8.6 KiB
| Alias | Tag | Date | DocType | Hierarchy | TimeStamp | location | CollapseMetaTable | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
2021-08-26 | Personal | Root2 |
|
true |
Parent:: @Networks, @Computer Set Up
^Top
name Save
type command
action Save current file
id Save
^button-SelfHSave
Self-hosting
[!summary]+ This note explores self-hosting through its infrastructure and associated services.
style: number
Infrastructure
This section sums up required infrastructure for self-hosting online services.
Hardware
An option is to look at a Virtual Private Server (VPS) service. This also solves the issue of the access to the Internet, that is more and more advised to not come from a home connection.
[!tip] A good aggregator for low-cost VPS here
Otherwise, physical hardware include:
| Product | Type | Price range |
|---|---|---|
Synology (DS218/220+) |
NAS | £250/300 |
Dell Poweredge Tower Server T30 |
Server | £300/400 |
HP Z420 |
Workstation | £400 |
==WIP==
OS & Applications
#^Top Linux is the most common OS for servers. Ubuntu, Debian or CentOS the most common distributions. MacOS would require a Virtual Machine to run properly.
Internet connection
More and more literature point that a home Internet connection may not be the most appropriate way for a server to connect to the Internet. ISPs limit traffic to manage bandwidth and comply to legislations.
Domain
[!info] Privacy-friendly domain manager Njalla
Domain management is important for several reasons: email and email routine can only be defined once per domain. As such, email services (self-hosting, email aliasing) need to be run on separate domains.
For self-hosting, the folllowing domain will be used: mfxm.fr
[!warning] Sub-domains to be defined with webhost.
Security
Security is paramount at the points of connection to the server. SSH protocols are secured but csn be intercepted. Two different ways of protection can be implemented:
RSA Key
[!info] Documentation SSH Key Tutorial SSH Key Tutorial 2
All documentation to implement such control can be found VPS Console Dialogue#Securing Server access.
VPN
[!info] Documentation SSH VPN
Not tested.
Other security considerations
Additional measures can be found below and are in majority described VPS Console Dialogue#Editing the Server's SSH config.
[!info] Documentation Securing SSH
Continuity & backups
[!info] Documentation Local backup Hot Copy
Backups are managed through the tar command and dispatched over the network with rclone. Instructions can be found VPS Console Dialogue#Backing up a server.
Server Monitoring
[!info] Documentation Monit Performance Co-Pilot Nagios
Monitoring is implemented through a free and open-source tool called Configuring Monit.
Other Apps include: dockprom CrowdSec - The open-source & collaborative IPS
Running multiple services on the same hardware
[!tip] Considerations to start Tutorial Caddy tutorial Nginx Proxy Manager tutorial
In essence, to run multiple services on the same hardware, a few basic steps need to be taken to ensure that each service runs properly.
| Consideration | Tool | Description |
|---|---|---|
Compartimentalise services into containers |
Configuring Docker | Creates containers that can be run independently |
Simplify docker commands |
docker-compose | Enables to create 'script' for docker commands |
Route internet traffic appropriately |
reverse proxy: nginx, Configuring Caddy | Enables to route addresses to the appropriate containers and manage SSL certificates (and https forcing) |
Self-hosted services
A list of FOSS services can be found here
| Service | OS | Technical reqs | Description |
|---|---|---|---|
| Email service | Linux | 2GB RAM recommended | self-host an #Email service |
**Email aliases**
| Linux | 2GB RAM; ports: 22, 25, 80, 443 | an #Email alias service\ like [SimpleLogin](https://simplelogin.io) **Nextcloud** | Linux | 500M RAM; MySQL & SQL Lite; PHP 8.0; Apache 2.4 with PHP or nginx with PHP | #Personal cloud syncing instance**Instant Message**
| Linux | 2/4GB RAM; ports & other extensions | Element instance for #Instant Messenging**VPN**
| Linux | 500MB RAM | Host a private #VPN
Email service
#^Top Email service can be fully built but has many components to it: server, database, imap, caldav, carddav, DNS specificities, spam whitelisting as well as security (server access & spam filtering). It can therefore be tideous to build an email service from scratch. Pre-packaged solitions exist to manage all components:
- IRedMail
- Mail-in-a-Box
- Docker-mailserver which is command-line-only and to be built more extensively than the two other alternatives
[!info] Documentation Reddit Documentation Tutorial
Server Alias service
[!info] Documentation Tutorial
Instant Messenging
[!info] Documentation Element
Website
[!info] CMS Open source CMS solution: The world’s fastest framework for building websites | Hugo Or Jekyll • Simple, blog-aware, static sites | Transform your plain text into static websites and blogs Or Eleventy, a simpler static site generator.
ShortURL
#^Top Through Wordpres with Thirsty Affiliates: free of charge.
Self hosting ideas
Photos
[!info] Photoprism Self-hosted photo management solution: here
[!info] Piwigo Website
Tools
| Tool | Self-hosted service | Link to tutorial | Sub-domain |
|---|
Youtube with no ads
| **Piped** | [here]([](https://piped-docs.kavin.rocks/docs/self-hosting/)) | videos | **AdGuard Home** | [here](https://cyberhost.uk/adguard-setup/) | dns-resolverOnline identity
| **authentik****authelia** | [Welcome \| authentik](https://goauthentik.io/)
[GitHub - authelia/authelia: The Single Sign-On Multi-Factor portal for web apps](https://github.com/authelia/authelia) | identity | Online pantry | Grocy | [grocy - ERP beyond your fridge](https://grocy.info/) | groceries
Database: MySQL, MariaDB, Postgres
| App | Database |
|---|---|
| AdGuard | none |
[!info] VPS Ideas Website