• Activity
  • Votes
  • Comments
  • New
  • All activity
  • Showing only topics in ~comp with the tag "hosting". Back to normal view / Search all groups
    1. Advice Needed: Simple and Reliable notifications

      I have a long standing problem that probably has several good solutions, I just haven't been able to figure them out. So here I am, asking you. I'm selfhosting some services, a mix of selfbuilt...

      I have a long standing problem that probably has several good solutions, I just haven't been able to figure them out. So here I am, asking you.

      I'm selfhosting some services, a mix of selfbuilt and open source software. But some things I don't want to selfhost. Notably backups and alerts/notifications. For backups I have a solution which works well in every regard except one - I don't always get alerted when things fail, because the way I send myself those alerts is failing more than the actual backups.

      Currently I'm using python and gmails smtp interface to send myself email, but gmail disables my smtp access from time to time, and it's really easy not to notice not getting an email. I've tried sending the email regardless of whether the backup failed or not, but I've noticed several times that I still don't notice if the they stop coming.

      Now on to my requirements/wishlist.

      1. I'm already using s3 glacier at aws for the backups, so preferrably something in the aws space.
      2. I would like to get an popup/toast on my phone when a message is being sent. And the ability to review messages later.
      3. I would like as few moving parts as possible.
      4. I don't want to write my own client.
      5. I want it to be cheap, and if there's a cost I prefer to pay it at a place where I'm already paying, meaning aws (or possibly proton).
      6. I want a stable service.
      7. I prefer to manage as little as possible of the infrastructure.
      8. I'd like a simple programmable interface that can't easily fail. E.g. http based.
      9. It's no problem if messages are not received instantly, I could easily tolerate delays up to 24 hours.

      As you may have noticed I'm pretty much expecting there to be something in aws that I can use, but aws documentation is so abstract, that I often don't understand what the point of something is or how I'm supposed to use it.

      9 votes
    2. best option for a bare-bones message board/forum?

      hello tildes, i am searching for a bare-bones forum/message board. i'll describe what i need and perhaps someone can point me in the right direction: must have the ability to create an account...

      hello tildes,

      i am searching for a bare-bones forum/message board. i'll describe what i need and perhaps someone can point me in the right direction:

      must have the ability to

      • create an account
      • create topics with the ability to reply
      • fully customizable front-end (html/css) so i can make it match my website
      • either self-host or use a custom domain on ext hosting

      unimportant but nice to have

      • display images in posts via external urls
      • different boards (categories?) to post into (would be nice but not vital)
      • nested replies (or some visual way to see what you're replying to)

      free would be ideal (dreams are nice) but probably wouldn't want to spend more than $5/month as this is a supplement to a website where i don't expect much traffic at all due to the nature of the project. no images/video/audio will be hosted ideally.

      i'm ok with "hacker news" or "reddit-like" software but my backend knowledge if very limited. for instance, i looked into self-hosting lemmy but i don't understand how to setup docker. options like phpbb would be fine if i could strip away everything aside from the above-mentioned features.

      i want it to be extremely simplistic in appearance and for the end-user (tildes is a great example of the simplistic end-user experience). tildes could be a cool option but i think getting it setup is a bit out of my skill-range.

      can anyone offer any suggestions/guidence?

      edited to emphasize important aspects and clarify things that are not vital but would be nice to have.

      15 votes
    3. Self-hosted DnD 5e Charsheets

      I’ve been looking for a good system for my friends and I to share TTRPG character sheets (primarily DnD) with one another. We’re not interested in a full-digital VTT, but the ecosystem is pretty...

      I’ve been looking for a good system for my friends and I to share TTRPG character sheets (primarily DnD) with one another.

      We’re not interested in a full-digital VTT, but the ecosystem is pretty fragmented for charsheet-only apps (many immature and abandoned projects). Self-hosted webapp makes the most sense for our needs, but I’m open to suggestions for some other sync method that’s not PDF-based.

      This seems like a viable candidate:

      https://github.com/Orcpub/orcpub

      …but I’d love to hear better options if anyone’s found em.

      16 votes
    4. What home network equipment do you use?

