Since then I have added a few things, partly from that thread.
The big things were hosting Sandstorm.io, which is a complete self-hosted google-apps/office365 type setup that is very easy to use and has great functionality. My entire family uses it for a variety of things that we used to use independent files or google apps for. Nicely collaborative.
I have also recently started self-hosting a meta-searchengine called Searx in order to extricate myself from google on another front. It has also been pleasantly easy to set up, and the aggregated and collated search results have been excellent. Its much faster and more usable than I dreamed of when I decided to test drive it. It anonymizes all browser/os/etc fingerprints to keep the search engines that you query in the dark about your habits. I've toyed with tunneling it over TOR to make the whole thing even more private, but that may slow things down too much. Again, my family have pretty much all switched to it.
I even use both of these things externally (protected by https, geoip blocking and simple auth)
I have also added a minemeld server for IP blocking and DNS blackholing of malware/spyware/C&C servers etc. This is an excellent Ubuntu based free server put out by Palo Alto networks. I combine this with the existing blocking/blackholing I do with the someonewhocares blocking lists. It really keeps browsing from my home network faster, safer and mostly ad free.
Also hedgewars and teeworlds for mindless family multiplayer action
You mentioned Minetest back then. I had a look at it recently and it seemed like it's not that much fun without mobs. Could you describe your Minetest setup in more detail? I'm sure it can be used to get more fun of it than I managed to.
Modpacks and worlds for minetest are a bit tricky, since you need the right version of all the mods for things to work properly, and sometimes newer versions of minetest break old mods, so there is definitely some manual labour involved in setting up a nice modern server where everything just works. It can be frustrating finding a subgame or mod that you want to use but hasn't been maintained and is broken.
The whole thing can't be too hard, because my kids running Debian were able to download and install dozens of subgames and mods to their computers and self-host for their brothers. All I had to do was show them how to unzip, move and (if required) rename folders.
The directory that mods are placed in will effect how it is loaded. It would be redundant to write it all out here, so check the wiki [1].
The best place to find out what the newest mods are is the forum [2], specifically the mods forum
For a good game (essentially a modpack) to start with, try Mineclone [3]. It tries to create a Minecraft clone, and is very active. My kids were also obsessed with Lord of the Test[4] for a while
Would love to hear more details about the challenges of the VOIP endpoint over a remote VPN connection. What sort of software is on the user device, and did you have any trouble with fragmentation getting VOIP to work over IPSec?
Around 2 years ago, I started building my own E-Commerce platform. It started out as a Shopify alternative and now, it's a whole different ball game. It has all the features of marketing automation from Marketo mixed with the backend interface of Amazon.com plus an inbuilt Mailchimp. This means, you can sell a mixture of digital and physical goods online.
The whole thing started off as a side project while I was working as a consultant at the time, and now it's my full time job. The whole thing is hosted on Google Cloud, in particular AppEngine, so I don't need to worry about DevOps.
I refuse to empower companies like MailChimp who treat their customers like shit. The good thing is, I don't need to pay any percentage of my sales to anyone and no one is holding my data hostage like Shopify - who take your money, take your data and ask you to pay more to access it (checkout how Shopify analytics works).
I run a bunch of E-Commerce dropshipping businesses with this platform and it has served me well. I used Elixir/Phoenix/VueJS for my stack.
It's a blogging platform with ecommerce bolted on. I suspect it's a little bloated. Indeed, my experience with it was that in many respects it was very sluggish and inelegant.
I'm self-hosting a tool to monitor our cashflow and keep our expenses (open source if anyone is interested [0], though only translated in Dutch at the moment). It runs on an Ubuntu Azure VM, with a SQL Server database.
- 4 x Samba4 DCs on various LANs (file server, ldap, krb, dns, ntp)
- Interconnected at VPN hub in London on Linode over wireguard
- "Road-warrior" VPN via ocserv, shadowsocks and strongswan
- Plex
- Nextcloud + OnlyOffice
- 2 x Windows Server 2008 R2
- Postfix/Dovecot/Horde for mail on a Samba DC for fast LDAP
- Private internal family blog
- Simplesamlphp and mod_auth_mellon for SSO, authenticates via kerberos, if not then SSL (my family use smartcards) and finally username, password and TOTP, all verified against AD
- Transmission
- Xen Orchestra (for managing xcp-ng)
- Rockstor (OS for my NAS using BTRFS RAID10)
- django-ca (for PKI for smartcards and internel certs)
- Used to run Citrix XenApp but now aiming for all desktops to be Linux, so looking at deploying ThinLinc
- Asterisk (all our family have FXO adapters on their phone lines, and all phones have FXS adapters, saves on our international phone calls, and all routed over our VPNs)
I'm a student of languages at uni, but I dunno maybe I should do sysadmin or something
IRC server, IRC bouncer, personal website, contracting website and Matomo Analytics. I like the control you get with self-hosting and the ownership of data.
