[HN Gopher] I wish my web server were in the corner of my room
___________________________________________________________________
I wish my web server were in the corner of my room
Author : flobosg
Score : 340 points
Date : 2022-10-11 17:04 UTC (5 hours ago)
(HTM) web link (interconnected.org)
(TXT) w3m dump (interconnected.org)
| hiidrew wrote:
| This is one of my favorite blogs that I read consistently. Some
| of my favorites:
|
| Micromorts: units to measure risk of death--
| https://interconnected.org/home/2020/09/01/microcovids
|
| First words--
| https://interconnected.org/home/2020/10/12/first_words
|
| State sponsored fashion--
| https://interconnected.org/home/2022/08/16/fashion
|
| Speaking with dolphains--
| https://interconnected.org/home/2020/07/20/dolphins
|
| Bottling the overview effect--
| https://interconnected.org/home/2021/07/20/overview_effect
| ianbutler wrote:
| I have a full server rack in the corner of my apartment. I'm
| doing a rebuild right now, but I've had that rack for the last 7
| years. It's definitely possible.
| suzzer99 wrote:
| I worked for a major satellite TV provider. In the early days the
| website was just information and directions to the nearest
| installers - no bill pay or buy flows. The website ran from under
| the boss' desk.
| mro_name wrote:
| wonderful. That spirit is what we aim for at our youth centre
| http://jugendhacktlab.qdrei.info/. Raspis all the way down.
| torpid wrote:
| I have the same feelings. When I ran a single-line BBS from my
| bedroom as a kid, I would get excited every time someone would
| dial in and I'd see activity.
| _osorin_ wrote:
| The optimal setup (I can think of) that I'm planning to do is to
| separate a Raspberry Pi on a VLAN and combine it with a cheap
| hosted reverse proxy from a third party. The reverse proxy part
| might be a luxury but it's just in case you don't want to expose
| your home network.
| dusted wrote:
| Mine still is. I wish my mailserver still was, it was for more
| than 20 years.. but these days, getting to send mail out onto the
| net from a normal internet connection is pretty much impossible.
| Self-hosting is dead.
| the-printer wrote:
| The comments seem to be in conflict with the content of the blog
| post. The author seems to be lamenting what is feasible more or
| less, but seems uninterested in putting in the extra effort to
| keep up or anticipate the expectations or demands of the modern
| web. It almost as if his nostalgia is at war with whatever tastes
| he has acquired technologically since his college days. Maybe he
| can compromise by caring less about the demands or expectations
| about the modern web.
| superkuh wrote:
| Mine is. It has been for 20+ years. It works great. As others
| have said, POSSE. A repository webserver (nginx) serving static
| files is incomparibly less of a security risk, than say, running
| a modern web browser with javascript enabled. But if you go
| .php/whatever yeah, that's risky.
| amelius wrote:
| Is it scalable and how do you deal with the noise and
| cooling/power requirements?
| kixiQu wrote:
| Isn't it kind of explicitly about _not_ being scalable?
| louwrentius wrote:
| If those are your requirements for the websites you host, the
| point of this article is not relevant for you in that context.
| ocdtrekkie wrote:
| I find an Intel NUC is more than capable of good selfhosting,
| and is nearly silent and uses very little power.
| camtarn wrote:
| From experience, if you're a heavy-sleeping teenager like I
| used to be, the noise is less of an issue ;) I don't think I
| could cope with the sound of two fans and three HDs spinning
| nowadays, but back then it was a tiny price to pay for the
| coolness of having a real server in my bedroom.
|
| Nowadays I just run an RPi3, which is silent and takes very
| little power.
| rr888 wrote:
| Anyone have a simple idiot proof way to make sure a hacked
| webserver can't hit your internal network? I have two routers
| (effectively a DMZ) but there must be a better way than two
| levels of NAT.
| upofadown wrote:
| I have the router for the internal network (a Linux box) do a
| bridge. So it is all the same network and no extra NATing is
| required. That router blocks connections into the internal
| network.
| louwrentius wrote:
| That DMZ is fine already, assuming they can't start hacking
| your routers.
|
| What you ideally want is network segmentation, use VLANS and
| put devices in their isolated network, only allowed to talk to
| the router/firewall, which only allows incomming traffic and
| doesn't allow the web server to initiate connections to the
| internet, except for NTP, software updates and DNS (fixed ips).
| rr888 wrote:
| Yeah I actually had a Ubiquiti Edgerouter doing this but I
| was never confident enough it was set up properly, hence the
| other solution.
| 0xbadcafebee wrote:
| Sounds like the people visiting the website are reduced to a form
| of entertainment for the author, like a reverse-zoo, where the
| animals are watching the people that come visit.
|
| I imagine an evolved version of this, where the computer speaks
| the location of every visitor, their OS, browser, etc. Maybe tied
| into an Ad Network you could get the visitor's name and address
| spoken aloud, maybe even their picture. Voyeuristically watching
| the people coming to your website, from your bedroom. Hmm, that
| one was cute, let's send them a message.
| jstanley wrote:
| Interestingly, the background colour of this site seems to change
| over time very subtly, and it's done by CSS with no JavaScript:
| The "changingbg" parts in
| https://interconnected.org/home/static/styles/interconnected...
| _dain_ wrote:
| it screws up my darkmode extension i tell you hwat
| MH15 wrote:
| In college we'd run a Plex/backups/Minecraft server in an old HP
| box on the floor. It survived a very hostile environment and was
| very educational to work with.
| kornhole wrote:
| Need to mention here that yunohost.org is a great easy solution
| for your RPI or any other hardware or VPS. It is maintained by a
| great community that takes care of most of the essentials and
| provides a great webUI for installation and maintenance. Some of
| the built in features: Domain management with NGINX reverse proxy
| and Lets Encrypt certs. Fail2Ban brute force protection. Easy
| install and upgrade of many free server apps. I love looking over
| at my little RPI in the corner serving my friends and family.
| H1Supreme wrote:
| I run a webserver (a k3s cluster, actually) from home, but
| considering how generous the free tiers of cloud providers are
| (Google Cloud in my case), why waste your home internet bandwidth
| for a personal site?
|
| In terms of my home server, I mostly point subdomains at it to
| test projects running on my laptop (via an nginx proxy_pass), or
| share photos/music with friends. I used to use it a lot more when
| I why working away from home.
|
| Outside of web facing uses, it's nice to have a central place to
| store and retrieve files from multiple devices. I'm using a an
| older i5 Intel NUC, and it works great.
| ThePowerOfFuet wrote:
| > considering how generous the free tiers of cloud providers
| are (Google Cloud in my case), why waste your home internet
| bandwidth for a personal site?
|
| Because arbitrary ToS "violations" are a thing, and good luck
| getting that fixed with them.
| MarioMan wrote:
| In the case of static sites, it can be as simple as copying
| the latest version to a new server and updating your DNS
| records. I would try to avoid lock-in not only for the
| reasons you stated but also to be able to freely shop around
| for better options at any point.
| nixpulvis wrote:
| Funny, I just spun back up my kaaik.local the other night.
|
| Still working through some things, but everything basically works
| the way it should. Firewalls might not be a bad idea to update
| though.
| robust-cactus wrote:
| At this point I now host my small projects (less than 10k users)
| exclusively on boxes in the corner of my room ha.
|
| AWS and heroku are quite expensive for small projects and
| performance isn't great. Dynamic IP is not a problem these days
| either (it's also quite surprising how infrequently your IP
| changes fwiw).
|
| If you're looking for heroku like interfaces check out Dokku (or
| other open source PaaS platforms).
|
| After this tier of usage I think I'd consider moving many things
| to cloudflare workers.
| FpUser wrote:
| I have 1gbps symmetric fiber with static IP so I run some of my
| backends from home. Works fine for years.
| barelysapient wrote:
| Ditto. No complaints.
| aidenn0 wrote:
| The upstream on my cable modem is about 1/6th what my college
| dorm-room[1] upstream was, and I'm not sharing it with 1000s of
| other people.
|
| 1: It was two T3 lines, but only half of the second line was
| provisioned, so ~67MBps vs today's 12MBps.
| rstat1 wrote:
| I've done this for 10+yrs. Started with a single core Intel Atom
| powered netbook when those were still a thing, then moved to a
| quad core Atom desktop, to now where I have a 2nd Gen Core i3
| desktop that will soon be combined with a similarly old 2nd gen
| i5 laptop. Runs half-a-dozen VMs, and like 10 or so different
| services, probably half of which are custom. At one point when I
| was still in school it even had a 5 person heavily modded
| Minecraft server (barely) running on it.
|
| I'm basically the only user now. Its been a great learning tool.
|
| Public access used to be through exposing the proper ports to the
| Internet, but now its through a Cloudflare tunnel and Tailscale.
| anderspitman wrote:
| > So... practically: how to achieve this in 2022?
|
| I'll paraphrase myself from a few days ago[0]:
|
| The reality is that we've let you down. Self-hosting shouldn't be
| any more complicated or less secure than installing an app on
| your phone. You shouldn't need to understand DNS, TLS, NAT, HTTP,
| TCP, UDP, etc, etc. Domain names shouldn't be any more difficult
| to buy or use than phone numbers. Apps should be sandboxed in
| KVM/WHPX/HVP-accelerated virtual machines that run on Windows,
| Mac, and Linux and are secure-by-default. Tunneling out to the
| public internet should be a quick OAuth flow that lets you
| connect a given app to a specific subdomain, with TLS certs
| automatically obtained from Let's Encrypt and stored locally for
| end-to-end encryption.
|
| The technology exists to do all of these things, but no one has
| taken the time to glue it all together in a truly good UX (we're
| working on it). Pretty much every solution in this space is
| targeted at the developer market, not self-hosters.
|
| [0]: https://news.ycombinator.com/item?id=33098471
| sneak wrote:
| Almost no individual user has an internet connection that
| allows self-hosting.
| Havoc wrote:
| That's either one hell of a generalization or a USA specific
| thing. There are definitely some ISPs that don't prohibit it
| and even give you the tools for it - static IP, unlimited
| gigabit upload.
