Reading through the complete wiki guide posted by Louis Rossman as a 13 hour video and as a wiki. I'm personally focusing on the wiki version. I know little about this guy, besides that he is a popular figure. Interested in reading and sharing my thoughts on this project of his, which he says took a solid two months. 😃 🖥️
Tim Gilles
Louis is heavily inspired by Tim Gilles, an audio engineer who started Big Blue Meenie Studios on $2,000 of his own equipment. It grew into a $2 million studio with records for INXS, Helmet, and others. Projects I find most interesting of [Tim] are Thursday (all of their famous records), Taking Back Sunday, and a very enjoyable split album of Bouncing Souls and Antiflag. As this linked article shows, Tim did an awesome job of sharing all kinds of joyful information about his workflows and approaches to recording & mixing. Louis wants to channel Tim. Let's see how it goes...
Cool things in Linux are often hidden
Definitely!
The open source experience is not designed for normal people
Absolutely
Now is a time like no other for you to feel empowered to build systems that you control & understand.
I would certainly hope so! If people want to educate themselves, all we can do in encourage them to the best of our ability.
Louis describes people as either selling their data or becoming a GNU/Linux sysadmin. To connect to multiple services it is easier to use a VPN, as opposed to port forwarding a bunch of random things. Article jumps to networking basics: modems, switches, routers, wireless access points. The idea is to begin by building your own router, which for me has been OPNsense, a fork of PFsense (which is what Rossman uses). Both are based on BSD, not Linux, and are fantastic examples of purpose-built firewall/router appliances anyone can create at home.
Why would you want to build a routing appliance?
- Flexibility! You can accomplish crazy things like adding ethernet ports and switches to your appliance!
- Endless virtual lan's. You probably already have one at home if you run a "guest" wifi network in addition to your regular. Why not run as many as you want.
- The only limits you will encounter are your imagination and literal hardware: this is something no regular, more expensive pre-packaged all-in-one router platform can match from your local computer store.
- Security - state of the art firewall appliance that lets you decide exactly how it functions.
- Modular - Running a PFsense or OPNsense appliance in no way prevents you from connecting you existing wifi router for usage as a Wireless Access Point.
- Your wifi router can continue thinking it is in charge, but now it will obey you in providing the access you've assigned to it.
- Perhaps you decide to add more Wireless Access Points later, because why not.
- No more worrying about your router device not receiving updates from the manufacturer. It is stable like any other stable server system.
- Modest hardware requirements, but can also scale to 100gb and beyond at the enterprise level. Simply comes down to the hardware you have available.
- Nothing stops you from doing crazy things like assigning ports to a specific VPN or multiple VPN systems! Who says your router cannot support Tailscale, Wireguard, OpenVPN and ZeroTier simultaneously?
Instead of a Modem -> Router you will end up with:
Modem -> Router -> Switch -> Wireless Access Point
Louis talks about creating vlan's to isolate your internet of things devices and everything you don't trust on your network, going far beyond a typical "guest" account. It is fun to figure this sort of puzzle out, since it inspires creativity in you as a sysadmin more or less having the "keys to the kingdom" in defining exactly how you want your own networks to function.
Using OpenWRT is another option, which is totally fine, but I do agree that once you use PFsense or OPNsense you will have no desire to stop. 😆 It really does take your networking experience to another level!
Rather than a tower PC or Intel NUC, I would strongly recommend you consider purchasing a thin client, which supports PCI-e expansion. This would give you "the best of all worlds", because you'll have mini PC which can support a 1gb or 10gb quad NIC card. Now that sounds like an actual routing appliance!! A popular source of information on such thin clients is TinyMiniMicro project by ServeTheHome.
Hardware caveats do abound if you do not double check before buying hardware on Ebay and such- Sure, you will find cheap hardware, but you will want to double check that everything you purchase in terms of used hardware or used thin clients is the correct piece of gear. The guide explains this in detail, but not all hardware is made equal.
- This just means that certain NIC cards will be the ones you want for compatibility.
- Not all thin clients are the same, but something like the HP 620 Plus will cover your bases with 8gb ram and PCI-e expansion.
to be continued