this post was submitted on 03 Sep 2023
16 points (83.3% liked)

Selfhosted

40006 readers
957 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hi Self hosting,

Its my day off and I'm going to be putting some work into my self hosted world today. I don't expect to get it all done in one go, but I've been piecing the parts together for a few months and I think I've got what I need. However, what I lack is any kind of overall mental model for how to think about or engineer this kind of system. I also don't know a ton about internet security or best practices, so I've been cautious about going too far too fast. I'm going to outline the parts and their intended uses here, and then if people could weigh in on parts or offer resources in the form of blog-posts or youtube videos to help me frame in my thinking, I would really appreciate it. My goal is to eventually fully de-google/ self host my world, and its going to take me a while but I think I can get there. If you only have an opinion about one piece of equipment, please consider sharing your experience there.

Equipment:

1: NAS/ Server

QNAP TS-464-8G-US 4 Bay High-Performance Desktop NAS with Intel Celeron Quad-core Processor, M.2 PCIe Slots and Dual 2.5GbE (2.5G/1G/100M) Network Connectivity (Diskless).

Currently, I'm thinking of the NAS as being the heart/ brains of the operation. Eventually I want to get a heavy duty machine with at least 128+GB ram and several video cards (for work/ self hosting), but right now, my plan is to just use the NAS for home automation purposes (any services I need to run). I want to put my πŸ΄β€β˜ οΈ 🎩 back on eventually, and also use this for hosting a Jellyfin or plex server (the more self hosted/ FOSS the better). Currently, I'm I've set up and configured the storage pools as one large pool, but that's it. I was also planning on storing any thing that should be kept from my security cameras here. It will also be housing the weather data I'm collecting. I also plan on using it to host my audio/ media server. We also want to be able to run something akin to a self hosted google drive so that these data are available to us away from our home.

2: Routers and switches

RT-AX86U

This is my main router for the house. It was a pretty high end router a couple years ago and has good coverage.

TP-Link TL-SG1005P 5 Port Gigabit PoE Switch 4 PoE+ Ports @65W Desktop Plug & Play Sturdy Metal w/ Shielded Ports Fanless Limited Lifetime Protection QoS & IGMP Snooping

I use this for my security cameras so that I only have to run one cable. I also was imagining that I may look into other POE devices and this could service them too.

3: Security Camera

Amcrest 4MP Outdoor PTZ POE AI IP Camera Pan Tilt Zoom Security Speed Dome, 5X Motorized Optical Zoom, Human Detection, 98ft Night Vision, Tripwire & Intrusion, POE (802.3at) IP4M-S2112EW-AI

I live in an area with a pretty extreme reputation. From our doorstep we've witnessed robberies, assaults, and b&e's.

4: Weather Station

RainmanWeather IoT Professional LoRa Weather Station WiFi Wireless

I have extensive gardens I've planted and have been a hobbiest in the personal weather station world for a few years. Eventually I want to tie this into my currently not smart irrigation system to automate irrigation.

5: Speakers

Audioengine A1-MR 60W Multiroom Home Speakers - WiFi Speaker System - Works with Online Music Streaming Services or Personal Libraries (Pair, Grey)

I bought these because for a period we had a sonos system, and although I liked it, I hated the walled garden. Its not entirely clear to me I'll be able to use these in the same manor, but I've been able to hack on them a bit and am continuing to explore what I can do with them. If I can figure out how to self host an audio stream (liken to an internet radio server, I think they'll work).

6: Smart switches

I have some smart switches for some outdoor light strings.

The vision I have is that one would have a web page or web portal that when you are on my home wifi, its available. It would show you the current weather, the view from the security camera, and give you access to the audio server if you want to put music on.

I'm not a network engineer, and although I do know how to write and understand, with enough effort, most common programming languages, I'm also not really a software engineer. I think I've got 'enough' skills and chops to create the glue where I need to, but just barely. So if there are canned solutions to some of these things, that is what I'm going to be trying to use. Where I can't (for example, the weather station), I'm pretty good at hacking in and around and getting out what I need.

I would really appreciate any thoughts, or ideas. Like I said, although I've hacked on some of this stuff before, this is my first attempt at a unified framework. I really don't like the direction the world and internet are going and this is my attempt to push back and assert some independence. Any advice and recommendations are thoroughly appreciated.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago (1 children)

My advice for security is don't expose anything to the Internet unless you're sure you know how to secure it. If you want to be able to access self-hosted services remotely, setting up a VPN is the way to go. OpenVPN is gonna be the most widely supported way of doing that. In fact, based on a quick Google search, it looks like your router has an OpenVPN server built in. If you're willing to put in some effort for something more modern and performant, look into WireGuard.

Another benefit of having a VPN is that if you set it up to allow access back out to the Internet, you can use it to mask your internet traffic while you're connected to an untrusted network.

[–] [email protected] 2 points 1 year ago

I'd go with Wireguard if the router supports it, since it's also easy to setup and much faster than OpenVPN. Or tailscale/headscale for problematic networks (CG-NAT etc).