I’m just mildly curious. I know this isn’t the self hosting chan, but how many of you self host services as part of your efforts to retain your privacy, security, and anonymity?
I’ve been self hosting something for decades now. I got really started back in the PreNapster era. I ran an independent, selfhosted, fully licensed, internet radio outfit. That was back when music on the internet was a lot of cheap, tinny, geocities, midis. LOL I worked with a company called IM Radio Networks. They and Phillips, developed one of the world’s first bookshelf stereo, that was internet ready. Hook it up to the internet, and you could listen to AM/FM and IM radio. I’ve often mused that if it weren’t for Shawn Fanning, the music landscape on the internet might look a bit different as he forced the music industry to reevaluate how they did business.
Now, I self host a ton of stuff just for my own needs. It’s an enjoyable, purposeful, hobby, that keeps me busy. It’s also, so very educational, and I learn new things daily.
ETA: Man it does my heart good to meet and greet privacy minded users who also self host. It is an integral part of my privacy, anonymity, and security posture. If you aren’t already, or are thinking of self hosting, do it! You don’t need massive racks in the closet that dim the lights on reboot. A simple NUC or even RPi are quite capable of serving up services. You don’t need a Tier 1 feed from your ISP. Keep it simple and basic and work up from there to meet your needs.
Thanks again to all those who responded and shared their experiences.
You must log in or # to comment.
*Raises hand*
I see ya bro.
I try to selfhost wherever possible. There are a few exceptions where it’s not practical (email for example), so I prefer not Google/Apple/Microsoft when that happens. In those cases, I also like to diversify so any potential enshitification is less painful to resolve.
deleted by creator
yojimbo@sopuli.xyz
Don’t be shy bro. Share
Yeah, email is my kryptonite. I’ve run a couple packages in the past, but it is tedious. I use a EU service called mailo.com. Small, little company but in business for 20 years. Not a lot of gee whiz bells and whistles. Pretty much mail and a calendar, which is really all I need. I do make use of email aliases a lot.
There are very easy steps you can take here. It seems complicated, but there are tools for this and with a VPS/VDS, you can be up and running in under an hour if you are technically inclined. Moving to my own email, is by far, one of the best things I have done in my life.
It wasn’t the running it as much as the blacklisting.
So there is a bit of work you need to do, but if you manage your server well, do DMARC, DKIM, SPF etc and then nip it in the bud when you get warnings, its very easy to manage. Its about responsibility. Bad actors exist, but careful operators prevail.
Yeah, I might take a swing at it a few more times. That’s kind of my modus operandi. Do it, screw it up, restart. #$@$@ Do it, it works! Write that shit down! LOL
It took me 6 deploys to finally understand all the mechanisms. What I like about self-hosting and the open source mantra in general is that every failure is a lesson with field experience. So skills development and acquisition is fairly easy if you push for it and once you get it, its wash, rinse, repeat.
I just launched a business to help non technical people identify and selfhost their business tools. I faced such problems when I lived in a fascist country and now that I live in a fascist country again, I figured its a good way to go.
That’s great to hear you’ve made it into a business. I’d been thinking of creating a “biz in a box” side hustle for small businesses. I’m not very business-savvy, though.
That’s super cool. I’ve always thought that every household should have a server as we live very digitally dependent lives now. Back when Microsoft released their homeserver edition, I thought that was going to be a good angle, however, it didn’t take off. If I were a younger man, I’ve often thought about assembling small, closet servers that could sit on a shelf and be used by the household members. I also see a lot of ‘mini’ server layouts using Lenovo ThinkCenters, which are surprisingly pretty snappy servers.
Self hosting is not always about hosting at home. A private VPS/VDS, co-located server that you own/lease and operate is essentially that. I take self hosting as not turning to big tech for the very same solutions I can spin up myself on a private server.
That being said, self hosting also involves servers at home that run personal services.
My line of work is mostly in business. Getting people to operate their businesses with open source tools on private servers, local, in the country and abroad, as they wish.
Self hosting is not always about hosting at home. A private VPS/VDS, co-located server that you own/lease and operate is essentially that.
Absolutely. I’m not one to split hairs in the definitions. Old computer at home, paid for VPS, hell even an old laptop.
I do! I have a small kubernetes at home where I try to host everything I can.
Well, then you are more advanced than I. I haven’t got kubernetes figured out yet. I’m still plumbing the depths of Docker. I did provision a small server to test out kubernetes but haven’t got back to it.
To be honest kubernetes is probably overkill for most homelabs, but I learned a lot using it and it got me my current job so I think it’s worth it 😅!
To be honest kubernetes is probably overkill for most homelabs,
So I’ve heard, but I’m still keen to learn it. You parlayed the experience into a positive cash flow, so that’s pretty awesome.
I’ve been self hosting for a few years now. One of my greatest enemies had been trying to get too fancy too soon. Depending on your personality type, I suggest just getting some crap working to the end goal first. Just a one service compose file or even just some docker cli command that you find in your bash history. Then go back and refine later.
Depending on your personality type, I suggest just getting some crap working to the end goal first. Just a one service compose file or even just some docker cli command that you find in your bash history. Then go back and refine later.
