Hey, I was thinking about getting a VPS and hosting my own single user Lemmy instance. I am trying to think of other things to host. I already have some old hardware running unRAID with Plex, the *arrs, Kavita and home assistant. This is pushing my hardware to the limit but I still want to mess around with some self hosted things. Is there anything you would rather host on a rented server as opposed to a server sitting at your home?
Right or wrong, the line I draw is “will I need to use this if I’m away from my home network?” If the answer’s “yes,” then I go with a VPS. I’m sure lots of people are angrily pounding their keyboard telling me to use Tailscale, but I have no interest in hacking/tweaking my home network’s infrastructure.
I’m not angrily typing this but I’m curious why not Cloudflare Zero Trust Tunneling? You get built-in authentication and don’t need to worry about dynamic ips. It’s pretty game changing for me as far as self-hosting goes. It also doesn’t require you to change your network infra as long as the host has some sort of connection to the Internet.
This didn’t come to mind when I wrote my comment, but there’s also a “workflow friction” element. Most VPS providers have 1-click installs for the majority of the apps that I want/need to run, and I’m more of a developer than a sys admin. So I don’t really get anything out of figuring out how to do it, it just becomes another headache-inducing barrier to implement the stuff I need.
Fair enough! Curious if you’ve tried out Portainer with Docker templates which feels pretty close to 1-click installs.
The closest I’ve gotten to playing with Docker is Distrobox while trying out Fedora Silverblue or openSUSE MicroOS, where most of the Docker functions are abstracted away. If I need something on my LAN where Docker is the best/only option, then yeah, I’d definitely dig into it.
My approach to tech in general is a combination of just-in-time learning & you-ain’t-gonna-need-it, so… [shrugs]
I’ve been dicking around with Portrainer (and Yacht) in the last week, and in my short experience many of the templates are not really 1-click ready. Especially things that need persistent storage for settings or other things are often a mess with the preoconfigured volume paths. Also most things are not available as a template…
Think it really depends on who you ask. 1-click can mean different things to other people but for me personally, nothing is truly 1-click. I’ve always had to configure something and I like the flexibility Docker gives while also allowing you to understand how things are wired up without going too deep.
I use a VPS as a homelab gateway of sorts from the outside.
Essentially, the VPS runs a Wireguard server that I connect to on my OPNSense Router. The VPS then reverse-proxies all incoming traffic through the tunnel to my homelab. All my DNS entries point to the VPS’s IP. This pretty much gives me a static IP, hides my real IP, and lets me do some light caching on the VPS. Kind of like a DIY cloudflare.
I also run Uptime Kuma on the VPS, since it will continue to work if my local network is down.
I do the same thing, except with openvpn. I need to upgrade it to wireguard. I ended up just masquerading the traffic opnsense router, but now everything looks like it is coming from the internal openvpn ip address.
How are you identifying traffic that needs to go out the vpn, vs traffic that doesn’t, if you don’t mind sharing?
Indeed, this is perfect. No need for something like Cloudflare proxying in this case.
Which reverse-proxy do you use?
With Cloudflare Zero Trust there is absolutely no reason for me to host on a VPS anymore. I have old hardware that’s all been revived and bootstrapped with cloudflare. If you have good Internet and decent upload IO why not start there especially if it’s just for yourself.
Because I don’t want to be centralized around a single company and service. Any company can provide a vps endpoint. I can literally be set up again in a manner of minutes on another ip, vps, or vps provider.
Out of all the battles for decentralization, the convenience Zero Trust provides is a trade-off I’m willing to make. I don’t see it being that much of an all-eggs-in-one-basket sort of deal since there’s no configuration done on any of my hosts. I simply install the tunnel with the token and that’s it. If there’s any reason I need to eject from Cloudflare I can simply pull the plug. Zero Trust feels more similar to relying on a nameserver with DNS management.
Fuck Cloudflare.
They’re the biggest threat around to a free and open Internet.
I’m out of the loop I think, what’s wrong with cloudflare?
Why?
Just a heads up, things like Jellyfin are against their TOS if you aren’t paying for streaming with them.
Does Zero Trust allow you to run things on ports your ISP blocks, a la email/port 25?