      Hey all, I'm interested in going down the rabbit hole with Ubiquiti equipment or other manufacturers, more specifically with access points, routers, and a switch. I want to ween off my...

      Hey all, I'm interested in going down the rabbit hole with Ubiquiti equipment or other manufacturers, more specifically with access points, routers, and a switch. I want to ween off my ISP-supplied all-in-one equipment as their newer hardware limits basic features such as port forwarding, and I'm interested in re-enabling my self-hosted software. Wi-Fi standards have been moving pretty quickly, as have hardware. What setups do you have established in your homes?

      I don't really have a budget in mind, and have a 2.5GbE port I'd like to utilize for media consumption over LAN.

      29 votes
    5. Cloud Servers for the Broke

      Just wanted to put this out there as a little PSA in case it's helpful: if you want a cloud server but don't wanna pay anything, Oracle's Free Tier is a life saver. Discovered it a year ago and...

      Just wanted to put this out there as a little PSA in case it's helpful: if you want a cloud server but don't wanna pay anything, Oracle's Free Tier is a life saver. Discovered it a year ago and couldn't be happier I did, since I'd never pay for cloud computing otherwise 😭.

      Quick Specs:

      For free you get:

      • 24/7 uptime
      • 200gb of storage space
      • 24GB of RAM
      • 4 OCPUs
      • 4 Gbps Bandwidth

      That's been more than enough for me and honestly feels too good to be true. Some things I've done with this:

      If anyone has any other ideas for cool projects I could self host, please do tell I'm curious what else I could do :)

      48 votes
    6. When did VPS hosting get so expensive?

      I recently looked around at VPS pricing on DigitialOcean, Linode and Vultr. Everything seems much higher than I'd expect - way over the inflation rate. It looks like a 2 core 8GB VPS is being...

      I recently looked around at VPS pricing on DigitialOcean, Linode and Vultr. Everything seems much higher than I'd expect - way over the inflation rate. It looks like a 2 core 8GB VPS is being priced between $45 and $60 per month. Maybe I don't remember correctly but I recall being able to get 2 core VMs around $20 a few years ago!

      31 votes
    7. How do I get started in self hosting?

      I'm curious on how to get started in self hosting. I have computer experience, being an Android Developer, but I hardly have experience in Linux and backend/networking work. I've been wanting to...

      I'm curious on how to get started in self hosting. I have computer experience, being an Android Developer, but I hardly have experience in Linux and backend/networking work.

      I've been wanting to start up a Plex/Jellyfin server for a while, and I have an old system sitting around with a Ryzen 1700 with a graphics card in there as well that's been begging for attention, and maybe I can throw on a Minecraft server in there as well. Since I travel a bunch, it would be nice too to be able to access my media for when I'm traveling, or to let my parents or friends access some shows if they so desire!

      What I'm worried about is exposing my network to the internet basically. I used to run a Minecraft server with port forwarding and such on a personal computer but now I'm realizing that that's probably a bit unsafe lol.

      Basically, are there any guides that I can look at, or any of your own experiences that could potentially help me or anyone who's interested?

      28 votes
    8. How safe am I? (self hosting)

      I have a server running Unraid at home. I have ~20 docker containers running at the moment with almost all of them only available within my local network. I just stood up an instance of Seafile on...

      I have a server running Unraid at home. I have ~20 docker containers running at the moment with almost all of them only available within my local network. I just stood up an instance of Seafile on the server to act as a google drive replacement. Still in the early test phase before I commit to throwing important stuff on there. I have my domain proxied through Cloudflare so none of my local ports are exposed to the internet. Seafille has complicated passwords set for admin and user accounts (generated with Bitwarden, hot damn I love that app). I also enabled 2FA on each account. I know that I can further clamp it down using some of Cloudflare's extra access controls but in my admittedly limited experience, those all cause issues getting an app to authenticate with the service. Web apps don't have this issue of course.

      So am I ok with this setup? I can encrypt the data before uploading easily as it's a built in feature of Seafile. Or would it be better to just run with local only and run a VPN to access when I'm outside?

      I figure just about any effort along these lines I trust more than Google with my data. But I may be overconfident in that perhaps. I'm still learning the ropes with Linux and self-hosting in general.

