I’m just mildly curious. I know this isn’t the self hosting chan, but how many of you self host services as part of your efforts to retain your privacy, security, and anonymity?
I’ve been self hosting something for decades now. I got really started back in the PreNapster era. I ran an independent, selfhosted, fully licensed, internet radio outfit. That was back when music on the internet was a lot of cheap, tinny, geocities, midis. LOL I worked with a company called IM Radio Networks. They and Phillips, developed one of the world’s first bookshelf stereo, that was internet ready. Hook it up to the internet, and you could listen to AM/FM and IM radio. I’ve often mused that if it weren’t for Shawn Fanning, the music landscape on the internet might look a bit different as he forced the music industry to reevaluate how they did business.
Now, I self host a ton of stuff just for my own needs. It’s an enjoyable, purposeful, hobby, that keeps me busy. It’s also, so very educational, and I learn new things daily.
ETA: Man it does my heart good to meet and greet privacy minded users who also self host. It is an integral part of my privacy, anonymity, and security posture. If you aren’t already, or are thinking of self hosting, do it! You don’t need massive racks in the closet that dim the lights on reboot. A simple NUC or even RPi are quite capable of serving up services. You don’t need a Tier 1 feed from your ISP. Keep it simple and basic and work up from there to meet your needs.
Thanks again to all those who responded and shared their experiences.
You must log in or register to comment.
DNS, Jellyfin and game servers mostly; occasionally will tinker with other stuff but those are the ones that have lasted
I recently got the homelab going and plan on expanding to a few family members as well.
12 nodes (some new Epycs for encrypted memory, some centreon ewaste for cold storage and background tasks, and a few in-between) so far. All Harvester HCI and Rancher. I run game servers, Ollama, and NFS for storing my encrypted back ups on it mostly at the moment, with a sync to send encrypted to Proton for that off-site.
I can only get so erect
I only p2p but I can’t do much, NAS is so expensive in my country :(
In the early days, I selfhosted on an old raggedy laptop
I’m not a pioneer - but I selfhost.
Awesome bro. What kind of things do you selfhost?
My e-mail, on my own domain names, my server with a homepage, a bulletin board, and cloud… on the cloud (NextCloud) I also host a note taking server…
I don’t do streaming (yet) in any way bigger than I can stream video and audiobooks and music from my cloud if need be, but not with any special app for that.
Sweet!
I have a local network for sharing files between my devices but I don’t open anything up to remote access. I might change my mind once I’m more skilled at networking but right now I don’t trust myself to be able to set up something secure. If I’m on the road I just plan what I’ll need and manually sync it across before I go
I don’t trust myself to be able to set up something secure
That’s totally understandable. I will admit, the first server I tried to stand up got ransacked in an hour. I received a nastygram from the VPS saying that my server was attacking other servers which can have serious consequences. Of course I shut it down right away. I had just the OS, nothing else on there, so at worst it caused a some other servers to implement a block on my IP.
So I sat down and started reading, and testing, ad nauseam. Learned about hardening a Linux server. Learned about UFW and Fail2ban, and other security deployments. Learned how to bash. It’s been a learning process that still thrives. I thoroughly enjoy the experience.
But yes, it can be daunting at first, I totally get that. Of course, you have a much broader resource to tap than I did at the time, but that’s what I really dig about the internet. It is the sum total of the world’s knowledge. Not necessarily wisdom, but vast repositories of information.
Have a blast bro.
How did you get into it? Any resources you’d recommend for a noob who wants to get into setting up servers?
Oh gosh… Well, first you should get a subscription to Byte magazine. LOL J/K but that’s how far back it goes. I’ll pull some bookmarks here in no particular order.
