this post was submitted on 22 Oct 2023
9 points (100.0% liked)

Self-Hosted Main

504 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

Link: github.com/azukaar/cosmos-Server/

Cosmos 0.11.0 is out with a new backup system to export all your docker containers! The Linux and Mac clients are also out for some early testing, please share your feedback!

https://preview.redd.it/htjbg0ze5rvb1.jpg?width=1695&format=pjpg&auto=webp&s=944ae33ae00c67159eddecf4ff923a1a0141e106

The new backup system works by reading the list of containers on your server and exporting a single compose file, with all the setup you need to recreate (in case of crash) or migrate your server.

The backup system triggers on every docker change, including changes you've made outside of Cosmos (ex. Portainer, etc...).

It outputs to a single file in your config folder, which you can backup with various strategy to keep a history of your docker containers state!

As a reminder, this exists alongside the existing features:

  • App Store ๐Ÿ“ฆ๐Ÿ“ฑ To easily install and manage your applications, with simple installers, automatic updates and security checks
  • Customizable Homepage ๐Ÿ ๐Ÿ–ผ To access all your applications from a single place, with a beautiful and customizable UI
  • Reverse-Proxy ๐Ÿ”„๐Ÿ”— Targeting containers, other servers, or serving static folders / SPA with automatic HTTPS, and a nice UI
  • VPN ๐ŸŒ๐Ÿ”’ To securely access your applications from anywhere, without having to open ports on your router.
  • Authentication Server ๐Ÿ‘ฆ๐Ÿ‘ฉ With strong security, multi-factor authentication and multiple strategies (OpenId, forward headers, HTML)
  • Container manager ๐Ÿ‹๐Ÿ”ง To easily manage your containers and their settings, keep them up to date as well as audit their security. Includes docker-compose support!
  • Identity Provider ๐Ÿ‘ฆ๐Ÿ‘ฉ To easily manage your users, invite your friends and family to your applications without awkardly sharing credentials. Let them request a password change with an email rather than having you unlock their account manually!
  • SmartShield technology ๐Ÿง ๐Ÿ›ก Automatically secure your applications without manual adjustments (see below for more details). Includes anti-bot and anti-DDOS strategies.

โ€‹

As always, eager to get some feedback on this release, here's the rest of the changelog:

- Docker export feature for backups on every docker event
- Disable support for X-FORWARDED-FOR incoming header (needs further testing)
- Compose Import feature now supports skipping creating existing resources
- Compose Import now overwrite containers if they are differents
- Added support for cosmos-persistent-env, to persist password when overwriting containers (useful for encrypted or password protected volumes, like databases use)
- Fixed bug where import compose would try to revert a previously created volume when errors occurs
- Terminal for import now has colours
- Fix a bug where ARM CPU would not be able to start Constellation

โ€‹

happy hosting!

you are viewing a single comment's thread
view the rest of the comments
[โ€“] umairshariff23@alien.top 1 points 1 year ago (1 children)

Hey! I've been recently getting into VPN and 2fa and could you give me a eli15 for this? How does this work?

I currently have my entire server port forwarded and reverse proxied on port 80 and a duckdns domain, with homepage running on port 80. After implementing this, will port 80 be taken over by cosmos?

[โ€“] azukaar@alien.top 1 points 1 year ago

The VPN part is basically a "secret" (encrypted) tunnel between multiple devices/servers. Whenever one device wants to talk to your server, it sends messages via the tunnel, and on the other end, the tunnel dispatch the message to the right port. Using this, you have access to your server without exposing all your ports, so only people connected to your VPN can see it. Keep in mind this is different than a traditional VPN who transfer all your data to the server to hide your IP. Here only the traffic to your server is tunneled. This way your other activities are not affected (performance wise especially)

2FA uses any authenticator app (the one where you scan a QR code and get a 6 digits number) to protect your account. If someone gets your password, they still cant login because they also need your phone (unlocked) to get the 6 digits (it changes every 30 secs)