this post was submitted on 22 Nov 2023
6 points (100.0% liked)
Self-Hosted Main
21 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
- Service: Dropbox - Alternative: Nextcloud
- Service: Google Reader - Alternative: Tiny Tiny RSS
- Service: Blogger - Alternative: WordPress
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
- Awesome-Selfhosted List of Software
- Awesome-Sysadmin List of Software
founded 1 year ago
MODERATORS
In my opinion, cloud storage for (zero knowledge) backup. Your backup strategy should include a diversity of physical locations. I had a house fire a few years ago. Luckily, my data drives survived, but if they hadn't, my cloud backup would've been invaluable.
Don't host your own email server.
Just trust me.
Meh, been doing it for 5 years now with minimal issues. Had one issue come up where my domain was flagged as malicious, but was solved in a few days and some emails to security vendors.
I think it's important that those who can, and are educated enough to keep it running properly do host their own. Hosting your own email should be encouraged if capable because it helps reduce the monopoly, and keep a little bit of power for those who want to retain email privacy.
I agree with KN4MKB. I've been hosting my own mail server for decades. Not one issue. I use that in lieu of a mail service provider (Google immediately comes to mind), as their EULA service agreement will tell you that - since you're using their service, on their servers - anything goes. Read the fine print on Gmail, and you'll see. π
Why?
I did it anyway some time ago and I'm really happy with it. I'm using my own email addresses for absolutely anything by now.
load more comments
(1 replies)
People saying email, look into using external SMTP servers as relays. Your domain most likely comes with at least one email account with SMTP access. You can use that as a relay to send personal/business emails from your server using the provider's reputable IP addresses.
A password manager because if anything goes wrong, you'll be completely screwed.
What you SHOULD absolutely self host though is a password manager, so you can be in control of your most sensitive data.
Regarding email, I think everyone should absolutely self host it, but it's less and less viable in this google/Microsoft duopoly world. But ideally everyone would self host it. The reason why people advise against it really comes down to lack of real competition, and the two tech giants dictating how we violate every RFC possible.
A password manager because if anything goes wrong, you'll be completely screwed.
What you SHOULD absolutely self host though is a password manager, so you can be in control of your most sensitive data.
Wot?
Don't self-host email SMTP or public DNS. They're hard to set up properly, hard to maintain, easy to compromise and end up used in internet attacks.
Don't expose anything directly to the internet if you're not willing to constantly monitor the vulnerability announcements, update to new releases as soon as they come out, monitor the container for intrusions and shenanigans, take the risk that the constant updates will break something etc. If you must expose a service use a VPN (Tailscale is very easy to set up and use.)
Don't self-host anything with important data that takes uber-geek skills to maintain and access. Ask yourself, if you were to die suddenly, how screwed would your non-tech-savvy family be, who can't tell a Linux server from a hot plate? Would they be able to keep functioning (calendar, photos, documents etc.) without constant maintenance? Can they still retrieve their files (docs, pics) with only basic computing skills? Can they migrate somewhere else when the server runs down?
lol
load more comments
(1 replies)
If self hosting from home.. email servers
At home, your IP is likely blacklisted and/or your provider has blocked the necessary ports. Not to mention the layers of potential headaches dealing with potential spam block dbs, especially if you don't own your IP.
You can of course do custom setups allowing you to skirt these restrictions, but can sometimes be a bit complicated and typically involve non-traditional customizations.
email service
I'm doing it on a bm I rent for 10 years now without issues with spf, dmarc, dkim and everything from scratch (no docker bloat)
Docker is the antithesis of βbloatβ.
Docker is horrid for duplication. Unless you use a filesystem with good deduplication, docker can hurt a lot on your storage. and even then it still can just not work often due to due to already deduplicated extent stuff
load more comments
(3 replies)
Push notifications.
It is fine hosting a service that gets requests then talks to FCM or the iOS version. But a service that one's phone stays connected to 24/7 is really hard, and not kill one's battery.
Mail server, too many troubles related to domaine name blocking/ban, good for internal network/VPN use but not for anything serious
Yea, Email is a big one... it'd be kind of pointless, because the person on the other end is NOT using a self-hosted solution, odds are, and it would be a ton of work to maintain, etc., and likely less reliable.
I wouldn't self-host my voicemail server, most likely, either. :P Just no point.
