this post was submitted on 02 Jul 2023
10 points (100.0% liked)

Selfhosting

8 readers
1 users here now

All things selfhosting and homelab related Resources: - https://github.com/awesome-selfhosted/awesome-selfhosted - https://github.com/awesome-foss/awesome-sysadmin

founded 1 year ago
 

So, couple years ago i started to learn about tech, programming and self hosting services thanks to redditors ( not reddit the evil corp ), and found lots of communities where they pointed me to good resources but then ended up allocating more time to learning programming to switch career into that field and finally got it.

As a passion and private needs I had set up couple of small servers for testing, but never ended up being able to actually expose them publicly in a secure way

I found some "beginner level" tutorials, but to be honest, it still was quite hard to understand.

Where can I found even lower level resources or any chat group or discord group for literal illeterates like me??

I know i can do my own research as I did for programming, but that was for landing an actual job, this is mostly for personal need, so i really cannot allocate much time into studying so much while I also have family duties and improving my coding skill for the current job

Thanks a lot

you are viewing a single comment's thread
view the rest of the comments
[–] Thorvid_botlakhan@kbin.social 1 points 1 year ago (2 children)

I may have express myself poorly, sorry, was in a rush.

I got the services running fine, am still learning and testing few things but the things I need or build are available and running on local.

My issue is about publishing them online, like linking them to a domain name I bough, and pointing that to my static home IP address, and the routing for each of them
like "cloud.myhomelab.net" to point to my home IP, and then reverse proxy that to the nextcloud instance at 192.168.1.127:8080 that is a proxmox container running docker containers

I followed some of dbtech's tutorials, and tried via Porkbun and cloudflare tunnels, and just after posting this I saw that it finally propagated (after a looot of days) but can only reach one of the services I set up.

Another way i kinda heard about was not using cloudflare tunnels and redirecting the traffic to my static IP to an nginx container that then redirects the traffic inside my home lan but I really don't know how to handle security with that, and also my ISP is blocking traffic on port 80 and 443 ( "it's for our router firmware's updates..." that were like 4 years ago last update )

All the idea of how to connect my local machines to the outside world and different method and secure proofing is soo difficult to understand for my, i really can't wrap my head around on what does what

[–] bratling@kbin.social 2 points 1 year ago (1 children)

This may help: https://caddy.community/t/using-caddy-as-a-reverse-proxy-in-a-home-network/9427

I am just starting the same journey and have also experienced the lack of good guides for noobs. Most guides are on integrating more complex setups.

[–] Thorvid_botlakhan@kbin.social 1 points 1 year ago (1 children)

right?? so it's not just my own impression...

I know I like tech stuff and I know i can get passionate and raise my skills on my own, but I could not find any good "beginner level" resource that didn't step from a simple nice to get drawing of how things should be, to a complex mixmatch of services and settings that leaves me in doubt of what do i have to do in my instance....

Thanks for the link, i'll check it out as i get back home...
Since you are on the same journey and know about any group chat or communities that are noob approachable, i'm all ears

[–] bratling@kbin.social 1 points 1 year ago* (last edited 1 year ago) (1 children)

reddit's r/homelab and r/selfhost were my go-tos, but Spez decided to kill the golden goose, so I left. I've been trying to help the Kbin and Lemmy communities grow, but we'll see how it goes…

Oh! Also Tildes! It's been established for a while but the user base isn't huge since it's still in beta. LMK if you'd like an invite.

I did find this there… indicating there is some activity around self-hosting:
https://tildes.net/~comp/16yc/self_hosters_share_your_reasons_for_self_hosting_and_favorite_apps

[–] Thorvid_botlakhan@kbin.social 1 points 1 year ago (1 children)

same here about reddit, I just joined as well, and also plan on giving back to communities I enjoyed in reddit.

Unfortunately i'm kinda busy with a new job and I haven't had time yet to properly set up all my communities and start adding content :(

anyway, thanks a lot, i didn't know about tildes, i'll check it out !!

[–] bratling@kbin.social 2 points 1 year ago* (last edited 1 year ago) (2 children)

Follow-up: I have Caddy working!

