Ancestors

Toot

Written by Strange Culprits on 2024-11-14 at 15:19

~Calling all clever with self hosting types (this is Masto, we know you're here somewhere)~

We need help sorting out self hosting, as we are suffering option overload.

Our needs:

1. Secure. How do we (or, do we?) combine firewall, secure logins, 2FA, VPN, tunneling, reverse proxy, etc.? Fewer machines would be better, but we are okay with buying a separate hardware firewall if the benefits justify the up front cost.

2. Easy to set up & maintain. We want to use the tech, not manually edit config files all day. All 3 of our members have tech experience, but none of us wants to have to be a hard core sysadmin for a small self host server.

Our use case:

Central file storage for video, music, documents. Collaboration on files. Video conferencing. Remote access, as the server will be set up in a different city from where we live. So, Nextcloud, Duplicati for backups, something like Jitsi Meet, some kind of secure login like zero tier / Cloudflare / tailscale.

Options we have considered:

1. CasaOS - concerned about security (uses HTTP by default). If a hardware firewall would solve this issue, this option is the one we're most familiar with presently.

2. Cosmos Server - appears secure, not sure if it's 'daily driver' ready. If anyone uses Cosmos as their daily server OS, please comment on your experience.

3. UmbrelOS - not sure if it supports installing Docker containers that aren't in its app store. Also, not sure about security.

Fediverse, please guide us to the path of easy and secure self hosting, as we are sick of reading crappy subreddit threads!

Please boost to help us find answers 🙏🏽

[#]selfhosting

=> More informations about this toot | More toots from StrangeCulprits@c.im

Descendants

Written by Patrizia on 2024-11-14 at 15:48

@StrangeCulprits TrueNAS Scale might work for you - it's reliable, based on Debian, and supports docker (both with a curated app store and also via docker-compose of the isn't a curated app or you want a bit more control). It can also host virtual machines.

You can use a reverse proxy to expose those services to the wider internet.

It's not trivial to set up, but it's worth spending the time to get it right, and if you do have trouble then the community is very helpful.

=> More informations about this toot | More toots from patrizia@hachyderm.io

Written by Jack C. on 2024-11-14 at 15:50

@StrangeCulprits I've just started using #YunoHost as an easy way to set up certain services for myself and a handpicked group of users. I haven't had time to document things as thoroughly as I'd like but I'll be putting more information into my #wiki as I go.

Find it here: https://yuno.jack-case.pro/bookstack/

@yunohost

=> More informations about this toot | More toots from GandalfDG@indieweb.social

Written by Joe Scharf on 2024-11-14 at 16:26

@StrangeCulprits This is a lot to set up and maintain all at once and some of these apps are rather heavyweight and may or may not do everything you'd expect from each of them (wrt. their commercial counterparts). I'd suggest some prioritization and maybe a more gradual approach, and perhaps demo some of the options (if you haven't) prior to implementing. DM if you would like to discuss further.

=> More informations about this toot | More toots from joe@joescharf.com

Written by Just Dude on 2024-11-14 at 17:57

@StrangeCulprits I am a #freebsd or any variant of BSD fan since I installed it.

Incorporated security in stead of on top of a kernel.

Easy maintenance and setup.

Jails with bastillebsd for example for isolated functions like mail, firewall etc

Bhyve for the linux ones or Podman (docker equivalent)

https://podman.io/

https://bastillebsd.org/

=> More informations about this toot | More toots from JustDude@bsd.cafe