The problem I have always had when building elaborate home server setups is the "set it and forget it" nature of the systems I've installed bites me in the ass. Since it's not my full-time job to manage these systems, I'm really not familiar with them the way I might be with the systems I manage at work. These systems cruise along for years, and when something finally does go belly-up, I can't remember how I set it up in the first place. Now I have a giant chore looming over me, ruining a perfectly good weekend.<p>These days, I design everything for home with extreme simplicity coupled with detailed documentation on how I set things up.<p>Docker has helped tremendously, since you can essentially use an out-of-the-box Linux distro with docker installed, and you don't really have to install anything else on the hardware. Then if at all possible, I use standard docker images provided by the software developer with no modifications (maybe some small tweaks in a docker-compose file to map to local resources).<p>Anyway, my advice is to keep the number of customizations to a bare minimum, minimize the number of moving parts in your home solutions, document everything you do (starting with installing the OS all the way through configuring your applications), capture as much of the configuration as you can in declarative formats (like docker compose files), back up all your data, and just as importantly, back up every single configuration file.
The diagram alone is more than enough of an argument to dissuade me from giving this a shot right now - it's simply too complicated and too much to manage for the amount of time I can dedicate to it.<p>BUT - I'm really thankful for people who keep posting and sharing these sorts of projects; they're the ones iterating the process for the rest of us who need something a bit more turn-key.<p>I'm excited to see this eventually result in something like the following:<p>- Standard / Easy to update containerized setup.<p>- Out of the box multi-location syncs (e.g. home, VPS, etc.)<p>- Takes 5 minutes to configure/add new locations<p>I want this to be as easy as adding a new AP to my mesh wifi system at home: plug it in, open the app, name the AP, and click "Done".<p>(Edit - formatting)
Ok, I’m SUPER into self hosting, but this article? No way.
1) Duck out isn’t a thing, just stop it.
2) Half the articles cited as examples of corporate abuse were later revealed to be mistakes by the user or easily avoidable pitfalls.
3) Self hosting still requires trust (software you’re running, DNS, domains, ISP, etc...) The line of who to trust and how far is a tough one to answer, even for the informed.<p>How I solved it:
1) I use well vetted cloud services for things that are difficult/impossible to self host or have a low impact if lost. (Email, domains, github, etc...)
2) I self host things that are absolutely critical with cloud backups. (Files, Photos, code, notes, etc..)
Hi, I'm the author,<p>Thank you all so much for your comments. I didn't expect this will be this high on HN. I'm aware there are more simple solutions for self-hosting, even partially. I'm also aware that my setup is not perfect - that's why this post was created. I was hoping to get some feedback. Not from that many of you, but some friends. :) Ask me anything you like, I'll try to answer every question.
"for purely private use, I wouldn’t opt for AWS even if I had to choose now. I’ll leave it at that"<p>I will elaborate: I started out with AWS several years ago. I could never work out how they calculated my bill, and had more than one >$100 shocks for hosting my personal services.<p>I moved to DO and Vultr (stayed with DO for no real reason) and so shut everything down on AWS.<p>But I still got a $0.50 monthly charge on my credit card. I tried emailing - no response, totally ghosted.<p>I went through the control panel several times - it is/was a huge mess, obscure by policy obviously - and finally in some far distant corner found something still turned on. I did not understand what it was at the time and can recall no details, but I turned it off with great relief.<p>A week later I got a email from AWS (!) saying that I had made a error and they had helpfully turned the whatever it was back on...<p>So I continued to donate $0.50 a month to Amazon until I cancelled the credit card for other reasons. (it would cost $10 for the bank to even think about blocking them)<p>These days I will crawl over cut glass not to do business with that organised bunch of thieves called Amazon.
Y'know what, Although I'm currently self hosting my email, my websites, my storage, my SQL, my Active Directory etc., I'm also in the process of migrating the whole lot to Azure and/or independent hosting.<p>Why? It's just too much hassle these days; I want my down-time to be no longer dictated by my infrastructure. I don't want to have to spend off-work hours making sure my boxes are patched, my disks are raided, my offsite-backups are scheduled, and my web/email services are running. I just want it all to work, and when it doesn't, I want to be able to complain to someone else and make it their problem to fix it.<p>For my data, I'll probably still have an on-site backup, but everything else can just live in the cloud, and I'll start sleeping better, due to less stress about keeping it all secure and running.