Here's my baseline before starting:

  • Services running on my NAS already configured
  • Domain names & DNS already hosted at Porkbun
  • Dynamic DNS in place using https://hub.docker.com/r/qmcgaw/ddns-updater
  • DNS includes wildcard support, so I can easily use anything.mydomain.net

After briefly trying out a couple of somewhat ingrated Caddy projects others have done, I decided they were too specific to their set-ups and did not make my life easier. I tossed them out and went simple. I wanted something super easy to understand, and thus easy to troubleshoot.

First I set it up in Docker. I created a really, really simple docker compose file:

version: "3.7"

services:
  caddy:
    image: caddy:alpine
    restart: unless-stopped
    ports:
      - "1080:80"       # Because Synology DSM reserves 80 for itself
      - "10443:443"     # Because Synology DSM reserves 443 for itself
      - "10443:443/udp" # Because Synology DSM reserves 443 for itself
    volumes:
      # next four lines are default
      # - $PWD/Caddyfile:/etc/caddy/Caddyfile
      # - $PWD/site:/srv
      # - caddy_data:/data
      # - caddy_config:/config
      - /var/docker/caddy/config/Caddyfile:/etc/caddy/Caddyfile
      - /var/web:/srv # serve this by default?
      - /var/docker/caddy/data:/data
      - /var/docker/caddy/config:/config

volumes:
  data:
    external: true
  config:
    external: true

(If the machine you are running Caddy on doesn't reserve ports 80 and 443 for itself like Synology DSM does, you don't need the ridiculous high ports I mapped. Just do 80:80 and 443:443.)

Then I created a simple Caddyfile.

web.fakeme.net, www.fakeme.net {
	# This connects to the default Synology web service
	reverse_proxy 192.168.2.15:80
}

This tells Caddy: When you get a request for web or www, send it to the machine at 192.168.2.15 using port 80.

Then I added to it, one service at a time to make sure things worked at each step

paperless.fakeme.net {
	reverse_proxy 192.168.2.15:8008
}

whoami.fakeme.net {
	reverse_proxy 192.168.2.15:8009
}

comics.fakeme.net {
	reverse_proxy 192.168.2.15:8010
}

plex.fakeme.net {
	reverse_proxy 192.168.2.15:32400
}

speedtest.fakeme.net {
	reverse_proxy 192.168.2.15:8011
}

You'll note I am doing nothing fancy here – no hostnames, no dynamic Docker container checks, none of that crap. It's brittle but it is dead simple.

Now that I have something simple working, I can get fancier if I feel like it.

[–] Thorvid_botlakhan@kbin.social 3 points 1 year ago

wow, thanks for all the help!! Man, i misssed this kind of community feel for the last like...4 years.

I just woke up and saw this comment, as i get back from work i'll test it.
Yesterday I've tried making nginx proxy manager and cloudflare work, since I had already tried them couple of times, but still, i get to the same point and can't really figure out why I either get "Hmm. We’re having trouble finding that site." or " Web server is down Error code 521 "

[–] Thorvid_botlakhan@kbin.social 2 points 1 year ago

welp... i go to fail this too... xD

read the documentation you listed
dug around the official docs setting up and getting informed beforehand

I read about testing to the staging letsencrypt api, but then forgot to add that

ran the container, it failed to get ssl certificates, but it blocked me in less than 20 seconds

I then changed some configs, since i was testing different ways of how it might work, but even after switching to the staging api for letsencrypt, i still receive logs saying it is refused and on timeout

ERR ts=1688509895.6641216 logger=tls.obtain msg=will retry error=[nextcloud.mysite.com] Obtain: [nextcloud.mysite.com] solving challenge: nextcloud.mysite.com: [nextcloud.mysite.com] authorization failed: HTTP 400 urn:ietf:params:acme:error:dns - DNS problem: NXDOMAIN looking up A for nextcloud.mysite.com - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for nextcloud.mysite.com - check that a DNS record exists for this domain (ca=https://acme-staging-v02.api.letsencrypt.org/directory) attempt=2 retrying_in=120 elapsed=66.535909489 max_duration=2592000

ERR ts=1688509906.5700405 logger=tls.obtain msg=unable to unlock identifier=sp.mysite.com lock_key=issue_cert_sp.27082019.xyz error=remove /data/caddy/locks/issue_cert_sp.mysite.com.lock: no such file or director

i just might be cursed