Aaah that’s good to know. I’ve seen HAproxy mentioned before and this was the first time I looked at it.

I am happy I went with Caddy because networking is not my strength and Caddy is quite simple in comparison to other reverse proxies. Nginx config files will forever look like scribbles to me.

I don’t know about the limitations of using an uncommom port though because my needs are quite small and obscure by design. I do wonder if other people could benefit from using wildcard certs + uncommon ports. Watching bots/scrapers drop to zero attempts and stay zero has been really satisfying and I haven’t had the desire to use outside services like Anubis or Cloudflare.

I know someone out there with itchy fingers is ready to warn that obscurity isn’t security and I wouldn’t deny that. However, I do believe obscurity layered with security is valid as long as security takes the main focus.

For the past year I’ve been learning to self host minimally on a used Raspberry Pi 5. I do have a Pi 4 as well but that’s dedicated to HomeAssistant for the small handful of lights and switches it controls.

Both Pi’s run Alpine Linux with Podman containers. For my Pi 5 server it runs Caddy as my reverse proxy/SSL cert handler plus another contained for Kiwix. It’s super simple. Caddy also has a basic file server for me to host my git repositories as well as hosting my static site.

The static site is based off a script I found called BashWrite but it hasn’t been updated in a year so I decided to add some of my own changes to it here. I also fixed up some of the English grammar since the original creater wasn’t an English native speaker.

I’m still focusing on the background stuff but I’ve put a lot of effort into security and hardening. I’ve written all the maintenance (backup, keep-alive, updating) myself using POSIX portable scripts which can all be found on my codeberg page. It’s been a long process but I’m nearly there. I just have to switch from iptables to nftables and add secrets to my Caddyfile configuration to hide important keys that are currently sitting as plain text. After that I can focus on my blog/static site.

Since I’m not doing this for a business, I’ve decided to use a wildcard domain for my SSL cert plus an uncommon port as a low effort way to hide myself from bots/scraper. Also I set up Wireguard infront of my SSH connection to also hide from bots. My log activity only shows my own activity which is comforting to know, especially since I’ve seen just how active bots and scrapers are in comparison to a year ago when I was just getting started and beginning to learn things.

It’s really cool to see another minimal project like this and I think it’s refreshing to see. A lot of the times I see people with dozens on intensive services running and I feel a bit out of place with my scaled down self hosted project.

My only question about your setup is about HAproxy. How important is a load balancer for your site? I don’t think I will need one for myself since the traffic will mostly be for myself and a few people I know personally but I am still curious about how it works and how effective it is for your setup.

deleted by creator

This was a number of months ago so I doubt it would be remembered anywhere at this point. After that, a number of posts I commented in were also removed as well. It was very confusing because everything seemed appropriate for the community. I do look forward to seeing how this community grows/changes now.

I’ve taken a very minimalist approach to self-hosting but I’ve given extra attention towards security. I feel like security doesn’t get talked about as much as it could be. It’s especially important these days with bots roaming around everywhere.

I also use some unconventional methods that I’d like to share (layering security with obscurity with a focus on security first). It’s not a one size fits all solution but I can stay private while exposing my server with minimal tools. It works for me though and my logs haven’t shown any outside activity besides my own.

I stopped posting and commenting on this community because things kept getting deleted even though it was all very clearly about self-hosting. It was very disappointing because I spent a lot of time on my contributions. One post I made a while ago was about self-hosting security and had tons of activity only for all that information to be removed over rule 3. Very confusing and disappointing.

I’m interested in seeing how the vibe around here changes going forward. Maybe I’ll be less cautious about participating.

I just use SSH+Rsync for everything. I traded two-way sync for minimalism and reliability. I’ve had nothing but headaches with anything else, especially Syncthing.

My Computer and both Raspberry Pi servers both run Linux and I have Termux installed on my Android phone so OpenSSL and Rsync are easily available.

I made a script that runs Rsync commands from files containing all the information which easily swaps source/target files so I can easily transfer in both directions with a simple command line option. It’s reliable and simple and I’ve had a lot less headaches troubleshooting the rarely occurring issues.