IMO you can get 90% of the utility here (owning your data) with just the NAS and rsync.<p>1. Don't feed the FAANG<p>2. Store your SoR media, notes, documents on your own NAS<p>3. Automate a backup of the NAS, preferably both on and off site (I use rsync from a pi + large disk + cloud blob storage)
Funny headline, because every time I try to self-host anything important like mail, I learn how deep that field is and how little I know and that I'll probably need many many hours to do everything right and in a secure way (and my mails would still have a higher probability to be classified as spam). Then I think: "Screw it, I'll just use GMail"
The most chilling reason for me to self-host is the third-party doctrine.<p><a href="https://en.wikipedia.org/wiki/Third-party_doctrine" rel="nofollow">https://en.wikipedia.org/wiki/Third-party_doctrine</a><p>You don't really own any of your cloud data, even if it feels like it. If you want to own your data then it needs to reside on private computers in private spaces - though that does not preclude you from sharing but you lose control of what you share.
I always wonder why people don't trust their offsite back-ups to cloud providers. I know they're trying to get away from getting locked out of their data, but what are the odds a burglar steals their computers on the exact same day their cloud provider locks them out because they violated the 'no making fun of ridiculous cloud provider lockout policies' policy?<p>As long as your house burning down and your cloud getting locked don't occur on the same day, you're golden and thus no messing with blue-rays and bank security boxes.
I had the same thought as the title of the article go through my head, but we ended up with a simpler setup as I wanted something I don't have to constantly mess with:<p>* Put together an overbuilt NAS box running ZFS On Linux<p>* Simple docker-compose file for all services<p>* Backups through borgmatic (via ZFS snapshots)<p>* Auto-updates through watchtower<p>* Punted on email and use FastMail, switched to our own domain from gmail<p>Services we run include:<p>* PhotoPrism for semi-Google Photos functionality<p>* Nextcloud and Collabora for file sync, sharing<p>* Kodi for home media<p>* Tiddlywiki<p>* DDNS through Gandi since we're on a dynamic IP<p>* PiHole for some ad/privacy protection<p>* Robocert for SSL<p>* Nginx to reverse proxy everything<p>It wasn't _easy_ to set up, but in a year, any given week I typically spend 0 hours dealing with it. No problem that _has_ cropped up has taken more than a few minutes to fix, mostly around docker networking and auto-restarting containers after Watchtower auto-updates them, a problem I've since fixed.<p>This setup seems way easier than k3s or some other recommendations, doesn't require much new knowledge, and is as portable as I need it to be. If needed I could plop the docker-compose on a new machine, change some mount points, and largely be up and running again quickly. It's let us switch to "deGoogled" phones and unplug from almost every hosted service we used to use.
> I’m living in Germany, so the obvious choice was to spin up my instances in Vultr‘s* data center in Frankfurt, as ping is the lowest to that center for me.<p>The author is probably aware of this, but just in case they aren't: Hetzner is an amazing company with two or three datacenters in Germany. I don't remember if any of them are in Frankfurt, but given they offer VPSs and beefy dedicated machines, I'd be fine trading a couple milliseconds for this flexibility (and overall better pricing, even if Vultr's isn't that expensive as well).
I'm curious as to for how long you've been using this setup specifically in regard to Nextcloud, and how many and what volume of files you store in it?<p>I've set up a few Nextcloud instances in the last 2 years on Digital Ocean VPSs and Raspberry Pis and I ran into so many problems and difficulties which scaled with the quantity and size of files I hosted on it. I took care in setting up everything to a relatively solid standard (memcache etc.), but I found Nextcloud to be so unreliable for syncing particularly with the official Android and Linux clients. Plus, there was the whole botched version 20 upgrade.<p>I find Nextcloud tries to solve too many problems turning it into a bloated mess even for a moderately experienced user.<p>For file storage only, I've found Syncthing on a Raspberry Pi at home syncing over Zerotier (for when I'm not at home) to be a much more robust, user-friendly and scalable solution, despite it syncing whole folders only.
Theres an opportunity here for someone to build a "platform" that makes this all plug-n-play; like what the apple/google app stores have done but where the end user has control.<p>Something along the lines of someone buys some hardware with this platform on it and gets a gui that lets me install "apps" on top of it.<p>Personally, I've got a home setup that is on its way to what the op has; but I think there's demand from non-techy folks to get off the big co's apps and onto privacy focused ones that they control.
