Roll Your Own Network

Posted on 28 2026

There is a version of the internet that most of us have quietly accepted without really agreeing to in which everything you do, and are, your entire digital presence, lives on someone else’s hardware. Your email lives on someone else’s server. Your files are synchronised through someone else’s infrastructure. Your calendar, your contacts, your messages, your photos, all of it sitting in a data centre owned by a company whose business model depends on knowing as much about you as possible.

We accepted this arrangement because it was convenient and because no viable alternative exists, because theu felt complicated. Rolling your own anything sounds like the kind of thing that requires a rack of servers and a computer science degree and a lot of spare weekends. For a long time, that was mostly true.

It is not true anymore.

Open source tooling has matured. The hardware is affordable. The knowledge is out there. The only thing left is deciding you actually want to do it.

This series is my attempt to document what that looks like in practice. This is no longer a theoretical exercise, this is a working, living, breathing network built on open source software, running on hardware I own, serving my data back to me on my terms. Every step documented as I go, every mistake included, every decision explained.

It is heavily inspired by the excellent work over at roll.urown.net, which has been an invaluable reference. Where that project is a comprehensive technical reference, this is a companion: the same territory, walked through the lens of someone building it for the first time and writing down what actually happens along the way.

Privacy matters. Ownership matters. Understanding the infrastructure your digital life runs on matters. Not because you have something to hide, but because the alternative, handing all of that to companies with misaligned incentives, is a choice worth making consciously rather than by default.

This is not about paranoia. It is about intentionality. Knowing where your data lives and who has access to it is just good practice.

The series is structured around the layers of a typical home network, from the router outward, from the server down to the devices that connect to it. Each section is self-contained enough to dip into independently, but they build on each other if you want to follow the whole thing from the beginning.

What’s covered

  • Network Design — Topology, subnets, DNS, domain registration
  • Router — Ubiquiti, firewalls, VPN, DNS resolvers
  • Server — Proxmox, Ubuntu, SSH, mail, web, Nextcloud and more
  • Desktop — Keys, certificates, backups, browser hardening
  • Network Attached Storage — Backups, permissions, Borg
  • Smartphone — De-Googled, F-Droid, privacy-first
  • Certificate Authority — Root CA, intermediate CA, signing, revocation

A note on difficulty. Some of this is straightforward. Some of it will require patience, a willingness to read error messages carefully, and the occasional afternoon lost to something that should have taken twenty minutes. That is just the nature of the territory. The documentation here is written to be as honest about that as possible, including the bits where things went wrong and why.

You do not need to be an expert to follow along. You do need to be comfortable in a terminal, curious enough to look things up when they do not make sense, and willing to break things in a lab environment before you break them in production. Which, if you are the kind of person who found their way here, you probably already are.

Your network. Your data. Your call. Let’s build it.