- HowtoForge
- Selfh.st
- The HomeLab Wiki
- Marius Hosting
- Noted
- LinuxHandbook
- Linux Journey
- The Linux Code
- 30 Days Of Linux
- Techmint
- The Ultimate Linux Newbie Guide
- It’s FOSS
And of course right here
ETA: Me Skuzi…I did not answer your first question. I got into computers back with the original Altair kit. I saw recently there has been a revival of the old 8000. Wasn’t much you could do with it at the time, but it was super cool and I was addicted. After that, if memory serves correctly, I had a Timex/Sinclair. Had a cassette tape drive you’d use to load up an app. The TI 99 & 994a were probably my first real complete computer setups with drives, memory expansion, etc. You needed something like a kitchen table to lay it all out on. It sprawled all over the place, but was a decent platform for it’s time. After that, I’ve had at least everyone there after. LOL
NAS, Jellyfin/Plex, Copyparty (Google Drive replacement), Kiwix (Wikipedia), Joplin, Searxng, Ollama (LLM). Plus all the various searching tools, the maintenance tools, etc. I have pretty strong compartmentalization of my storage into separate media pools that all have their own RAID setups, plus an external backup.
It’s a bit of work to get all set up, but I use docker compose and autoheal / watchtower to keep the services going. I use Caddy and my own domain to make the services I want available externally to my network.
watchtower
Do you find that Watchtower sometimes screws up the update? I know I was plagued with that issue enough to drive me out to search the webs. OG Watchtower hasn’t been updated in 2 years and shows no real sign of activity. I went searching for a fork:
https://watchtower.devcdn.net/
Haven’t had any issues since.
Thanks for that! I have struggled with watchtower from time to time, so knowing there is a good fork out there is great. I’ll try it out.
deleted by creator
Yep! I just started self hosting a lossless music and 1080p movie server for my dad and I! It goes online soon. I’d say self hosting is an integral part of gaining true digital sovereignty.
self hosting is an integral part of gaining true digital sovereignty
Absolutely! 100%
I was running a server hosting a Gutenberg mirror at home 30+ years ago. And no, it’s not public.
That’s pretty awesome!
I don’t know if I’d call myself a privacy pioneer but I self-host some stuff and share/trade services with a few friends.
I don’t know if I’d call myself a privacy pioneer
lol I just needed something for the alliteration. Rock on my brother.
Have a NAS, Jellyfin server, and LLM on my LAN so far. Next step is to make them available outside my home, but I’ve been procrastinating.
Next step is to make them available outside my home, but I’ve been procrastinating.
I know a lot of people have ‘concerns’ about Cloudflare, but the Cloudflare Tunnel/ZeroTrust free tier works like a charm. You don’t have to punch holes in your server to route services/ports, no exceptions in UFW or similar. No port forwarding or NAT concerns on your router/firewall. The only caveat is that you need a proper domain name which you can pick up at NamesCheap for less than $5 USD. Overlay Tailscale on your server, and Jack’s a doughnut, Bob’s your uncle.
There are alternatives to Cloudflare like Pinggy, ngrok, LcalXpose, Zrok, Localtunnel, localhost.run, serveo, Inlets, and Frp. ngrok seems to be the more popular of the options.
I too am using a Cloudflare tunnel for my public facing services (such as WordPress), and that also allows you to put the WP login page behind another auth login as well which is great for security, so I do also vouch for Cloudflare.
I’m using Pangolin for private services on a VPS.
Plus, I have one service that is direct to my home IP for file sharing to one particular remote IP that is the only service directly through my firewall.
Therefore I have 3 ways my services are accessed and this has been the game changer for me recently, as previously I tried to run all this through one Caddy reverse proxy directly to my router and it gets painfully fragile mixing public/private services through one bottleneck when you’re tinkering as a selfhoster. So splitting it up has helped massively.
Good tip with the Cloudflare alts though!
Doesn’t cloudflare think you’re a bot when you remove tracking portions of urls? Cloudflare prevents me from seeing sites, but I am not a bot. Maybe the answer is I shouldn’t go to shitty sites to begin with.
You might have to unpack that for me as the caffine and morning meds haven’t quite yet soaked in and I’m not up to operating temps yet. Are you talking about Cloudflare verification checks? Like, you click to a site, it asks you to verify if you are a bot or not? If so, with the Cloudflare Tunnel/ZeroTrust, no it doesn’t ask for verification. Now, in the options for the Cloudflare/ZeroTrust tunnel, there is a section where you can set that up, but out of the box, you don’t get verification checks.