- Email with hmailserver (Windows only unfortunately, but easy to install and configure and with an optional web interface).
- websites (apache, php), on which I host: personal websites, friend's websites, a synchronised grocery list for my gf and I, an URL shortener with file upload capabilities that has some handy features (I'll show-hn this one day, but currently the server is too underpowered and https too unstable), some front ends for websites whose front end I don't like, and a gazillion other scripts written since I was 17 or so.
- ftp (Filezilla server) for friends to change their website
- mysql which can be publicly logged into as read-only for some databases
- openvpn
- I'm a member of the ntpd pool (surprised that nobody abused that one yet)
- backups
- irc bouncer (quassel)
- Factorio (game) server and other games when desired
I also used to host my own dns servers, but after becoming an amplification vector this wasn't really worth it. I might again in the future though, because it seems like rate limiting a source IP should mitigate it for 99%.
And I used to seed torrents (also illegal, admittedly, but also some foss) but I've been using that less with Spotify, little gaming, and just generally less free time on my hands. There's no need for it anymore.
Finally I'd like to be a Tor node but my server can't handle the crypto. It'll get a few kbps of bandwidth and annoy clients because it's so slow. No point to that.
This costs me about 300 euros in hardware and 25 Watts of power. Next upgrade is scheduled for this summer, after my degree, when I can retire my current laptop. It'll draw a bit more, some 71W peak (24W idle), but it'll also be a huge upgrade in speed and will allow me to virtualize things. The current hardware is from 2014ish and while my own software works fine, something like WordPress takes 25 seconds to generate a single page. (For comparison, a custom written blog does a few mysql queries and rendering in some 15ms.)
In the future I want to learn to stop writing my projects from scratch and start learning how to confidently host and contribute to existing projects.
However, as of now I'm hosting:
On a VPS:
- Personal websites (career and hobbies, built on a custom PHP framework)
- Websites for groups/friends (communities, file sharing, built on a custom PHP framework)
- HAM radio contact log (Web based map and historical logging, built on a custom PHP framework)
- Game engine projects and demos (built on a custom JS game engine)
Isolated on my LAN:
- Network of pi's with webcams doing motion detection (using Motion + custom shell scripts + rsync)
- A server to view those pi feeds on (nginx + custom site on custom PHP framework)
- NAS
- Small "media center" (tried a custom site, now kodi)
On a different VPS:
- Minecraft server
- A web server to view the world map (nginx)
Some things I'd like to add in the future:
- Google docs/drive alternative
- (Or otherwise) a shared recipes/shopping/photosharing to use between me, my gf, and/or my family
- DDG/Google/Bing search alternative
- Network ad blocker
- Firewall
- Public transit schedule/map display for my commute
- A safe way view some of my LAN-based tools remotely
I'm also interested in learning the best practices for data storage/backup/recovery. Taking my data out of the hands of other providers has made me increasingly worried about hardware or software issues losing my files.
By self hosting, do you mean on a hosting service I pay for or my own computer/network?
For the latter, either everything or nothing depending on how you count it, since I outright refuse to buy 'licenses' for programs or run them on the 'cloud' and make sure to have everything running on my computer (ideally standalone).
So in that sense, all data is locally stored and all programs are of the buy once, use forever kind.
On my web hosting accounts, well then two websites really:
Plus a few files for fan games and projects that people I know wanted a permanent host for (read, not something like Dropbox or Mediafire). For example, Mushroom Kingdom Fusion, Super Mario Fusion Revival and Mega Man Day in the Limelight are hosted on the same server too.
I highly recommend all of them. Also experimenting with self-hosting NextCloud (https://nextcloud.com/) to more easily share files with friends and family, and so far so good. The Awesome-Selfhosted list on GitHub at https://github.com/Kickball/awesome-selfhosted is a decent place to find projects worth looking into.
- A custom web-chat server that works through ALL corporate proxies. ;)
I'm in the process of migrating to a new Webserver, and then I can finally switch to SNI based HTTPS, and secure ALL the sites properly.
