this post was submitted on 17 Oct 2023
6 points (87.5% liked)
Self-Hosted Main
515 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
- Service: Dropbox - Alternative: Nextcloud
- Service: Google Reader - Alternative: Tiny Tiny RSS
- Service: Blogger - Alternative: WordPress
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
- Awesome-Selfhosted List of Software
- Awesome-Sysadmin List of Software
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You'll be fine. It's exactly what I do. Just keep any exposed services up to date. NPM also has a very rudimentary blocker that mostly relies on UA and bad strings getting passed through. You can turn that on. Open up only services that need to be exposed e.g. don't expose sonarr/radarr unless there's a good reason for it. Make sure anything you expose that doesn't have any sort of authentication can have it implemented in nginx or you can use an SSO solution.
I expose strictly needed services while everything else is just internal. Exposed services include jellyfin, jellyseer (jellyfin version of overseerr), and nextcloud.
That is almost exactly what I would like to do, but with Plex/Overseerr. I am curious, do you run any type of intrusion detection s/w, or have you set up fail2ban?
I have fail2ban for SSH but I haven't tuned it for nginx yet. I've worked with OSSEC which has a fork called Wazuh which I've been wanting to set up.