this post was submitted on 01 Nov 2025
27 points (100.0% liked)

Self-hosting

3816 readers
2 users here now

Hosting your own services. Preferably at home and on low-power or shared hardware.

Also check out:

founded 3 years ago
MODERATORS
poVoq@slrpnk.net
sam_uk@slrpnk.net
27
Self hosting Sunday! What's up, selfhosters?s (lemmy.nocturnal.garden)
submitted 3 days ago by tofu@lemmy.nocturnal.garden to c/selfhosting@slrpnk.net
26 comments fedilink hide all child comments
 

What's going on on your servers? Smooth operations or putting out fires?

I got some tinkering time recently and migrated most of my Docker services to Komodo/Forgejo. Already merged some Renovate PRs to update my containers which feels really smooth.

Have to restructure some of the remaining services before migrating them and after that I want to automate config backup for my OpnSense and TrueNAS machines.

you are viewing a single comment's thread
view the rest of the comments
[–] F04118F@feddit.nl 2 points 2 days ago (1 children)

I'm hosting foundryvtt on a k8s cluster. I'm using Authelia+lldap to have only authenticated users passed on to that behemoth of a NodeJS app that is undoubtedly full of vulnerabilities.

I have Authelia set up to enforce 2FA for any request outside my users' home networks. Or so I thought, but one of my players kept getting asked to 2FA.

Turns out I forgot about IPv6. He connects over IPv6 by default.

[–] SolarpunkSoul@slrpnk.net 2 points 1 day ago (1 children)

I'm also running foundryvtt and have the basics of network security down but not much more. Is there anything I should be particularly wary of if I'm hosting it via a cloudflare tunnel for my group?

[–] F04118F@feddit.nl 1 points 1 day ago* (last edited 1 day ago)

You probably have your network locked down much better than me. That should work too.

For me, it was easier to set up authelia to limit access. I don't trust the "authorization" portal in foundry so I set up a real authentication proxy.

As a dev I've had experience with the developer culture and norms in different languages, and NodeJS stands out to me for invoking (other NodeJS) dependencies for even the smallest things.

Left-pad is the best illustration of this dependency culture. This also means vulnerabilities spread across the entire npm landscape instantly, since everything depends on almost everything else.