this post was submitted on 29 Dec 2023
98 points (96.2% liked)

Selfhosted

60734 readers
242 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details. Tags [CBH] or [AIP] are required, see the links in Rule 8 for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post, and find example disclosures here.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

I work in tech and am constantly finding solutions to problems, often on other people's tech blogs, that I think "I should write that down somewhere" and, well, I want to actually start doing that, but I don't want to pay someone else to host it.

I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?

In theory that's enough levels of protection and isolation but I don't know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.

Update: Thanks for the replies, everyone, they've been really helpful and somewhat reassuring. I think I'm going to have a look at Github and Cloudflare's pages as my first port of call for my needs.

you are viewing a single comment's thread
view the rest of the comments
[–] originalucifer@moist.catsweat.com -1 points 2 years ago (1 children)

if you setup everything with even moderate attention to the security involved, youll be fine. sounds like youre already there.

this is a common scenario, not a crazy idea or implementation. just keep your shit up to date

[–] TedZanzibar@feddit.uk 0 points 2 years ago (2 children)

That's one of the issues I'm concerned about. I'm happy enough to let things auto-update on a tight schedule and capable enough to fix things if eg. Watchtower goes wrong or updates a container to a dodgy version, but what I don't want is to have "keeping things secure" turn into a second job.

[–] pete@lemmy.world 0 points 2 years ago* (last edited 2 years ago)

One option here is to host it internally, and then VPN or ssh tunnel to your network for access.

Keeping openssh or a VPN up to date and secure is a much simpler thing than a web framework.

Separate your network access and your services. You get in trouble trying to use your service to gate access to your network.

[–] erev@lemmy.world 0 points 2 years ago

I run plenty of stuff off my home network, although I use VPSs now more for the higher availability than residential internet. So long as you put basic protections in place like fail2ban and a sensible firewall, you shouldn't have any issues.