I am somewhat late into the Linux-verse (three years in now) and want to move into self-hosting to do two things:

  1. Host my own Jitsi server and sessions. (or any other open source solution)

  2. Host my own solution to privately and securely share photographs of my kids and life here with my family abroad.

At some point, I want to host my own little static-website about myself which should “replace” having to give people a LinkedIn account or something.

The thing is, I know nothing about owning domains, etc. I have never done this before. I have been lurking around this forum to learn some of the basics, but would really like a more tailored reply (is possible). I am working in Europe.

  1. Which computer should I use? I want to host everything on my computer at home. I don’t want to go the VPS route.

  2. Where can I buy an inexpensive domain(s)? I assume I only need one.

  3. What other things do I need to consider? My current broadband is IPv4 only.

  • th3raid0r@tucson.social
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    2
    ·
    9 months ago

    The best “bang for the buck” in your use-case is to use Nextcloud - Nextcloud Talk is your Jitsi replacement, and the files feature can be extended with the Nextcloud Photos plugin (https://github.com/nextcloud/photos).

    As for your domain question:

    1. You should use any computer you’d like that meets the Nextcloud recommendations, the key is of course isolating this machine on your home network so any “funny business” stays on the server. You can do this with VLANs or an entirely separate LAN connected to a different WAN (ISP).

    2. Many places, I like porkbun.com for real custom domains for cheap, but for your use case, you might be able to use a Dynamic DNS provider for free. It just likely won’t be an easy to remember URL (or at least, as easy as a root domain only). If you have a newer ASUS or Netgear router/modem they both have Dynamic DNS built in and you can select from a few different providers that have both free and paid tiers. ALSO it might be better to use Google Domains (now squarespace domains) since, IIRC, many DynDNS configs for routers support Google Domains too. Cloudflare can also be a decent registrar, and I’d recommend using them if you use any other cloudflare services (see below).

    3. Other things to consider: Your ISP may block port 80, meaning lots of issues. If this is the case, you might want to use a tunnel of some sort. Cloudflare has a great solution here. Even if they don’t block port 80, they may aggressively throttle and shape your incoming traffic - causing issues. Again, the tunnel is a good solution here. And, of course, your upload bandwidth matters a lot, you’ll need something around 100Mbps upload for a decent experience when accessing your stuff over the internet. The 30Mbps that’s typical of DOCSIS modems won’t cut it. Outside of these concerns it’s all about making sure you isolate your server from your “home stuff” to keep things secure.

    • umbrella
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      9 months ago

      For point 3 - I’d suggest OpenVPN or Wireguard. Simple and secure without too much fuss involved in making it work. You would have to distribute keys and/or logins which might complicate things for the users if they are laymen though.

      Also I’d agree 30mbps is not much, but for just a few users it should be fine.

      In general I will +1 Nextcloud, its not the best and kinda slow and heavy, but its the best and most full featured UX for newbie users. Feels just like something like Google or Dropbox would put out, sans all the bullshit and tracking. You can extend it easily too if you ever need to.

      • th3raid0r@tucson.social
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        I’d argue that the cloudflared daemon is even easier to use than a static wire guard or openvpn tunnel. It’s basically set and forget. The downside is that you must use cloudflare. This may, or may not be a big deal depending on OPs needs.

        I moved from a place with symmetrical gigabit to “gigabit cable” with 30mbps upload, it definitely wasn’t good enough for my small family. Photos are quite large these days - not to mention videos. Though it likely has a lot more to do with the bandwidth shaping my ISP does than the 30mbps rate.

        Also agree that it’s not perfect, but very likely the most newbie friendly solution at the moment. Especially from a deployment scenario vs going piecemeal.

        • umbrella
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          9 months ago

          The downside is that you must use cloudflare.

          yeah…

          30mbps traffic shaping

          back when i was on a DOCSIS modem, i noticed concurrent downloads would disrupt uploads and vice versa. i think this may depend on the type of connection OP has.

          • th3raid0r@tucson.social
            link
            fedilink
            English
            arrow-up
            1
            ·
            9 months ago

            yeah…

            They asked for easy, or newbie friendly - and didn’t particularly mention privacy concerns.

            Other than that, if they don’t have a port 80/433 ingress from their ISP there are scarce simple solutions that don’t require another server that also needs management, either by them or a corporate entity.

            back when i was on a DOCSIS modem, i noticed concurrent downloads would disrupt uploads and vice versa. i think this may depend on the type of connection OP has.

            I used to work at a cable company, that was either a problem that people with low SNR had. Either from external factors (tree branch on a cable line) or in-home ones (bad splitter). A modem will ramp up it’s gain in order to offset this (to a point), and in so doing, create a lot more interference between channels. OR they were hitting their ingress rate limit (which is quite agressive on residential plans because DDOS’es). It’s surprisingly easy to hit your ingress rate limit for modern http/https webservers hosting complex web apps. Lots of concurrent connections open up to try to download all the resources when you go to any website in a modern browser and while it’s not a TON of data, the short period of time causes the traffic to easily hit the PPS/BPS rate limit that ISPs employ.

            But yeah, it all depends on the ISP.