      17 votes
    9. Self-hosters! Share your reasons for self-hosting and favorite apps!

      Self-hosting has been a rabbit hole of wonder that I've explored and delved into over these past few months. I'm curious to hear what others use it for, what apps they love, and their rationale...

      Self-hosting has been a rabbit hole of wonder that I've explored and delved into over these past few months. I'm curious to hear what others use it for, what apps they love, and their rationale for doing so?

      I'll go first.

      First, in terms of rationale, this is a wonderful article that I think is worth checking out that encapsulates much my of ethos about pursuing self-hosting.

      https://kylechayka.substack.com/p/essay-the-digital-death-of-collecting

      The TL;DR is that we no longer have control over the things that we 'own' digitally for these massive cloud companies. For instance the songs / artists you listen to on Spotify may suddenly and unexpectedly become unavailable, certain things (most recently podcasts) may be forced upon you in unpleasant ways. Having complete control of your digital data is a very liberating feeling.


      In terms of apps:

      Hyperbackup - I use a synology NAS, so hyperbackup has been wonderful and use both external HD's and a cloud interface to create encrypted backups of everything which gives me peace of mind.

      Plex - One of my most used apps, being able to stream anything remotely has been a dream. Plexamp has given me back control of my music library in a way I never thought I would have.

      Tautulli - Great for more informatics on my plex usage

      Calibre / Calibreweb - Phenomenal for keeping track of my book collections

      PiHole - Ads be gone!

      *Arr apps - Specifically Sonarr/Prowlarr/Radarr, really like Overseerr for an interface tying everything together

      Daily Notes - A clean interface for keeping regular notes


      Some things that I'm not currently self-hosting but would love to hear if others are using alternatives...

      Instapaper - I know there are a few similar FOSS apps out there but haven't found one as convenient and well laid out

      TickTick - To do app, but similarly haven't found a FOSS alternative that was as robust and nice to use

      OneNote

      86 votes
    10. Organizing self-hosted classical music collection

      I'm currently using Navidrome to self-host my music collection, while using DSub to listen on-the-go. This works very well for most genres, except for the bulk of my music which is classical...

      I'm currently using Navidrome to self-host my music collection, while using DSub to listen on-the-go.

      This works very well for most genres, except for the bulk of my music which is classical music. This presents its own host of problems pertaining to cataloguing and using metadata, since there are often multiple recordings of the same musical composition, recorded by multiple conductors with different orchestras and/or soloists. There may also be different instrumental arrangements of the same musical piece. Merely sorting by "Artist" is therefore quite unsatisfactory in this scenario.

      Some streaming services have come up with quite satisfying solutions in my experience (notably Apple Music Classical and Idagio), but I am not sure how to go about listening to my own self-hosted classical music.

      Is anybody here on Tildes familiar with this organizational problem? I would be very eager to hear how you have tackled this. Is there any self-hosted software more suitable to cataloguing musical collections with extensive metadata?

      13 votes
    11. What's a simple, cheap way to run a database-backed website as a hobbyist?

      I use Github and Netlify to run some simple websites for free. It works well. However, I've been thinking of experimenting with a database-backed website for fun and Netlify doesn't have any...

      I use Github and Netlify to run some simple websites for free. It works well. However, I've been thinking of experimenting with a database-backed website for fun and Netlify doesn't have any persistence.

      What's a good way to do this that scales to zero when nobody's using it? I want to be able to forget about it entirely for months or years at a time. When someone visits, it should start up and run on demand without costing me $20 a month on standby.

      Back in the day, I used Google App Engine for this. I learned a lot of datastore tricks to get around its poor latency, but I'm lazy and don't want to do that anymore. I'm pretty sure I want a SQL database and full text search. Either sqlite or Postgres would do, but I doubt there's a cheap enough way to run Postgres.

      Litestream looks interesting and so does LiteFS, except that it's pre-1.0 and I don't know what changes fly.io will make that I have to keep up with. If I used Litestream, I'd have to figure out how to run it and where to store the replication logs.