|
| I doubt mine would say anything even if I pushed 100TB a
| month through it. All their congestion issues are on download
| side thanks to residential traffic being mosty download
| (netflix etc).
| redavni wrote:
| Realistically, anyone with an IP connection already self
| hosts a wide assortment of IP packets. As long as it isn't
| commercial or abusive, they are never going to know or care.
| sneak wrote:
| This is false. I got nastygrams from my residential ISP in
| the US accusing me of running servers because I rsynced 3TB
| of photos offsite as a backup.
|
| It was not a server, not commercial, and not abusive. I was
| threatened with disconnection.
| anderspitman wrote:
| Wow, that seems pretty extreme. What's your ISP?
| sneak wrote:
| Cox. I also pay extra each month for unlimited data
| transfer.
| dont__panic wrote:
| What did you do to deal with those nastygrams? I'd
| probably try to feign ignorance, blame it on a computer
| virus or something, and avoid that kind of massive
| transfer in the future. I run my own server from home so
| I'm curious if I could get away with that, or if I should
| consider alternative solutions.
| sneak wrote:
| 3TB is not massive. I know professionals who shoot that
| much in a year; this was all my digital photos from
| 1997-2021.
| anderspitman wrote:
| Are you referring to reachability or bandwidth? Reachability
| is solved by tunneling[0] and SNI routing. 1Mbps upload is
| plenty for many self-hosting uses. Or are you talking about
| something else?
|
| [0]: https://github.com/anderspitman/awesome-tunneling
| Rebelgecko wrote:
| Probably TOS. My ISP provider technically bans running any
| type of server, but it hasn't been an issue for me.
| anderspitman wrote:
| Ah that makes more sense. Also very sad. Hopefully as
| fiber becomes more prevalent that will become less
| common.
| ulimn wrote:
| Out of curiosity, if I may ask: where do you live?
|
| (Because I've never heard of such a thing.)
| arealaccount wrote:
| ISPs used to block port 80 and 443 but it seems they've
| relaxed that restriction for quite some time now. Maybe it's
| regional.
| sneak wrote:
| Cox in Nevada just started blocking port 80 during the last
| year or two.
| icedchai wrote:
| I've had one at home for over 25 years. (Currently, I have to
| pay extra for a business cable connection, however!)
| mechanical_bear wrote:
| I'm on comcast and self host. -\\_(tsu)_/-
| TrevorJ wrote:
| You mentioned phones, which reminds me how much I wish there
| was a nice toolchain that would allow for hosting a webserver
| or maybe a federated social network of some sort on old android
| hardware. There are millions of old smartphones sitting in junk
| drawers and it's a shame they can't be put to good use.
| anderspitman wrote:
| I've done some work on this. Android is a very toxic
| environment for this sort of thing, primarily due to
| draconian filesystem permissions and aggressive killing of
| services. It's all in the name of security and battery life,
| but I wish there were an easy way to turn that all off for
| selfhosting.
|
| I've also seen people mention that apparently the flash
| memory doesn't do well with server type workloads, but a lot
| of that could probably be mitigated with logging to RAM,
| using a CDN, etc.
| _carbyau_ wrote:
| What I want:
|
| 1. GP quote: "Domain names shouldn't be any more difficult to
| buy or use than phone numbers."
|
| 2. Your quote: "federated social network of some sort on old
| android hardware."
|
| Put 1 and 2 together.
|
| The only reason Facebook exists is as a middleman between
| people trying to pass messages to each other.
|
| If people could easily find each other and run trusted non-
| proprietary software: A. there'd be no ads B. all comms are
| direct so government agencies couldn't simply compel access
| from a single source
| sitzkrieg wrote:
| its a lot easier to buy domains than phone numbers sadly
| anderspitman wrote:
| Technically true, but you have to create an account with a
| company that is targeted at very technical customers. And
| using them requires understanding DNS, which is an insane
| prerequisite. We need a consumer domain registrar.
| WanderPanda wrote:
| I just saw that icloud.com has a domain registrar built in
| (for receiving emails) I would say that is as "consumer" as
| it gets, no?
| anderspitman wrote:
| That's good, but should every service have to implement
| their own registrar? We don't all have the resources of
| Apple. Plus, what if you want to host other services on
| subdomains? Even if you can manually set DNS records, you
| shouldn't have to. I should be able to use the registrar
| of my choice, and icloud should use an OAuth flow for me
| to approve them having control over a subdomain, and they
| make changes via a standardized protocol.
|
| There's some previous work in this space and I've also
| dabbled myself[0].
|
| [0]: https://takingnames.io/blog/introducing-takingnames-
| io
| Melatonic wrote:
| I would not be too hard to use a Cloudflare Tunnel (free) or
| NoIP or similar. Really depends on what you want to host
| exactly though.
| anderspitman wrote:
| Cloudflare Tunnel solves part of the problem, but not nearly
| all of it. Plus it's targeted towards developers and operates
| as a loss-leader product.
|
| But I think a company that's similar in a lot of technical
| ways to Cloudflare but targeted towards self-hosters instead
| of developers could be successful.
| ocdtrekkie wrote:
| Sandstorm.io glued this all together in 2014 and it's still
| available today. https://sandstorm.io
| anderspitman wrote:
| Sandstorm is awesome, and still way too hard for my dad to
| use.
| lucb1e wrote:
| Speaking as someone who hosts multiple websites, email, etc. in
| the corner of a room
|
| > [it should] be reliable if I kick a cable out of the wall
|
| Right, if you want it to be reliable but also be able to cut its
| cables, then you will need a secondary host outside the home.
|
| > or in the unlikely event that I get a bunch of traffic.
|
| Are you serving media (music or video of more than a few
| seconds)? If not: DSL or mobile data (if your data cap allows) is
| fine for HN front page. Judging by the current page weighing
| 100KB, you can have 10 visitors _every second_ at 1 MiB /s
| upload. (HN reaches that rate only in spikes, even at a top three
| position.)
|
| > I'd also like it to be quick!
|
| It's currently not quick at DigitalOcean (2 seconds for TLS
| setup, 12 seconds for HTML, 8 seconds for JavaScript, etc... 27
| seconds total). It can only get better!
|
| I can recommend something beefier than a raspberry pi, though, or
| at least than than the pi 1-3 speeds that I'm used to. I
| personally use an old laptop which is plenty fast for, well,
| anything you'd also ask of a daily driver, except it now doesn't
| need to render a GUI which speeds things up a lot. They can peak
| up to 100W depending on the model, but are usually very low power
| when nothing is being asked of them.
|
| > Oh, and I don't want to have my home network hacked.
|
| Then install unattended-upgrades, put admin panels (phpmyadmin,
| wp-admin) behind basic authentication, don't host things you
| don't trust (random code written by 'someone on the internet'
| that has never been tested by anyone), put it in a VLAN if you
| want to be extra cautious, and you'll be fine. It never hurts to
| keep your phone and other systems on the LAN up-to-date anyhow so
| they should be secure as well, even if someone does get in.
| shadowgovt wrote:
| How did you solve the problem of getting a stable mapping from
| DNS name to IP address?
|
| For me, that's the big challenge; all I have is home internet
| on a dynamic IP provided by one of the big cable monopolies in
| the US.
| wtf_is_this wrote:
| I didn't see this as an answer, but use Tor (: It has the
| side benefit that it's harder to discover your service(s) on
| the wider Internet.
| hugey010 wrote:
| I'd call your ISP, because mine is not small and offers
| "business" class service which costs the same as residential,
| reserves a static ip, and slightly boosts uplink speeds.
| lostlogin wrote:
| What does a static IP cost over there? It was a US$7.50 one
| off charge here in New Zealand.
| [deleted]
| lucb1e wrote:
| My ISP simply gives everyone a static IP by default.
|
| I know of only one ISP in the Netherlands that uses CGNAT and
| there you can ask support to fix it, which takes them 24
| hours. I learned that the hard way when wanting to have a
| gaming night, hosting a factorio server in my student room.
| No gaming night for me, or so the ISP thought while rubbing
| their hands. It took me a bit but I eventually managed to
| proxy the UDP traffic somehow, not sure anymore if I used
| hole punching or somehow encapsulated it in TCP and reverse
| SSH tunneled or something. (Edit: on second thought, pretty
| sure I asked the other participants if they had IPv6 -- they
| did not -- and then proxied the traffic from my server via
| IPv6 using iptables. /edit)
|
| We are quite fortunate with having had an early ISP community
| that managed to gobble up all the IP addresses we'd need for
| a good long while, and our population is relatively stable
| compared to other parts of the world. I know not everyone is
| this fortunate. (Hello ipv6...)
|
| Even in a place like Germany, it seems one needs to be a
| business connection to get this service, it's simply not
| offered for consumers at all that I could find in some town
| in NRW. This is why I'm so happy the Netherlands has ISPs
| like Freedom (successor of XS4ALL) and Tweak who not only
| care about being cheap. Even if you don't use Tweak or
| Freedom, I feel like it keeps the local competition sharp.
| quest88 wrote:
| ddns tools like noip.
| rodgerd wrote:
| I guess this depends, but most ISPs where I live will do a
| static IPv4 for residential. Mine also does a /56 IPv6
| allocation if you ask.
| HuwFulcher wrote:
| You can use something like dynamic dns updaters[0]. They run
| on the box and when they detect that your ISP has changed
| your IP will update the DNS records accordingly.
|
| [0] https://github.com/timothymiller/cloudflare-ddns
| zrail wrote:
| Dynamic DNS has been a thing since the first dotcom boom.
| Your router probably already supports at least one service.
| mdorazio wrote:
| Most ISPs offer a static IP address as an add-on or higher-
| cost service. Might vary depending on where you live, though.
| toast0 wrote:
| There are free dynamic dns services available. dns.he.net is
| one.
|
| Try not to worry too much about what happens when your IP is
| reassigned before you can update the name.
| Gigachad wrote:
| You can rig up your own dynamic dns pretty easy. Most dns
| services have some simple api you can use so usually it's
| just a curl line in your cron tab to run every minute.
