Unfortunately not as self hosting is really just an amalgamation of a number of different technologies, concepts, groups of best practices, and there are nine and a half viable ways to do any given thing you’ll want to do. For my day job I manage several public systems that serve millions of requests a day and even I can’t really give you a “One definitive way of doing things”, but I have my preferences.

I think if you wanted a rough plan of what would be the most valuable things to learn in which order it would be

1. Docker, especially persisting your storage and also how its network works. Use containerized services only on your local network at first to get a feel for things, and give yourself the ability to screw things ip without putting yourself in any danger.

2. VPNs and how they work. You can start with a direct stupid simple VPN like WireGuard, or Tailscale if you want a mesh-VPN. This will allow you to reach your services remotely without having to worry too much about security and the micromanagement that can sometimes come with it.

3. Reverse proxies for things you’d like to expose to the public. At this point you want to learn as well about things like server hardening, have a system in place to automate software updates etc. there’s a common misconception that using a reverse proxy is innately much safer than port forwarding directly to your services. It can help by obscuring your home IP, and if you pair it with a WAF of some kind that’ll help you with much of the chaff attacks that get tossed your way, but at the end of the day in both cases you’re exposing the web services on your local network to the internet at large, so you have to understand the risk and reward of doing this.

deleted by creator

Believing that either the Reddit exodus was negligible to that community, or that it was entirely decimated and left to Lenny are both inaccurate opinions. There was a very tangible effect on the selfhosted subreddit specifically when many left for Lemmy, and now both communities both feel like two halves of the same whole. Enough people moved over to lemmy that I truly don’t feel the need to open reddit hardly ever, but I do from time to time. I think lemmy also has a benefit that other fediverse sites like Mastodon don’t, in that Lemmy is not quite as allergic to the concept of discoverability, and the fact that Lemmy is inherently based around communities means that you don’t have to do the Mastodon thing where you spend the first month having to go out and follow a ton of individuals. You can just follow a couple communities and the content flows in.

I switched from SWAG to Caddy. Its config file is much simpler, with many best practice settings being default resulting in each sites being like 3 lines of code. Implementing something like mTLS requires one line per site, just super nice to configure, and you’re not left without a template config for more obscure services.

That being said, SWAG does more than enough and Nginx is a powerful software so you really aren’t missing out on anything but more streamlined config.

Traefik is kind of just like, a nightmare that tries to sell you on it being “self configuring” but it takes some work to get to that point and the “self configuring” requires the same amount of time in a text editor as manually configuring Caddy does. I can see Traefik being powerful if you’re using it with actually clustered k8s and distributed workloads. If that’s not your use case it’s kinda just more work than it’s worth.

StaRSS

For you trekkies out there

I’m sorry to burst your bubble but:

https://dictionary.cambridge.org/us/dictionary/english/whodunit

https://www.dictionary.com/browse/whodunit

https://www.collinsdictionary.com/us/dictionary/english/whodunit#:~:text=(hudʌnɪt ) also whodunnit,[informal]

The mystery in question specifically refers to a crime, usually a murder specifically and who committed it. Hence the “who” in “whodunit”. Thats why they don’t call it a “Whoisit” or “howdoeshe”

It’s not a whodunit because the movie begins with you “knowing” whodunit, and then ends with the twist being actually “no one” dunit. Never at any point in the movie does the viewer wonder “whodunit”, which is literally the only requisite for a movie to be classified as a whodunit.

Two bonus points can be awarded for how bad it is as well. The first being that the answer to who the real villain is, is the only character in the movie who obviously presents from the start as the villain. The whole twist is “You thought the cartoonishly villainous person was an obvious red herring and that we have a much more clever villain in store, but nope. They just actually are the villain”. The second being that the ending monologue posits that Martha is not a killer because “She’s too good of a nurse”, when in reality she’s a horrible nurse with zero attention to detail and her horrible incompetence is the only reason she isn’t the killer.

I can’t think of any other whodunits where the twist is “Like a whodunit, but you aren’t even aware there is a mystery until after it’s solved, and the secret villain of the movie turned out to just be the person we introduced to you as the villain in the first act.”

I liked the second one, the first one I couldn’t stand. It was marketed as a whodunit but it just wasn’t.

As somebody who runs Ubiquity UniFi gear, it’s all flash and very little substance. Its dashboard will dazzle you with charts that either aren’t accurate, aren’t meaningful, or are generally unhelpful. It has a “new” (half a decade old now) and classic interface you can choose between, but neither interface gives you access to every setting you’ll need. I still to this day find myself swapping between them.

If you just need basic devices to make packets go, they do the job. But an average day in the life of a UniFi-enjoyer consists of things like trying to troubleshoot some kind of network issue only to find that the data collected by the devices doesn’t mathematically make sense, so you go to the UniFi forums just to find out it’s a bug that’s existed for years and has never been resolved. And on days like that, I find myself wishing I had something less flashy that would just allow me to see what’s going on with my network, accurately.

It sure does

If you have an iPhone, it’s a pain over Tailscale because Tailscale frequently likes to disconnect for various reasons and this isn’t something Tailscale can fix, it’s something with the way Apple manages background processes.

If you’d like an alternative, you can host your services directly to the internet via a reverse proxy like Caddy or Nginx, and then use mTLS to secure that access with a certificate you load only onto your devices.

Perhaps some kind of teaser that hints at what your strategy is before going into full detail?

There’s nothing wrong with just using a VPS for this. Despite what some mouth-frothing hobbyists will tell you, it’s still well within the realm of self hosting. There’s just no reason or difference for hosting a blog on your UnRAID server vs a VPS.

If you really want to be some kind of purist and only use your own hardware, then you could configure a web server that can reverse proxy on your UnRAID server and forward port 443 in your router to your UnRAID box, but you’d have to change your UnRAID access port to something else. You’d want to keep this web server docker container up to date, and preferably see if you can implement some kind of WAF with it or in front of it. You’d then forward the requests from this web server to your ghost container.

A better idea would be to use a different piece of hardware for this web server reverse proxy, like a raspberry pi or something, and put it on a different subnet in your house. Forward 443 to that, then proxy the connection back to UnRAID, in whatever port you bind the ghost container to. Then you can tighten access that raspberry pi has. Or hell, host the blog on that hardware as well and don’t allow any traffic to your main LAN.

There are half a dozen better ways to do this, but they all require you to rely on a third party service to some extent.

The three main characters in this poster are all from Marvel movies.

Evidently not.

Yes this. So many people don’t know that in all 50 states it actually becomes illegal to have fun after your 25th birthday.

You might want to actually look into the history of global trade sometime.

Getting all the functionality of Pihole into Unbound would be a good deal more than “a little work” lol. And for no real practical reason when all you’re trying to do is set up secure DNS with some ad blocking on your network. And this is coming from a professional who wouldn’t have to “learn” anything to do it. If it was really that little work, Pihole + Unbound wouldn’t be the go-to solutions for so many people.

That’s probably more of a function of our switch from consumption taxes to income tax.

This politician isn’t American either, this is in Sydney