@crschnick First of all - thanks for sharing it! 😍 Just a quick question, after I took a first glance - it is just a management tool application which abstracts the use of CLI management tools like ssh, ssh-keygen, podman, etc… and consolidates it into a single UI, right? - So it is not just “another” service to host, correct?
Don’t get me wrong, just needed to verify that it might be a tool to evaluate.
I had a first try yesterday, but something with my existing SSH .config didn’t work, when I tried to add some “connections”. Is there a logical reason, why Xpipe forces a connection to be established, before adding it in the “search connections” - for me they fail, because I exclusively use key-based SSH auth, but I load my keys on the fly from KeePassXC when I need them, not before.
Nice to see a modern and snappy Java application for a change.
Many given good advice on hardware, and there are plenty other threads with a lot of good recommendations.
Regarding OS, I would recommend to ease into it, and try some before committing. Just try a few services, how stable it is and if the configuration complexity meets your personal learning expectations. (Self hosting is only fun, as long as you can get everything up and running. If you need 36hrs of troubleshooting for every 2nd problem, that awe for elf hosting melts pretty fast.)
I started myself with OMV 0.x, and since then it’s gotten pretty decent. But I switched to plain Debian and CLI tool. After learning enough using OMV as my starting point. I also tried FreeNAS in the beginning, but that wasn’t for me.
And I recently discovered CasaOS, wich is pretty neat and has a lot of benefits, but I haven’t tested it yet.
I am planning to eventually build my own home server, and when I do I will hook it up via ethernet. But I do want to switch away from the generic FIOS router and use my own for more control over my data and security. Any recommendations?
Please don’t host a router on a Hypervisor VM. That does not benefit security. First of all a router is an integral part of the (home) network, therefore it should not be dependent on anything, like a hypervisor. You want to be able to replace or update your server/ hypervisor independently from each other, for example in 5 hrs your router might be still rocking all data, but you would want to upgrade your home server / hypervisor. Furthermore all those OpenWRT, PFsense, OpenSense kernel/ OS hardening is more effective on the hardware itself, especially all RAM/ Memory based security measures. Also if you truly want to be more secure, you use dedicated hardware for multiple reasons, performance is dedicated to only routing/ firewall processing (no other service/ VM can block or slow down packet processing), reducing the attack surface (less software, less attack surface), easier to update.
I cannot recommend any consumer router brand, at least not with stock firmware, because any of them don’t have guaranteed update policy. Further, some of the stock firmware contains insecure protocols, like telnet (yes, still), outdated ciphers (SSL, TLS 1.0), and some feature you want is always missing. Further they often lack innovative features like WireGuard in updates, mostly bug fixes and security patches.
That’s why I would urge you to consider using one of the router/ gateway distributions listed below.
Depending on your requirements, I can recommend the following router OS:
OpenSense (router without WiFi)
OpenWRT (router with WiFi)
If you have an old laptop or pc to spare, you could at least give those two a try.
Someone already mentioned it, OpenSense runs only on x86 / PC Hardware (and MiPS). OpenWRT can be flashed onto a lot of consumer routers as well as be installed on traditional x86 / PC hardware.
OpenWRT has a hardware table on their website for supported models. Some of them come cheap if you buy them used and are pretty decent.
If you like more flexibility, I can recommend building your own router. Used thin clients, Iike for example Fujitsu Futro S920. Thin clients are basically low-powered PCs, which are often cheap on the used market and provide a variety of hardware interfaces. Most use Intel NICs, some have secondary NIC, can hold SATA disks, provide interfaces for WiFi (pice, miniPCIe, m.2) or extension cards, have high efficient power supplies and are in majority are passive cooled. Or get some SBC/ Low-Powered board with the interfaces you need. It doesn’t need to be new hardware.
Very interesting, do you have any source or references that springs to your mind? I have emergency SOS enabled, but it never happened to me that it has been falsely triggered. And I can’t imagine many scenarios were it would be.
Sure - but that would be another thing to self-host - because I have at least 5 machines which need to send, and I have a dynamic IP address - so it would involve updating the MX records via DNS API for at least 5 sub domains.
To be honest, I’m a KISS kind of guy - not everything technical possible or imaginable is worthwhile. Especially if it’s such a crucial part like alert monitoring. I want it done simple, secure, without caveats and keeping the complexity on the lowest level possible.
I thought about self-hosting, but first of all I got a dynamic IP. Further I want a solution which has roughly 98% availability and 99,99% reliability, because this service tells me if everything burns/ goes awry. That’s not the service I’d like to “toy” with. And hosting any kind of mail service with 98% availability and 99,99% reliability, automatic DKIM roll-over etc. is a tough nut. Even VPS cost’s seem higher than just Amazon SES.
I have some issue with just that, all emails will end up in a spam filter (if your mail provider is thorough). Also your IP might end up on a public spam/ block list. To much to go wrong, in case some alerts need to reach me.
Plus I use a strict DMARC, so at least a correct SPF is needed.
I’m using postfix on my machines, all services send to it and it just to relays via a SMTP service. So only one point to configure.
I was specifically looking for the last part, a SMTP relay service.
edit: thank you for all the great comments! It’s going to take a while to chew through the suggestions. I just started testing picoshare which is already looking both easy and useful....
Many people underestimate it, my goto for a fast an reliable file share service, which does just that, is production ready, has great client software and uses just few resources.
I’m interested in possibly hosting my own Lemmy instance - just for my own account. I was thinking of hosting it on Raspberry Pi (possibly the 1GB Pi 4 B), but I couldn’t find much for definitive information on what the hardware requirements would be for such an instance to know if this is even possible. How much storage is...