| sally_glance wrote:
| If you're lucky and your ISP supports dynamic DNS updates:
| Get a router/gateway capable of running OpenWRT
| (alternatively some routers might support this natively, or
| you could setup an old PC for routing), use the appropriate
| client and set it up to adjust the DNS record [0].
|
| [0] https://openwrt.org/docs/guide-user/services/ddns/client
| jvolkman wrote:
| Dynamic DNS as others have mentioned. Or, many ISPs will
| provide static IPs for an additional cost, but you may need
| to switch to their business service.
| pak9rabid wrote:
| Personally, I host my DNS with dyn.org, and use something
| like ddclient (which runs on my Linux firewall/router) to
| update my DNS records with Dyn in the rare event it changes.
| I've never had issues with it.
| belval wrote:
| Here are several things that you can do (from more to less
| affordable):
|
| - Setup public IP updating. You server runs a daemon that
| updates the DNS record automatically. You can do that with
| NameCheap. ($)
|
| - You can pay 5$ to have a digital ocean droplet that acts as
| a reverse proxy that just forwards traffic to your real
| server. ($$)
|
| - You can pay for "entreprise" service and get a static IP.
| ($$$)
| graton wrote:
| One option would be to use Cloudflare Tunnel [1]
|
| You would run a program on your system which connects to
| Cloudflare. The traffic goes to Cloudflare first, and then
| gets forwarded to your system.
|
| [1] https://blog.cloudflare.com/tunnel-for-everyone/
| anony23 wrote:
| I like ngrok
| airstrike wrote:
| Once upon a time I ran a local Shoutcast radio server on
| Winamp 2 and used no-ip.org to configure a DNS name
| dynamically
| daledavies wrote:
| I have a cron job that updates my domain's records at
| digitalocean every hour via their API. But in practice my ISP
| only actually seems to issue a new IP if I restart my router.
| Haegin wrote:
| To solve the redundancy problem I wonder if running something
| like Hashicorp's Nomad on a few raspberry pis split across some
| friends houses could work nicely. Each site gets hosted at
| multiple houses for redundancy but no one person needs multiple
| devices.
| pak9rabid wrote:
| I second the isolated VLAN approach. I host all my public-
| facing sites in a VLAN specifically made for that, which grants
| no access to anything private.
| bonestamp2 wrote:
| I third. I've got our computers and phones on one VLAN,
| everything else is on a separate VLAN (streaming boxes,
| cameras and other smart home crap, guest devices, etc).
| iso1631 wrote:
| > I personally use an old laptop which is plenty fast
|
| If connected on wifi to your router this of course solves the
| "kick a cable out" problem too, even if the battery is really
| old you'll almost certainly still have a few minutes.
|
| > Then install unattended-upgrades, put admin panels
| (phpmyadmin, wp-admin) behind basic authentication
|
| I'd go as far as protecting the directory to only allow access
| from local network, and use wireguard to reach the machine.
|
| It's likely a server in the corner of the room will cost more
| than a VPS, certainly in my country. A server drawing 25 Watts
| cost more than the $3/month I pay. (That said I also have a
| pihole running on a 1B - my parasitic house load is about 100W
| for the fridge, router, wifi, etc)
| lucb1e wrote:
| > even if the battery is really old you'll almost certainly
| still have a few minutes
|
| Very true! Battery from like 2015 still manages to keep it
| running for about two hours I think, which is frankly
| amazing. I was constantly dealing with taking the battery out
| of the laptop when not in use (98% of the time, it was
| connected to a charger, either in a classroom or at home, so
| I'd need only to bridge the stand-by/suspend/sleep period in
| the train). At the time, it didn't seem to have an effect as
| the battery still decreased in capacity and I was
| disappointed with the results, but I gotta say, it is
| certainly doing a good job since then!
|
| Unfortunately, external drives on the 'server' are not on
| uninterruptible power and having two of them in a btrfs
| mirror caused me more headaches than I like to admit. Even
| after I figured out which one had the more recent data after
| going out of sync, I misunderstood the phrasing of the man
| page and mixed up the arguments for the device to be
| recovered and the device to recover from. 2/7 would not
| recommend btrfs on devices without UPS, or if you don't want
| to shell out the money to buy three instead of two large
| drives so you can have a 1:1 disk image of the known good
| device before starting to operate on it (which is what btrfs
| was supposed to do in the first place, but alas).
|
| > A server drawing 25 Watts costs more than the $3/month I
| pay.
|
| With the screen and keyboard backlight and such turned off,
| it should draw less than 25W unless you're actively making
| use of it (and thus it being worth it), but yes that's
| ballpark correct.
|
| I also get a lot more value out of it than what I expect to
| get for $3/month, though :). LAN speed transfers can be nice,
| no network latency (at least not beyond of your control) when
| you host a game server, access control is all up to you,
| dedicated hardware, you can choose to upgrade to 16GB RAM at
| will (perhaps you got a new DDR4 machine and have no use for
| the old DDR3 RAM that still fits in this 'server') without
| having to pay extra every month for those gigabytes forever,
| buying storage basically at cost price...
| LeifCarrotson wrote:
| > I'd go as far as protecting the directory to only allow
| access from local network, and use wireguard to reach the
| machine.
|
| Or, you know, only allow access from the attached hardware
| and reach the machine the old-fashioned way: By walking.
|
| Regarding costs, it's useful to know the cost of a watt: For
| my electric rates, the equation runs:
| $0.11/Watt-month = $0.162/kWh x 730 hours/month / 1000
| kilowatts/watt
|
| So at least in my area the 25W server would not quite cost
| more than $3/month.
| makapuf wrote:
| I _roughly_ equate 1W ~ 1$ / year, a bit more now.
| lucb1e wrote:
| I thought I had made a mistake when I calculated the cost
| of 100W incandescent lighting to be the awfully
| coincidental number of almost exactly 100EUR/year.
| Finding this to be correct was quite the revelation:
| makes estimating the cost of _anything_ in the house so
| easy because I already knew the wattages :)
|
| (The landlord had installed these sensor-activated
| ancient bulbs in the hallway, where I pass through to to
| the cellar / power meter, and I was trying to track down
| this mysterious 100W that seemed to be always running,
| without fail. Turns out, it was only running when I was
| checking the meter! We then did the math with a better
| runtime estimate and still went out to buy LED bulbs at
| our earliest convenience. They're brighter than before
| (we erred on the high side), just as warm light, and use
| 2.5x less power.)
| parminya wrote:
| No matter how common it is, I never know what "2.5x less
| than some reference number" means. Is it "divide the
| reference number by 2.5"?
| Melatonic wrote:
| Old laptop at your own place + second old laptop at a home
| lived in by family or friend would probably work great for
| this.
|
| Hell now I want to try this with two old but decent android
| phones - they would sip power and have a built in UPS and would
| blow a RPI out of the water speed wise. Throw a USB-C to
| Ethernet adapter on each and setup for HA (or if you were
| really lazy just a simple round robin DNS setup). Put one at a
| friend house and have them both setup with the free Cloudflare
| proxy thing and you would not even need to open any ports on
| your firewall.
| adhoc_slime wrote:
| Pretty much! As engineers we all sweat sleepless nights mulling
| over five 9's and we conflate these valid business needs with
| our hobbies and personal art/projects.
|
| It doesn't have to be this way! Put it on a pi and have fun, if
| not for your sanity at the very least do it for your second
| most valuable resource, your time. If all a person wants to do
| is have a website that plays a piezo buzzer when someone visits
| on your RPi, just write that damned code, they shouldn't feel
| the need to worry about all the nitty gritty when all that they
| wanted to do is have fun!
| marginalia_nu wrote:
| 89.9999% has five nines too, just sayin' ;-)
| BizarroLand wrote:
| 0.99999% as well
| NaturalPhallacy wrote:
| ~3.65 days of a year. I suspect a lot of small projects
| nail this.
| ajsnigrutin wrote:
| I was just about to write that "today" is the best time to run
| servers in your room, due to raspberrpis and low power usage...
| then I remembered that it's practically impossible to buy one,
| and that the media is already preparing us (here in the EU) for
| power restrictions.. so yeah.. :/
| yrgulation wrote:
| Sorry i have to comment on this cheezy as it may sound.
|
| Dont give into the fear. See if there are alternative power
| sources you can play with for your raspberry pi and see if
| there are creative ways to buy them (used, other countries,
| etc).
|
| Re power sources, what can you do with a solar powere battery?
| Is there a diy system of power you can build? One that takes in
| mainline power when available, and solar or battery when not?
| talking about small hobby panels that can charge a battery
| during the day and discharge at night. I used power banks for
| that purpose.
|
| In this context if my life style is under threat i want to life
| style even harder. I sold a car and instead of buying a
| replacement i will install solar panels. I know its a fortunate
| case but even if i can life style a little bit harder and lay
| less in energy then i will do so (not waste energy but say if
| it gets cut because of actions if a certain dictator then i can
| still plug my phone in to criticise said dictator ... even
| harder).
|
| tl;dr; i'd look for creative solutions just so i can stick my
| two fingers up to the current situation.
| sneak wrote:
| Running servers on home connections can get your broadband
| disconnected now for ToS violation.
|
| Cox now blocks port 80, making LE certs harder to get.
|
| The monopoly situation (enabled by regulators) means if you lose
| your connection you are probably offline completely. There are no
| alternatives or competition.
|
| Even if you tunnel/VPN, uploading too much, even on a pay-extra
| "unlimited" plan, they will accuse you of running a server and
| threaten disconnection. This happened to me when I rsynced a few
| TB of photos offsite for backup.
| VincentEvans wrote:
| Perhaps a good opportunity to ask - for a long while now I've
| been hoping that some manufacturer took on a task of producing a
| good server suitable for this / homelab purpose? Something that
| allows a ton of ram (512gb at least?) to run VMs, middle of the
| road cpu with a ton of cores but energy-heat-noise friendly
| frequency, ssd, and all in a tiny, quiet, and attractive shell
| the size of a router that sits on a bookshelf? One can dream. But
| point me kindly to something that isn't a rack mount pizzabox
| that sounds like a jet?
