• @[email protected]
    link
    fedilink
    English
    36 months ago

    One step ahead of you, I’m actively replacing all of my online accounts with self-hosted alternatives. My state passed both porn ID and social media ID laws, and I assume they’ll try to add this to anything with age gates (e.g. streaming sites).

    So I’m moving my stuff to my personal cloud:

    • Jellyfin - I’m going back to buying Blurays and DVDs and adding them to my own streaming service
    • NextCloud/ownCloud - still playing with it, but I got Collabora set up for docs and spreadsheets, at it supports calendar sync as well
    • Vaultwarden - working on switching from the hosted Bitwarden
    • Actual Budget - I switched from Mint -> TillerHQ (hosted at Google Docs), and this is the next step (it integrates with SimpleFIN for bank sync)

    All of this is available both over my self-hosted VPN, and over the internet with certain services exposed over my domain (all use LetsEncrypt certificates). So I can access whatever I want wherever I am. I do offsite backups with Backblaze B2 ($6/month/TB), and I sync important stuff to my phone w/ syncthing.

    It’s a bit of a pain, but there’s no way my state can take any of that away from me. I’ll be adding more services as I find time, and I’ve got a good system now where a new service only takes a few minutes to spin up. Basically, my setup process is:

    1. add subdomain for the service to my DNS - could use a wildcard, but I like control and ability to move things around
    2. add haproxy config at my VPS - just copy/paste like a dozen lines of config
    3. update Caddyfile on my NAS to handle the new service - again, copy like 5 lines
    4. add and configure container in my compose.yml
    5. docker compose up -d (to build the new service) followed by docker compose restart to get Caddy to reload the config

    Caddy fetches the TLS certificates, and docker handles setting up the service. Unless I make a mistake. Since everything is in docker, I don’t need any ports exposed except 80 and 443, which is managed by Caddy.

    I wouldn’t have bothered if Netflix had kept reasonable rates for ad-free watching, but here we are. And now my state is being a pain, so I’ll probably configure my WIFI with a VPN out of state so I don’t have to deal with the stupid ID verification crap.

    • @mightyfoolish
      link
      English
      16 months ago

      This is fantastic. Hopefully, crazy politics will at least have a side effect of all of this self hosted software becoming easier. It’s gotten to the point where companies like Hetzner will maintain nextcloud services for a monthly fee but Caddy is already more intuitive compared to what came before it.

      • @[email protected]
        link
        fedilink
        English
        26 months ago

        Yup. I’m thinking of making a blog series or something about my setup. It’s a little complex, but the individual pieces are pretty simple, so anyone with time and interest could totally replicate it. Mine would focus on Linux, but since everything is in containers, it could easily be replicated on Windows as well.

        Oh, and I’m working from the worst possible setup, I’m behind CGNAT, so I have to go through an outside server to make my internal stuff public. A lot of people can just use their router IP instead, which eliminates the VPN entirely (just port forwards from your router).