view the rest of the comments
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Isn't control limited on 3rd party hosts for security purposes?
Not really, you're ideally paying for a server that you have complete control of. The differences are mostly just fundamental limitations.
Example: if you're hosting off site, you will always be connecting remotely, so your access depends on a network connection. If you're hosting at home then your stuff is still accessible when your internet goes down
It is, if you can host at home and use a cheap vps as proxy is better in my opinion. Like it or not when you host something you will put sensitive info in your vps and ofc you should trust them. Exactly like the vpn providers, they will fight for your rights paying 5 dolars/months? For sure no.
Or your Internet provider, they will also not fight for your rights paying $30 a month.
My services are not accessible from my wan, i forward all my services to a cheap vps,using a proxy and trafic is encrypted. So i am not worried about my isp also my real ip is hiden. I use something like cloudflare zero trust.. but is open source.
I'm less worried aobut sensitive info and more worried about owning the data. I'm looking to avoid a sitaution where I offload all the data to a 3rd party and lose access or pricing get expensive (like a Reddit situation). I'm more worried by offloading the data to a 3rd party I can't verify that they're not reselling it. etc.
@ProtecyaTec@lemmy.world not sure what that means but I guess you can do certain thing in your home server not allowed on a VPS. OTOH, an email server at home for example is much more difficult to achieve because your ISP most likely won’t allow you to open port 25
I was just reading through
Lemmy-Ansible
Github docs and wasn't sure if a 3rd party server or a home server was going to be better to run. The documentation doesn't feel super user-friendly or maybe I'm just not as tech-savvy as I thought.@ProtecyaTec@lemmy.world idk about ansible but if you are starting I would recommend starting small, in your personal computer. Docker is a good way to start
This may be way of scope for this thread but I'm not sure a better place yet to ask and learn more about how all this works. Say I run my Docker Container from a home PC, how do I make my Lemmy Instance accessible to the public? I'm familiar with web hosting but only from hosting on a simple 3rd party, where you buy a domain.
Agree with the VPS in this case. For sure you can create public-facing services in a home server or home lab, but to do so you need:
If you're new to these things, Id start with something more mature for personal or family home use first. Like NextCloud, HomeAssistant or Jellyfin media server. Lots of YouTubers have covered how these can be set up as a reference.
Lemmy is still alpha, full of bugs and security vulnerabilities and needs regular hotfixes and babysitting. Permitting Joe Public into your home services is ripe for disaster unless you have the time and expertise.
Operating internet-facing services in the home, in my opinion, requires a layer-3 managed switch so that internet traffic is 100% separated from home traffic, w/attendant DMZ to bridge home<-> internet-facing services safely.
L3 managed is the simplest method to contain a penetration to just the internet-facing devices (which is still pretty bad). Cloud hosting is more manageable, but you must watch the spend.
The biggest issue is a DDoS attack on the home network, which could impact internet-facing services and home clients (streaming TV, gaming, email, etc.).
Agree. Best to have that dedicated hardware, and a degree in network engineering first! Hah :)
tech waffle...
You might achieve network isolation without dedicated managed switches by: using prosumer routers or OpenWRT, with a Hypervisor like Proxmox, which support VLAN tagging. But this wouldn't save your home connection from a DDoS. To help with that, running public services behind CloudFlare seems to be one of the better choices, even our Lemmy hosts are using.If you're starting out, best keep internet facing home services private through a VPN, maybe ZeroTier or TailScale. Don't advertise them publically at all.
@ProtecyaTec@lemmy.world yeah if you want to host something like Lenny you may be able to do it on a home server but in terms of ports blocked, security, etc I guess it is easier to run it in a VPS