| mitjam wrote:
| SuperMicro has Xeon-D 1700/2700 boards and matching Mini tower
| cases for up to 20 Cores, 512 GB ECC RAM and redundant 25 or 10
| gbe and 1gbe ports on board - Not cheap, though:
| https://www.supermicro.com/en/products/embedded/servers the
| prebuilt servers have smaller cases with noisy small fans but
| you can combine some boards with the mini tower with larger
| fan.
| anderspitman wrote:
| Maybe take a look at https://privaterouter.com/ and
| https://kubesail.com.
| numpad0 wrote:
| Do you really need more than ... 128GB of RAM? Most desktops
| can do 64GB, some ITX and most ATX board can be populated for
| 128GB, beyond that require server platforms with >2 DIMM
| channels or LR/RDIMM.
|
| Most people should be fine with an office mini-desktop like
| ThinkCenter Tiny line, sketchy(sorry!) Docker features on a NAS
| kit, or even an Amazonian Celeron mystery boxes.
| throwaway22032 wrote:
| Mine is and has been for a few decades. Different machines, but
| yeah.
|
| I run it behind a cheapo VPS for geolocation reasons.
| naillo wrote:
| It's interesting how people used to do this back in ~2005 but now
| don't, however nowdays computers are much much faster and
| stronger than they were in 2005 so it aught to have become _more_
| feasible since a normal laptop should be akin to a small cluster
| back in those days.
| jonas21 wrote:
| It's also easier and faster to make your own butter today than
| it was 100 years ago, but most people don't because it's even
| easier to just buy some at the store.
| dylan604 wrote:
| oh, but that handmade butter tastes soooooo much better!
| LtWorf wrote:
| I still do it, but for private non indexed stuff.
| adrian_b wrote:
| Not all have given up.
|
| I have a web server in the corner of my room since the
| beginning of 2004.
|
| Besides being a firewall/router/switch and hosting a web
| server, it hosts more than a dozen other services, including an
| e-mail server, NTP server, DNS servers, DHCP & TFTP servers,
| etc.
|
| In 18 years it did not have any down time, except for a few
| minutes every 3 to 5 years, when I have upgraded the hardware.
|
| I could have upgraded the hardware less frequently, but I have
| replaced it whenever I could reduce the power consumption
| without decreasing the performance.
|
| Now it is at the 6th hardware version. It has started as a big
| Pentium 4 pedestal server consuming over 200 W, but until now
| it has been reduced to an Intel NUC with a 4.5 GHz 4-core
| Coffee Lake U CPU, together with 4 USB to Ethernet adapters
| used to increase the number of Ethernet ports to 5, consuming
| not much above 10 W, while being much faster than the oldest
| servers.
|
| A laptop has the advantage of incorporating an UPS, but I would
| not trust most of them with working 24/7 for years, like an
| Intel NUC, or preferably some fanless small computer (with an
| external UPS).
| dylan604 wrote:
| >In 18 years it did not have any down time, except for a few
| minutes every 3 to 5 years, when I have upgraded the
| hardware.
|
| I wish I had that reliable of a power source. Even with a
| UPS, I've had tornados, snowpocalypse, etc where the power
| loss has lasted longer than any UPS I have.
| jonas21 wrote:
| I'm more impressed by the internet connection. Mine is down
| for at least a few minutes _every week_. And that 's only
| counting when I'm at home to notice it.
| adrian_b wrote:
| Though I am an individual user, I have paid since the
| beginning for a "business" internet connection, in order
| to obtain some (8) static public IPv4 addresses.
|
| It has cost me about $60 per month, which is
| significantly more than non-business connections of
| similar speed (currently around 400 Mb/s) cost around
| here.
|
| Paying for a business connection has been the main
| expense for having my own e-mail and web server. Except
| for the first server, all the later upgrades have been
| done by reusing computers that had been originally bought
| and used for other purposes. With the quickly declining
| power consumption of the newer servers, the cost of the
| electrical energy has become negligible.
|
| A Raspberry Pi is not a good choice for a firewall/router
| and/or Web server, but there are small computers similar
| in size and price, e.g. NanoPi R5S (fanless and with 3
| Ethernet ports, including two of 2.5 Gb/s for LAN and one
| of 1 Gb/s for WAN; 2 USB ports can be used to increase
| the number of Ethernet ports to 5), which should be good
| enough for most people.
| adrian_b wrote:
| I have power interruptions from time to time, but
| fortunately they are not long.
|
| Now, with only an Intel NUC connected to an UPS that could
| power a big server for a half hour, the NUC might work for
| a day from the UPS without having to shut down.
|
| Where I live, the "snowpocalypses", which were frequent
| when I was a child, have disappeared completely. On the
| other hand, tornadoes, which were completely unknown
| previously, have started to appear, so they might become a
| cause of problems in the future.
| [deleted]
| ourmandave wrote:
| I recently had mine in my bedroom corner along with all the
| network gear.
|
| With all the leds and flashing lights I couldn't sleep.
| eduction wrote:
| Mine is in the corner of the room I'm in right now. It's a little
| NUC under an armchair. I have a tiny ec2 instance which provides
| my permanent IP and forwards web and certain ssh requests using a
| VPN connection and iptables. This allows me to have a beefier
| machine here, keep logs etc local, run alternative OS (smartos),
| and just generally tinker.
|
| The ec2 fronting technique I stole from the Helm home email
| appliance/service. Paying three years up front it worked out to
| less than $3/month.
| picture wrote:
| Would you happen to have time to provide some more details
| about using EC2 to get permanent IP? I've been thinking of
| using wireguard to connect an old PC to my VPS to run video
| game servers, so this is very interesting to me!
| eduction wrote:
| Happy to help although it was ~3 years ago I set this up and
| it uses openVPN as I have not switched over to Wireguard yet
| (been meaning to).
|
| I do recall that setting up port forwarding and NAT and both
| sides was the biggest pain (I do not regularly do network
| admin!), exacerbated by the fact that the client side is
| smartOS which uses a different system (ipfilter) than linux
| (iptables) so there were two cryptic network filtering DSLs
| to learn. The VPN part was relatively easy as it's just a
| point to point connection with the local machine as the
| client, configured to reconnect when the connection is lost
| and on boot.
|
| On the ec2 side this is (approximately) my iptables setup
| (1234 and 5678 are stand-ins for ports I use to ssh into the
| local machine from anywhere on the internet, I have two
| because there are multiple (smartOS/Solaris) zones on the
| machine): sudo iptables -L Chain INPUT
| (policy ACCEPT) target prot opt source
| destination ACCEPT tcp -- anywhere
| anywhere tcp dpt:http ACCEPT tcp --
| anywhere anywhere tcp dpt:https
| ACCEPT tcp -- anywhere anywhere
| tcp dpt:1234 ACCEPT tcp -- anywhere
| anywhere tcp dpt:5678 Chain FORWARD
| (policy ACCEPT) target prot opt source
| destination ACCEPT tcp -- anywhere
| ip-10-4-0-2.ec2.internal tcp dpt:http ACCEPT tcp
| -- anywhere ip-10-4-0-2.ec2.internal tcp
| dpt:https ACCEPT tcp -- anywhere
| ip-10-4-0-2.ec2.internal tcp dpt:1234 ACCEPT tcp
| -- anywhere ip-10-4-0-2.ec2.internal tcp
| dpt:5678 Chain OUTPUT (policy ACCEPT) target
| prot opt source destination
| ACCEPT tcp -- anywhere anywhere
| tcp spt:http
|
| On the ec2 side, openvpn conf: dev tun1
| ifconfig 10.4.0.1 10.4.0.2 verb 5 secret
| local.key cipher AES-256-CBC keepalive 10 60
| persist-tun persist-key
|
| On the local side, openvpn: remote [ec2 ip
| adr here] dev tun1 ifconfig 10.4.0.2 10.4.0.1
| verb 5 secret ec2.key cipher AES-256-CBC
| keepalive 10 60 persist-tun persist-key
|
| On the local side, ipf conf in ipnat.conf. This is
| abbreviated as most of the stuff in there is just forwarding
| amid the zones which is not relevant to a simple linux setup
| without zones. In addition to figuring out the iptables
| equivalent I believed you'd want to replace the 102 adr
| (which in this case is a zone) with your local machine (like
| 0.0.0.0/0 or whatever): map net0
| 10.0.0.102/32 -> 0/32 map tun1 10.0.0.102/32 ->
| 10.4.0.2
|
| (not sure if the first line is even relevant or not, it's
| been a while)
| rozap wrote:
| I hosted a phpbb board out of my room during high school. Our
| school board had just done the "one laptop per kid" thing, and
| the machines were all locked down and most of the fun sites were
| blocked, but not my site, because IT didn't know about it. So
| everyone went there to chat. We had an IRC server. People became
| friends that otherwise were in different cliques irl.
|
| One time we were supposed to be doing work during class, but
| everyone was on IRC chatting. The classroom was completely
| silent. Somebody wrote "somebody say penis" in the channel and
| the whole classroom started laughing at the same time, for
| seemingly no reason. The teacher was confused, it was a good time
| to be a 15 year old dorking around with computers.
| unity1001 wrote:
| > "somebody say penis"
|
| Edgy...
| rozap wrote:
| we were like 14 my friend
| yaddaor wrote:
| Nothing "edgy" about kids finding words that describe
| genitals funny. It is like that everywhere on the planet and
| it always has been.
| lee101 wrote:
| I'm running https://text-generator.io from my house, two 3090s
| right now powering it. It allows the service to undercut OpenAI
| around 10x on Text/code generation and Google over 8x on speech
| to text. A Cloudflare tunnel is pointing to it running locally.
| It makes development very fast too. Its a bit tricky to keep
| purchasing new hardware to spin up new instances but that's
| getting easier with practice and autoscaling cloud providers
| doesn't necessarily work that well either.
|
| I think co's should seriously consider this or at least adding
| everyones development machines to the prod cluster during when
| they sleep, which is what we did to render movies when i was at
| Weta Digital. 1000's of developer machines are pretty valuable if
| put to good use.
| [deleted]
| louwrentius wrote:
| I not only run my blog on a computer in the corner of the room,
| it's solar-powered as well. At night it is supported by a bunch
| of lead acid batteries[0].