But what will you do if people aren't telling you exactly how to run your life and your setup? I certainly appreciate the effort and will be digging into this. I'm so sick of the tyranny. I've started my own 'disconnect' plan, and this is giving me a lot of ideas. I've already deleted Facebook, Amazon (that was a hard one), and well on my way to independence. Google is next, and like another commenter I'm using Proton mail now exclusively. Kudos for your efforts to help those of us that are really struggling right now - much appreciated.
I’ve been running Nextcloud on a DigitalOcean droplet, backed by S3 compatible storage from Wasabi for about 3 years now - it’s been pretty seamless. I think the old Nextcloud client syncing issues are a thing of the past (unless you work will <i>really</i> big files). Costs me $15/mo total.<p>My Nextcloud instance gets one-way synced using rclone to a NAS once daily, and one-way synced weekly as a tar archive to Onedrive (1TB storage from Office365 is otherwise unused, so...). The rclone setup is all with docker-compose + sops for rclone config, so I can just git clone and Docker-compose anywhere to get another machine backing up.<p>A nice addition is that the droplet serves as a WireGuard server that all my devices are pretty much always connected to (with split routing).<p>I host a couple of other services on the droplet including The Lounge for IRC, my personal website and a pastebin type app.<p>If anyone is interested, the whole setup is on GitHub at <a href="https://github.com/jnsgruk/infra" rel="nofollow">https://github.com/jnsgruk/infra</a>
"A drinking game recommendation (careful, it may and probably will lead to alcoholism): take a shot every time you find out how someone’s data has been locked and their business was jeopardized because they didn’t own, or at least back up their data."<p>That one put a smile on my face.
I said "screw it" after my Oracle Cloud "always free" account was terminated with no recourse, a few days after having activity on the database building an application prototype, well under the resource limits. I'm now running a libvirt VM on my laptop to develop the prototype.<p>Others have complained about Oracle Cloud's draconian practices. Doesn't sound like a company that wants to build a cloud business.<p>Cheers
I'm doing something similar with a NUC that I colocated. $27/month for a gigabit port + 5 IPv4 addresses, and it's far more powerful than any VPS I could get for the same amount of money.<p>It was a little bit of work to set it up initially, but now I maybe spend 30 minutes a month making sure things are updated. Hosting my own wiki, DNS over HTTPS server, Matomo analytics, and a few other random services.
Isn't $55 a bit high in total cost? Aside from the 2 servers for projects, all of those aren't going to need entire servers just for 1 user. I've run Nextcloud doing all the same stuff for half that price and don't think Gitea or Monica would add much overhead.<p>I'm aiming to do a lot of the same (and more) but definitely aiming at a much lower monthly cost.
Tried the same some time ago. While setup is fun, maintenance etc. is mostly underestimated. Following Murphy's law, things mostly break in uncomfortable times (deadlines, etc.).<p>My (current) strategy: Do without the "last functionality" and stick with boring, local software/approaches. Not everything needs to be synced to / accessible from any device -- at least for me... One well backed-up machine, a few online services (e-mail, github for collaboration, ...) and long-proven applications like Photos.app. Something close to the situation 15 yrs before?
Doing something very similar, hosting a lot of things on a Raspberry Pi 4 with 400 GB SD card.<p>Dockerizing most things <a href="https://github.com/divyenduz/dev-infrastructure" rel="nofollow">https://github.com/divyenduz/dev-infrastructure</a><p>Not as easy though, I still need to figure backup strategy and everything. My goal is to eventually remove photos, and almost everything hosted entirely really.
You can still have a backup of your files and push them to another provider without self-hosting. It will take up 10x-100x your time to learn and use and maintain these alternatives, versus just taking a regular backup and using a managed provider.<p>It seems like 95% of the adherents to self-hosting do it as a hobby but pretend it's prudence.
Vultr seems entirely unnecessary in this picture (but the referral dollars probably help). They are just hosting stuff for themselves, right? The Synology can do all that (through VPN for the on-the-go devices). Separate VPSes for things like a 1-user Monica instance are insane.