      Edit: one nice-to-have is being able to easily dump the database and run it locally or on another cloud provider. (I don't anticipate it getting so big that it's impractical.)

      47 votes
    12. In which a foolish developer tries DevOps: critique my VPS provisioning script!

      I'm attempting to provision two mirror staging and production environments for a future SaaS application that we're close to launching as a company, and I'd like to get some feedback on the...

      I'm attempting to provision two mirror staging and production environments for a future SaaS application that we're close to launching as a company, and I'd like to get some feedback on the provisioning script I've created that takes a default VPS from our hosting provider, DigitalOcean, and readies it for being a secure hosting environment for our application instance (which runs inside Docker, and persists data to an unrelated managed database).

      I'm sticking with a simple infrastructure architecture at the moment: A single VPS which runs both nginx and the application instance inside a containerised docker service as mentioned earlier. There's no load balancers or server duplication at this point. @Emerald_Knight very kindly provided me in the Tildes Discord with some overall guidance about what to aim for when configuring a server (limit damage as best as possible, limit access when an attack occurs)—so I've tried to be thoughtful and integrate that paradigm where possible (disabling root login, etc).

      I’m not a DevOps or sysadmin-oriented person by trade—I stick to programming most of the time—but this role falls to me as the technical person in this business; so the last few days has been a lot of reading and readying. I’ll run through the provisioning flow step by step. Oh, and for reference, Ubuntu 20.04 LTS.

      First step is self-explanatory.

      #!/bin/sh
      
      # Name of the user to create and grant privileges to.
      USERNAME_OF_ACCOUNT=
      
      sudo apt-get -qq update
      sudo apt install -qq --yes nginx
      sudo systemctl restart nginx
      

      Next, create my sudo user, add them to the groups needed, require a password change on first login, then copy across any provided authorised keys from the root user which you can configure to be seeded to the VPS in the DigitalOcean management console.

      useradd --create-home --shell "/bin/bash" --groups sudo,www-data "${USERNAME_OF_ACCOUNT}"
      passwd --delete $USERNAME_OF_ACCOUNT
      chage --lastday 0 $USERNAME_OF_ACCOUNT
      
      HOME_DIR="$(eval echo ~${USERNAME_OF_ACCOUNT})"
      mkdir --parents "${HOME_DIR}/.ssh"
      cp /root/.ssh/authorized_keys "${HOME_DIR}/.ssh"
      
      chmod 700 ~/.ssh
      chmod 600 ~/.ssh/authorized_keys
      chown --recursive "${USERNAME_OF_ACCOUNT}":"${USERNAME_OF_ACCOUNT}" "${HOME_DIR}/.ssh"

sudo chmod 775 -R /var/www
      sudo chown -R $USERNAME_OF_ACCOUNT /var/www
      rm -rf /var/www/html
      

      Installation of docker, and run it as a service, ensure the created user is added to the docker group.

      sudo apt-get install -qq --yes \
          apt-transport-https \
          ca-certificates \
          curl \
          gnupg-agent \
          software-properties-common
      
      curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
      sudo apt-key fingerprint 0EBFCD88
      
      sudo add-apt-repository --yes \
         "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
         $(lsb_release -cs) \
         stable"
      
      sudo apt-get -qq update
      sudo apt install -qq --yes docker-ce docker-ce-cli containerd.io
      
      # Only add a group if it does not exist
      sudo getent group docker || sudo groupadd docker
      sudo usermod -aG docker $USERNAME_OF_ACCOUNT
      
      # Enable docker
      sudo systemctl enable docker
      
      sudo curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
      sudo chmod +x /usr/local/bin/docker-compose
      sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
      docker-compose --version
      

      Disable root logins and any form of password-based authentication by altering sshd_config.

      sed -i '/^PermitRootLogin/s/yes/no/' /etc/ssh/sshd_config
      sed -i '/^PasswordAuthentication/s/yes/no/' /etc/ssh/sshd_config
      sed -i '/^ChallengeResponseAuthentication/s/yes/no/' /etc/ssh/sshd_config
      

      Configure the firewall and fail2ban.