Password manager. While some may cache on your client devices, by and large if your server goes down, no passwords.
load more comments
(2 replies)
I don't self host anything where it would impact me unduly if it went down while I was on holiday to the point where I'd have to break state and go fix stuff.
I don't want to have to leave my beer or beach and head off to fix things like an email server, restore a password manager db etc. so anything like that which is critical to the point where an outage would prob have me do so means I pay someone else.
I think there's a hangup on the term "self-host" where some people are assuming it's going to be exposed to the Internet.
I self-host a ton of stuff that is only available inside my home network or through my VPN, which is not publicly discoverable. I would never open a TCP port to the world from my home network. That's how you end up on shodan.
So yeah, if it has to accept inbound connections from arbitrary other systems on the dirty internet (email, mastodon, etc), it's not happening on my network, and probably not at all because it's a pain in the ass to stay patched.
Internet-accessible authoritative DNS nameserver(s) (unless you have a completely static public IP).
Personally I don't think it's worth hosting recursive dns resolvers. Most of the options with ad blocking are single points of failure and when it breaks the household acceptance factor is just too low.
Just....set up two RPIs with Pihole instead of one? Chances are your router can have a fallback DNS. Sure, you have to update the rules in both places, but honestly it's not a big deal, and you now have redudancy.
I'm running 2 powerdns recursors and authoritative servers, and 2 piholes (long story why so many), and none of them have failed on me so far, and when I took one of them offline, I didn't notice anything because the other took over. And if anything REALLY fails, I'll just switch my router back to using cloudflare or Google or quad9 temporarily, and at least Internet access will be restored so people can at least browse the internet.
Pihole also has an API and a home Assistant integration, so you can create an AdBlock toggle switch for others, in case it blocks something and they need immediate access. Not ideal, but it's a doable workaround.
This is really something that's super easy to self host, and mitigate if something goes wrong. Especially since that commercial router is already a single point of failure for most households.
Chances are your router can have a fallback DNS.
Chances are it can't. You can probably set multiple DNS servers (anywhere, not just routers) but they aren't a primary/secondary sort of deal. Most traffic might be weighted towards the first one in a list but you will find traffic still hits the others.
Mail server or anything using RDP.
The login page to your NAS.
If your NAS is properly updated, and SSL is used, then the login screen it just as safe as any other web app with regular updates. I would ask why someone would want that.
load more comments
(3 replies)
load more comments
(1 replies)
Iβve seen far too many compromised Wordpress installations to ever consider installing it in my home dmz.
load more comments
(3 replies)
Aside from other stuff mentioned here about email. I always assumed I'd become a target for spam that I'd have a harder time filtering out to the point it stops being worth it to have a custom email address.
That and I can almost guarantee I would end up screwing up the backup of my inbox and losing everything rending the whole endeavour pointless.
load more comments
(4 replies)
Choosing a service to NOT selfhost is a subjective descision.
I host 18 Proxmox VMs and 20 Docker containers at home. I also was selfhosting a WebDAV server for synchronizing my Joplin notes between devices and Vaultwarden for managing my Bitwarden vault, but decided to push the Joplin synchronization target to Dropbox [free] and to use Bitwarden's free cloud solution for my passwords and secure notes. I did this because I will need immediate access to these two critical sources of information should my house burn down, or get blown over by a tornado. I have extremely strong passcodes for these and trust the hosts.
This was strictly a personal decision. YMMV.
load more comments
(2 replies)
Clearly opening RDP port on internet. NEVER.
What is wrong with that? Don't they still need correct credentials to connect?
load more comments
(4 replies)
load more comments
(8 replies)
E-Mail.
And maybe unpopular opinion:
-
Any service that you use with port-forwarding, besides WireGuard.
I would never access any self-hosted application without VPN. -
Password manager. I want to minimize complexity with my most important data (that's why I'm using KeePass instead of Self-Hosted Bitwarden).
Email. I always recommend AWS SES. Use it at as an SMTP relay and any internal services gets restricted access through IAM.
Plex. Despite everything be supposedly self hosted, they are spying on what you're watching and sharing that info with 3rd parties, your friends and your family.
Use Kodi instead or if you're old school like me, an old fashioned smb share running on a pi.
I wasn't aware you could do something like this on kodi, i remember it being basically just a client for viewing content, not a web based server
load more comments
(2 replies)
Emails
Tor exit node. Too much legal stuff.
view more: next βΊ