I use AWS - the customer service seems great - I've personally received good service, the support life times are amazing (I used Simple DB).<p>These articles with "I wouldn't use AWS I'll leave it at that.." - be more specific!<p>For personal stuff ECS / fargate works well in my use cases. I put together a little docker and away I go - I pay for one reserved instance which saves money - fargate for stuff that is occasional or bursts (when I started fargate pricing was too high).<p>Docker is in some ways self documenting - I also have a home server setup complete with router etc - but someone is going to bump something at home and the reconfig / resetup time is much longer than with AWS.
The main thing about building all these private cloud setups, that bothered me most of time is security. It is not a big deal to take from GitHub and run all these bricks of your infrastructure, but how to maintain? Everything should be updated regularly, otherwise you risk to get your data dumped and leaked by some automatic crawler or home-grown hacker, once new vulnerability is discovered in any part of your tech stack.<p>The only easy solution I see is to hide everything in the private network and make accessible only under VPN. However, it is not that useful, when you need to get some file or read/reply email from some new device not owned by you.
As someone who has selfhosted for a couple of decades, i can understand the lure of it, but the author forgets to mention the huge effort it is to keep public servers available and free of unwanted visitors.<p>I've gone the other way. I had everything on a Synology box at home, backed up locally and remote, with a Proxmox server on a DMZ network, mounting all (data) storage from the Synology via Kerberized NFSv4 through the firewall, and exposing select services to the world (limited by IDS/IPS and geoip filtering)<p>I spent around 1-2 hours daily checking logs, installing patches, checking backups, and other sysadm maintenance jobs. When 2021 rolled around i decided i no longer wanted to be a sysadm in my spare time, so i quit.<p>Everything previously hosted at home was pushed to dedicated hosting providers for that type of service (pythonanywhere for django projects, etc). Not just VPS as that's essentially just self hosting on other peoples hardware.<p>Basic file synchronization went to Microsoft 365 Family. Sensitive data are manually encrypted with either LUKS or Encrypted Sparsebundles.<p>As for my Synology, i pushed all data on it to Jottacloud via rclone and the crypt backend. I then have a machine at home with a 1TB SSD acting as my "NAS", but in reality it's just mounting the Jottacloud data and using the 1TB SSD as a vfs cache. It then exposes the Jottacloud data through Samba.<p>The NAS handles backups of Jottacloud and Onedrive to a local 8TB USB drive. A remote machine wakes up once per day, mounts the cloud shares, and makes a backup as well.<p>In case i get locked out, it's just a matter of restoring one of the backups to whatever storage i have sitting around, and i'm back in business.<p>As for speed, the VFS cache really speeds things up. I get gigabit speeds on cached data, and even uncached data arrives in an acceptable pace (500/500 mbit connection), to the point that when i'm on Wifi (802.11ac Wave2)i can't tell the difference.<p>On top of having a lot less noise around me, i also save about 1/2 the cost of the self hosting hardware spread over a 5 year period.
Depending on what you need, a NAS + Syncthing is much simpler than the linked article. Building a PC isn't hard, and keeps prices down. These days, a RPi 4+2 USB HDDs would run circles around the motherboard on my NAS.<p>Syncthing is a great continuous backup solution. I use ~/NOTES as a scratchpad, and it updates automatically between my various computers. It gives you pretty granular control over shares, and I back up critical stuff to a cloud provider.<p>That said, there's no calendar/email/notes. XigmaNAS is built on FreeBSD, and will happily run NextCloud or a photo gallery or whatever.
I like the article and I agree with the sentiment.<p>I think that self-hosting can be quite a bit of effort, but a tool like Ansible makes it so much easier.<p>Whatever you choose to do, the most important thing is that you create data(base) backups and store those in an environment that you can control at all times.<p>There needs to be a viable exit strategy, just a backup is not enough if it takes more time to restore operations/service than is viable from a business perspective.<p>Perform at least a risk analysis, whatever you choose, make it a conscious, deliberate decision.
> Every last weekend of the month, I will manually backup all the data to Blu-ray discs. Not once, but twice. One copy goes to a safe storage space at home and the other one ends up at a completely different location.<p>The author has a lot more patience than I do. From their description of the NAS, they have at least 2TB capacity. At 50 GB per disk that is 40 Blu-Ray discs to reach 2TB and 80 discs to do it twice. There is no way I would spend a weekend very month burning and verifying 80 Blu-ray discs.
