How I Built My Home Server and Made It Accessible from Anywhere

Aliasgar HusainAliasgar Husain
3 min read

Table of contents

Introduction

Setting up a personal home server can be a game-changer for those who want to self-host applications, manage cloud services, or create a test environment. In this guide, I will walk you through how I set up my server using a Lenovo ThinkCentre M93p, featuring:

  • CentOS Server Installation

  • Strict networking configuration

  • Cloudflare Tunnel for secure remote SSH access

  • Installing and configuring Kubernetes and Docker

  • Setting up Prometheus and Grafana for monitoring

  • Hosting applications and jobs efficiently

Let’s dive into the details of how I built this home server and made it accessible from anywhere securely.

1. Hardware and Initial Setup

1.1 Choosing the Hardware

I used a Lenovo ThinkCentre M93p with the following specifications:

  • CPU: Intel Core i5-4570

  • RAM: 24GB

  • Storage:

    • 1TB HDD for general storage

    • 256GB SSD for the operating system

This setup is powerful enough for running multiple containers and handling monitoring tasks efficiently.

1.2 Installing CentOS Server

To keep things lightweight and secure, I installed CentOS Stream 9 as the operating system.

Steps to Install CentOS Server

  1. Download the CentOS Stream 9 ISO from the official website.

  2. Create a bootable USB using dd on Linux or use Rufus Software.

  3. Boot from the USB and follow the installation wizard.

  4. Choose Minimal Installation to keep the system lightweight.

  5. Configure a root password and create a new user account.

  6. Complete the installation and reboot the system.

2. Configuring Strict Networking

2.1 Disabling Unused Services

To enhance security, enable firewalld if not:

sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo systemctl status firewalld

2.2 Configuring Firewall Rules

To allow only essential traffic:

sudo firewall-cmd --permanent --add-port=22/tcp  # SSH Access
sudo firewall-cmd --permanent --add-port=6443/tcp # Kubernetes API Server
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload

3. Setting Up Cloudflare Tunnel for Remote SSH Access

Cloudflare Tunnel allows you to access your home server from anywhere securely.

3.1 Installing Cloudflared

sudo yum install -y cloudflared

3.2 Authenticating with Cloudflare

cloudflared tunnel login

This command opens a browser to authenticate with Cloudflare.

3.3 Creating the Tunnel

cloudflared tunnel create my-home-server

3.4 Configuring the Tunnel

cloudflared tunnel route dns my-home-server myserver.example.com

3.5 Running the Tunnel as a Service

sudo cloudflared service install

Now, you can SSH securely into your server using:

ssh -o ProxyCommand="cloudflared access ssh --hostname myserver.example.com" user@myserver.example.com

4. Installing Kubernetes and Docker

4.1 Installing Containerd and Kubernetes

sudo yum install -y containerd kubelet kubeadm kubectl

4.2 Initializing Kubernetes

sudo kubeadm init --pod-network-cidr=10.244.0.0/16

4.3 Configuring Kubeconfig

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

4.4 Installing Flannel for Networking

kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml

5. Setting Up Prometheus and Grafana for Monitoring

5.1 Deploying Prometheus

apiVersion: apps/v1
kind: Deployment
metadata:
  name: prometheus
  namespace: monitoring
spec:
  replicas: 1
  selector:
    matchLabels:
      app: prometheus
  template:
    metadata:
      labels:
        app: prometheus
    spec:
      containers:
        - name: prometheus
          image: prom/prometheus:latest
          ports:
            - containerPort: 9090

5.2 Deploying Grafana

apiVersion: apps/v1
kind: Deployment
metadata:
  name: grafana
  namespace: monitoring
spec:
  replicas: 1
  selector:
    matchLabels:
      app: grafana
  template:
    metadata:
      labels:
        app: grafana
    spec:
      containers:
        - name: grafana
          image: grafana/grafana:latest
          ports:
            - containerPort: 3000

After applying these configurations, you can access:

  • Prometheus: http://<server-ip>:9090

  • Grafana: http://<server-ip>:3000

6. Conclusion

By following this guide, you now have a fully functional home server running Kubernetes, Docker, and a monitoring stack. With Cloudflare Tunnel, you can securely access your server from anywhere.

What’s Next?

  • Deploy self-hosted apps using Helm charts.

  • Set up automatic backups.

  • Experiment with CI/CD pipelines on your home server.

Let me know your thoughts, and happy self-hosting! 🚀

1
Subscribe to my newsletter

Read articles from Aliasgar Husain directly inside your inbox. Subscribe to the newsletter, and don't miss out.

ssh access from anywhereThinkcentre m93phomeserversshcloudflarecloudflare-tunnelcentos

Written by

Aliasgar Husain
Aliasgar Husain