I live in a very diverse area so that workplace was very diverse. I got to witness and experience a diverse range of hate. A lot of that hate was subtle to the point where it was easy to mistake it was a playful joke.

It was COVID that broke the walls down. Asking these guys who put all their personality into being “men” to care for their community (in this specific case, their coworkers) was taken as a personal attack and so they stopped being subtle with their hate. Standing back and reflecting, it was always hate. They were holding back because they didn’t feel embowered to speak their hate before COVID and the changes it brought.

Some guys absolutely hated that one project manager was a woman and had to take instructions from her. All the Chinese people were hated on because of COVID. So many guys were clearly threatened by the one openly gay guy working there even though the dude was minding his own business in the shipping department.

I have had so many guys attack the quality of my work but it was never about the quality of my work. It was because I worked by myself without their help, I worked efficiently because I focused on one task at a time, I put attention into the presentation of my work and because I was able to put boundaries down when it came to dealing with authority. It took me zero effort to make them feel insecure about themselves. Unsurprisingly, they lashed out at me.

That workplace was so toxic. I could live a healthier life in the wilds of Chernobyl compared to being there. I’m glad I kicked over the flaming garbage can on the way out.

I used to work in the trades. So many guys made a huge display of themselves to prove they were “men.” Often that included hate. They hated women, queer people, younger people, people from different backgrounds, people they considered beneath them or people who were brave enough to be their true selves.

They made all their insecurities everyone elses problem. It was easy to identity their insecurities because they were so simple and basic that whatever they complained about was actually a huge insight into how they viewed the world. If they complained about women being whiny, emotional and manipulative, it’s because that’s how they acted themselves. How else would they know intimately know about what it is to be whiney, emotional and manipulative?

I had to quit the trades and my apprenticeship. I received so much hate and they were all convinced I was gay and hated me for the assumption they made about me. It’s so strange that they focused on my sexuality when I never spoke word of it to any of them. Even stranger that they went straight for the gay thoughts immediately. Well… Maybe not that strange…

Since last time, I’ve finally learned how to make rootless podman work on Alpine Linux and it’s been pretty smooth so far.

My Pi4 is quietly running HomeAssistant and I like to leave that untouched so I don’t have to worry about pooping in the dark. I learned that the container requires root in order to access the Zigbee USB dongle through dbus so I can’t really run it as a rootless container. It’s not web facing so it’s locked down to my local network which is good enough for me.

My Pi5 is finally up and running again. Got a new, shorter domain name, managed to get the TLS set up in one go with Caddy which was nice. Right now I just have a bunch of wiki’s hosted with Kiwix and a file server using Caddy.

I’m putting the final touches on my series of scripts I wrote meant for automating backups. rTransfer for the actual backup, remoff for rotating backups (I plan to keep 1 backup a week, over a months time), and containers-util(work in progress) to automatically start and stop containers in preparation for a backup.

A bit crazy but I’ve been working on this whole backup process on and off for about a year now. It’s all POSIX portable except for a few commands like rsync and podman. Once I finish the last script, I’ll set up a blog and then my server will be secure to my liking and very low maintenance (my keep-alive script I also wrote has been working better than expected).

I also wrote a Dynamic MOTD script which updates /etc/motd with some basic information about the machine so I can get a quick look at the machine I’m ssh’ing into. I’m quite happy with how it turned out too.

I’ve been trying to use as few programs as possible and building my own when I can. It’s been quite the adventure this past year and a bit.

Uh… I didn’t even get a chance to learn the game

I do the same too. I even made my own very adaptable rsync based tool. The biggest feature is that it can automatically swap source and destination paths to quickly reverse the transfer direction. That makes syncing in either direction far less annoying than having an endless list of aliases.

Syncthing, nextcloud and any other bidirectional transfer service has been an awful experience. What I lose in bi-directinal transfers, I gain in stability and consistency by just using rsync commands directly. I don’t have to deal with the headache of troubleshooting every time syncthing or nextcloud decides to stop working because I sat down to relax.

