this post was submitted on 29 Mar 2024
40 points (95.5% liked)

Selfhosted

40665 readers
170 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

I am somewhat late into the Linux-verse (three years in now) and want to move into self-hosting to do two things:

  1. Host my own Jitsi server and sessions. (or any other open source solution)

  2. Host my own solution to privately and securely share photographs of my kids and life here with my family abroad.

At some point, I want to host my own little static-website about myself which should “replace” having to give people a LinkedIn account or something.

The thing is, I know nothing about owning domains, etc. I have never done this before. I have been lurking around this forum to learn some of the basics, but would really like a more tailored reply (is possible). I am working in Europe.

  1. Which computer should I use? I want to host everything on my computer at home. I don’t want to go the VPS route.

  2. Where can I buy an inexpensive domain(s)? I assume I only need one.

  3. What other things do I need to consider? My current broadband is IPv4 only.

all 23 comments
sorted by: hot top controversial new old
[–] eodur 24 points 8 months ago (2 children)

For image hosting I would look at Immich. It aims to be a full Google Photos replacement. It isn't quite there yet, but it is quite featureful and rapidly improving.

[–] [email protected] 11 points 8 months ago (2 children)

Immich doesnt feel like beta at all, its amazing, its better than google photos imo. Nextcloud is also great, but nextcloud photos not so much

[–] [email protected] 7 points 8 months ago (1 children)

Tell that to the breaking changes server upgrades. I know something good happened when my app won’t login anymore.

No real hate though. I’m a sponsor of the project. Shits lit.

[–] [email protected] 3 points 8 months ago

Im using immich for less than a year and there were few breaking changes. Im updating manually and I think its quite easy to follow their instructions. They also push warning message to clients before breaking change happens. But yeah I know what you mean, it can be annoying if you are auto updating

[–] eodur 5 points 8 months ago (1 children)

Totally agree. I run both Immich and Nextcloud. Both are great.

[–] darelik 3 points 8 months ago

Agree. I run paperlessngx also for documents/ocr.

[–] [email protected] 1 points 8 months ago

Bleugh Immich.

I've heard great things but I'm quite new to all this and can't get the fucking thing to boot. Last night I followed their install via Portainer walkthrough to the letter, copy/pasted their files from their links they pointed at...

I'll have it running by next weekend most likely, this keeps happening, then I learn a bunch of shit. But I really have no idea why it wouldn't boot last night.

[–] [email protected] 7 points 8 months ago (2 children)

The best "bang for the buck" in your use-case is to use Nextcloud - Nextcloud Talk is your Jitsi replacement, and the files feature can be extended with the Nextcloud Photos plugin (https://github.com/nextcloud/photos).

As for your domain question:

  1. You should use any computer you'd like that meets the Nextcloud recommendations, the key is of course isolating this machine on your home network so any "funny business" stays on the server. You can do this with VLANs or an entirely separate LAN connected to a different WAN (ISP).

  2. Many places, I like porkbun.com for real custom domains for cheap, but for your use case, you might be able to use a Dynamic DNS provider for free. It just likely won't be an easy to remember URL (or at least, as easy as a root domain only). If you have a newer ASUS or Netgear router/modem they both have Dynamic DNS built in and you can select from a few different providers that have both free and paid tiers. ALSO it might be better to use Google Domains (now squarespace domains) since, IIRC, many DynDNS configs for routers support Google Domains too. Cloudflare can also be a decent registrar, and I'd recommend using them if you use any other cloudflare services (see below).

  3. Other things to consider: Your ISP may block port 80, meaning lots of issues. If this is the case, you might want to use a tunnel of some sort. Cloudflare has a great solution here. Even if they don't block port 80, they may aggressively throttle and shape your incoming traffic - causing issues. Again, the tunnel is a good solution here. And, of course, your upload bandwidth matters a lot, you'll need something around 100Mbps upload for a decent experience when accessing your stuff over the internet. The 30Mbps that's typical of DOCSIS modems won't cut it. Outside of these concerns it's all about making sure you isolate your server from your "home stuff" to keep things secure.

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago) (1 children)

For point 3 - I'd suggest OpenVPN or Wireguard. Simple and secure without too much fuss involved in making it work. You would have to distribute keys and/or logins which might complicate things for the users if they are laymen though.

Also I'd agree 30mbps is not much, but for just a few users it should be fine.

In general I will +1 Nextcloud, its not the best and kinda slow and heavy, but its the best and most full featured UX for newbie users. Feels just like something like Google or Dropbox would put out, sans all the bullshit and tracking. You can extend it easily too if you ever need to.