Excellent observation for those just dipping into selfhosting and great advice. I tend to go overboard on security.
You could try learning podman as an intermediate tool. I recommend it for the user-controlled systemd services. There are so many systemd commands to fine tune your containers.
I don’t know if I’d call myself a privacy pioneer but I self-host some stuff and share/trade services with a few friends.
I don’t know if I’d call myself a privacy pioneer
lol I just needed something for the alliteration. Rock on my brother.
I’m not a pioneer - but I selfhost.
Awesome bro. What kind of things do you selfhost?
My e-mail, on my own domain names, my server with a homepage, a bulletin board, and cloud… on the cloud (NextCloud) I also host a note taking server…
I don’t do streaming (yet) in any way bigger than I can stream video and audiobooks and music from my cloud if need be, but not with any special app for that.
Sweet!
Working on jellyfin and Nextcloud right now. I have not used NGinx or Tailscale, so now I have to figure out how to set those up to work outside of my house without getting hacked. Next I might try SearXNG or maybe host my own email again.
Tailscale super easy and a self-solving problem.
Searxng is rock solid.
Have a NAS, Jellyfin server, and LLM on my LAN so far. Next step is to make them available outside my home, but I’ve been procrastinating.
Next step is to make them available outside my home, but I’ve been procrastinating.
I know a lot of people have ‘concerns’ about Cloudflare, but the Cloudflare Tunnel/ZeroTrust free tier works like a charm. You don’t have to punch holes in your server to route services/ports, no exceptions in UFW or similar. No port forwarding or NAT concerns on your router/firewall. The only caveat is that you need a proper domain name which you can pick up at NamesCheap for less than $5 USD. Overlay Tailscale on your server, and Jack’s a doughnut, Bob’s your uncle.
There are alternatives to Cloudflare like Pinggy, ngrok, LcalXpose, Zrok, Localtunnel, localhost.run, serveo, Inlets, and Frp. ngrok seems to be the more popular of the options.
I too am using a Cloudflare tunnel for my public facing services (such as WordPress), and that also allows you to put the WP login page behind another auth login as well which is great for security, so I do also vouch for Cloudflare.
I’m using Pangolin for private services on a VPS.
Plus, I have one service that is direct to my home IP for file sharing to one particular remote IP that is the only service directly through my firewall.
Therefore I have 3 ways my services are accessed and this has been the game changer for me recently, as previously I tried to run all this through one Caddy reverse proxy directly to my router and it gets painfully fragile mixing public/private services through one bottleneck when you’re tinkering as a selfhoster. So splitting it up has helped massively.
Good tip with the Cloudflare alts though!
Doesn’t cloudflare think you’re a bot when you remove tracking portions of urls? Cloudflare prevents me from seeing sites, but I am not a bot. Maybe the answer is I shouldn’t go to shitty sites to begin with.
You might have to unpack that for me as the caffine and morning meds haven’t quite yet soaked in and I’m not up to operating temps yet. Are you talking about Cloudflare verification checks? Like, you click to a site, it asks you to verify if you are a bot or not? If so, with the Cloudflare Tunnel/ZeroTrust, no it doesn’t ask for verification. Now, in the options for the Cloudflare/ZeroTrust tunnel, there is a section where you can set that up, but out of the box, you don’t get verification checks.
Full disclosure, it took me a few tries to wrap this noodle around it. That’s usually par for the course tho. Some things just stump me for some reason. Caddy was like that until I kept pursuing it seriously. Then one day I read a tut online and lifted one paragraph that was essential, and ding! The lights came on, the clouds separated, and it was so clear. Now, to me, Caddy is very easy and I am embarrassed that it took me so long. But, that’s part of the journey.
Yeah, Caddy was working fine, but the issue was me tinkering with it meant having to reload Caddy for the updated config to work, and that would break any connections people were using for file transfers etc. Also, it isn’t as quick for reverse proxying file transfers.
Therefore trying to run private and public services through it was limiting when I was also trying to tweak it constantly for my homelab.
I’ve found Traefik to be better in that it auto reloads the config live as you edit it, and it’s been faster for file transfers on my 1Gbps fibre.
And now I’ve split my services to separate public/private reverse proxies, that takes the pressure of having to keep one proxy always live. Pangolin uses Traefik, and so do I for my direct services through my firewall, and that makes life easier when only dealing with one type of proxy service.
Traefik
Messed around with it a bit. It’s another one of those things I have to do and fail at a few times which is why I have a little cheap VPS to test on.
I’ve relied on a Wireguard VPN for remote access until recently, I’m now playing with Pangolin via a VPS. I question why I need public (private) access, but it seems cool to operate that way and allows family members easier access.
Pangolin
Pangolin covers a wide swath of implementations that you’d normally have to connect together to get the same coverage, all in one package. I use it on a test VPS.
I self-host my own Monero node and I self-host my password manager and my files
Monero node
Hmm. I’m pretty confident in my defences but selfhosting passwords and financials keeps me awake at night. LOL
I just make deterministic passwords based on what I’m using. It’s a hard to break pattern.