|
| If you can you should host your own blog/website on your own
| physical computer at home. Especially for blogs, availability and
| redundancy is just not critical. And if you do a little bit of
| preparation you can recover quickly from any failure. It is fun,
| you may learn a few things and it makes things more tangible.
| (Maybe dig into VLANs or a firewall with multiple interfaces that
| allows you to separate your home network from the server)
|
| My blog is a static HTML site and it has survived many HN visits
| of 20k+ visits on a Raspberry Pi3b+. It has since been upgraded
| to a Pi4 but it doesn't really matter. My 50Mbit upload capacity
| was never really taxed at all.
|
| I'm currently working for a customer fighting the Azure cloud and
| it's abysmal in every way possible. The simplest tasks of
| provisioning resources take forever to complete. It makes me fond
| of my 8-10 year old 20-core DL380 server that allows me to spin
| up a huge infrastructure in the same time Azure can spin up a
| small web app.
|
| [0] https://louwrentius.com/this-blog-is-now-running-on-solar-
| po...
| bakugo wrote:
| I host a website with 20k daily visitors from my living room. If
| you want something that feels as small and convenient as a pi but
| with a little more muscle to it, mini PCs are your best friends.
| [deleted]
| irq-1 wrote:
| Cloudflare already does this:
| https://github.com/cloudflare/cloudflared
|
| It works with all NATs/CGNATs by connecting from the pi over a
| bidirectional WS connection. PI <-> WS <-> Cloudflare. SSL is
| done on the cloud, not on the pi.
|
| Install any web server on the pi and "cloudflared" to proxy it.
|
| https://developers.cloudflare.com/cloudflare-one/connections...
| spaniard89277 wrote:
| Looks good. I guess that doesn't put much workload into home
| routers, which I assume is the real bottleneck with FTTH
| connections.
| Havoc wrote:
| You can stick the cloudflared tunnel exit on the machine
| doing the hosting then the router performance is largely
| irrelevant
| Melatonic wrote:
| Yea this works great!
| jll29 wrote:
| Festival TTS (Text-to-Speech synthesis), which the article
| mentions, is part of many Linux distros nowadays, and it was
| originally developed at the University of Edinburgh by Alan Black
| and team (Black et al., 1999; Taylor et al., 1998).
|
| http://src.gnu-darwin.org/ports/audio/festdoc/work/festdoc-1...
|
| https://era.ed.ac.uk/bitstream/handle/1842/1032/Taylor_1998_...
| throwaway894345 wrote:
| At the moment it's offline because I'm between homes, but
| normally I have a cluster of Raspberry Pis running Kubernetes to
| host my blog and a few other services. Unfortunately, the Pis
| need static IP addresses which requires admin access to the
| router, which I lack as I'm staying at an AirBnB, so in the
| meanwhile my site is running on an EC2 spot instance.
| MayeulC wrote:
| Get a VPN from a reputable ISP, or to a VPS. As a bonus, it's
| much easier to host mail as you can customize reverse DNS. You
| also get a "clean" IP, IPv6 regardless of your current ISP, and
| a static IP.
|
| It's also possible to host a static website on IPFS and point
| DNS records to cloudfare or another public gateway to let them
| handle the web server part.
| ottoflux wrote:
| I still host some things from home, but Linode, Scaleway, etc.
| are so cheap for tiny machines it might make more sense to build
| some APIs that the webserver can call on a machine running from
| your house.
| achairapart wrote:
| Funnily enough I had the same wish some time ago, so nowadays I
| do most of my computing in "fatcity":
|
| https://fatcity.it
| b1476 wrote:
| I'm intrigued, care to share more?
| achairapart wrote:
| Please see the sibling reply:
| https://news.ycombinator.com/item?id=33166455
|
| And feel free to ask me anything.
| fm2606 wrote:
| >> little Raspberry Pi 4 server that I run from my home ISP,
| for no reason other than to have some fun
|
| This.
|
| I run mine on RPi 3B+ with a 4 running the database. I reverse
| proxy to my site via a cloud VPS instance for $4 a month. I
| switched to the cloud after years on NO-IP when 1) I noticed my
| IP never changed and 2) my home IP address was public via a
| look up of my domain name.
|
| On another 3B+ I have a VPN so I can SSH in .
|
| Some day I will get around doing a roll-your-own-ngrok [0] so I
| don't have to open any ports but have yet to do it. I have done
| it for a project I was working on and I needed to make the
| local dev server accessible to a 3rd party. Pretty slick and
| saves a bunch of time and hassle from having to put the code on
| the server. (As an aside: Does anyone else dislike the term
| "grok"? For whatever reason it annoys the hell out of me.)
|
| I really have nothing important on there and go months or years
| without doing anything to it then get a burst of creativity or
| what not and update the site or just tinker with it.
|
| [0] https://jerrington.me/posts/2019-01-29-self-hosted-
| ngrok.htm...
| anderspitman wrote:
| If you're looking for selfhosted ngrok functionality you may
| also be interested in
| https://github.com/anderspitman/awesome-tunneling
| zdw wrote:
| > my home IP address was public via a look up of my domain
| name.
|
| If you're very concerned about privacy, frequently SMTP
| headers generally contain IP address info...
| all2 wrote:
| > most of my computing
|
| What does this involve? Are you tunneling a browser through
| ssh? Are you doing development work?
|
| Also, the status page is a rather beautiful bit of text. Did
| you do that yourself?
| achairapart wrote:
| The Raspberry PI is attached at my home router (1Gb fiber
| connectivity), then I can access it like a local server (so
| even by SSH) from everywhere with Tailscale[0]. The rest of
| the world is proxied by a Cloudflare Tunnel[1].
|
| Yes, remote dev work is done mostly with Visual Studio Code
| Remote SSH[2] (but I wish something similar would exists for
| Sublime Text).
|
| [0]: https://tailscale.com/
|
| [1]: https://developers.cloudflare.com/cloudflare-
| one/connections...
|
| [2]: https://code.visualstudio.com/docs/remote/ssh
|
| Edit: Yes, I hacked together the status page, something
| similar welcomes me when I ssh into the machine.
|
| Edit 2: Some benchmark here:
| https://pibenchmarks.com/benchmark/62022
| redler wrote:
| Way back in the mists of time, we set up our first corporate
| website. We were using Website Pro, and the box was under a desk.
| There was an option to make the machine beep with each hit, and
| for a while it was thrilling to hear those beeps -- once an hour
| or so, maybe a cluster of a few in a row. The physicality!
| kypro wrote:
| Oh man. I relate so much to this.
|
| When I was 15 me and my friends really liked playing online MMOs.
| We used to enjoy chatting on VoIP program, but this software
| required a server which all clients would need to connect to.
|
| We always thought it would be cool to host our own servers for
| this VoIP software instead of paying someone else to host one for
| us so I decided to dig out an old computer and set it up in the
| corner of my bedroom to use as a server.
|
| We got the server software installed and then realised we could
| probably sell these online if we knew how to build a website.
|
| To cut a long story short, we ended up teaching ourselves how to
| create a website with HTML, which eventually lead to learning how
| to program in PHP so we communicate with the VoIP software
| programmatically via Telnet and send emails, then eventually how
| take payments.
|
| It took us a few months in total, but we did it. And this back
| before YouTube tutorials or useful programming blogs. You were
| mostly trying to work things out on your own so it felt like a
| real achievement.
|
| One of the best moments of my life was receiving our first paid
| subscriber. I'll never forget the night my friend called me to
| tell me the news. And this was back when us teens had pay as you
| go phones so it was odd to get a call - especially that late at
| night.
|
| Funnily enough we probably used that old computer in the corner
| of my room as our server for about a year until one night someone
| hacked into it. Never really worked out what they were trying to
| do but they managed to install some remote desktop software on
| their because because I got woke up one night by the computer
| restarting then someone remotely controlling the computer. It was
| kinda spookey at the time.
|
| As you can image we paid for a dedicated server in the end, but
| it was such a fun adventure and that's why I'm here on HN today.
| The idea a couple of 15 year olds could set up a server in their
| bedroom and make some money was really inspiring.
|
| Things are different now I think. We were one of just a handful
| of VoIP hosts back then. Today we would be buried by Google and
| people would probably complain about the server taking 50ms too
| long to respond. You'd need to spend $1,000 on adwords and have
| EC2 instances around the world just to be in for a chance.
| bombcar wrote:
| For those interested, https://indieweb.org/POSSE may be of use.
|
| The idea is you'd publish on your own web server, and syndicate
| to other services that could maintain under pressure, etc.
|
| I think that for many people, setting it up at home is "Good
| enough" and if you get slash dotted, well then you can deal with
| it at that point.
| cyberge99 wrote:
| I once took our corporate T1 because I was hosting a site on a
| work webserver and it got slashdotted. My boss was really cool
| about it though, he said, "wow, I've never known an internet
| celebrity before!"
|
| This was in 2001, so it's meaning has changed significantly
| since then.
| bombcar wrote:
| My home DSL connection years ago started being slow - so I
| checked my home server.
|
| A single image was the top result for "Japanese robot death
| cat" or something on Google Images, so I was getting pounded.
| A quick robots.txt update and a few days later everything was
| calm again.
| dylan604 wrote:
| The no-hot-linking option works well too
| digitalsushi wrote:
| A home web server is the equivalent of running out of toilet
| paper. You never designed a Service Level Agreement for either,
| and it's frustrating, but you will survive it.
| yummypaint wrote:
| This reminds me of setting up a file hosting server at home in
| high school so i could work on projects from school without
| constantly burning cds or dealing with terrible thumb drives.
| Sketchy php, no authentication, no sanitization. Just browse to a
| file and click upload. In hindsight it's kind of shocking it
| wasn't taken over
| bombcar wrote:
| If you built it yourself, it's highly likely nobody ever found
| it. Even back then most of the "script kiddies" on the internet
| were using pre-packaged exploits for known software, not
| searching every single possible IP for forms with upload
| buttons.