Hosting my own too. There's gmail as backup. But host my mail server, webmail, imap, smtp everthing.<p>Blocking spam isn't that problem. But making sure your mail goes to the receiver's inbox is.<p>You can block 90% of the spam by using only reverse DNS lookup -- doesn't match? Reject. 90% of the remaining can blocked using DKIM, SPF checks. No need for ip black hole check or spamassassin training.<p>The benefit : I can block a sender or his domain in a single click from webmail. Couldn't do that on gmail.
Definitively the wrong approach. I wrote this on another board:<p>> Everyone has 100Mbit lines now, a lot of people have gigabit fiber internet at home.<p>> You can get a Cortex-A55 TV Box for $30, plug in your old SSD drive via USB 3.0 with<p>> a $3 adapter, install Linux and you are ready to go. It consumes virtually no power.<p>> The processing speed and disk speed is incredible. Often the ping is lower than in a<p>> datacenter. This is not even the future of hosting. It has been around for quite some<p>> time. It is totally superior to any mid-range server. There literally are only advantages.<p>Pair this with Yunohost (via Docker). Yunohost is like an appstore for Linux servers. Easy 1-click setups for Nginx, Xampp, Postfix, Dovecot etc. that average people can do and understand.<p>You can still use the TVbox as a media center, even run Libreoffice on it and Blender like a small mini PC that has "poor but good enough" performance for most everyday tasks. Also games via Retroarch.<p>Sounds too awesome to be true? Yes, it is not quite true yet. You can do all this, but you still need to be tech savvy to step through it. And the media-center part is still questionable, because video drivers (the ones that work with hardware video acceleration) are bugged on most SOCs. Games work though, just not HD videos.
"Is it worth the time and hassle? Only you can answer that for yourself."<p>No. Absolutley not. The little sys admin work I have to do at work is all that I want to. I trust Apple and Google with all my stuff -- icloud storage, passwords, Google for email, etc. It just works, and I can move on with my life and focus on things of value to me instead of worrying about an upgrade blowing things up, security patching, backups, etc.
I've just finished putting together some old machines and setting up my home cluster with k8s, and ported first app on it. Okish way to spend some of my Easter holiday.<p><a href="https://github.com/bausano/cluster/blob/master/changelog.md#2021-04-08" rel="nofollow">https://github.com/bausano/cluster/blob/master/changelog.md#...</a>
Looks like the author is undecided on what to push next. Hardware - software "solutions" are not the issue, his definition of what his data is worth, to him, as to the pushers as part of an overview of how to stump the global masses is still opaque to the author. F** the data, it is the amassed, filtered, analysed dataset that is globbed over the wire that matters. If the author really has some content with rationality in-built, originality expressed, it is probably half an a4 page in hand-writing. That would be his back-up(so as not to forget what in a bright flash came up in his processor-mind, the once in his life-time), as it would be his legacy to the world. His billing and buying patterns, with his earnings defining his prodigy of consumption not power who cares? What the glob tells about similar individuals, that is what power minds.<p>Above as to repaint the context, really... this article is as close to a reduction to "nothing" as can be conceived.
I’ve found the following setup works well. It’s simpler, but less featureful:<p>Website is a git repo stored on a nas, and backed up. (GitHub would also work; private repos were scarce when I set this up). It’s published with “s3 sync”, and sits behind a cheap cdn.<p>Desktop is backed up to NAS (via NFS; would use syncthing if I was setting this up again. Previously, I used Unison, which confused some other users of the desktop, but I like it anyway.)<p>NAS uses synology’s client side encrypted HyperBackup to B2.<p>Calendar and contacts are on the nas, using baikal, which runs in a docker image on the synology. My phone is fine with periodic access to the contacts and calendar server, so this sits behind the firewall, and is not accessible via the internet.<p>Total monthly cost is pennies, not counting domain names, or the B2 backup data.<p>The main problem is that all the data will be compromised if the NAS is stolen. I’m looking for a good solution to that next.
