![](https://lemmy.dbzer0.com/pictrs/image/a07d8d4f-88f6-4f76-b1c1-612f5692f052.png)
![](https://lemmy.world/pictrs/image/8286e071-7449-4413-a084-1eb5242e2cf4.png)
I prefer Tailscale Funnel for these kinds of things. NetBird and ZeroTier also work just fine if you don’t want to expose your services to the public.
Mastodon | @Andromxda@hachyderm.io |
---|
I prefer Tailscale Funnel for these kinds of things. NetBird and ZeroTier also work just fine if you don’t want to expose your services to the public.
If you use 9.9.9.9, you should try Mullvad DNS (with adblocking) or AdGuard Public DNS
I recommend lemmy-ansible or the Docker install guide.
According to the roadmap, the project will get open-sourced before the end of 2024, so there is some hope.
https://roadmap.hardcover.app/feature-requests/posts/allow-open-source
I hope they implement ActivityPub, so it can federate with BookWyrm
Yeah, that’s exactly what the 3-2-1 rule says.
But it can’t be self-hosted, right?
Perhaps NetBird, ZeroTier or Tailscale? If you want to make a service available publicly, check out Tailscale Funnel.
I’ve been using TubeSync, but I switched to Tube Archivist. Works very well, I’m happy with it.
I don’t recommend Debian for Apple Silicon, just stick with Asahi Linux. There aren’t any big issues, except the fact that not all Docker images are built for arm64.
You can even self-host it and use it with Nextcloud.
I use self-hosted draw.io together with the Draw.io Nextcloud integration for a diagram, and Wiki.js to write down some important information. If you prefer something lighter, check out DokuWiki. There are many other options for a Wiki like Bookstack or django-wiki.
Check out WireHole or openvpn-pihole
Not exactly self hosting but maintaining/backing it up is hard for me. So many “what if”s are coming to my mind. Like what if DB gets corrupted? What if the device breaks? If on cloud provider, what if they decide to remove the server?
Backups. If you follow the 3-2-1 backup strategy, you don’t have to worry about anything.
Tailscale has a very neat feature called Tailscale Funnel, which makes this pretty easy
It’s not cheap, but this setup doesn’t just serve as a router. It’s also a dedicated hardware firewall solution, with the capacity to handle big and fast networks (I’m speaking hundrets of clients and technically it could even do 40+ Gbps over an SFP fiber-optic connection.) It also lets me monitor my network and filter connections. I use Telegraf, InfluxDB and Grafana to get a nice visual overview of my local network, as well as all the inbound and outbound connections. I can even see the location of the servers I connect to through MaxMind GeoIP in my Grafana dashboard. I also use Sensei (I think it’s called Zenarmor now) for advanced filtering, and I use ClamAV with TLS interception to scan for malware. I could also run a DNS server through Unbound or Pi-Hole, but I prefer to do that on a separate device. OPNsense is a very powerful piece of software, and the StarLabs Byte is a suitable device to run it. For me it’s very important to have a free BIOS firmware implementation like coreboot on a security-critical device like my firewall.
I recommend building your own router. It might sound complicated but it’s not. Just grab any low-power x86 mini PC that has 2 network controllers, put an open-source router/firewall OS like OPNsense or pfSense on it and you’re ready to go. (Check out this video for pfSense and this one for OPNsense) Protectli offers specialized devices that are designed to run OPNsense/pfSense. They also support coreboot, a free and open source BIOS implementation. You can also go with something Linux-based like OpenWrt, but I’m very happy with my BSD-based OPNsense firewall. I use a Star Labs Byte with OPNsense, a fanless mini PC that runs coreboot, designed by a UK-based, Linux-focused company called Star Labs. Before that, I used to use a Fujitsu thin client with OpenWrt, inspired by this video.
Serif’s Affinity suite is pretty great
You just described Twitter/X