🌐
Login to reply
Replies (10)
It’s so simple
I would love to see more of this. I am tinkering about the same all the time.
Nice 🤠🤙 what is all this between the router and the ISP in the top left? 👀
Beef up your online bitcoin security by using a private home network 🥷
Self custody is important, now ensure you can always interact & transact without censorship ⚡️
Below is the hardware and software I chose for my simple private home #bitcoin network 🧶
1) APC 1500
Surge protection and battery backup for loss of power without downtime to the network & allowing for proper shutdown of hardware/software.
Plug all your hardware into this.
Screw your internet cable into the back and run an internet cable out.
2) Arris Surfboard SVB3202
This is just a modem, no wifi, no bullshit. Just a nice, but really stupid modem that is just a modem.
Stop using your ISP gateway.
Screw the internet cable from APC into this modem and plug a WAN ethernet line out.
3) Protectli Vault fw4b
This is a four port firewall router plus an auxiliary wifi interface.
This device runs FOSS OPNsense firewall software to protect your home network.
You can decide what comes in and out, separate devices on the network and so much more with this firewall.
Free Open Source Software runs on this dedicated micro computer to control your internet flow.
This is bad ass hardware and Protectli has been rock solid with customer support.
Plug your WAN ethernet from the modem into the WAN port of the vault and plug a LAN ethernet line out.
4) GliNet Flint 1800 WiFi router
This sleek piece of hardware is the ultimate wifi router!
Take complete control of your home internet all from a very nice web based GUI.
This wifi router has four ports and four separate wifi networks each with own password protection.
Easy to add VPN with wiregaurd on the router and run tor on router. Covers every device connected.
Too many features to list including Adguard & DNS.
Plug the LAN ethernet from firewall vault into the LAN port on this wifi router.
5) Start9 DIY home server
I took a used Dell Optiplex 9020 with 8G and put in a 1T SSD in it.
Flashed it with StartOS and added Bitcoin Core.
Sovereignty in bitcoin is to have your own keys and your own copy of the blockchain and verify your uxto sets against your copy that is in consensus.
Tor web GUI allows you full configurations of what services you wish to add such as LND and mempool.
Pair with your lightning wallet and Sparrow Wallet on laptop.
Plug an ethernet line from your server / nodes into an ethernet port on the GliNET WiFi router.
6) Classic X Thinkpad
This is a Bitcoin only dedicated laptop.
No bullshit, only necessary bitcoin things on this device. I got mine from MiniFree.
Coreboot/ Intel ME disabled
Debian
Sparrow Wallet
Tor
Terminal
OPNsense GUI
GLiNET GUI
Start9 GUI
This is the work station you interact with the Bitcoin network on...a clean linux laptop, behind a fire wall, thru a VPN and over TOR on private network isolated network!
All on hardware you own, running FOSS, in your own home.
7) De googled Pixel
Purchase unlocked with cash so as to not have identity tied to an ime number.
Run Graphene, wifi only, airplane mode
This is a secure private mobile device simply for running your hot/ lightning wallet, #nostr and connecting back to Start9 server away from home.
Can add Silent link service if needed.
Now is the time to take back control of your home network. Build a private home network that is representative of the value of what you hold.
Ensure you can always transact without censorship!
View quoted note →
1) APC 1500
Surge protection and battery backup for loss of power without downtime to the network & allowing for proper shutdown of hardware/software.
Plug all your hardware into this.
Screw your internet cable into the back and run an internet cable out.
2) Arris Surfboard SVB3202
This is just a modem, no wifi, no bullshit. Just a nice, but really stupid modem that is just a modem.
Stop using your ISP gateway.
Screw the internet cable from APC into this modem and plug a WAN ethernet line out.
3) Protectli Vault fw4b
This is a four port firewall router plus an auxiliary wifi interface.
This device runs FOSS OPNsense firewall software to protect your home network.
You can decide what comes in and out, separate devices on the network and so much more with this firewall.
Free Open Source Software runs on this dedicated micro computer to control your internet flow.
This is bad ass hardware and Protectli has been rock solid with customer support.
Plug your WAN ethernet from the modem into the WAN port of the vault and plug a LAN ethernet line out.
4) GliNet Flint 1800 WiFi router
This sleek piece of hardware is the ultimate wifi router!
Take complete control of your home internet all from a very nice web based GUI.
This wifi router has four ports and four separate wifi networks each with own password protection.
Easy to add VPN with wiregaurd on the router and run tor on router. Covers every device connected.
Too many features to list including Adguard & DNS.
Plug the LAN ethernet from firewall vault into the LAN port on this wifi router.
5) Start9 DIY home server
I took a used Dell Optiplex 9020 with 8G and put in a 1T SSD in it.
Flashed it with StartOS and added Bitcoin Core.
Sovereignty in bitcoin is to have your own keys and your own copy of the blockchain and verify your uxto sets against your copy that is in consensus.
Tor web GUI allows you full configurations of what services you wish to add such as LND and mempool.
Pair with your lightning wallet and Sparrow Wallet on laptop.
Plug an ethernet line from your server / nodes into an ethernet port on the GliNET WiFi router.
6) Classic X Thinkpad
This is a Bitcoin only dedicated laptop.
No bullshit, only necessary bitcoin things on this device. I got mine from MiniFree.
Coreboot/ Intel ME disabled
Debian
Sparrow Wallet
Tor
Terminal
OPNsense GUI
GLiNET GUI
Start9 GUI
This is the work station you interact with the Bitcoin network on...a clean linux laptop, behind a fire wall, thru a VPN and over TOR on private network isolated network!
All on hardware you own, running FOSS, in your own home.
7) De googled Pixel
Purchase unlocked with cash so as to not have identity tied to an ime number.
Run Graphene, wifi only, airplane mode
This is a secure private mobile device simply for running your hot/ lightning wallet, #nostr and connecting back to Start9 server away from home.
Can add Silent link service if needed.
Now is the time to take back control of your home network. Build a private home network that is representative of the value of what you hold.
Ensure you can always transact without censorship!
Sometimes I like to visualize my setup so as to simplify or add redundancy. It takes a lot of mapping to feel good about geographically distributed keys and security.
Thanks 🤠🤙 i do remember this post now. The graphic makes it so much clearer 👀
I don't quite get number 3, the protectli. Isn't there a firewall inside the flint?
I have my flint directly connected to the fritzbox from the isp. 🤔
The ISP in this diagram is literally the cable coming in to the house... I don't use their hardware. I use a UPS first, then dumb modem, then the protectli as I can create unique gateways. So for example I could run a unique gateway just for the full node and my btc only laptop that wouldn't even be connected to my Flint WiFi router.
Creating a sitiution where only my laptop on that gateway could access my node behind the firewall. Many ways to do it.
I like separate firewall for all internet coming in before it hits my distinct networks from the flint. The protectli also has a wifi network that I can use if the flint borks.
I need to read up on gateways 🤔
I just think of them as unique networks. You can leave them isolated or tunnel between.
The flint just lets you have separate wifi networks plus a lan network, not distinct gateways.