As a middle ground, you can also simply use Hetzner's hosted Nextcloud offering, which is likely (a) more reliable and (b) cheaper than a self-hosted setup on a VPS.<p><a href="https://www.hetzner.com/storage/storage-share" rel="nofollow">https://www.hetzner.com/storage/storage-share</a>
I'm also doing a hybrid: GCP (3 nodes; euro, iowa, asia), IONOS as backup in central US, AWS as backup in asia.<p>Then I have two home 1Gb fibers (when my summer house gets fiber this summer hopefully).<p>I wrote my own distributed database so all data is everywhere at all times = no extra work. (after the initial 3 years of making it robust :D)<p>I would say go for the opposite of "use as much standard as possible" and make everything yourself, from scratch (except OS and language);<p>that way you can slowly but surely make it perfect = 100% read uptime even if one home fiber blows up.<p>People that describe this as meaningless don't understand what responsibility is!<p>Own (as in nobody can take something away), understand and change; in that order, on repeat, forever...<p>(until you die and your children pick up the slack because you thought them what responsability is)...<p>People will learn to respect responsability when it's too late.
Regarding sever hosting: Hetzner has a very attractive server auction on their website [0]. For about 30€ you can get several terrabytes with a fast cpu and plenty of RAM. No set-up fee either. These are unmanaged dedicated root servers.
Basically cancelled sever subscriptions are first offered here again before they take apart the server. So the offerings vary and are time-limited. However, if you pull the trigger there is no limit for how long you can keep using it.
Servers are in Germany or Finnland.<p>I am currently waiting for slightly better offerings (a few weeks ago when I found out there were slightly more attractive options) and then will pull the trigger.<p>I yet have to find anything that comes close to this bang-for-buck ratio.<p>[0]: <a href="https://www.hetzner.com/sb" rel="nofollow">https://www.hetzner.com/sb</a>
I think it's great that people are publishing their home server setups.<p>At the same time, the scary sounding warnings of "You're at risk if you put your trust in another company to hold your data!!" ring really hollow to me. I mean, does this person keep all of his money under his mattress, or does he put it in a bank (though I guess he could keep it all in crypto...)? Does he buy insurance, or again just keep a mountain of backup cash in a safe somewhere?<p>At the end of the day our entire economy is built around being able to trust other companies, and the systems in place to safeguard that trust. "I'll do it all myself" is essentially the process you see in third world countries where the systems are too fragile or corrupt to support that trust.
The more I think about owning your data but not having to deal with maintenance crap, I think more tools should work with git.<p>Give me a pretty UI but use my GitHub repo for storage.<p>I kinda want something like notion UI but stores documents as JSON blobs in git (could use GitHub api and GitHub auth too)
Looking through the comments, I think it would be great if someone can bundle all of this into a product which automatically applies security uodates and offers some form of visual dashboard to see the status of the system, errors, and logs of attempts to compromise the system. Furthermore a migration tool from GMail/Google-Apps/Drive would be super useful (+ one for Microsofts offerings).<p>I believe many would be willing to pay for such a service, and I would be open to collaborate on building such a product.<p>I can see here things like:
- resale of hardware components and support agreements for paid subscriotions for the software
- paid setup support
- initial fee of the product
- small subscription fee for updates
If you really want control, what matters more is you having control of your own domain and encrypting what doesn't need to be public, such as backups and notes. Managing a self hosted system is often more expensive and more time consuming, and often those self hosted services store unencrypted versions of your data. But now you have to maintain the security of it yourself, usually worse than professional services, and your still one subpoena or hack away from it being exposed.<p>In the end you are still just as vulnerable getting booted off with VPSs like you are with google, but with domain control you can still switch hosts without losing your address, and you usually have customer support.
I created codehawke.com architecture from scratch to avoid hosting my content on other people's platforms. I make way more money than with platforms like Udemy. I think we should all be moving away from other people's platforms and tools.
I've been self hosting a few bits and bobs over the years (mainly gitea, FreshRSS reader, pihole, excalidraw and other custom services I've written)<p>Recently I've put together a little Nomad + Consul raspberry pi cluster (3 nodes) to schedule them all in docker containers, with each thing in its own job file. Traefik for routing and HTTPs, which nicely integrates with consul.<p>The cluster setup is all in ansible, which took a while to setup and fine tune but I think (hope?) it's in a good enough place to be able to rebuild the cluster in the event I mess anything up.<p>Clustering might be overkill but I like being able to deploy things through Nomad and it just working without much fuss.
