this post was submitted on 06 Feb 2024
17 points (84.0% liked)

Selfhosted

48649 readers
1552 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
17
Offshoring my solutions (aussie.zone)
submitted 1 year ago* (last edited 1 year ago) by palitu@aussie.zone to c/selfhosted@lemmy.world
6 comments fedilink hide all child comments
 

Hey y'all!

I am after the colelctive expertise of this fantastic community. My family and i are moving overseas for a year for a pacific adventure, which leaves my hosting setup in a bind. We will be renting out our house and i will need to move all of my 'servers' (read laptop and NAS) out.

All of my services are in docker.

My main services that i MUST keep are:

  • Immich
    • 600Gb or so
    • very important as we will be taking a HEAP of photos.
  • paperless
  • vaultwarden
  • custom location tracking service
  • radicale

I would also like to make it so that all of my media is still available, but i may need to get a set up at a friends house. I have jellyfin plus a bunch of *arr's

I was thinking a mix between at a mates house and a cloud server.

any thoughts?

edit: a lot of my services are exposed publicly, via Nginx proxy manager.

top 6 comments
sorted by: hot top controversial new old
[–] constantokra@lemmy.one 10 points 1 year ago

If you have the option to host physical hardware from your friend's house, I'd go that route for the whole thing. Set it up so they can access your media server locally, maybe even immich, and VPN in for everything yourself, that way you don't have to expose ports, except the wireguard port. Don't acquire new content from their network unless you do it behind a good VPN with a killswitch and they know and are OK with what you're doing.

I would personally rather have my documents, photos and media collection on a computer a friend has physical custody of than in the cloud, but that's on you and your friend. I prefer to host vaultwarden and a notification server, in my case, gotify, on the cheapest vps I could find, which was about 12 bucks a year last I checked.

I'd also set up a tor hidden service for ssh, just so you have another way in, in case something comes up. Or you could get a cheap cellular modem and a yearly Sim card. In the US, red pocket is a good choice, with a limited option available for less than 50 bucks a year. You never know when their ISP is going to do something weird, and you'll be able to figure it out a lot easier if you have a reliable way into your server.

You should probably think about backups too. You can obviously do a backup before you go, but you're going to want to back up at least your new photos while you're gone. I'd suggest looking at koofr lifetime storage plans, as they're pretty cheap for the size.

[–] ptz@dubvee.org 8 points 1 year ago* (last edited 1 year ago) (1 children)

Are any of your services public facing? If so, you might want to make the VPS your reverse proxy and VPN server and have your stack at your friend's house connect to the cloud server via VPN. The reverse proxy on the VPS would connect back over the VPN to the equipment at your friend's house.

This would prevent your friend from having to open ports in their router and from exposing their IP to the world (beyond their normal traffic, that is).

Plus, it would allow you to VPN-in to manage as well as have a "kill switch" should you need it (cyberattack, etc)

I would not run any of the *arrs on a network that is not yours (even if you have them routed through a VPN). It puts a liability on your friend and may eat up their bandwidth.

And definitely make sure your friend knows what they'll be hosting for you and how it may impact their network.

[–] palitu@aussie.zone 4 points 1 year ago* (last edited 1 year ago)

Are any of your services public facing?

Yes. i think that is like a "bastion" server, or something like that. good idea. I expect that i can get more-or-less free VPS, and just run the NPM and tailscale or something there.

I would not run any of the *arrs on a network that is not yours

Good thought, i dont think i would need it whilst i am away anyway.

And definitely make sure your friend knows

yep, responsible hosting :D

thanks for the thoughts.>

[–] asshole@r.nf 2 points 1 year ago (1 children)

I'm not sure what the question is.

Only thing I can think of is add a VPN like Tailscale so you don't have to worry about any exposed services.

[–] palitu@aussie.zone 1 points 1 year ago

All my hardware needs to move. And I cannot take it with me, but I want to keep my core stuff available. Looking at what people think are some good options.

I expect it will be to a mates house with taolscale or similar in front.

[–] Decronym@lemmy.decronym.xyz 1 points 1 year ago* (last edited 1 year ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
CGNAT Carrier-Grade NAT
HTTP Hypertext Transfer Protocol, the Web
IP Internet Protocol
NAT Network Address Translation
SSH Secure Shell for remote terminal access
SSL Secure Sockets Layer, for transparent encryption
TCP Transmission Control Protocol, most often over IP
TLS Transport Layer Security, supersedes SSL
UDP User Datagram Protocol, for real-time communications
VPN Virtual Private Network
VPS Virtual Private Server (opposed to shared hosting)
nginx Popular HTTP server

11 acronyms in this thread; the most compressed thread commented on today has 15 acronyms.

[Thread #491 for this sub, first seen 6th Feb 2024, 12:55] [FAQ] [Full list] [Contact] [Source code]