      sudo ufw default deny incoming
      sudo ufw default allow outgoing
      sudo ufw allow ssh
      sudo ufw allow http
      sudo ufw allow https
      sudo ufw reload
      sudo ufw --force enable && sudo ufw status verbose
      
      sudo apt-get -qq install --yes fail2ban
      sudo systemctl enable fail2ban
      sudo systemctl start fail2ban
      

      Swapfiles.

      sudo fallocate -l 1G /swapfile && ls -lh /swapfile
      sudo chmod 0600 /swapfile && ls -lh /swapfile
      sudo mkswap /swapfile
      sudo swapon /swapfile && sudo swapon --show
      echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
      

      Unattended updates, and restart the ssh daemon.

      sudo apt install -qq unattended-upgrades
      sudo systemctl restart ssh
      

      Some questions

      You can assume these questions are cost-benefit focused, i.e. is it worth my time to investigate this, versus something else that may have better gains given my limited time.

      1. Obviously, any critiques of the above provisioning process are appreciated—both on the micro level of criticising particular lines, or zooming out and saying “well why don’t you do this instead…”. I can’t know what I don’t know.

      2. Is it worth investigating tools such as ss or lynis (https://github.com/CISOfy/lynis) to perform server auditing? I don’t have to meet any compliance requirements at this point.

      3. Do I get any meaningful increase in security by implementing 2FA on login here using google authenticator? As far as I can see, as long as I'm using best practices to actually ssh into our boxes, then the likeliest risk profile for unwanted access probably isn’t via the authentication mechanism I use personally to access my servers.

      4. Am I missing anything here? Beyond the provisioning script itself, I adhere to best practices around storing and generating passwords and ssh keys.

      Some notes and comments

      1. Eventually I'll use the hosting provider's API to spin up and spin down VPS's on the fly via a custom management application, which gives me an opportunity to programmatically execute the provisioning script above and run some over pre- and post-provisioning things, like deployment of the application and so forth.

      2. Usage alerts and monitoring is configured within DigitalOcean's console, and alerts are sent to our business' Slack for me to action as needed. Currently, I’m settling on the following alerts:
        1. Server CPU utilisation greater than 80% for 5 minutes.
        2. Server memory usage greater than 80% for 5 minutes.
        3. I’m also looking at setting up daily fail2ban status alerts if needed.
      9 votes
    13. Personal Wikis

      I have been looking for some software where I can brain dump all the things I need to remember on a constant basis so I can easily find it again in the future. A personal wiki basically. I am...

      I have been looking for some software where I can brain dump all the things I need to remember on a constant basis so I can easily find it again in the future. A personal wiki basically. I am wondering what any of you tilderians are using?

      The things I am looking for:

      Absolute requirements:

      • Open Source: I want to be in control of the data myself, and I want to be able to hack on it myself as the need arises.
      • Self Hostable: Goes hand-in-hand with with open sourceness, I want the data to live on the server in my apartment, under my own control.
      • An API of some sort so I can programmatically add/read/modify data.

      Nice to haves:

      • Revision history of some sort.
      • Common/simple data format for easy backup and longevity.
      • Web interface, with mobile compatibility.
      • Lightweight as possible, so I can run it on a low powered server.

      Does anything know anything like that?

      Options I have heard of:

      Here is a previous discussion on the topic @ Lobste.rs

      25 votes
    14. Feedback on a federated decentralized git hosting solution

      I have an idea, it's not particularly new. I think git code sharing could integrate very nicely with blockchains. I think it could be done elegantly without modifying the git protocol at all, just...

      I have an idea, it's not particularly new. I think git code sharing could integrate very nicely with blockchains.

      I think it could be done elegantly without modifying the git protocol at all, just as an optional superset (like Github) to provide forks, PR and discussion.

      Something like:

      • smart contract based system
      • something like lightening network for off master chain pushes
      • local node hosting all obtained versions of code, something like PNPM meets zeronet
      • cloning/pushing over DHT with web torrent.
      • client key pairs for collaboration and authentication

      Do you guys think it could be done? Thoughts? Ideas? Criticisms?

      Would anyone be interested in working on something like this? I'd like all the help I can get and any input people have.

      6 votes