It’s actually a plug in power outlet that plugs into a dual outlet box. It’s a snug fit so it’s able to hold all the extra weight surprisingly well.

It’s hard to see but I made a hook with the cable wrap holding the Pi5 and it hooks onto the cable wrap that goes the top of the quad outlet. That top cable wrap won’t slide down because I have two USB cables holding it in position. I designed it so I can easily detach it in case I need to do anything with the Pi5 or it’s hard drive.

I tried really hard to balance the Pi5 but the grey ethernet cable has too much weight so that’s the best I could do. I think I did a pretty good job all things considered :)

My little Raspberry Pi 5 with an old 1tb Hard drive connected to a WiFi extender. It ain’t much but I like it.

I used to work in automation as an electrician so I’m all about those coils and curves.

I keep everything I do as minimal as possible.

Everything is documented using either sh scripts or markdown style plain text files. If I need anything more than that, I’m over complicating things for my brain.

The upside to this approach is that it works anywhere because it’s all just text files and it’s very tiny in size. I am more interested in making low-power/low-spec things work so less is appropriate.

I have lots of scripts and aliases since I run a very mininal setup.

The aliases are automatically set when I start a new shell and I have a shortcut command to cat the alias file so I can quickly view what aliases and functions I have saved.

I also have a folder that contains all my notes and scripts. It’s all organized and it acts as a staging area before I move any scripts to the proper location or device.

I found a hobby in writing scripts. I’ve been spending a lot of time writing my own backup system that uses rsync and it’s nearing completion which I’m excited about. It’s been something I’ve been working building on and off since the new year began.

I used to work in automation within the auto industry. Once I became aware of the damage I was doing by being an enabler, that shit began to eat away at my mental health. I knew I had to make an exit plan when all of my day dreams while working there involved Molotov cocktails.

I don’t envy anyone who has to deal with that kind of mental load. Knowing the harm you’re causing while wanting the opposite but still needing to survive the next day, week or month.

I’m currently in the process of setting up my home server again but this was basically my setup before. Alpine Linux + SSH + Docker and I kept everything to a minimum.

This time I’m setting up rootless Podman in place of Docker and as of today the switch over is complete.

I’m thinking of trying to use wireguard as a way to secure my ssh port but I’m still trying to learn and figure out if that’s possible.

With all the security and trust issues hitting the self-hosting headlines, less and simple is completely fine with me.

For blogs I found two interesting projects that are super minimal. BashWrite uses only bash and sed commands but it seems to be no longer under development.

Another bash script that seems to have more development activity is BSSG. This one requires a markdown processor such as cmark or pandoc but it’s still quite minimal.

I love minimalism and writing scripts so these two projects really interest me.

I run a super minimal setup for my server and home network devices but I still like to see how the self-hosting scene is evolving. It’s changed so much in the last year alone.

I think one reason why I choose to run such a minimal setup is because there’s so many trust issues that seem to be developing over time with so many different projects. At the very least, every weekly newsletter keeps me inspired to keep creating my own projects.

Recently I just finished writing my own back up system including rotating out old backups using only rsync and POSIX portable shell commands. I wrote the scripts to be adaptable to many uses outside of just backups so I am really proud of how they turned out.

My next self-hosting project is something far more absurd and I’m excited to start developing it.

I run Alpine Linux on my laptop and two Raspberry Pi’s. I also have Linux Mint DE on my laptop but that’s exclusively for steam games. I also have GrapheneOS with Termux on my android phone.

Alpine on my laptop uses Sway as my desktop and it’s where I do all my coding and self hosting work. It’s also where I spend most of my time.

My Raspberry Pi 4 exclusively runs HomeAssistant and it doesn’t get touched unless I’m doing an update or making a backup.

I have a Pi 5 that’s going to be used to host a server. I’m just doing some background learning and setting up before I start hosting again. It should go a lot quicker and smoother this time because I set up my computer and HomeAssistant up in a standardized way. I tried to make as many files and folders as similar as possible so I have less differences to sort out from one machine to the next.

It’s feels a lot easier to manage for me.