MicroOS Home Server
Last Summer I moved to the Twin Cities for work. It was a big move all the way from northern Indiana. Despite the semi-trunk full of things we brought with us, we were still kind of starting from scratch. We got a new house in a new neighborhood with new neighbors and stores and groups to join. With the new house, I took this opportunity to rethink my tech.
Introducing the New
I needed something that my wife could also manage (with instructions sometimes) if anything were to happen to me. The first step was the network. I moved off of the Mikrotik platform, and on to TP Link's Omada gear. I decided against Unifi because Ubiquiti's updates have always been a little buggy at the best of times, but could also fall into feature breaking headache territory. The important part though, which Omada allows, was that my wife could manage it from a web browser or an app on her phone.
Next was storage, which I had already bought and set up. We have a 4-bay QNAP NAS server. At the time, I chose it because it came with hardware video decoding built in, and the UI is pretty easy for anyone to manage. I had originally installed Jellyfin and Home Assistant on it. I was hoping I could have a single server for everything, and the experience was... not great. It mostly worked, but everything was very slow. The QNAP I got just doesn't have the power for media streaming, but it's great for file sharing, its core function.
So my plan. I kept the network and storage. For their respective tasks, they work great. I just needed to move all my server stuff to something more performant. In my case, I had a small Lenovo desktop PC collecting dust. It's only a few years old, and I was using it as a demo appliance for a business that I failed to get off of the ground. It's a tiny thing, but more than powerful enough for what I wanted to run.
The New Server
I wanted to run a bunch of services on a single server, and have it be as low maintenance as possible. After spending some time running OpenSUSE Aeon on my laptop, I figured OpenSUSE MicroOS would make a great server OS.
For those that are unfamiliar, Aeon is a desktop OS based on MicroOS, an immutable Linux distro. Most of the filesystem is read-only even to root. The idea is that it gives you a small, stable platform for you to run programs in a sandbox. For the desktop, this means flatpak. For a server, it means containers. On top of that, it also applies updates in the background. I just need to schedule a reboot every so often to apply those updates. If any of those updates causes the server to fail to boot, it rolls back changes until it can boot again.
Installation
Installing MicroOS is about the same process as installing any Linux distro. I grabbed an ISO from the OpenSUSE website, wrote it to a USB drive, and booted that same USB drive on the new server. As of this writing, they are still using the YaST Installer. It's old, but it gets the job done. I clicked through a few screens, agreed to the open source license, and came to a screen asking me to select the System Role.
The installer gives you the open to select a role so that it can install a set of packages for that role. A pretty common step in Linux installers in general. If this was a laptop I could select "Aeon", and it'll give me a desktop install with GNOME. I could also select just MicroOS to get the most bare-bones installation where I would need to define my own packages via the transactional-update command. I don't want either. Instead I selected "MicroOS Container Host". This gave me bare-bones MicroOS, but with Podman installed and integrated.
I continued with the rest of the installation as normal. Right before install, YaST shows a confirmation screen that tells you how and what it will be installing. For those unfamiliar with the YaST installer, this gives you an opportunity to tweak settings before running the install. For my use case, I changed the network settings to use a static IP address. I didn't change anything else.
Configuration
With the installation complete, how will I configure this to run all my self-hosted services?
Well, I didn't. It's already configured. As a container host, it runs just one service out of the box: sshd. Everything beyond that will be containers. It's designed to run without a firewall because you're selectively opening ports through container configuration. Otherwise, the only listing port is the just mentioned sshd.
And for those containers to work, there's still nothing to set up. Podman is already installed, and has an integration with systemd. That integration allows me to define pods, containers, volumes, and networks in special files in the /etc/containers/systemd folder. The process is very similar to making a service file, and you even manage the container lifecycle through systemctl.
My big decision is where to stash files that need to remain unchanged between container reboots and rebuilds. There are only a handufl of writable directories: /etc, /root, /home, /var, and /srv. Of those, I decided on /srv. It's usually empty and unused, and it's an easy place to remember that also isn't tied to any one user or service.
Next Steps
Now I need to create the containers to run the services I want to run. The list of services I've set up so far is:
- PowerDNS (with admin UI)
- Caddy
- JellyFin
- Home Assistant (with ZWave)
- Grocy
- NextCloud
Each of these will be their own post where I explain how I set them up, and a few stumbling blocks I ran into along the way.