| LukeShu wrote:
| As someone who was a highschooler 2008-2012 who built their
| own simple PHP apps for things: Script kiddies of the time
| definitely were scanning for arbitrary forms. Not necessarily
| trying to exploit the code, but just anything that would
| allow them to post spam.
| TOGoS wrote:
| I had a big data loss event back in 2008ish when someone
| found out, I'm guessing, that they could upload a PHP file
| to an upload-anything form on my home server. I thought I
| was keeping it secure by disallowing ".php" files, but I
| think some MultiView option I had set in Apache allowed
| them to upload .php.somethingelse and still have it get
| executed, blowing away, sadly, all my Subversion repos.
| Switched everything I could salvage to Git after that and
| never looked back. Also I no longer trust Apache to
| directly serve user-uploaded files. :P
|
| Long story short, someone apparently went to a non-zero
| amount of effort to hack my homebrew file-upload form.
| caseysoftware wrote:
| Through most of the 2000s, I had an ever-growing server sitting
| in my apartment closet. I upgraded it from IDE (a couple gigs) to
| SCSI drives (25gigs!!!) and spent a lot of time learning Linux
| throughout. It was ugly to navigate NATing, etc at that point but
| I ran eGroupware for a long time.
|
| Now I have a couple of small devices for monitoring, logging, and
| sharing and run them behind ngrok. They're quick and easy and I
| don't have to set up anything else.
|
| Disclosure: I work for ngrok (as of last year) but used it since
| ~2014 already.
| [deleted]
| llaolleh wrote:
| My ideal state of the internet is companies sell powerful all in
| one servers. Each household will have that server for their daily
| needs - email, messaging, social network, gaming, etc.
| no_time wrote:
| >But what I remember feeling most magical was the idea that there
| was somebody visiting that server on my desk. There was somebody
| coming from a long way away and going inside. An electronic
| homunculus.
|
| You can relive this feeling by seeding a few torrents. I
| sometimes check up on my torrents and try to imagine the person
| behind the Moroccan IP address grabbing my Drop Dead, Gorgeus
| discography.
| alx__ wrote:
| Is there a way to run a little web server on our phones? It's a
| device that's always on, and usually on Wi-Fi
| mpd wrote:
| I have an old phone set up here, running Octo4a. It's working
| great.
|
| https://github.com/feelfreelinux/octo4a
| WorldMaker wrote:
| Most modern phone OSes today try to limit background services
| to squeeze battery life out of idle states. Even though "always
| on", some of the idle states are extreme battery misers. For
| instance, even the iPhone 14 with its "always on display" is
| doing some really interesting idle stuff, the "always on
| display" itself refreshes as 1 frame per second or _slower_
| (sometimes one frame per minute! as the clock is the only
| guaranteed to update, once a minute). It seems like the device
| is always responsive due to how "instant" it wakes from idle
| states.
|
| All of which are a lot of very interesting reasons _why_ you
| can 't just run a web server on your current phone with its
| current modern OS and expect it to have 24/7 up time even
| though it feels _to you_ like your phone has 24 /7
| responsiveness uptime.
|
| It's a solvable problem if there were enough interest: light
| web hosting is something that could be added to the list of
| system services that can wake the device from idle states (in
| similar ways to how notification services get prioritized, or
| trickle data feeds like Find My Services). It's not likely a
| problem that current phone OSes are incentivized to support,
| though, because there's currently no reason for millions of
| people to want websites served from their pockets.
|
| Maybe one day there will be an interesting P2P data "hosting"
| protocol that would be useful for modern OSes to prioritize in
| that way.
| ptrwis wrote:
| I once ran some GNU/Linux distro on Android, and then Tomcat on
| it :)
| flobosg wrote:
| See https://news.ycombinator.com/item?id=31841051 -
| _Repurposing an old Android phone as a web server_
| tandav wrote:
| termux (android) can run python, node, docker and more, but you
| should have static IP or some tunneling like
| cloudflare/tailscale/zerotier
| yellsatclouds wrote:
| so do I, but my ISP after getting eaten by another larger ISP
| made it impossible to access remotely.
|
| long live the free market. free for institutional-entities to
| step on individual humans.
| Melatonic wrote:
| I meet more and more people these days who are so used to working
| with Big Cloud they have no idea how easy is actually is to run
| your own hardware. AWS never raises their prices but hardware
| keeps getting cheaper, faster, smaller, and more energy
| efficient. You could probably host a simple site that did not
| have crazy traffic on a pair of old android phones with full HA
| and keep it in a shoebox!
| davegauer wrote:
| I'm a huge fan of running web servers in the house - but they
| don't have to be connected to the Internet to be useful and fun!
| An Apache instance on my always-on box in the basement [0] serves
| an incredible number of uses and can be connected to from any
| computer-like thing on my home network. Old-school CGI scripts
| can be written almost as quickly as terminal scripts and HTML
| forms make super quick interfaces. A home web server is probably
| STILL the easiest way to get files to heterogeneous computers and
| phones and tablets and...
|
| [0] https://ratfactor.com/setup2
| nicolaslem wrote:
| > A home web server is probably STILL the easiest way to get
| files to heterogeneous computers and phones and tablets and...
|
| Similarly for printing, I would love a local web app that I
| could submit PDFs to and get a printer to print the pages. I
| could imagine scanning working in reverse. I tried googling a
| bit but alas it seems no one has done it.
| zh3 wrote:
| For dumb printers we use CUPS, even cheap printers (Oki
| B412dn here) just plug into the network and are found by most
| things (even Windows these days).
| nicolaslem wrote:
| I also use CUPS on a Pi to put a dumb printer on the
| network, but I still routinely have issues with my devices
| not finding the printer or not scaling the page properly.
|
| This is why I was thinking that a plain web app with a
| known good driver could solve these problems.
| cestith wrote:
| Some higher-end printers have HTTPS or LPD (or even FTP)
| printing built into them. As far as using a web app to queue
| to a printer that's working on a local Linux machine or so,
| the webapp could be as simple as just a file upload form and
| app backed by incron with the right command assigned to the
| event I think.
|
| https://www.geeksforgeeks.org/incron-command-in-linux-
| with-e...
| jll29 wrote:
| See https://pibox.io/ + https://kubesail.com/ for a low-energy,
| small, Raspberry Pi-driven, quiet option. I have been running
| one of them running in our basement for about a month.
| KubeSail, the startup that sells them, offer DNS and backup
| services, but the box has been designed to run also in the case
| the company eventually disappears.
| zh3 wrote:
| Our (decades old) house web server has a home page with useful
| links, and in particular to a simple wiki on the same box.
| Without any pushing (that never works) the rest of the house
| has slowly learnt to use it, so the calendar, the wish lists,
| the pet histories, holiday ideas, all sorts of stuff are on it.
| The server also hosts simple apps like JS clocks, calculators
| and of course the [0] pewpew attack map (maybe a little less
| funny these days, but hey).
|
| Edit: ref CGI, there's a few apps on there that do that as well
| (e.g. fish tank temperature monitor). Nice thing about a small
| private network is being able to do CGI scripts in
| bash/whatever without having to worry too much).
|
| [0] https://github.com/hrbrmstr/pewpew
| protonfish wrote:
| How do you give your intranet site an internal domain? Or do
| you make the family use the IP address?
| oneplane wrote:
| You probably already have this. Nearly every ISP has been
| delivering home gateways with DHCP and DNS built in, and
| DHCP-registration into the local DNS cache. So <your-
| computer>.lan or <your-computer>.home are likely
| candidates. Check your settings to find out.
|
| Besides DNS-based naming there is Multicast DNS
| (Bonjour/Avahi/ZeroConf) and NetBIOS naming (which still
| exist and works on most operating systems that have Samba
| or something similar).
|
| In any case, you don't need a remote service like Cloud9 or
| Tailscale to any of this. Normal networking has done this
| for decades.
|
| The next step beyond this is running a more capable DNS
| system in your home network. Generally this takes the shape
| of a DNS forwarder service running on a router or server.
| It could be as simple as a PiHole or OpnSense firewall, or
| however complicated you might want to make it.
| aendruk wrote:
| See also .home.arpa which is designated for this purpose.
| whateveracct wrote:
| I personally use avahi (mDNS) as many other replies have
| suggested.
|
| I use NixOS, so it was easy to make a function to abstract
| over the config. In each computer's config, all I do is
| specify a hostname. This function does the work (or really,
| some nixpkgs committer did): { hostName
| }: { services.avahi = {
| enable = true; nssmdns = true; # Allows
| programs like ssh to resolve .local domains via avahi
| inherit hostName; openFirewall = true;
| publish = { enable = true;
| addresses = true; workstation = true;
| }; }; }
| vorpalhex wrote:
| Edit the internal dns server(s).
| numpad0 wrote:
| Configure following items on your router:
|
| - desired hostname and search domain(can be bogus though
| not recommended)
|
| - DHCP server parameters with the router's IP as primary
| DNS
|
| - DHCP static assignment for (each of)server(s)
|
| - DNS static assignment such as "yourserver.bogusdomain.tld
| 192.168.10.10"
|
| - (optionally) domain names, ddclient, certbot
|
| "Proper" classical router/firewall OSs like Cisco IOS,
| Juniper JunOS, VyOS, RouterOS, OpenWrt, all easily do it
| like they do a cigarette, but good gamer routers and some
| NASs also can do it okay in many cases.
| zh3 wrote:
| It runs DNS and DHCP as well (so we have a domain that's
| the same as the house name); the DNS is primarily caching
| so for most sites it's just stock internet (except a bit
| faster due to the caching). It's also authoritative for a
| small number of domains that serves ads/do tracking (it's
| amazing how much better that makes the internet, even the
| kids comment on how fast it is compared to their friends -
| and we're out in the sticks on a relatively slow
| connection).
| ecliptik wrote:
| Tailscale MagicDNS [1] can also do this, which you can also
| setup with TLS certs using their Let's Encrypt integration
| [2].
|
| 1. https://tailscale.com/kb/1054/dns/
|
| 2. https://tailscale.com/kb/1153/enabling-https/
| pclmulqdq wrote:
| If you have a Pi hole, you are already running a dns
| server. Otherwise, it's not too hard to set one up.
