view the rest of the comments
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
One thing to be careful of that I don't see mentioned is you need to setup ACLs for any local-only services that are accessible via a web server that's public.
If you're using the standard name-based hosting in say, nginx, and set up two domains publicsite.mydomain.com and secret.local.mydomain.com, anyone who figures out what the name of your private site is can simply use curl with a Host: header and request the internal one if you haven't put up some ACLs to prevent it from being accessed.
You'd want to use an allow/deny configuration to limit the blowback, something like
allow internal.ip.block.here/24; deny all;
in your server block so that local clients can request it, but everyone else gets told to fuck off.
I was planning on filtering local and external IP's, like technotim explains in one of his videos by using cloudflare as an external reverse proxy