I self-host a decent bit of stuff. My setup has been to rent rack space in a datacenter to put my own storage server in, plus a second server at my house that I mirror backups between. I run my own VPN, “Cloud” storage, lemmy instance, game servers, websites, CI build systems, media streaming, etc… You can find some cheap server hardware on eBay that’s only a generation or two old, which you’ll need if you’re running in a datacenter, but for home servers it’s super easy to just set up an old desktop with a battery backup.
CI build systems
I’ve always wanted to implement something like that.
There’s a few different services you can use to set it up. I quite like Buildkite since they’ve got a pretty easy setup for running jobs on your own hardware, but I think several other CI services have a self-hosting option.
The best part about it for me is I can run GPU tests and do automatic screenshot diffs for my game engine. Normally renting a GPU server is super expensive, but it’s basically free to run myself using my old hardware.
I quite like Buildkite
I put it on the list. Got to check it out.
I only p2p but I can’t do much, NAS is so expensive in my country :(
In the early days, I selfhosted on an old raggedy laptop
I have a local network for sharing files between my devices but I don’t open anything up to remote access. I might change my mind once I’m more skilled at networking but right now I don’t trust myself to be able to set up something secure. If I’m on the road I just plan what I’ll need and manually sync it across before I go
I don’t trust myself to be able to set up something secure
That’s totally understandable. I will admit, the first server I tried to stand up got ransacked in an hour. I received a nastygram from the VPS saying that my server was attacking other servers which can have serious consequences. Of course I shut it down right away. I had just the OS, nothing else on there, so at worst it caused a some other servers to implement a block on my IP.
So I sat down and started reading, and testing, ad nauseam. Learned about hardening a Linux server. Learned about UFW and Fail2ban, and other security deployments. Learned how to bash. It’s been a learning process that still thrives. I thoroughly enjoy the experience.
But yes, it can be daunting at first, I totally get that. Of course, you have a much broader resource to tap than I did at the time, but that’s what I really dig about the internet. It is the sum total of the world’s knowledge. Not necessarily wisdom, but vast repositories of information.
Have a blast bro.
How did you get into it? Any resources you’d recommend for a noob who wants to get into setting up servers?
Oh gosh… Well, first you should get a subscription to Byte magazine. LOL J/K but that’s how far back it goes. I’ll pull some bookmarks here in no particular order.
- HowtoForge
- Selfh.st
- The HomeLab Wiki
- Marius Hosting
- Noted
- LinuxHandbook
- Linux Journey
- The Linux Code
- 30 Days Of Linux
- Techmint
- The Ultimate Linux Newbie Guide
- It’s FOSS
And of course right here
ETA: Me Skuzi…I did not answer your first question. I got into computers back with the original Altair kit. I saw recently there has been a revival of the old 8000. Wasn’t much you could do with it at the time, but it was super cool and I was addicted. After that, if memory serves correctly, I had a Timex/Sinclair. Had a cassette tape drive you’d use to load up an app. The TI 99 & 994a were probably my first real complete computer setups with drives, memory expansion, etc. You needed something like a kitchen table to lay it all out on. It sprawled all over the place, but was a decent platform for it’s time. After that, I’ve had at least everyone there after. LOL
NAS, Jellyfin/Plex, Copyparty (Google Drive replacement), Kiwix (Wikipedia), Joplin, Searxng, Ollama (LLM). Plus all the various searching tools, the maintenance tools, etc. I have pretty strong compartmentalization of my storage into separate media pools that all have their own RAID setups, plus an external backup.
It’s a bit of work to get all set up, but I use docker compose and autoheal / watchtower to keep the services going. I use Caddy and my own domain to make the services I want available externally to my network.
watchtower
Do you find that Watchtower sometimes screws up the update? I know I was plagued with that issue enough to drive me out to search the webs. OG Watchtower hasn’t been updated in 2 years and shows no real sign of activity. I went searching for a fork:
https://watchtower.devcdn.net/
Haven’t had any issues since.
Thanks for that! I have struggled with watchtower from time to time, so knowing there is a good fork out there is great. I’ll try it out.
Me, hi
Me too, hellos!
Awesome!
Oh god, where do I start?
3 node proxmox setup:
Net node:
- opnsense (dns, dhcp, edge firewall, wireguard)
- caddy
- ssh hub
Compute node:
- a few game servers
- wiki (kiwix), full copy of wikipedia
- searxng
- docker host (portainer plus 10ish containers)
- forgejo
- testing vms
- a separate zfs mirror
Storage node:
- all drives, zfs + mirror
- proxmox backup server
- home assistant
- immich
- ARR stack
- jellyfin
Oh and a monitoring node made out of a rpi 4b with an nvme hat,running dietpi, prometheus, grafana and homepage (gethomepage.dev)
Thats about it plus automations and stuff, wireguard so I can access it from anywhere. Not separated properly, no network zones, just a few vlans for now, work in progress.
It gets to be an obscession, no?
Yes. But its my outlet, its keeping me sane. Looking at the worlds nowadays, this is my happy place. More therapy than anything.
I think it’s very important for us humans to have something in our daily lives that distracts up for couple hours or so. A release. I like to get out and touch grass too. Balance.
