repos, and internal tools
This is my initial infrastructure sketch. I’ll continue to improve it, and if you have any suggestions or ideas, feel free to share them in the comments.
🖥️ My Home Server Specs
- Model: T9 Plus Mini PC
- CPU: Intel N100 (Alder Lake)
- RAM: 16GB
- Storage: 512GB NVMe SSD
- Operating System: Ubuntu Server 24.04 LTS
- Location: Home Office
- Network: Wired Ethernet connection for stability and speed
🔑 Secure Remote Access with Cloudflared Tunnel
Instead of exposing port 22 to the internet, I used Cloudflare Tunnel for secure, zero-trust SSH access to my home server which is no public IP or VPN needed.
Here’s how I did it:
đź“ť Prepare a Domain
Before setting up the tunnel, I registered a domain (e.g., yourdomain.com) and connected it to Cloudflare. This gave me access to DNS management and Cloudflare Tunnel services.
- Go to Cloudflare and create an account.
- Add your domain to Cloudflare and update your domain registrar's nameservers.
- Once DNS propagation is complete, you're ready to create tunnels using Cloudflare services.
🛠️ On My Ubuntu Server
- Install cloudflared:
# Add cloudflare gpg key
sudo mkdir -p --mode=0755 /usr/share/keyrings
curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null
# Add this repo to your apt repositories
echo 'deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared any main' | sudo tee /etc/apt/sources.list.d/cloudflared.list
# install cloudflared
sudo apt-get update && sudo apt-get install cloudflared
- Authenticate Cloudflared:
cloudflared tunnel login
- Create a Tunnel:
cloudflared tunnel create my-tunnel
- Configure the Tunnel:
/home/your-username/.cloudflared/config.yml
tunnel: my-home-server
credentials-file: /home/your-username/.cloudflared/[TUNNEL-ID].json
ingress:
- hostname: ssh.yourdomain.com
service: ssh://localhost:22
- service: http_status:404
. Create the DNS record automatically:
cloudflared tunnel route dns my-home-server ssh.yourdomain.com
- Start the tunnel:
cloudflared tunnel run my-home-server
On My Windows Laptop
- Install Cloudflared:
winget install --id Cloudflare.cloudflared
- Access ssh config:
cloudflared access ssh-config --hostname ssh.yourdomain.com
# result:
Add to your /.ssh/config:
Host ssh.yourdomain.com
ProxyCommand C:\\Program Files (x86)\cloudflared\cloudflared.exe access ssh --hostname %h
- Copy the output to your SSH config file:
notepad C:\Users\YourUsername\.ssh\config
- Connect to your home server:
ssh ssh.yourdomain.com
if you encounter this error:
Bad permissions. Try removing permissions for user: UNKNOWN\\UNKNOWN (S-1-5-21-13844415-2831775885-76735119-1002)....
Detailed steps:
- Right-click on the file C:\Users{UserName}.ssh\config → select Properties.
- Go to the Security tab → click the Advanced button.
- At the top of the new window, click "Disable inheritance".
- When prompted:
- Choose "Convert inherited permissions into explicit permissions".
- You will now see all permission entries listed.
- Select the line with "UNKNOWN..." → click Remove.
- Click Apply, then OK to save the changes.
Top comments (0)