pleksi

@pleksi@sopuli.xyz

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨What DDNS providers you guys recommend?⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
I’ve been using desec.io since it’s european, non profit and privacy oriented. Brong your own domain though.
⁨Comment⁩ on ⁨Guidance for Noob? (Synching vs Nextcloud, Immich, Tailscale)⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Id recommend setting up a domain even if just for local use. No-ip.com is at least working for me right now (my router is keeping my dynamic ip dns records up to date so i can wireguard into my router/lan even if the ip changes).

You dont need to expose your services but if you ever do want to, it’s so much easier if youve got a working reverse proxy infront already set up plus you can use https.

Setting up (sub)domains in lan forces you to learn to use a reverse proxy like caddy traefik or nginx. Personally to me NPM(nginx proxy manager) was the easiest to use but i use caddy nowadays. For half a year i didnt expose anything but after wanting to share some albums with the extended family i decided to do so via pangolin hardened with crowdsec running on a virtual private server. Pangolin - while not as easy as crowdsec - was very well dockumented and works well.
⁨Comment⁩ on ⁨Hardware raccomandation for new selfhoster⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Im using debian btw and non zfs system, so mileage may of course vary.
⁨Comment⁩ on ⁨Hardware raccomandation for new selfhoster⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Two 4tb disks in raid 1 is a waste of money for most selfhosters. Unless you really want to avoid downtime due to disk failure. (and even then you could get a power outage or a network failure). A second disk will protect you from disk failure but not from other forms of data loss (like you fucking up something and erasing all of your family photos).

Do you also plan to buy some cold storage medium and cloud storage or a remote backup server or something (for 3+2+1 backups)? thats way more important.
⁨Comment⁩ on ⁨I am attempting to get into self hosting after a shockingly frightening experience. I am very lost though.⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Im running my own instance. But yeah, videos from google servers won’t load behind a proxy. Or they might work for a while but then wont and then you have to switch vpn servers which is very annoying.
⁨Comment⁩ on ⁨I am attempting to get into self hosting after a shockingly frightening experience. I am very lost though.⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
I use a small wireless logitech keyboard-mousepad so it works very well.
⁨Comment⁩ on ⁨I am attempting to get into self hosting after a shockingly frightening experience. I am very lost though.⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
My phone is on a woreguard tunnel into my router so it stays in the same forewall zone as my services. Internet access is routed through the tunnel and then through another tunnel to protonvpn and from there to the www. It was a bit elaborate to set up but it works. Wouldnt really recommend the setup for everyone, it was a bit of a pain in the ass to get working. I used Openwrt and policy based routimg plus wireguard for the tunnels into and put of the router.
⁨Comment⁩ on ⁨I am attempting to get into self hosting after a shockingly frightening experience. I am very lost though.⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Oh i have vaultwarden as well nowadays
⁨Comment⁩ on ⁨I am attempting to get into self hosting after a shockingly frightening experience. I am very lost though.⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
As someone who went through this process after trumps 2nd term and power i can give you my process:

-angrily unsubscribe all big tech subscriptions -make a protonmail and tutamail account, realize I like proton suote more and decide to subscribe -transfer all passwords to proton suite -download all photos and other data to an external drive. TURNS OUT THIS TAKES SEVERAL DAYS WTF -angrily order a rasp-pi and an external SSD -use step by step tutorials to install docker and immich. Fall in love -gradually (via help of google and GPTs) become confident enough with command line to start managing the server headless over SSH

Fast forward 6 months: My router os now running OpenWRT, my network access is always through ProtonVPN. My external devices are connected via wireguard to the router when not on home wifi. My main server is now an old office mini pc running about 10 services. Im using borg for nightly snapshots(its a bit like apple time machine) and after that everything is backed up to another server at a friends house via rsync and ssh. I have a third mini computer whose purpose is to be my tv’s UI with access to services like the national broadcasts web ui and muäy own jellyfin and invidious (adless youtube client) The tv does not have an internet connection anymore.
⁨Comment⁩ on ⁨ELI5: How to put several servers on one external IP?⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:
I really feel like people who are beginners shouldnt play with exposing their services. When you set up Caddy or some other reverse proxy and actually monitor it with something like fail2ban you can see that the crawlers etc are pretty fast to find your services. If any user has a very poor password (or is reusing a leaked one) then someone has pretty open access to their stuff and you wont even notice unless you’re logging stuff.

Of course you can set up 2FA etc but that’s pretty involved compared to a simple wg tunnel that lives on your router.