I’ve been dabbling with selfhosting for a bit now (home assistant and nextcloud), but it’s clear that I lack a fundamental understanding of networking. For example:
- I’ve got OpenWRT on my router, but no idea what I’m doing when it comes to firewall settings, DNS, DHCP, etc.
- I’ve got a domain thru Porkbun, but no idea how to properly setup my DNS settings there to route to my local machine.
- I’ve got NGINX running in a docker container in a VM and can get to the UI on my local network, but no idea what I’m doing wrong with my attempts at a reverse proxy.
Does anyone here have links to a good in-depth tutorial series for learning about securely selfhosting?
You must log in or # to comment.
I am saving this thread to try and find a good tutorial for myself. That said, I have had a great experience on #networking on libera.chat, which is IRC. They have been very patient with me and often willing to go into detail in a beginner-friendly way.
Unfortunately, they are not accessible via the web chat, so you have to use an IRC client and register and account, which is relatively painless, but might take 10 to 15 minutes to get started.
Idk of any good series but techno tin has a great video on using cloudflare and traefik to get wildcard letsencrypt ssls for your docker services.
Check FUTO’s guide. It’s great for beginners:
- Part 1: https://youtu.be/Et5PPMYuOc8
- Part 2: https://youtu.be/3fW9TV1WQi8
Well my first reply is: setting up yor own router is like learn driving within a touring car. You just need to know a lot to set up/handle everything properly. Its just not easy and in m opinion the most wrong point to start.
DNS-wise I would like to recommend something like pihole. To me it was my first thing I installed and used until this day and also the handling of DNS is quite easy. Maybe you should consider lerning other things before setting up your own router.
@Nephalis @anticonnor I think there are two approaches. 1) Start with desktop linux, a vps or raspberrypi to start building linux and networking skills or;
2) start with something more packaged that provides more guidance on delivering services ‘out of the box’ like yunhost - which can provide some things off the rack services and with a templated approach - that then allows you to play around a bit while you learn the basics@Nephalis @anticonnor Yunohost has a starting point for setting up an instance - yunohost.org/#start @elena is also writing something up.
I think NetworkChuck has a good set of tutorial videos about self hosting. For the most part you can search for what you want to find info on and he probably had a video on it. E.g. Nginx: https://m.youtube.com/@NetworkChuck/search?query=Nginx
@theit8514 @anticonnor I tried to watch one of his videos (it was 20 minutes ) after the first two minutes in before he actually provided any facts. I think it got a bit better. But in terms of starting out with selfhosting I’m not sure where I would start in his videos.
I’ll check him out, thanks!
When I was stumbling on some of his output it unfortunately felt very click-baity, always playing on your FOMO if you didn’t set up/download/buy the next best thing until the other next best thing in the video after.
In other words, I think he’s cool to check out to get to know of a thing, but to get a deeper level of understanding how a thing works I would recommend written materials. There are good caddy/nginx tutorials out there, but a linux networking book will get your understanding further yet.
If it has to be video, I would at least recommend a little more slowed down, long-form content like Learn Linux TV.
I am relatively sophisticated on LAN/local services (been running Raspberry Pi since 2018 or so), I was never able to setup a reverse proxy to get a true self-hosted system (i.e. remote access); got roadblocked by nginx and setting up letsencrypt with reverse proxy support.
In general, true remote access is IMO exponentially more difficult and demanding than getting things running on your local network.
For anyone starting out with self-hosting, I would strongly recommend LAN/local services where you can relatively easily deploy multiple very useful and powerful services (SMB/NAS, Jellyfin, Pi-hole, Qbittorrent-Nox).
I would suggest looking into DietPi, it’s IMO the best RaspberryPi/SBC distribution there is if you want things to just work and not bug you. Very helpful developers and community too. Excellent, user friendly CLI management tools for headless operation.
You basically never want to expose your local network to the internet. The most secure and simple way are either Tailscale or WireGuard combined with a VPS that is exposed to the internet and takes all the beating.
This what I was trying to setup when I first started (with Nginx, domain and free tier version of Google Cloud). I wasn’t able to get it all running with Nginx and HTTPS.
I use Tailscale and Nginx Proxy Manager. Very easy to get it running. I use DNS Challenge with my Domain Provider. The Domain points to my Tailscale IP. So I don’t need to open anything.
I use a similar setup with Traefik instead of Nginx PM, and Headscale instead of Tailscale. It is almost the same kind of setup.
I’m a bit farther along, but it’s all been trial and error (and error, and error…) So, commenting because I would also like some of this info. My DNS is a disaster! Still using IPs to access my VMs, mostly.
Use caddy server instead of nginx
