Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
Sounds like you might want to learn about firewalls before you get too much further along? I had no idea when I set up my first web server, and the machine got hacked within a week of putting it online. For your purposes you can probably set up some simple rules with iptables, but if you ever get serious about a dedicated firewall (which will need at least two network connections but more gives you better flexibility) then you might want to look at something like OPNsense.
As for conflicting ports, the easiest solution is to move the internal server to a non-standard port that you can remember, but you should also consider putting each container on its own local IP address. Add something like dnsmasq to your pi, and you can add local names for each IP (plus it will handle dhcp for your network). Then in your browser you can type a local name like 'pihole' to access port 80 on that service, or 'mydomain.com' to get to the nginx container.
And for pointing your domain name to the right IP... Do you have a static IP address? Unless you are paying extra for it, you almost certainly do not, in which case you need to look for a DDNS service which will track your current IP and update on the fly.
I will absolutely start doing more research on firewalls, thank you for the suggestion. That's exactly the kind of obvious thing that I was afraid I would miss.
Dnsmasq is actually already built-in to Pi Hole, I'm pretty sure that's how it redirects advertiser domains to 0.0.0.0 and handles DHCP. I see that I can add more local domains right from the web interface. I didn't realize I could give each containers its own local IP addresses, though. That would make getting to local services much more clean and simple.
I don't have a static IP, and I'm certainly not keen on giving my ISP any more money. I'll look more into DDNS services too.
Keep in mind that docker can bypass iptables-based firewall like UFW. When in doubt, do a port scan from an external machine to check which ports are actually open to the internet.
I haven't gotten in to containers yet, but there should be some way to let each one use a unique IP. At the very least, give your Pi multiple addresses and then have the service in each container only listen on its assigned address.