this post was submitted on 28 Jun 2023
1 points (60.0% liked)

Selfhosted

40006 readers
674 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hi guys. how can I monetize my rustdesk servers? like, imagine I tell client X to pay 1$/month for using my server, how can I authenticate users? (prevent others from using the server so only people who are paying can use).

CONTEXT: I live in a country with very limited internet (like china) so using public servers is not good. I would also have to be able to maintain the costs of the server. so this is not illegal and not unethical.

top 6 comments
sorted by: hot top controversial new old
[–] macgregor@lemmy.one 2 points 1 year ago* (last edited 1 year ago)

Not to sound like a wet blanket, but I think you'll find it hard to make enough money to cancel out your power bill, development and admin time compared to big box names like AWS, digital ocean, etc. It could also open you up to legal problems. If someone you don't know wants to pay you (someone with no reputation they shouldn't trust with their money and data) then you probably don't want the data they are trying to host any where near your servers (use your imagination...).

That said, if you're serious or want a learning exercise look for:

  • identity management/authentication - SSO or Oauth for an authentication layer. examples: Keycloak, Oauth proxy.
  • resource monitoring - Metrics, monitoring, logging. some of this is just for maintaining availability of your service but you may need metrics for usage billing or cutting off access if they go over allotments. Examples: ELK stack, Prometheus, grafana, Loki, datadog
  • API gateway - api rate limitingbased on identity, e.g. user Bob is only allowed to make 1000 API calls a month . Examples: 3scale.
  • domain specific resource access policies - this is where it gets tricky. Depending on what application you are offering as a service, there may be access/limitation policies built in you could use or generic external options. If not, you'll need to come up with a method on your own like an authorization proxy that intercepts requests and approves or denies based on identity and usage metrics. A decent API gateway solution should allow for this customization.

I am not aware of an out of the box solutions that solve all of these problems, but there are many solutions for specific parts of this hypothetical system which is what I tried to provide with some example tech names to start your search. It's not a simple problem, but it's one basically every internet company has solved on some level.

I think there are croud-source compute reselling services you can enroll your systems in but I'm blanking on names and again you'll be lucky to break even on power.

[–] kn100@sh.itjust.works 1 points 1 year ago (1 children)

I wouldn't try selling services that are hosted on your residential internet connection. What happens when it goes down? Is your setup redundant? Etc.

[–] somegeek@programming.dev 2 points 1 year ago

I didn't say they are on my residential internet.

[–] XpeeN@sopuli.xyz 1 points 1 year ago

I know nothing about how it works under the hood, but it sounds like you need to let a user register only when they pay, deactivate the account when they stopped and don't let users without account to use the server.

[–] chiisana@lemmy.chiisana.net 1 points 1 year ago

If there is a way to handle auth, then you can maybe put it behind a SSO platform (Keycloak, fusionauth, authlia, etc) and slap a billing system (not familiar with open source solutions here, I used to use commercial solutions like Blesta and WHMCS) to activate/deactivate user accounts. You’d need to do a lot of the expropriation and heavy lifting yourself though.

API keys are generally how this is done. You create an account system with billing and then allow account holders to generate API keys that must be included in every request. On your side you look up their account via the API key and check billing status before responding to the request.

If you don't have a lot of clients you could handle billing and key generation manually.

load more comments
view more: next ›