Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
-
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
I've got a firewall. I also have two managed switches to route the VLANs that I'll be setting up in the coming days. I've got a handful of guides I've visited and will be revisiting in order to do it the way I want, which I believe will be a reasonable level of security. Acknowledging that you were just trying to be a friendly neighbor, does this plan still hold up to your wisdom thus far?
Yes, that does indeed sound like you have all the stuff necessary to make this work.
In my home network this wouldn't work, as I'm running all my stuff in containers on multi-purpose servers, and therefore I can't really split things per VLAN. Most other people in the homelab/self host community also use their servers for multiple purposes at the same time, so VLANs alone often doesn't cut it.
Thanks. I've been doing a lot of research, and the beginning of it took a while to stick, so it's good to hear I'm not a complete idiot. What "multiple purposes" are you referring to that would make the VLAN setup less effective? Because I'll acknowledge that this could lead to two devices being completely compromised if I'm breached, but that will only cost me time to get set back up, as opposed to compromising personal devices on the main VLAN.
The containers in my setup are running in a Kubernetes cluster. My Kubernetes cluster consists of 3 physical servers (one old desktop computer and 2 Intel NUCs).
On that cluster I run many different things, Jellyfin, Plex, *arr-stack, downloader, Immich, zigbee2mqtt, home-assistant, audiobookshelf, calibre-web, Forgejo, ArgoCD, Homebox, Paperless, Factorio servers, Velero, and a bunch of other stuff.
Because I run so many different things on the same 3 physical machines, using containers, then there's no way to split this into VLANs.
I could make a "kubernetes" VLAN, but everything else on my network would need to be connected with it anyway. All my computers, phones and TVs need to access Kubernetes (Jellyfin), and Kubernetes need to access everything else such as EV charger, heat pump, and the power monitoring in my power meter. Therefore I need to control my networking at a different level.