Given the repeat questions you can find here on basics, it’s kind of surprising there doesn’t appear to be a commonly shared FAQ, website, or book going over some of the basics.

E.g. ways to safely connect to home servers over the internet while away, when it may be better to spin up services on a VPS instead, etc.

Have I been overlooking some shared text-based resource concerning the subject, or…?

Also fwiw I did look at the sidebar links, and the awesome-sysadmin link has links to sections for blogs/books, but as of writing this, they were empty sections.

  • kostel_thecreed@lemmy.ca
    link
    fedilink
    English
    arrow-up
    13
    ·
    edit-2
    1 year ago

    https://esc.sh/projects/devops-from-scratch/ is a good resource. Most questions you have (that are more specific) are easily searchable on the internet.

    ways to safely connect to home servers over the internet while away

    A couple methods include :

    • Installing Wireguard on the host machine
    • Reverse-proxying with a VPS
    • Cloudflare zero-trust tunnel

    when it may be better to spin up services on a VPS instead

    Most services you probably won’t need a VPS to do, but off the top of my head a couple services which would be better hosted (not saying self-hosting them on your own hardware is bad) would be services which proxy a service. Example SearxNG, Invidious, Proxitok, etc. This is so that traffic can be shared among multiple users, and not linked back to your home IP.

    • ALostInquirer@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      https://esc.sh/projects/devops-from-scratch/ is a good resource. Most questions you have (that are more specific) are easily searchable on the internet.

      Thanks, however while there are some rough notes in the Github link, it looks like this is primarily a series of videos? I was asking for text resources as I prefer those for a variety of reasons, and in this specific case it’s because it’s much easier to copy over any referenced scripts and clearly read commands mentioned.

      • nbailey@lemmy.ca
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        It’s pretty good. I understand and somewhat agree with the concerns about concentrating the web around one company, but tunnels is simply a great product. So convenient for running services behind CGNAT or dynamic IP without good port forwarding options, and it’s just set and forget. If there was an alternative that good I’d use it.

        • jcg@halubilo.social
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          I’ve been using it too, it’s really good and largely transparent. Of course, you can only expose HTTP traffic and you can’t use your own certificates unless you pay (so *.*.domain.tld domains or deeper are a no go on the free plan), but for just normal self hosting it’s the perfect solution.

      • lal309@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        I think for most people it becomes a trade off decision. Do you want to expose ports and potentially open your home to attacks but keep all traffic privately encrypted (if using SSL) and yours? Or do I keep my home unexposed but delegate trust and traffic flow to Cloudflare essentially and potentially allowing them to see my traffic?

        For me it depends on the service. Nothing too sensitive or personal or already publicly available? Then Cloudflare tunnel coupled with Nginx Proxy Manager.

        Highly sensitive and personal? Then do I really need to expose it to the internet? Most of the time it’s no or a VPN can be used to access those resources.

        Something in between? I’d consider forwarding ports and use Nginx Proxy Manager for SSL.

        For some people, exposing or forwarding ports isn’t even an option due to ISPs CGNATs, not allowed, etc. In those cases Cloudflare shines and it’s the most feasible solution.

        My 0.02 cents

        • LazerDickMcCheese@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Hypothetically, let’s say you’ve got a subscription to NordVPN for several months and don’t want to cancel it because you’re super cheap. Also, let’s say (hypothetically) you’re looking into self hosting ALL of your stuff for remote devices when you’re out of town. How would you do it?

          I was converting an old XP computer into a server, but have only done preliminary research.

  • Decronym@lemmy.decronym.xyzB
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    1 year ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    CGNAT Carrier-Grade NAT
    HTTP Hypertext Transfer Protocol, the Web
    IP Internet Protocol
    NAT Network Address Translation
    SSL Secure Sockets Layer, for transparent encryption
    VPN Virtual Private Network

    [Thread #14 for this sub, first seen 9th Aug 2023, 03:45] [FAQ] [Full list] [Contact] [Source code]