Now that I have started this community off with a non-technical post, I will share my own, personal solution to digital privacy. This post will be more technical.

I self-host every service I possibly can from a cluster of servers (mostly low-power ARM SBCs) that are in my room. Until recently, I was just manually throwing services onto servers and then manually configuring everything. As I’ve mentioned before in a GenZedong General Discussion Thread, I am now using an orchestrator called Nomad as well as a service discovery solution called Consul.

This allows me to submit a single configuration file, and my servers all automatically configure themselves to perform whatever task I wanted them to. I’ve placed all my configuration files along with relatively detailed READMEs about them into this repository if anyone wants to take a look at them: https://gitea.arsenm.dev/Arsen6331/nomad.

Due to using SBCs, I am able to do all of this with a power consumption of just 50W.

Here is a list of things I host and what they’re meant to replace:

  • Matrix Dendrite: Discord
  • Nextcloud: Google Drive
  • OnlyOffice: Google Docs
  • Home Assistant: HomeKit/SmartThings/<insert smart home platform here>
  • Gitea: Github/Gitlab
  • Minio: Amazon S3 (storage and download for files)
  • LMS: Spotify
  • SearXNG: Google Search (Note: I used to use my own metasearch engine but switched to SearXNG a couple days ago because mine kept getting ratelimited)

There are more but they’re not really alternatives to anything, I’ll list them here:

  • Authelia: Provides authentication and 2fa for services that don’t provide their own mechanism. Can also work similarly to “Sign in with Google” buttons via OAuth2 and OIDC.
  • Traefik: Reverse proxy that provides access to all the rest
  • Homer: Provides a dashboard for all my services. My instance can be found at: https://dashboard.arsenm.dev
  • holdengreen@lemmygrad.ml
    link
    fedilink
    arrow-up
    0
    ·
    2 years ago

    Nice. I’ve been meaning to get back to my stuff also.

    1. I need to take Cloudflare off of greenempower.org. do you have a better idea for DNS?
    2. I’m afraid of getting DDoS’d when I put up public services.
    3. My home bandwidth is limited and I can’t afford/don’t trust cloud services to keep my data.
    4. Maybe I can use a cloud service as a buffer/data cache so my home isn’t overloaded?
    • FuckBigTech347@lemmygrad.ml
      link
      fedilink
      arrow-up
      1
      ·
      2 years ago

      I run many of the same Services as comrade @Arsen6331@lemmygrad.ml except for Matrix (I still use Synapse, Dendrite’s predecessor). I also run my own web crawls and have transmission-daemon to seed some torrents and I have my own personal Pleroma instance. My bandwidth is 50 MBit/s Down and 10 MBit/s Up. It’s not always smooth but it’s okay. I don’t think a cdn of any kind is necessary unless you expect a lot of people to use your services.

      No one will just randomly [D]DoS you, unless you give someone a reason to. I’ve been running these Services public for almost 3 years now and I’ve never once experienced a DoS attack, much less a DDoS. The only thing you might get are random SSH login attempts from bots. But you shouldn’t expose sshd to the public internet on standard port 22 anyways.