I tried to have a setup similar to this during covid but ended up with a bit of a mess.<p>What I wanted was a home server that used X forwarding to forward services to my VPS, which also had some images running in a docker-compose stack that I wanted to have more robust uptime than my home server. I ended up being unable to get traefik to pick up on the x-forwarded ports, and ran into SSL certification issues that seemed insurmountable wrt hosting jellyfin this way.<p>Does anyone here use a hybrid home-server / VPS setup like this and know of a better setup? I prefer x port forwarding because I move about once a year and don't always have access to router settings
Completely misleading title and this is basically an ad:<p>(* Links to Vultr contain my referral code, which means that if you choose to subscribe to Vultr after you clicked on that link, it will earn me a small commission.)<p>host yourself means - running on your own hardware
I successfully extricated myself from Gmail to ProtonMail, only to be getting dragged back to Office 365 due to ProtonMail not having a working calendar and FastMail not supporting calendar sharing (to non-FastMail users) or delegation.
For personal use it seems I agree with other comments that it seems like alot of work. But in a corporate setting it could be useful, wonder if these types of applications (NextCloud) is how the cloud gets broken up eventually.
I've recently thought this would make a great business model. You set up a service where you deploy open source tools like email, picture storage, etc to run on aws lambdas for people. All they would need to supply is a domain name (via oauth access to dns providers) and an aws account. For a single user, the app's costs would probably be under a dollar for a year. They pay you a one time setup fee, and a maintenance fee only if they want to receive updates. Configure nightly backups for them, etc. I'd definitely pay if this existed already.
I like the article and many of the recommendations (and some others to look up). I do host some of these things but likely never all of them.<p>The post wasn't entirely clear on whether it was primarily privacy motivated or availability. If it's not about strict privacy, it's far easier to use whatever is convenient and still allows you to stream-replicate the data. For Gmail, I send a copy for accessibility outside of Gmail. The post itself includes offsite-backup so you could just start there if you consider your primary use site to be the 'onsite'.
i tried to use nextcloud for a good two years<p>the mobile app is crucial to me and its search and performance let me down when the car broke down and the time i needed it at the most at the hospital<p>i wish it was the not this way i really do
I'm currently working on a MVP for a mobile app with a small Python server side component. In the past I would've spun it up on AWS or GCP but this time I've decided to challenge myself to see how cheaply I can validate my idea.<p>After a few hours of work I got it running on an old Raspberry Pi which I then exposed to the internet with some NAT rules and Duck DNS. Not sure how well this approach would work for something more complex but I'm very happy to have put some old hardware (previously in a box and gathering dust) to work again.
If there is one thing to take away it is this: VPS are cheap, something like 5$/month. Really consider having one, you will quickly use it more than you think.<p>When I was a student I wanted to test things on a distant server so I started renting a cheap OVH instance with SSH to test some silly ideas and host some static pages. It has been 20 years now and it hosts (one of) my backups, a professional website, several docker images, a gitolite and has saved me and colleagues numerous hassles when one of us has to share a few dozen GB of data.
I really love the idea of self-hosting, but man, you have to go through 9 layers of configuration hell and come back out alive. It's not necessarily fun programming - more of changing variables and running commands, which you might get wrong anyway.<p>I wonder if there's a viable business model for this.
Automate the setup through scripts and process automation for any provider. You pay a one time fee + a reasonable amount for maintenance and for resilience built in. I would pay for it if the price is reasonable.
I've been running Nextcloud myself, and I love it. I've been looking to expand my infrastructure even further -- the synology NAS are wonderful.<p>The biggest thing is that I don't think this matters anymore. Google, CloudFlare, and Amazon rule the internet. If they don't want you to be on the internet, it doesn't matter how resilient your infrastructure is. Especially when it comes to critical things, like email.
Is there a word or expression for this idea of not relying on big corporations for one's cyber presence, communications and other such tools?<p>I thought about info-independence, but I'm sure someone smarter than I already coined something better by now.<p>I know it is (always?) open source, but not everything open source liberates one from the cloud giants. So there's something there that needs a name, I think.
I'm willing to bet you could run all these services on a single VPS. Having to manage 6 different hosts is going to be a pain in the ass, even if you use something like ansible.<p>As far as backups, I don't understand why the author doesn't just encrypt them and send them to a cloud storage; it's what I'm doing personally with restic and it's not even expensive.
> you should consider switching from... Google Maps to OpenStreetMap<p>I've looked into it, but there is very, very little in OpenStreetMap in my area. And I do not have the time, resources, or expertise to map out my entire area enough to make it useful myself. I would like to contribute to the project, but switching over entirely just isn't an option for me.