[–] [email protected] 1 points 8 months ago (1 children)

I'd argue that the cloudflared daemon is even easier to use than a static wire guard or openvpn tunnel. It's basically set and forget. The downside is that you must use cloudflare. This may, or may not be a big deal depending on OPs needs.

I moved from a place with symmetrical gigabit to "gigabit cable" with 30mbps upload, it definitely wasn't good enough for my small family. Photos are quite large these days - not to mention videos. Though it likely has a lot more to do with the bandwidth shaping my ISP does than the 30mbps rate.

Also agree that it's not perfect, but very likely the most newbie friendly solution at the moment. Especially from a deployment scenario vs going piecemeal.

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago) (1 children)

The downside is that you must use cloudflare.

yeah...

30mbps traffic shaping

back when i was on a DOCSIS modem, i noticed concurrent downloads would disrupt uploads and vice versa. i think this may depend on the type of connection OP has.

[–] [email protected] 1 points 8 months ago

yeah…

They asked for easy, or newbie friendly - and didn't particularly mention privacy concerns.

Other than that, if they don't have a port 80/433 ingress from their ISP there are scarce simple solutions that don't require another server that also needs management, either by them or a corporate entity.

back when i was on a DOCSIS modem, i noticed concurrent downloads would disrupt uploads and vice versa. i think this may depend on the type of connection OP has.

I used to work at a cable company, that was either a problem that people with low SNR had. Either from external factors (tree branch on a cable line) or in-home ones (bad splitter). A modem will ramp up it's gain in order to offset this (to a point), and in so doing, create a lot more interference between channels. OR they were hitting their ingress rate limit (which is quite agressive on residential plans because DDOS'es). It's surprisingly easy to hit your ingress rate limit for modern http/https webservers hosting complex web apps. Lots of concurrent connections open up to try to download all the resources when you go to any website in a modern browser and while it's not a TON of data, the short period of time causes the traffic to easily hit the PPS/BPS rate limit that ISPs employ.

But yeah, it all depends on the ISP.

[–] [email protected] 7 points 8 months ago* (last edited 8 months ago) (1 children)

I wouldn't follow the advice of using Immich. While its a great tool, growing fast and super polished, its currently aimed at photo backup from your android phone/tablet and is not a good pick for a family photo gallery.

To that end I would look into pigallery2 or the very good homegallery, which is still in early stages as well but also quite polished and already working great. They will not replace Immich, but will complete the workflow nicely.

My photo management flow (which includes your requirements, plus the capability to organize new photos over time) is here https://wiki.gardiol.org/doku.php?id=services:photomanagement if you are interested.

In general the flow is to buy or recycle a pc of anykind, install linux (optional, but recomendes), buy a domain you like from some registrar, setup some kind of remote access from outside to your home, and install the services you want.

The workflow mandatory includes hours spent trying and failing, and also having tons of fun in the process. Don't forget the WAF (Wife Appreciation Factor) which will determine how much fun you can have.

Last, i al documenting all my steps and proceedings while I run down my own selfhost rabbit hole in the above linked wiki (self hosted, ofc).

See you around, I guess!

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago) (1 children)

I've been trying to find some good examples of how to structure the files, and whether to combine the photos from everyone or to keep them separate. Obviously there's different systems for everyone, but your method of syncing, tagging, and displaying/sharing photos is almost identical to how I've been wanting to go about it.

Do you mind sharing how you structure the photo files and naming in your Gallery directory?

I was thinking of implementing the Copyright tag to keep the data of the original phototaker, and then combine all the photos into a Gallery/YYYY/MM structure, with the filenames being YYYYMMDD-CameraModel. There aren't many events we go to, so albums aren't a big priority, but on the occasion, I was thinking if using a folder like MM-Event in the respective year folder.

I'm just putting my thoughts down because I don't often see this part of people's photo organizing.

[–] [email protected] 2 points 8 months ago

I create folders with name like: /gallery/2024/03 - Trail Del Marchesato/

And put there all the photos related to that event.

Or more generic like: /gallery/2024/Winter To collect generic photos of that period.

So I divide by year and reason/event. Inside each use moves his own photos for that event, or they create their folders.

Tags do the rest.

Homegallery let's you view them by similar or tags, while pigallery2 let's you view them by the folder. Both together fits the bill

[–] [email protected] 4 points 8 months ago* (last edited 8 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
IP Internet Protocol
NAT Network Address Translation
SSD Solid State Drive mass storage
SSL Secure Sockets Layer, for transparent encryption
VPN Virtual Private Network

6 acronyms in this thread; the most compressed thread commented on today has 10 acronyms.

