It is, but you are free to switch at any time provider, there is no technological lock in like with cloudflare or tailscale (i know there is a free self hostable version, not talking about that).

So just rent a new one and switch your wireguard there.

I had good experiences 10y ago with amazon “white labels” mechanical drives… But its aneddotical and didn’t go with amazon for my sdds anyway.

I could upgrade my requirements to server grade, but not the budget, so I would say the driving factor is budget :)

Hand me a bunch of server grade ssds for the price of consumer and I would gladly install them.

Very interesting, thanks…

At least ssds are much less hot and lot quieter than mechanical drives, and in a home, not chilled, and not isolated environment means even more than power consumption to me.

Edit: my 4 x 4tb ssds anyway are much less power hungry than the 2x6Tb spinning drives they replaced, so much that my overall server consumption dropped significantly in my home assistant readings (via ZigBee power meter).

I usually pick the cheapest of a brand I trust. Kingston atm for my ssds.

Don’t care, even the crappiest is way faster than what I need plus less energy hungry than mechanicals.

I focus on size, buy the biggest I can afford according to the raid level I need. Currently have 4 x 4Tb Kingston ssds in RAID5.

Edit: don’t buy ssds on aliexpress, don’t go that cheap… Go cheap like buy consumer level stuff not server grade stuff, but still from reputable sellers and brands.

Yeah, would be great to buy server grade stuff, but I don’t have a server grade budget.

Bad example, you picked a reserved range that confused me :)

You can with srv DNS records. I never tested if browser do honor that or just go to port 443 anyway.

Create the subdomains and have them all point to your PUBLIC IP (10.172… But keep in mind 10… Are -not- public ip)

You will need to setup redirect from your router/gateway to your internal ip.

Unless you are on cg-nat (that would explain a 10… class ip) in that case, you will definitely need a real public static ip

To “match” the various ports all to 443, you will need a reverse proxy, since those ports are not standard. This could be mitigated with srv DNS records, but I really strongly suggest not to go public without https and reverse proxy.

This, but I prefer nginx.

And no real need for tailscale or cloudflare. If you do not like to depend on a third party service, either port forward and ddns or an external vps+wire guard if you have gcnat

I would do it. Its fun…

Will you mess up? Yes. Who cares, Do it, just ensure its data you can lose no worries.

I would host on a vps, just to keep you home safe from swat raids (assuming you in the us, other nations should be safe).

Link doesn’t seems to point to a product

I know, what a pity

On Conduwuit here… Synapse is a PITA.

Podman works with nft, not iptables. Ufw iirc uses iptables (iptables can work as a subset of nft, so there is that too).

Try a different firewall tool, or use nft directly

If your containers are bound to 127.0.0.1 and you only have a reverse proxy on 443, you probably don’t even really need a firewall.

Run rootless podman and segregate each container stack on its own network, podman will take care of it for you.

Yes, something like that. A non profit foundation would be mandatory.

Yeah, that is something I keep thinking. I need a way to keep all that working somehow.

Maybe a foundation, to keep personal data for future research scope, or general knowledge. Its sad that all that will go to waste.

I see you are on Lemmy.world, keep in mind self hosting your Lemmy will bypass the heavy censorship going on on Lemmy.world in terms of defederation.

For example another great community and very active is the pirate community on db0, which is banned on your current instance. And not the only one.

Not that “alternatively young” but the difference is slight here.

Yeah I self host my Lemmy because why not? As well I self host my matrix with bridges to all main chat closed ecosystems because why not?

At least my descendants will own all my comments and posts.

And I also host (not at home, but on vps) my email because why not.

Do you really need any other reason to?

Also, Lemmy rocks, this community is one of the best and more active.

You can edit your posts, you know :)

You don’t. Providing you have an upstream gateway that do the firewall for you, provided you don’t have an open WiFi, provided you use a reverse proxy, provided you have sane network settings all around, provided you run linux(or similar).

Even better if you are behind CGNAT.

Provided you know what you are doing.

On the other hand, setting up a firewall in a safe way is no easy task either.

I use an opnSense on top of my home network, given all the above “provided”.

Before that, I never run a firewall and never had an issue. Always being cg-nat tough.