2·
7 months agoI recently setup Guacamole (Web based VNC/RDP/SSH) with totp and was able to close external SSH access. Now everything I run can sit behind a single reverse proxy, no extra ports.
Nik282000
- 0 Posts
- 21 Comments
Joined 1 year ago
Cake day: August 22nd, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
I found WatchYourLan hosed my PiHole logs. Somehow the WYL instance got its hostname associated with ~10 mac addresses on my lan so more than half of my traffic comes from “watchyourlan.local”. FML
I keep each service separate as far as DBs, if something breaks or get a major upgrade I don’t have to worry about other containers.
Namecheap, cheap, easy to use, easy to setup DDNS, helpful support staff. I have heard horror stories of them selling popular domains out from under their owner but none were recent.
I ran my ssh behind 53 for a while because it’s rarely blocked. A few bots even got it right and figured out it was ssh.
Without being able to set a static ip and forward ports you cant host services and point to them with a domain, like driveway-home.com or something.
But I think cloudflare has a service that lets you connect remotely without needing static ip’s (some one else will know the name). If you were to use that then you can use your laptop to host pretty much anything on the Awesome Selfhosted List.
Device agnosticism. Life is easier when it doesn’t take ONE laptop or phone failure to destroy all your data.
I use LXC for all the reasons most people use Docker, it’s easy to spin up a new service, there are no leftovers when I remove a service, and everything stays separate. What I really like about LXC though is that you can treat containers like VMs, you start it up, attach and install all your software as if it were a real machine. No extra tech to learn.
It’s kinda shitty of them to block the ports that makes up +30 years of what the internet IS. Bell/Rogers want your internet connection to be unidirectional, when you host your own content you don’t consume theirs.
Afaik it’s at the ISP’s digression. Up until I switched, Bell would block ports 21, 22, 53, 80 and 443.
IPv6.
Not even offered in my area 🤡
Good to know, thanks!
It’s to push users into getting commercial accounts.
ISPs in Canada usually include a clause in their TOS that explicitly prohibits selfhosting. Don’t move here, it sucks.
I ham-fistedly use LXC to keep my services separate and out of dependancy hell, but would you go as far as putting docker run services in them as well just to keep them away from the host?
I wonder if I could automate searching only the highest value domains.
It’s just like IRC but with privacy violations and ads!
I’m with Namecheap, I have heard some stories of bad practices but personally have not experienced any issues.
Plain old Debian on the hardware with all services living in LXC containers. LXC containers are like working with VMs or ‘real’ machines so I only needed to learn about 3 more commands to get new services running, the rest is regular old Linux.
I’ve used OpenMediaVault in the past and it is great, especially for new users, but I just prefer a bare-bones solution.
Chaotic good, right there.