Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
-
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
Hardware
Anything with an x86 processor and some form of graphics (iGPU is totally fine). You can use a raspberry pi, but it will give you headaches. The more RAM the better, but 8gb is good enough for a few services. You definitely want an SSD.
Setup
You’ll need a domain and you’ll need to point the root domain at your public IP with an A record. Then you can set up subdomains for each service with a CNAME record to point to your root domain (use “@“ as the host name). So like “example.com” points to “123.123.123.123” with an A record, and “nextcloud.example.com” points to “@“ (“example.com”) with a CNAME record.
For your domains, I recommend Cloudflare. They’re relatively easy to set up, but more importantly, they don’t charge a markup on domains.
From your router, give your server a DHCP reservation to make sure it’s IP address doesn’t change, then forward ports 80 and 443 to your server.
Software
I prefer Kubuntu LTS, cause it’s super stable. When you’re installing, tell it to log you in automatically. Then once installed, in the power settings, turn off automatic sleep. You can leave on automatic lock, but it doesn’t really matter, since if someone has physical access to the machine, you’ve already lost.
Docker and Docker Compose for sure. When you set up a docker compose stack, put it in its own directory, to make life easier. So, you can have a directory “nextcloud”, with the docker-compose.yml for the Nextcloud stack (Nextcloud itself, Nextcloud again but running in cron mode, and MySQL/MariaDB).
NGINX Proxy Manager should be your first docker compose stack. Use “host” network mode, so it can talk to your services. Set up your SSL certificates with this, using the DNS option. Your certificate should have two domain entries, one wildcard and one for the root. So your entries would be like “*.example.com” and “example.com”. You can do that on the same cert. You’ll need an API key from your registrar that has access to your domain’s zone to get it working. On Cloudflare you can set that up in your profile. Just give it access to all zones, then jot down the secret key somewhere safe like a password manager. That key is what you’ll enter into NPM when setting up your cert.
Now you can set up some docker compose stacks with your services. Choose a port range for your services, like 8201, 8202, 8203, etc. Each service usually only needs one port mapped, the HTTP port. So use a port you haven’t used and forward it to the HTTP port (“8201:80”). Don’t forward any ports to your DB. Containers in the same stack can talk to each other without having ports forwarded. Use regular directories for your volume mounts, not Docker volumes (so like “./nextcloud:/path/to/nextcloud/data”).
Set up the subdomain for each service to point to its port in NPM. The address is just “127.0.0.1”, and the port is whatever you set it up as in the Docker Compose stack.
Start with Nextcloud using the “Nextcloud” docker hub image. It says it’s for advanced users, but I’ve been using it for years. It’s super easy.
All of the stuff from linuxserver.io is great, except Nextcloud, cause you can’t run Nextcloud Office with the built in server.
Next, try Immich. It’s awesome.
Then Jellyfin, Nephele WebDAV, Wordpress, Home Assistant.
Remote Access
Install Flatpak and Flathub, then the RustDesk flatpak to access your server remotely. Set it up as a startup program in KDE settings so it launches on boot. Install Flatseal to give RustDesk full permission so it doesn’t always need to ask the local user to approve the screen share. You might need to get an HDMI dummy plug to make it work without a monitor. They’re super cheap.
Oooorrr, you can access it with SSH, but that’s a little more dangerous if you don’t set it up correctly.
Notes
Don’t try Podman, it’s very difficult to get working, and simply won’t work with NPM. Use the official Docker installation method, where you set up their repositories in Kubuntu.
Every once in a while (at least monthly), go through your docker stacks and update them. Usually that’s just a “docker compose pull” and “docker compose up -d”, but sometimes it needs manual intervention, like with Nextcloud’s upgrade script, “occ”. For that you’ll use “docker compose exec -it …”.
Every once in a while, run “docker system prune -a --volumes” to clean up old stuff. (This is one reason why you don’t want to use docker volumes for your data, they would get scrubbed too unless they were running.)
You’ll probably want to set up some backup solution. Just note that a lot of the files you want to back up are owned by root, so userland backup tools probably won’t work.
Don’t try to host your own email. You can probably do it, but it’s astoundingly complicated and difficult to maintain. I know because I run an email service, https://port87.com/. Most ISPs make you jump through hoops to open up outbound traffic on port 25, the email port.
Most Importantly
Have fun!