this post was submitted on 19 Dec 2025
32 points (100.0% liked)

Selfhosted

53767 readers
499 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
32
Setting up VPS (finally) (lemmy.world)
submitted 15 hours ago* (last edited 15 hours ago) by d00phy@lemmy.world to c/selfhosted@lemmy.world
15 comments fedilink hide all child comments
 

For awhile I've liked the idea of using a VPS for "critical" services. Currently looking at running:

  • Authentik
  • Komodo (with periphery agents on local boxes)
  • Uptime Kuma
  • NTFY
  • Panglolin (or Cosmos Cloud?)

So, first of all, to folks already using a VPS, do you think it's worth it? Do you think I'm missing anything? Happy to discuss/research alternatives, too. I've thought about TinyAyuth+PocketID in place of Authentik. While I think Authentik is probably more complex (and likely overkill), it's a single solution. That said, I haven't played with TinyAuth/PockedID.

Second, I was pretty interested in Pangolin until I saw Cosmos Cloud mentioned elsewhere. It seems like it actually ticks a lot of boxes:

  • Built-in authentication
  • Reverse Proxy
  • VPN (At least for local-to-VPS connection, but possibly also for external clients?)
  • Docker management(?): They have an "app store" that's all docker images, so there's some docker capability built-in. Not sure yet if it can handle multiple hosts like Komodo.
  • DNS (I would still keep at least 1 local pi-hole instance)

Looking at the doc for chaining proxies and hiding IP, here, it mentions creating an A record for services hosted on a different server. I'm curious to know if this means Cosmos will only manage DNS for services hosted on the same box. Honestly this seems kind of odd, unless I'm misunderstanding how proxy servers work.

Anyway, I know this was a bit of a meandering post. Curious to know thoughts on my original plan, but also if anyone has played with Cosmos, I'd like to hear your thoughts.

Lastly: This morning, I found this interesting write-up to manage container updates using Forgejo, Renovate, and Komodo. Another rabbit hole to explore!

EDITS:

  • Spelling
you are viewing a single comment's thread
view the rest of the comments
[–] dentacle@bookwyr.me 7 points 11 hours ago (6 children)

I like what you are doing, but I want to tell a little story for educational purposes:

Once there was an IT pro (like in "it's their job to do stuff like that for money, but with a team and funds") who thought he's smarter than the internet and started selfhosting on a VPS for the family. Nothing dramatic, just some nextcloud stuff and games for the kids. Everything was secure and always up-to-date, backups to multiple locations, the works.

This worked for years, but one night Mr. Smartypants made a tiny config change that needed to be reversed for full security. But he forgot about it. And it took only 3 hours for a bad actor to exfil all data and burn the VPS to the ground. And that was before AI started to roam the web...

You get the idea: you can do everything right, but then you will make that one tiny mistake or forget an update. With the internet at its actual state you can asume all your data will be compromised or gone at some point. Just make sure that's ok for you.

[–] d00phy@lemmy.world 2 points 10 hours ago (1 children)

NGL, it’s scary! I still haven’t put anything of consequence on the VPS. Right now, I have everything on 1 system going through swag. I’ve long been a proponent of not fixing what isn’t broken, so I might look for a way to scale my current setup to more than the one system.

I host a couple of small services for more than just me, but I have no plans to provide any cloud services to anyone else but my wife (if she wants).

Thanks for the story, though. Sorry you went through that. I’ve been lucky so far. I’m hoping things stay that way, but obviously trying to plan for when they don’t!

[–] dentacle@bookwyr.me 4 points 10 hours ago* (last edited 10 hours ago)

Sorry you went through that.

Me? Who said that was me? I never said that. How rude. Nothing like that could ever happen to a brilliant guy like me. No, you shut up!

I still haven’t put anything of consequence on the VPS

Maybe keep it that way? It's just not worth it in the end. If you just want to play with new tech on a VPS, have at it. But maybe without important data, and make sure to tell every user of your services about the risks. Because in the end, you are responsible. You are not Microsoft, a company that was never held accountable for billions in corporate damages through cyber-securitty bullshit.

load more comments (4 replies)