| leesalminen wrote:
| You can use mDNS [0] to publish an internal domain to
| others on the same LAN. Alternatively, you can use
| something like a Pi-Hole [1] to be the DNS server for your
| LAN. Pi-Hole gives you GUI way to point any domain to any
| IP [2].
|
| [0] https://wlog.viltstigen.se/articles/2021/05/02/mdns-
| for-linu...
|
| [1] https://pi-hole.net
|
| [2] https://docs.callitkarma.me/posts/PiHole-Local-DNS/
| jrnichols wrote:
| if you're using pi-hole, you can actually do all of this
| within the admin panel itself. they added Local DNS a
| couple releases ago.
| timc3 wrote:
| Network router with DNS resolver, internal domain, all DHCP
| clients get registered with a name as a subdomain.
| mycomputer.networkname.lan - I use pfsense, but lots of
| others support this.
|
| You could have your own top level domain as well.
| aljarry wrote:
| This might be an overkill, but you can host internal domain
| using public DNS.
|
| I've got a domain, and I've added multiple A records
| pointing to IPs of servers in my 192.168.X.Y NAT. This has
| a downside thought, that with short enough TTL, you may not
| be able to access your server during intermittent
| connectivity problems.
|
| I'm using letsencrypt through traefik for the certs.
| WorldMaker wrote:
| Not the OP, but for a small local network it is easy enough
| to sneakernet hosts files around. (On a USB drive if not a
| properly classic floppy.)
|
| Also, somepcname.local mDNS works on most operating systems
| today (once you grant firewall permissions to it; for
| instance, on Windows setting your home network as a
| "Private" network for instance when it asks Public or
| Private).
| zh3 wrote:
| We have a lot of computers, so DNS is easier than hosts
| files (also easier for dynamic updates,e.g. random Pi's
| given a hostname will update DNS via DHCP so no need to
| find the IP address and update other hosts).
| tomcam wrote:
| I am asking this out of ignorance, not knowledge. Isn't
| that why the Lord gave us a hosts file?
| dylan604 wrote:
| you'd have to edit the hosts file on every single device
| you want to access that domain. personally, i wouldn't
| even know how to do that on any of my mobile devices.
| tomcam wrote:
| TIL. Thank you
| kroltan wrote:
| Or run a local DNS in your router, so you don't have to
| set each client device up.
|
| (How would you even add hosts to an iPhone or something?)
| tomcam wrote:
| But of course. Thanks.
| anthropodie wrote:
| visit http://i.reddit.com/r/selfhosted to join hundreds of
| thousands of people hosting at home.
| anderspitman wrote:
| It's a great community for learning, but I think they focus too
| much on teaching each other and not enough on lowering the
| barrier of entry.
| NonNefarious wrote:
| incanus77 wrote:
| In 1999 I wrote a piece of PHP trouble ticket tracking software
| called Ticketsmith which eventually morphed into the foundations
| of ubersmith.com. I put the first tarball on my home PC (running
| Linux) and linked that URL to Freshmeat.net. It was so thrilling
| to sit there that evening, watching TV but looking over to see
| the Apache log tail process stream out as each person downloaded
| it to check it out. Very visceral.
| digitalsushi wrote:
| In 2003 I had my web server in my college apartment bedroom. This
| is back when AOL Instant Messenger was popular.
|
| I had a URL on my website called moo.html that wasn't indexed. My
| friends had it bookmarked, and when they visited it they got a
| picture of a cow, but it played a cow mooing in my bedroom. It
| was a nudge to come online and be social.
|
| The End.
| blhack wrote:
| I miss these days of the internet.
| llaolleh wrote:
| Make Arpanet Great Again!
| Scarblac wrote:
| One night in the 90s I woke up at 1am because the server next
| to my bed started making a lot of noise! I quickly login and
| see a process by user "nobody" taking up 100% cpu! I'm being
| hacked! Quickly pull the network cable out of the wall, wide
| awake.
|
| Turns out there is a cron job that updates the locate command's
| index.
| DavidSJ wrote:
| At a web startup I worked at in 2008, we had some automated
| emails sent to all our users. We didn't have sendmail or
| postfix or whatever properly configured and so the emails
| came from nobody@ourdomain.com. Our CEO was pissed because he
| didn't understand that it wasn't like some intentional joke
| by our engineering team.
| Kim_Bruning wrote:
| One day when I had just started using linux, this never
| happened to me either ;-)
| ISL wrote:
| Yep! updatedb
| napolux wrote:
| this reminds me of the Yo! app
| patoroco wrote:
| OMG, I'd achieved to remove it from my mind. Ooob, the olds
| times in the apps world
| nluken wrote:
| Similar story: In college much more recently (2019), I had a
| linux server running at my boyfriend's apartment since he was
| off campus and we were blocked from doing anything like that on
| the school's network. Sometimes, I would say hi to him or wish
| him goodnight by playing a little tune on the PC speaker hooked
| up to that computer. He'd always text me back with a smiley
| face or something like that. Feels like that kind of
| interaction is really rare on the web these days, but we had
| fun with it for a little while.
| oso2k wrote:
| In early 2000s we used to send each other messages using
| Query Strings or X-Headers....
| conductr wrote:
| Wow cool but that's bizarro world to me. In my days college
| was where everything awesome was happening because it had
| fast and basically unrestricted internet. A lot of the
| Napster and other P2P stuff that followed was being seeded
| from someone's dorm. The best game servers, etc. On IRC in
| the early 00s, I did a lot of trading of video (live music
| footage) and one kid in a dorm somewhere could host an
| enormous amount of content by most home internet standards.
| Once I got off dialup download speeds, I could easily
| download more than I could afford to store. The cheapest
| thing for me to do was buy a massive stack of CDRs and start
| burning. If I remember correctly, the largest HDD at the time
| was about 40GB.
| nluken wrote:
| Our school's IT department used to go around with wireless
| scanners to make sure nobody was running networks without
| the school's permission. I knew people who got busted for
| stuff like that, but my roommates and I eventually hacked a
| way around this by naming our network "Dave's iPhone
| Hotspot" and never had any issues. At that point, the
| webserver moved from my boyfriend's place back to my own
| until we moved off campus the following year.
| joshxyz wrote:
| i wonder how often they refreshed it lol
| endgame wrote:
| I did a similar thing with my family: I'd hooked a GNU/Linux
| box up to the family Hi-Fi system to play our various music
| libraries, and when I was living overseas I'd "call them" by
| ssh-ing in and asking mpd to start playing something. They'd
| come online and call me using Google Talk (the very first one,
| probably, because it was good, simple, built on open standards,
| and long dead).
| thakoppno wrote:
| What mechanism tied an inbound http request to the moo?
| numpad0 wrote:
| Years ago I had /var/www/lights_on.sh that turned lights on
| in my room. Only hardened against RCE by Wi-Fi password, but
| was possible. It broke later. The real problem was that
| browsers sometimes prefetched it.
| digitalsushi wrote:
| I was using a log watcher that could run a command on a regex
| match, but I remember having an elaborate .htaccess that
| would shell out all kinds of things... many ways to tie them
| together, all very hacky.
| thakoppno wrote:
| thank you for this insight.
|
| it might not even be that hacky to be honest. in some ways
| modern log aggregation isn't that different, just insulated
| by more steps and safe guards. less moos though.
| [deleted]
| sukilot wrote:
| RockRobotRock wrote:
| I'm trying to imagine what was popular back then. A Perl CGI
| script?
| valleyer wrote:
| Perhaps showing my age, but that is still how I would do
| it. It's dead simple.
| jrootabega wrote:
| I enjoyed the (brief?) times when the client would do string
| interpolation on the URL and tell you the screen name of the
| person viewing it.
| jaywalk wrote:
| You had to put a link in your profile that contained "%n",
| and the client would replace %n with the screen name of the
| person clicking the link. They never took that away as long
| as I was using AIM, but there was no way to see anyone simply
| viewing your profile without clicking a link as far as I can
| remember.
| jrootabega wrote:
| Ah that's right. I remember when it was still not widely
| known you could catch some people, but I think people
| caught on eventually.
| lucb1e wrote:
| I wasn't an AOL user so it took me a few reads to get the
| concept. What this must mean is something like:
| [Joe] what's up <a href="//example.net/?username=
| [Jane] nm, wbu [Joe] ">join my chess game?</a>
|
| Which could show on Jane's screen, if there is no HTML
| escaping at all, as: [Joe] what's up
| [Joe] join my chess game? (<-link)
|
| The message of Jane's would have looked like it got swallowed
| because it was inside the HTML tag, but so long as Jane
| doesn't know what's up and ignores it, clicking the link
| instead, the owner of example.net would see a pageload of htt
| ps://example.net/?username=%0A%5BJane%5D%20nm%2C%20wbu%0A...
| and thus learn that the other person is called Jane. Then
| again, for this to work it would already have to be on the
| screen of the person clicking the link, but not of the person
| who sent the link or there would be no point. So I feel like
| I'm still missing something.
| jrootabega wrote:
| Less clever than that. jaywalk's comment got it. You could
| put a link in your away message/status/profile and see
| which people clicked it and/or were "stalking" you.
| oliwary wrote:
| Something similar used to work on Facebook... and still does
| apparently!
|
| At least if you are this person:
| http://facebook.com/profile.php?=73322363
|
| (This link redirects to the profile of whoever clicks it)
| lucb1e wrote:
| Obligatory: https://xkcd.com/530/
|
| I did something similar when I lost my phone but it was still
| connected to the network. Ssh into it and `while true; do
| espeak "I am here"; done`. Related: http://bash.org/?5273
| didgetmaster wrote:
| The xkcd reminds me of a friend who was locked out of her
| car. The battery in her remote key fob had run down so the
| door would not unlock when she pushed the unlock button on
| it. She was still trying to figure out online how to get a
| new battery when I took her key from her and opened the door
| by inserting it in the lock. She was so embarrassed that she
| wouldn't talk to me for a few days.
| Aeolun wrote:
| I'm fairly certain we've recently fought to open a rented
| car because the keyfob died and the way to extract the key
| from the fob was non-obvious.