I’m not sure if it’s still valid, but Oracle Cloud Infrastructure (OCI) had a 4 vCPU, 24 GB RAM, 200 GB HDD free tier. No costs, ever! You could sign up there and setup an even bigger instance.
Hi folks, I’m just getting into this hobby thanks to the posts in this community. So far, I’ve installed Ubuntu server 22.04 on an old laptop and got paperless working, and I’m pretty pumped. Now I would like to access it outside of my home network on my phone....
I know it’s been mentioned before - but plain Wireguard is my way to go. KISS - keep it simple, stupid! setup might be a little bit of a learning curve, but once you got it for one device, others aren’t a big issue.
I had a CA, with OpenVPN, but that’s to much for a small setup like remote access to your home network.
Use it on iOS, Ubuntu and Windows to access my home services and DNS (Split-Tunnel).
It’s a pretty easy setup on OpenWrt. A quick look into the fresh tomato wiki tells me, that it shouldn’t be to complicated to achieve on your router (firmware). If you need help with setting Wireguard up, let me know, I’m happy to help out.
I am already self-hosting a lot of things for 15+ years now, including git, but I am looking for a solution like Github that is federalized (not Gitlab or the like)....
Codeberg is using Forgejo, basically Gitea. You can change the editor, if you like with other editors if you host Forgejo or Gitea yourself. Features like CI/CD can be deactivated.
I have to agree, RAID has only one purpose - keep your data/ storage operating during a disk failure. Does not matter which RAID level or SW. Thank god you mentioned it before.
There can be benefits in addition depending on RAID level and layout, for example read & write speed or more IOP/s than an individual disk (either SSD or HDD). However, the main purpose is still to eliminate a single disk as a single point of failure!
Back to topic - if you have a strong requirement to run your services which (rely) on the SSD storage, even if a disk fails - then SSD Raid yes.
For example.: I have s server running productive instances of Seafile, Gitea, and some minor services. I use them for business. Therefore those services have to be available, even if one disk fails. I cannot wait to restore a backup, wait for a a replacement disk and tell a client, Hey, sorry my server disk failed” (unprofessional)
For protection against data loss - backups: one local on another NAS, one in the cloud. 👌🏼
Funny 😄 pretty much asked myself the same thing, the day before yesterday.
Specifically, I have been looking for encrypted mail hosters supporting your own domain. Also, hosting in Europe on dedicated Hardware (or at least guaranteed European VPS), GDPR compliance and some sort of certification/ verification of the said requirements and their claims!
What I came up with:
mailbox.org (never heard of it before, but pretty much has your requirements covered) <- Tor nodes, anonymous accounts(no personal data at all!)
proton mail
Tutanota (pretty young - but interesting concept)
I won’t cite their individual plans - that’s for you to figure out in detail.
The thing that bugs me with the Proton Mail and Tutanota, to effectively make use of their threat model/ encryption you have to use their Apps/ Software. EDIT: I’m currently using Microsoft365 - with it you are pretty much locked in - I fear with Proton or Tutanota it’s the same. Migrating is a pain.
I’m trying mailbox.org at the moment - they got a 30-free trail.
Totally agree! I just have been a registered reader on Reddit. Now, it’s the first time I’m participating - might be considerably because lemmy is trending. Nevertheless, I found communities and post I’m interested in within minutes - 👌🏼 whereas Reddit was mostly clutter.
I discovered a band, that I never could manage to listen to or was even interested. A while ago I got totally hooked - TOOL 🔨
And the most amazing thing the YT algo recommend - Dom whiting’s Drum’n’Bass bike ride (streams) As a fanatic cyclist I love the combo and couldn’t stop listening after the first minutes. Of course, I’m looking forward to participate to one of those.
XPipe status update: SSH tunnel and config support, many new features, and lots of bug fixes (github.com)
Hello selfhosted community,...
Starting with selfhosting - advice / help needed
Hi!...
Best router for home use?
I am planning to eventually build my own home server, and when I do I will hook it up via ethernet. But I do want to switch away from the generic FIOS router and use my own for more control over my data and security. Any recommendations?
Vodafone Finds Brits Keep Mobile Phones for 4 Years Instead of 2 (www.ispreview.co.uk)
SMTP Relay for monitoring - custom domain
Hi there,...
Request: file-sharing service
edit: thank you for all the great comments! It’s going to take a while to chew through the suggestions. I just started testing picoshare which is already looking both easy and useful....
What are the hardware requirements for hosting a Lemmy instance for a single account?
I’m interested in possibly hosting my own Lemmy instance - just for my own account. I was thinking of hosting it on Raspberry Pi (possibly the 1GB Pi 4 B), but I couldn’t find much for definitive information on what the hardware requirements would be for such an instance to know if this is even possible. How much storage is...
Advice: accessing home network beyond home
Hi folks, I’m just getting into this hobby thanks to the posts in this community. So far, I’ve installed Ubuntu server 22.04 on an old laptop and got paperless working, and I’m pretty pumped. Now I would like to access it outside of my home network on my phone....
Github fediverse alternative
I am already self-hosting a lot of things for 15+ years now, including git, but I am looking for a solution like Github that is federalized (not Gitlab or the like)....
SSD - redundand storage, or not?
With SSD storage, what what your thoughts on redundant storage devices (e.g RAID1), is it a waste, a nice to have or a must?...
Best alternative to selfhosting email? E.g. email hosting provider for a custom domain
Hey guys,...
Lemmy Just Reached 1 Million Posts (lemmy.world)
Lemmy just reached a new milestone: 1 million posts, across 1,323 servers....
When was the last time you were surprised by liking a piece of music? Finnish
When was the last time you found piece that didn’t match your usual listening habits, but ended up liking it? How did you come accross it?...