Internal Servers:
1. SpamAssassin (Ubuntu)
2. 2x Active Directory Servers
3. File Server (12Tb) (Windows Storage Server)
4. IoT Server (runs tasks, listens to events etc)
5. MS SQL Server
6. MS Exchange Server
7. Several other small single-purpose servers. (Various OS's)
8. Dedicated set of VMs for Lab work (I'm a systems architect)
With the exception of the File Server, everything is virtual. My Production VMs run on one large HP Tower workstation and my Lab VMs run on another similar HP box (both are 32Gb, 4Tb, 2x Xeon CPUs). My File Server is self-built tower PC stuffed full of disks as several RAID arrays.
Future stuff:
1. I'm about to launch a Gopher Server, running on my own custom software.
2. I've installed a weather station and will be logging all that info to a dedicated website.
3. At some point I'll start re-running my MUD server as well.
Doing a small self-hosted Nextcloud to sync my KeePassXC database across devices. cPanel + Softaculous made it a breeze and the syncing works fine. Considering expanding my use of Nextcloud apps on my phone but haven't found many good ones on F-Droid so far, or at least getting them to work hasn't been obvious.
Jira, Gitea, XenForo, WordPress, custom CMS, smtp gateway, custom scan server, custom image gallery, custom ecommerce system, asterisk node, custom imgur-like site that supports any file type (and previews for many) with additional command line upload/download interface, ldap, and I’m sure I’m forgetting a few more.
* SMTP, using Postfix with my own greylist software
* HTTP, using Apache
* GOPHER, wrote my own gopher server (source code available
via said server)
* QOTD, again, wrote my own
* DNS, running bind but it’s not visible to the outside world. It’s authoritative for all my domains; the company serving up my zones slaves off my DNS server.
I would like to host my own iCloud storage, anybody got some good reads/links on that? e.g. owncloud, or synology cloud software that can can used for apps that normally would use iCloud for storage?
Or am i still sleeping on monday morning and dreaming of this to be actually possible?
I would like to self host a few things, but my ISP uses CGNAT. And to get static IP I have to get SME plan and separate static ip addon pack. SME plans are costly and have lower speeds.
You could try Kimsufi or Hetzner to get some cheap VPS or Dedicated Baremetal to host on. Selfhosted doesn't only mean hosting on private premises, the core idea is rather (IMO) to host it on hardware you paid for no matter where it is.
If the sites store other users info, then they fall under GDPR regardless of whether you are a company or not. I'm in the same boat here and this week will be purging all identifiable user data that is over 90 days old, and emailing the remaining users with 'opt in' emails. Then I will be updating my backends to do this automatically on a schedule.
With the exception of GitLab, i'd think all of those could be run on a single $5/mo VPS.
I run Gitea/Emby/Mosquitto/Sonarr/Deluge/NZBGet/Nginx/PostgreSQL/Nextcloud, plus a couple of my own services written in Go and Django, and it all runs on a Intel NUC with a celeron and 8GB Ram.
personal website (wordpress! yeah, i know!)
self developed (websocket based) multiroom distributed group chat webapp (built it to learn how pub sub works)
rethinkDB
elasticsearch
I've started doing this as a hobby, to see how many services I regularly use can be replaced. They're all behind an nginx reverse proxy + letsencrypt cert on a hetzner box.
Mail + mailbox + webmail: https://mailcow.email/ (Had to spend a bit more time, but now it is able to deliver mails to gmail/outlook/icloud without issues. I use it as a mailing solution for all the selfhosted projects which need smtp)
Since then I have added a few things, partly from that thread.
The big things were hosting Sandstorm.io, which is a complete self-hosted google-apps/office365 type setup that is very easy to use and has great functionality. My entire family uses it for a variety of things that we used to use independent files or google apps for. Nicely collaborative.
I have also recently started self-hosting a meta-searchengine called Searx in order to extricate myself from google on another front. It has also been pleasantly easy to set up, and the aggregated and collated search results have been excellent. Its much faster and more usable than I dreamed of when I decided to test drive it. It anonymizes all browser/os/etc fingerprints to keep the search engines that you query in the dark about your habits. I've toyed with tunneling it over TOR to make the whole thing even more private, but that may slow things down too much. Again, my family have pretty much all switched to it.
I even use both of these things externally (protected by https, geoip blocking and simple auth)
I have also added a minemeld server for IP blocking and DNS blackholing of malware/spyware/C&C servers etc. This is an excellent Ubuntu based free server put out by Palo Alto networks. I combine this with the existing blocking/blackholing I do with the someonewhocares blocking lists. It really keeps browsing from my home network faster, safer and mostly ad free.
Also hedgewars and teeworlds for mindless family multiplayer action