How safe is it to self host something that you open up to the web? I’ve been thinking about a keepass self host, but I need it to be accessible from anywhere… I’m just really worried what that does once you open up your local server to the world
Comment on What else should I self-host?
KarnaSubarna@lemmy.ml 3 weeks ago
- AdguardHome/Pi-Hole (for DNS Filter)
- DrawIO (MS Visio equivalent)
- Invidious (Youtube privacy frontend)
- SearxNG (Google Privacy frontend)
- Vaultwarden (Self-hosted Bitwarden server)
- Miniflux (RSS Reader)
- linkWarden (Link aggregator)
Also, checkout selfh.st/apps/
madcaesar@lemmy.world 3 weeks ago
KarnaSubarna@lemmy.ml 3 weeks ago
If you want to expose a container based service just for yourself over internet, you can -
-
If you have static IP4 or IPV6 - Setup Wireguard VPN on your homelab/server, and wireguard client on client devices[1].
-
If you are behind NAT or CGNAT - either Cloudflared Tunnel[2] or Tailscale[3].
In either scenarios, you need to setup firewall of your server to allow connection from LAN to port of your docker container/services. By default your firewall should block all incoming request.
I’m personally using Cloudflared Tunnel, but planning to migrate to Tailscale.
[1] digitalocean.com/…/how-to-set-up-wireguard-on-ubu…
[2] developers.cloudflare.com/…/connect-networks/
[3] tailscale.com
-
ohshit604@sh.itjust.works 3 weeks ago
SearXNG is more than just a front end for google results, it’s an aggregator, if configured properly can collect results from Bing, Startpage, Wikipedia, DuckDuckGo, Brave.
scroll_responsibly@lemmy.sdf.org 3 weeks ago
Yacy is a web crawler/search engine that IIRC you can self host and use as a SearXNG backend
KarnaSubarna@lemmy.ml 3 weeks ago
That’s correct. Thanks for the correction.
SpatchyIsOnline@lemmy.world 3 weeks ago
I’m no expert, but I read that self hosting your own instance doesn’t actually help with privacy since the search providers still track those requests and if you’re the only one using it, that’s just tracking you with extra steps.
Of course if you use a public instance, you have to then trust that the instance isn’t tracking you
KarnaSubarna@lemmy.ml 3 weeks ago
Unless you are routing traffic through a VPN.
nfreak@lemmy.ml 3 weeks ago
I just recently started routing mine through a gluetun container, but now I’m hitting timeouts pretty consistently. Not sure if there’s a solution to that or just deal with it.
ohshit604@sh.itjust.works 3 weeks ago
While true, they still collect data on the results hosting your own instance can prevent you from hitting rate-limits as often.
3dcadmin@lemmy.relayeasy.com 2 weeks ago
Gotta be better than being tracked everywhere… and of course I personally use a vpn (and encrypted traffic to the server)