Each time I've read into self-hosting it often sounds like opening stuff up to the internet adds a bunch of complexity and potential headaches, but I'm not sure how much of it is practicality vs being excessively cautious.
this post was submitted on 26 Feb 2024
72 points (98.6% liked)
Selfhosted
39964 readers
474 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 1 year ago
MODERATORS
It’s always a balance between security and convenience. You have to mitigate what risk you are willing to well…risk
load more comments
(4 replies)
I probably have more accessible from outside than not. Many are required: hosting a website, a media server I can access from anywhere outside the house, my phone system, etc. Some I used to use more than I do now: podcast service, that sort of thing. Then a bunch that are internal only. My phone connects home over Wireguard so that's pretty convenient when out and about for accessing internal only systems.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
| Fewer Letters | More Letters |
|---|---|
| DNS | Domain Name Service/System |
| HA | Home Assistant automation software |
| ~ | High Availability |
| HTTP | Hypertext Transfer Protocol, the Web |
| HTTPS | HTTP over SSL |
| IMAP | Internet Message Access Protocol for email |
| IP | Internet Protocol |
| NAS | Network-Attached Storage |
| NAT | Network Address Translation |
| Plex | Brand of media server package |
| SMTP | Simple Mail Transfer Protocol |
| SSH | Secure Shell for remote terminal access |
| SSL | Secure Sockets Layer, for transparent encryption |
| TLS | Transport Layer Security, supersedes SSL |
| VPN | Virtual Private Network |
| VPS | Virtual Private Server (opposed to shared hosting) |
| nginx | Popular HTTP server |
[Thread #549 for this sub, first seen 26th Feb 2024, 21:45] [FAQ] [Full list] [Contact] [Source code]
Jellyfin and Miniflux are internet facing because it would be turbo annoying otherwise to deal with them
Just my Nextcloud and Matrix
Nothing is exposed. There are things I want exposed, but I don't want to keep security patches up to date, even if there is a zero day. I'm looking for someone trustworthy to hire for things that it would be useful to expose, but they are hard to find.
Just VPN back in with WireGuard.
load more comments
(1 replies)
I expose most things to the web so long as they have auth and 2FA options. The one exception being my Jellyfin server. I share it with friends and needed to make it as easily accessible as possible.
With Cloudflare WAF, reverse proxy, and an isolated subnet with IDP I feel comfortable with public services. Nothings perfect but if they get through it and pwn my lab I’ll just nuke it and rebuild.
Most of my things are open to the web but thats kinda nessasary for them to be functional file shairing links, link shortening, mc server etc etc