|
| Then when we finally got inside, the car didn't have a
| keyhole to start it at all. Ended up calling the rental
| agency that showed us how to invoke the magic sequence by
| holding the (empty) fob in front of the start button for a
| few seconds before pressing it. I guess it does passive
| RFiD or something?
|
| Anyway, that's the point where I decided modern cars are
| not my thing.
| ghusbands wrote:
| I did that, recently. My fob battery died, I unlocked the
| car with the key, opened the door and... the car alarm went
| off. I'm not sure what the designers were thinking.
| stonogo wrote:
| You turn the alarm off by starting the car, because the
| ignition has an rfid-like close-range reader which only
| requires passive circuitry in the key. That's how you
| differentiate between a break-in and the legitimate
| owner.
| davchana wrote:
| My car has push start (like many new ones) & has no
| keyhole inside (it has one in door to open the door).
| Although it has a seat/slot for the whole key to go in,
| in case of low battery. I assume that will stop the
| alarm. :-|
| Haegin wrote:
| My car is also push start and I have to hold the fob in
| front of the start button for a short while before
| turning on the car if the fob battery is out.
| thomastjeffery wrote:
| Some relatives of mine have internet-connected RGB lamps that
| they use in a similar fashion. When one sets the color, the
| others automatically synchronize. It seems like a pretty neat
| low-stress way to keep in touch.
| fullstop wrote:
| In 2001 I had an account set up for my girlfriend, now wife, so
| that she could telnet (openssh wasn't really widespread then!)
| to my desktop and it would play a sound and blink a light as
| part of the login procedure.
|
| The light was controlled by an X10 "firecracker" module. Neat
| stuff, for the time.
|
| Anyway, she would do that to get my attention if I wasn't by
| the PC and she wanted to chat via ICQ.
| agrippanux wrote:
| A few weeks ago I set up a Stable Diffusion webui on my home
| linux box and used a Cloudflare tunnel to host it on a url and
| gate access to just my company's email domain. I started a slack
| channel for AI Art and we started holding a daily contest, it's
| been really fun.
|
| Shout out to Cloudflare, setting up an access protected tunnel
| took like 10 minutes.
| ghusto wrote:
| I remember home hosting fondly too.
|
| Every so often I think about doing it again, but security
| paranoia keeps me from it. What if they broke out somehow? I
| could DMZ it I guess.
| teekert wrote:
| Tailscale is nice, you don't even need to open any ports to
| have your device accessible from anywhere. Works really great,
| literally (!) takes >10 min to set up (on mobile, dl app, log
| in with 3rd party identity provider (I choose GitHub), on
| Server, curl some script (will move to apt or yay or dnf when
| it detects them), click a link, boom both devices can find each
| other on unique IP addresses.)
|
| I do open ports, for NextCloud (to be able share stuff) and
| some websites. But Home Assistant is only accessible from the
| Tailnet for example, as are my ssh servers.
| 14u2c wrote:
| Cloudflare has a similar (free) service as well. It's quite
| useful.
| bombcar wrote:
| DMZ or second IP/connection is the way to go.
|
| It can be a bit tricky with hairpin routing, but you can make
| the DMZ seem to be "on the internet" even to the home network.
|
| Use tail scale or something similar for actual "access my home
| network from far away"
| anderspitman wrote:
| I'd recommend running your selfhosted stuff in a VM (or docker)
| and using tunneling[0] to access it.
|
| [0]: https://github.com/anderspitman/awesome-tunneling
| mvanbaak wrote:
| You want to host my plex server there? ;P
| catern wrote:
| I do this, I host my website on my desktop. It's nice to have
| just a single computer instead of many.
| http://catern.com/computers.html
| bovermyer wrote:
| This line from the article sums up my feelings pretty well:
|
| > I'm pretty technically capable but I'm not sure I can be
| bothered.
|
| All this sounds fun and a cool throwback, but it's also rather
| more work than I'm willing to put up with right now.
| mftb wrote:
| I've wanted to do this for years, but just can't stand the
| security hassle. One solution I've often thought about, is
| renting a small office in the neighborhood and setting up there,
| obviously that adds a lot of expense.
| pak9rabid wrote:
| Hmm, I don't have a problem self-hosting from home. Here's my
| setup:
|
| 1.) Cable (DOCSIS 3.0) Internet connection with a dynamic IPv4
| address. 2.) Registered domain(s) 3.) Domain hosted via Dyn.org
| (for quick updates in the event my IP changes) 4.) Linux-based
| firewall/router that runs ddclient (to update the public DNS
| records should my IP change, which is very rarely) 5.) All port
| 80/443 traffic is forwarded to an LXD container running nginx as
| a reverse-proxy, where TLS encryption/decryption is handled 6.)
| Unencrypted HTTP traffic is then forwarded off to whichever LXD
| container is hosting the actual site
|
| Unless my Internet connection actually goes down (which is rare
| thanks to a good provider and everything being on a UPS), the
| site stays up.
|
| Hope this helps!
| mft_ wrote:
| It sounds wonderful, but doesn't sound (to borrow the author's
| phrase) 'turnkey'.
|
| And certainly not on a Raspberry Pi running Linux - it sounds
| like a day of frustration, trial-and-error, and many many
| google searches!
|
| I would pay good money for (let's say) a Pi with all of the
| hard work done - just plug it in to your router and it's
| already serving pages online.
|
| Edit: also, dyn.org doesn't seem to exist?
| finneganscat wrote:
| fletchowns wrote:
| I have Comcast Gigabit Pro which comes with a 6 Gbps symmetrical
| fiber connection and a separate 1 Gbps symmetrical ethernet
| connection, each connection having their own block of 5 IP
| addresses. I've been considering moving my colocated server back
| home and putting it on the 1 Gbps line, my only hesitation is
| that the IP addresses between the two connections are so similar.
| If I was only serving https traffic to the public that wouldn't
| be too much of a concern, since I could just stick Cloudflare in
| front of it. However, I'm also hosting game servers on there, and
| those don't seem as straightforward in masking my IP address.
| Should I be this paranoid about that? They would be completely
| separate networks, there's no route from the publicly accessible
| server into my home network.
| zhala wrote:
| You could use something like cloudflare tunnels which wouldn't
| expose your IP, but would still route the traffic back to you
| machine.
| fletchowns wrote:
| Ooo that looks promising! I will look into it, thank you for
| the suggestion.
| ectospheno wrote:
| Or stick a level 4 haproxy at a cheap no bandwidth fee vps
| provider.
| anderspitman wrote:
| Cloudflare Tunnel is a solid service. Self-hosted options
| are also available:
| https://github.com/anderspitman/awesome-tunneling
| lucb1e wrote:
| https://web.archive.org/web/20221011170702/https://interconn...
| because it takes 25 seconds to load at the moment (not that
| archive.org couldn't use a speed boost)
| kkfx wrote:
| I'm not much interested in a personal webserver than having as a
| NORMAL service an ipv6 global per any connection, all ISP crappy
| router deniable or configurable in bridge mode, anyone normally
| owning a personal domain name or more than one.
|
| Some subdomains dedicated to personal services etc. Web server
| just a part of the game, not them specifically.
|
| Technically there are NO reasons to justify "cloud computing"
| despite claims, the only real justifications are business of some
| against others interests. There are no reasons despite all ipv6
| issue to not offer global addresses etc. The real issue is that
| most people simply have next to no ideal about IT nor how to
| benefit from in in their own lives. Those who know have not much
| choice...
| marginalia_nu wrote:
| I host all of marginalia.nu out of my living room. Very little
| hazzle. UPS is kinda important though.
| geek_at wrote:
| This takes me back. My dad worked for IBM and had access to many
| broken thinkpads (mostly broken displays) so he would bring them
| home for me to tinker but in the end I installed debian on them,
| installed ISPconfig and rented out webspace from the laptops
| running under my bed.
|
| Laptops are awesome for servers since they have built in UPS's
| and are not very power hungry
|
| It was a fun experience and got me started on my road to becoming
| a MSP
| rambambram wrote:
| Sounds like a post on it's own! Do you have a blog somewhere?
| geek_at wrote:
| yes I even wrote about the laptop servers here
| https://blog.haschek.at/2015-my-company-just-turned-10.html
| georgeoliver wrote:
| > Perhaps there's a way to host my website at home, but have the
| static bits served by Cloudflare if the Raspberry Pi isn't
| available (using a global CDN as a UPS), and the dynamic bits
| always visit my home - but there's a graceful "come back later"
| message if the Pi is down?
|
| I feel like this is what IPFS and similar are made for. I could
| see a home user appliance configured with something like that,
| plug it in and your site is up, unplug it and it was replicated
| to other opt-in hosts.
| rcarmo wrote:
| My web site (taoofmac.com) used to be hosted at home behind a DSL
| line. I ran it on anything from an NSLU2 (look it up, it was one
| of the first easy-to procure, easily hackable ARM machines) to
| PHP+MySQL on Windows Server (don't ask), and after a while I had
| Snort and all sorts of stuff running alongside to secure it.
|
| Whenever I was linked from Slashdot I would pretty much lose
| connectivity, so I started using Coral CDN, moved it to a colo,
| then to Linode, and on and on through some 6 or 7 providers as
| technology changed and I tried new things.
|
| It's been 20 years now (just wrote about that last week), and I
| sort of miss those days, but on the other hand I really don't--
| keeping the server alive and secure (even in Linode) was a bit of
| a chore, so the writing was pretty much on the wall that it would
| eventually become just a set of static pages on an Azure storage
| account. Zero worry about keeping the site secure, no runtime
| issues, and plenty of opportunities to be creative (like this:
| https://taoofmac.com/static/graph)
|
| And boy, do I have plenty of in-house web servers and Raspberry
| Pis to make up for it--but none are public, and I just have a
| couple of cores spinning on each major provider for toy projects.
| childintime wrote:
| These days the ESP32 could be good enough. It could host a decent
| website, which could be a portal to do fancy intercom stuff and
| make photo's on the press of a button.
___________________________________________________________________
(page generated 2022-10-11 23:00 UTC)