Full disclosure, it took me a few tries to wrap this noodle around it. That’s usually par for the course tho. Some things just stump me for some reason. Caddy was like that until I kept pursuing it seriously. Then one day I read a tut online and lifted one paragraph that was essential, and ding! The lights came on, the clouds separated, and it was so clear. Now, to me, Caddy is very easy and I am embarrassed that it took me so long. But, that’s part of the journey.
Yeah, Caddy was working fine, but the issue was me tinkering with it meant having to reload Caddy for the updated config to work, and that would break any connections people were using for file transfers etc. Also, it isn’t as quick for reverse proxying file transfers.
Therefore trying to run private and public services through it was limiting when I was also trying to tweak it constantly for my homelab.
I’ve found Traefik to be better in that it auto reloads the config live as you edit it, and it’s been faster for file transfers on my 1Gbps fibre.
And now I’ve split my services to separate public/private reverse proxies, that takes the pressure of having to keep one proxy always live. Pangolin uses Traefik, and so do I for my direct services through my firewall, and that makes life easier when only dealing with one type of proxy service.
Traefik
Messed around with it a bit. It’s another one of those things I have to do and fail at a few times which is why I have a little cheap VPS to test on.
I’ve relied on a Wireguard VPN for remote access until recently, I’m now playing with Pangolin via a VPS. I question why I need public (private) access, but it seems cool to operate that way and allows family members easier access.
Pangolin
Pangolin covers a wide swath of implementations that you’d normally have to connect together to get the same coverage, all in one package. I use it on a test VPS.
I self-host a decent bit of stuff. My setup has been to rent rack space in a datacenter to put my own storage server in, plus a second server at my house that I mirror backups between. I run my own VPN, “Cloud” storage, lemmy instance, game servers, websites, CI build systems, media streaming, etc… You can find some cheap server hardware on eBay that’s only a generation or two old, which you’ll need if you’re running in a datacenter, but for home servers it’s super easy to just set up an old desktop with a battery backup.
CI build systems
I’ve always wanted to implement something like that.
There’s a few different services you can use to set it up. I quite like Buildkite since they’ve got a pretty easy setup for running jobs on your own hardware, but I think several other CI services have a self-hosting option.
The best part about it for me is I can run GPU tests and do automatic screenshot diffs for my game engine. Normally renting a GPU server is super expensive, but it’s basically free to run myself using my old hardware.
I quite like Buildkite
I put it on the list. Got to check it out.
I do. Nextcloud + Immich
I hear raves about Immich. How is that working for you?
Really well other than one major complaint, which is that the search function has no timeline order and everything is jumbled together. That’s the one issue I have, though.
I might give it a whirl. I have a fair collection of pictures.
Me, hi
Me too, hellos!
Awesome!
I try to selfhost wherever possible. There are a few exceptions where it’s not practical (email for example), so I prefer not Google/Apple/Microsoft when that happens. In those cases, I also like to diversify so any potential enshitification is less painful to resolve.
Yeah, email is my kryptonite. I’ve run a couple packages in the past, but it is tedious. I use a EU service called mailo.com. Small, little company but in business for 20 years. Not a lot of gee whiz bells and whistles. Pretty much mail and a calendar, which is really all I need. I do make use of email aliases a lot.
There are very easy steps you can take here. It seems complicated, but there are tools for this and with a VPS/VDS, you can be up and running in under an hour if you are technically inclined. Moving to my own email, is by far, one of the best things I have done in my life.
It wasn’t the running it as much as the blacklisting.
So there is a bit of work you need to do, but if you manage your server well, do DMARC, DKIM, SPF etc and then nip it in the bud when you get warnings, its very easy to manage. Its about responsibility. Bad actors exist, but careful operators prevail.
Yeah, I might take a swing at it a few more times. That’s kind of my modus operandi. Do it, screw it up, restart. #$@$@ Do it, it works! Write that shit down! LOL
It took me 6 deploys to finally understand all the mechanisms. What I like about self-hosting and the open source mantra in general is that every failure is a lesson with field experience. So skills development and acquisition is fairly easy if you push for it and once you get it, its wash, rinse, repeat.
deleted by creator
yojimbo@sopuli.xyz
Don’t be shy bro. Share
