this post was submitted on 26 Feb 2024
106 points (96.5% liked)

Selfhosted

40382 readers
736 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
(page 2) 47 comments
sorted by: hot top controversial new old
[–] AdmiralShat@programming.dev 2 points 9 months ago

I use OpenVPN and not expose anything directly.

[–] haui_lemmy@lemmy.giftedmc.com 2 points 9 months ago

Everything critical is on lan (docs, passwords, media), everything else is on vps (gameserver, fediverse, websites). I dont mix these as I absolutely dont want to deal with a breakin. I assume they will get in so I airgap them more or less.

[–] seedoubleyou@infosec.pub 2 points 9 months ago

PII or anything that would demonstrate clear attribution is LAN, the rest of the "fun" stuff lives on a VPS. Wireguard between them.

[–] kratoz29@lemm.ee 2 points 9 months ago

Only my Stremio add-ons, such as Knightcrawler, Annatar and Stremio-Jackett.

[–] Kusimulkku@lemm.ee 2 points 9 months ago

Jellyfin and Miniflux are internet facing because it would be turbo annoying otherwise to deal with them

[–] notannpc@lemmy.world 2 points 9 months ago

I expose most things to the web so long as they have auth and 2FA options. The one exception being my Jellyfin server. I share it with friends and needed to make it as easily accessible as possible.

With Cloudflare WAF, reverse proxy, and an isolated subnet with IDP I feel comfortable with public services. Nothings perfect but if they get through it and pwn my lab I’ll just nuke it and rebuild.

[–] cmnybo@discuss.tchncs.de 2 points 9 months ago

I have HTTPS and SSH accessible on the internet but only over IPv6. Anything else I access over an SSH tunnel or VPN.

[–] Decronym@lemmy.decronym.xyz 2 points 9 months ago* (last edited 8 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
HA Home Assistant automation software
~ High Availability
HTTP Hypertext Transfer Protocol, the Web
HTTPS HTTP over SSL
IMAP Internet Message Access Protocol for email
IP Internet Protocol
NAS Network-Attached Storage
NAT Network Address Translation
Plex Brand of media server package
SMTP Simple Mail Transfer Protocol
SSH Secure Shell for remote terminal access
SSL Secure Sockets Layer, for transparent encryption
TLS Transport Layer Security, supersedes SSL
VPN Virtual Private Network
VPS Virtual Private Server (opposed to shared hosting)
nginx Popular HTTP server

[Thread #549 for this sub, first seen 26th Feb 2024, 21:45] [FAQ] [Full list] [Contact] [Source code]

[–] ShellMonkey@lemmy.socdojo.com 1 points 9 months ago* (last edited 9 months ago)

As a general rule if it's a pubic-ish service like Lemmy (more a friends and family than public) or something where I want ready access like auto uploads it has public access, otherwise it's private. I make it a point to have everything facing outside to have 2FA enabled and/or limit the available sources to known IP ranges.

[–] possiblylinux127@lemmy.zip 1 points 9 months ago

Just my Nextcloud and Matrix

load more comments
view more: ‹ prev next ›