Do you have any advice or suggestions about it?

  • Hardware (what should be enough for a local PC, or VPS…)
  • Software (OS [Debian, Yunohost, other…], “containerization” (Docker, virtual machines?), dashboard, management, backups, VPN tunneling…)
  • “Utilities” to host (Lemmy, Peertube, Matrix, Mastodon, Actual Budget, Jellyfin, Forgejo, Invidious/Piped, local Pi-Hole, email, dedicated videogame servers like for Minecraft, SearXNG, personal file storage like Drive, AI [in the future, when I can afford a rig that can run a local model decently]…)

I’m aware it’s a lot of stuff to take on, so, do you have any advice on where to start? (how to find a cheap PC to experiment with, if not get a VPS, what to test on it, what “utilities” to try self-hosting first…)

  • hperrin@lemmy.caEnglish
    3·
    22 minutes ago

    Hardware

    Anything with an x86 processor and some form of graphics (iGPU is totally fine). You can use a raspberry pi, but it will give you headaches. The more RAM the better, but 8gb is good enough for a few services. You definitely want an SSD.

    Setup

    You’ll need a domain and you’ll need to point the root domain at your public IP with an A record. Then you can set up subdomains for each service with a CNAME record to point to your root domain (use “@“ as the host name). So like “example.com” points to “123.123.123.123” with an A record, and “nextcloud.example.com” points to “@“ (“example.com”) with a CNAME record.

    For your domains, I recommend Cloudflare. They’re relatively easy to set up, but more importantly, they don’t charge a markup on domains.

    From your router, give your server a DHCP reservation to make sure it’s IP address doesn’t change, then forward ports 80 and 443 to your server.

    Software

    I prefer Kubuntu LTS, cause it’s super stable. When you’re installing, tell it to log you in automatically. Then once installed, in the power settings, turn off automatic sleep. You can leave on automatic lock, but it doesn’t really matter, since if someone has physical access to the machine, you’ve already lost.

    Docker and Docker Compose for sure. When you set up a docker compose stack, put it in its own directory, to make life easier. So, you can have a directory “nextcloud”, with the docker-compose.yml for the Nextcloud stack (Nextcloud itself, Nextcloud again but running in cron mode, and MySQL/MariaDB).

    NGINX Proxy Manager should be your first docker compose stack. Use “host” network mode, so it can talk to your services. Set up your SSL certificates with this, using the DNS option. Your certificate should have two domain entries, one wildcard and one for the root. So your entries would be like “*.example.com” and “example.com”. You can do that on the same cert. You’ll need an API key from your registrar that has access to your domain’s zone to get it working. On Cloudflare you can set that up in your profile. Just give it access to all zones, then jot down the secret key somewhere safe like a password manager. That key is what you’ll enter into NPM when setting up your cert.

    Now you can set up some docker compose stacks with your services. Choose a port range for your services, like 8201, 8202, 8203, etc. Each service usually only needs one port mapped, the HTTP port. So use a port you haven’t used and forward it to the HTTP port (“8201:80”). Don’t forward any ports to your DB. Containers in the same stack can talk to each other without having ports forwarded. Use regular directories for your volume mounts, not Docker volumes (so like “./nextcloud:/path/to/nextcloud/data”).

    Set up the subdomain for each service to point to its port in NPM. The address is just “127.0.0.1”, and the port is whatever you set it up as in the Docker Compose stack.

    Start with Nextcloud using the “Nextcloud” docker hub image. It says it’s for advanced users, but I’ve been using it for years. It’s super easy.

    All of the stuff from linuxserver.io is great, except Nextcloud, cause you can’t run Nextcloud Office with the built in server.

    Next, try Immich. It’s awesome.

    Then Jellyfin, Nephele WebDAV, Wordpress, Home Assistant.

    Remote Access

    Install Flatpak and Flathub, then the RustDesk flatpak to access your server remotely. Set it up as a startup program in KDE settings so it launches on boot. Install Flatseal to give RustDesk full permission so it doesn’t always need to ask the local user to approve the screen share. You might need to get an HDMI dummy plug to make it work without a monitor. They’re super cheap.

    Oooorrr, you can access it with SSH, but that’s a little more dangerous if you don’t set it up correctly.

    Notes

    Don’t try Podman, it’s very difficult to get working, and simply won’t work with NPM. Use the official Docker installation method, where you set up their repositories in Kubuntu.

    Every once in a while (at least monthly), go through your docker stacks and update them. Usually that’s just a “docker compose pull” and “docker compose up -d”, but sometimes it needs manual intervention, like with Nextcloud’s upgrade script, “occ”. For that you’ll use “docker compose exec -it …”.

    Every once in a while, run “docker system prune -a --volumes” to clean up old stuff. (This is one reason why you don’t want to use docker volumes for your data, they would get scrubbed too unless they were running.)

    You’ll probably want to set up some backup solution. Just note that a lot of the files you want to back up are owned by root, so userland backup tools probably won’t work.

    Don’t try to host your own email. You can probably do it, but it’s astoundingly complicated and difficult to maintain. I know because I run an email service, https://port87.com/. Most ISPs make you jump through hoops to open up outbound traffic on port 25, the email port.

    Most Importantly

    Have fun!