[Thread #640 for this sub, first seen 30th Mar 2024, 11:45] [FAQ] [Full list] [Contact] [Source code]

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)
  1. An old laptop is the easiest to start with, but you might eventually run into storage limitations with it. But in general getting an older one and putting a bigger SSD into it is usually sufficient (but look for one that can limit battery charging to 80%). Otherwise a thin client or a mini-pc is good, but they don't come with a built-in UPS or Keyboard/Screen for quick troubleshooting.
  2. Domains cost pretty much the same everywhere, but I think in your case OVH is good. They give you a free email service and dynDNS for free with every domain purchase, so that takes care of the difficult stuff like email hosting for notifications and the like. It also includes a free 100mb webspace you can use for that static site and not worry about your server being online all the time.
  3. IPv4 only is no problem. You need to see if your ISP gives you a dynamic public IP (so no NAT) and if the router you are using allows access to configure port-forwarding.
[–] [email protected] 2 points 8 months ago

More.

I agree nextcloud might be a very good solution.l, specially because all the service you might need are there. The fun factor decreases tough.

Also, while cloudflare is heavily sponsorized in this community I disagree. It's probably the easiest approach but you end up depending on a specific service. Renting a cheap vps (virtual private server) and setting up a VPN or ssh tunneling is the best approach, but slightly more complex. In exchange you are free to migrate to a different vps at any time with basically zero downtime.

Using a VPN is clearly the safest approach but has two limits:

  • more complex setup for you users
  • cannot expose public services (like sharing photos with friends outside family, or sharing your resumee)

Using ssh tunnels to make your internal server accessible on port 80/443 of the vps instead gives you the maximum freedom, but you run higher risk unless you secure it properly (service separation, https with let's encrypt, strong authentication and so on....)

[–] [email protected] 2 points 8 months ago

Hi! I’m quite new to self-hosting as well. Started about a month ago. I bought this Mini PC while it was on discount, but in general, any PC with Intel N100 should be cheap and good enough.

I bought my domain on Namecheap, and I use Cloudflared to expose my self-hosted service with the domain I bought. More on Cloudflared here.

I’m currently using the Mini PC to host a media server, personal notes app, a Minecraft server, and a link preservation software. I currently don’t have a photo storage service set up, because most of my storage are already used for my movies on the media server.

However, I’ve been looking into the options for a self-hosted photo storage service. Others have mentioned Nextcloud and Immich, and they look great. I also found Ente which I might also give a try once I have upgraded my storage.

[–] [email protected] 1 points 8 months ago

Sorry man, I am on mobile so I keep missing parts.

As for hardware, I would recycle anything you have at home if it has at least 8gb ram and a network card. Specially laptops (low watts consumption and built-in battery in case of power outage) are my favourites. But if you want to spend for new stuff, the low power N100 are all the rage nowadays.

For storage, go with at least two disks or ssds or nvme in RAID1 (and keep in mind that is not backup, which you should plan to do), they can be external USB drives as well, provided you spend some good money and don't go cheap on the USB enclosure. Mine have been working perfectly for the last decade.

[–] [email protected] 1 points 8 months ago

I have used Piwigo for this purpose the past 3.5 years. It’s running on a tiny Odroid HC-2 and solid state drive. The same device also runs Emby for video streaming. I started it with a free sub domain from afraid.org. I migrated to a real domain later. To run two services from one domain name you also need a reverse proxy and SSL certificate renewal, like SWAG or NGINX Proxy Manager or Zoraxy.

The main thing I’ve learned is keeping everything isolated repeatable. On my Odroid I learned to use Docker and Portainer for the apps. But there were a couple times I broke everything through updates/upgrades. Now I have a small Intel N305 (Minsforum UN305C), running ProxMox VE, and apps in Linux containers. The first I set up myself to learn but later I discovered some open source helper scripts https://tteck.github.io/Proxmox/. ProxMox seems a bit more complex than Docker/Portainer, but more flexible.

I’m using IPv4 only but I’m migrating to IPv6 soon to help with in-network routing to my domain. My advice would be unless you want to host your own DNS and override your domain to resolve to LAN, just use your IP:port on LAN and use the domain only outside your home.

[–] [email protected] 1 points 8 months ago

Both is still work in progress. Matrix call for video calls and immuch for photos.