I love it. Some of these solutions are things I looked into during the early days of Android, before Google had cemented hegemony on so many things. Namely, Subsonic and K-9 Mail were some early contenders that I remember, although both quite clunky at that point (Subsonic very much had the patina of a one good developer, but no UI specialist, team).
20 years ago I've said to myself screw it, quit very well paid but nerve wrecking job in a software development company and never looked back. That's when I also went full remote ( I hire subcontractors but never felt need for an office ) and started hosting my own stuff on rented dedicated servers and in my own office.
I've had my own domain for something like 22 years now, but it's been a long time since I used it to actually <i>host</i> stuff. Email in particular I gave up over a decade ago and pointed at a hosting provider. I still read that email with mutt over ssh.<p>I suppose I should have another go at a blog.
I prefer the lower overhead of having things hosted elsewhere, but keep regular backups and have a well detailed business continuity plan for each vendor that could go hostile, belly up, or otherwise no longer viable.<p>You take advantage of off-the-shelf options at the same time that you prepare for the worst.
> it’s all fun and games until someone loses access to their private and/or business data because they trusted it to someone else<p>Or it’s all fun and games until someone loses access to their private and/or business data because they lost their encryption keys... there are two sides to that coin.
The article appears to be complaining that <i>free</i> services don’t have good support, so the solution is to spend $55. Major providers do offer support plans. If google/Apple/Microsoft is so critical to your life and data, perhaps it’s worth paying more than zero dollars for?
A year ago, I tried to get into it, but :
- My ISP and Pihole didn't have proper IPv6 support.
- Even worse, Pihole requires phoning home to Github for updates... which I wanted to block with Pihole!
So I've shelved this idea for now...
One thing that would interest me: What about Ransomware? If everything is connected and synced, how to prevent getting everything encrypted before it is too late?<p>For me encrypted FreeNAS with readonly ZFS-Snapshots have been a good solution for this.
I’ll just mention I have been using vultr for about a year now and I love it.<p>There are no hidden charges and the service is just amazing as I use vulture to host my automated HN newsletter that delivers top news headlines straight to my inbox
Shoutout to Sovereign[1] nice ansible project to automate most of this kind of home setup<p>[1] <a href="https://github.com/sovereign/sovereign" rel="nofollow">https://github.com/sovereign/sovereign</a>
Just curious why OP is using Nextcloud apps instead of those which arrives with Synology? Synology also has an alternative for notes, calendar, photos, etc.
Why so many VPS instances?<p>Does it work out cheaper than increasing the
vcpu/ram of one or two units?<p>Is it in case crashes?
But then there is no failover I can see.
I've got 4 servers and an app that monitors everything.<p>Daily backup is 30 days retention. Only had to setup once.<p>Weirdly enough, i don't have any maintenance. When I log in to create a new site, i see all the stats too.<p>It would cost me at least 18€*30 in the cloud ( amount of sites). I'm 100% sure self hiding for me is a lot cheaper.<p>I use Gmail and a box account too fyi. But i don't consider that "the cloud", it's a service that i use. Not something to deploy my own development on.<p>Ps. My uptime is better than a lot of services that is the cloud.
Where does he host his email? It doesn't say.<p>Also, his website is very slow, probably because he's not using a CDN. A noble goal, but it has an impact on credibility. The slow website makes me feel like he doesn't care about user experience, which makes me assume that is true for his whole setup, and turns me off from even considering it.
The most valuable thing for me is my photo library. All of them are currently in Google Photos. Is there any easy way to backup just that? I don’t care about my personal email, tasks, calendar etc. It’s just the thought of losing my photos scares me.
While I agree shit happens, it is sad to see exaggerated stories without sufficient details being repeatedly quoted by other people<p><a href="https://news.ycombinator.com/item?id=26311417" rel="nofollow">https://news.ycombinator.com/item?id=26311417</a><p>In addition, traditional non-tech companies screw people on a regular basis. I know I am resorting to whataboutism, but let us not panic and try to build our own cloud. One has to consider what happens and when one gets decapitated in a autonomous driving accident and the family is left with a home-made cloud
Time to update this news story a month later with more breaches and with just the names changed:
<a href="https://qbix.com/blog/2021/01/25/no-way-to-prevent-this-says-only-industry-where-this-regularly-happens/" rel="nofollow">https://qbix.com/blog/2021/01/25/no-way-to-prevent-this-says...</a>