I run SimpleLogin on a VPS and if I can save $11/yr moving it home I’d definitely do it.
Services that need a lot of storage, I host at home (Gonic, Jellyfin, Audiobook Shelf etc). Services where I care about availability when I’m away from home, I host on a VPS (Vaultwarden, Synapse, Wordpress, DokuWiki etc).
Any web service. I have lemmy and email on rented servers.
Why?
For example it avoids dealing with consumer ISP, has separation from my home network and better uptime.
The only thing I can really think of is email.
Email is the only one I won’t touch, I just want it to be rock solid reliable. Unless someone can point me to a solution with fault tolerance and redundancy that’s easy to setup via Docker, I’m all ears :)
Selfhosting mail with redundancy is easy. Staying of blocklists and filtering spam out is less easy.
There are some pretty good guides available online, and since dovecot and postfix are old and stable, years-old guides are still relevant. I’m on mobile though, so can’t immediately link any. (Almost all of them are standard deb/rpm+systemd based, no docker. But if you really want docker, building those containers is pretty easy, it’s just a package, a few configs and a service after all…)
Yeah, I’ll just stick with the mail services. When you start talking about all the complexity to maintain a spam-free environment their value starts to show. I’d rather have more time to self-host other things. I don’t think we realistically as a community self-host every single thing in our life. Although I can def see a case for someone who’s really interested in how email works and just absolutely wants to maintain all those things. I love how self-hosting has become really flexible.
I have my monitoring software running on my VPS so that if my server goes down for whatever reason I can still look at what might’ve caused it to go down. I also have Authentik running on it because I need my authentication system running to be able to login to said monitoring software. Lastly I have Mastodon on my VPS because the internet at my parents house doesn’t have the upload bandwidth for it.
I have all of this running on Oracle Cloud Free Tier. I don’t trust oracle in the slightest but I’m a broke college student so I take what I can get.
An i2p node. (https://lemmy.world/c/i2p) VPS’s tend to have better uptime and lower latency than home connections.
For me that’d depend on traffic volume and availability needs, and who needs to access it. I have a dynamic IP, so things that are very public facing that needs some minimum availability like Lemmy I put on a real server, so I don’t miss on receiving content and go out of sync.
Stuff that’s just for me and can tolerate occasional downtime I serve right from home. My IRC bouncer for example can be served from home just fine with a VPN or proxy. My DNS server and emails are on a hosted server. Some of my websites can be served locally, some I serve from the hosted server.
Some stuff I have hybrid setups, like my hosted server can serve files from my local server but will cache them to reduce load on my ISP. If my home server is down, it can return a 502 error with a friendly message indicating to the user to try again later, my home server being a VM on my Threadripper desktop that I sometimes turn off when I need the horsepower for something else.
Ultimately an availability needs and cost management deal. Rented servers are expensive, so I try to keep the footprint to a minimum. Ephemeral stuff or stuff only I or a handful of friends need, that can live on my desktop. Like, worst case my Minecraft server is down and someone has to message me on IRC to ask me to turn it on so they can play a bit. I don’t need to pay for a beefy VPS to run that 24/7, but I do pay for a $5 VPS to host my DNS and emails and basic web server because those services need to be up 24/7 so I get my emails, especially for work.
Public things I don’t want on my home IP address, so non personal services.
I would say this: If it’s just you accessing your server and nobody else, self-hosting is fine.
When it comes to giving other people access to your server, no matter how close of friends you may be, I would recommend renting a cheap VPS online. The security benefits are just that much better.
Because my university’s network is cringe, I’m unfortunately forced to run everything on a VPS.
This comes with a financial cost, and I have to carefully ration my computing power, but it does have some upsides - enough that I honestly prefer it now.
- It keeps my desktop sealed away from the wilds of the open Internet. Obviously the risk isn’t that great, but since every service you run represents a potential security hole… it’s nice to have a “disposable” solution like a VPS.
- I don’t have to worry about getting a static IP or using a service like Tailscale in order to talk to my services when away. All I have to do is point my Cloudflare DNS records at my VPS.
- Better uptime. I used to host my blog on my desktop (!) which meant it would go down whenever I rebooted/lost connection/whatever. My VPS restarts once a month to apply updates and is always-on otherwise.