Comment on Advice needed for networking/architecting
mspencer712@programming.dev 1 month ago
Are you going to be hosting things for public use? Does it feel like you’re trying to figure out how to emulate what a big company does when hosting services? If so, I’ve been struggling with the same thing. I was recently pointed at NIST 800-207 describing a Zero Trust Architecture. It’s around 50 pages and from August 2020.
Stuff like that, your security architecture, helps describe how you set everything up and what practices you make yourself follow.
Appoxo@lemmy.dbzer0.com 1 month ago
Entirely for home use and entertainment but also a bit of learning.
I try to be best practice from the get-go even if it’s a bit steep to start like this. I believe that doesnt even get me close to scenario of “give everyone every permission recursively”.
But I will expose it via a reverse proxy.
Right now I am experimenting with my VM on doing the All-in-one VM doing NFS shares from my other 2 linux devices. And that was successful besides the issue of now having system1 think 100 = user “pi” and system2 100 = user “appoxo”
But yes. If you actually know what your goal/achievement is (e.g. reach a 0-trust permission state for the folder-tree of department Y) then it’s easier to research what you need to achieve it.
And that’s where I am already stuck. What do I want to do and how do I achieve that with the limited time, motivation and resources I have.
I believe my current wish is:
All in all I think I will proceed with doing the all-in-one storage and compute VM and let jellyfin access it via a docker-compose mounted NFS mountpoint.
Why: I believe it’s easier to use as the bloody beginner I am ;)
BUT if you have a better idea or think I should do it a different way, I want to be open to feedback and advice