hello hi, post with questions about sysadmining
so, I'm wanting to get more into selfhosting my own services (namely, stuff like Nitter and whatnot), but I'm also going to be going off to university in a few months.
in the event that I want to use my own hardware for hosting, how viable is it to remotely use said hardware to its fullest extent? alright, I can ssh into the machine name:ip address, that's cool. what if my power goes out (there's probably tools to automatically turn stuff on upon getting power, but still)? what if my home IP address changes? how would I go about attaching a domain name to my home IP address such that I can prevent that second issue? how would I go about managing *security* on the server? should I just cave and use a VPS?
all these questions and more that I have about sysadmining, and I hope to have them answered by the time I, well, go off to uni. If anyone has experience in this exact kind of sysadmining, I'd appreciate if I could get clarification on this topic
@Yoshi I can say that I would recommend Tailscale for remote accessing the machines, since they live on their own virtual subnet so you don't really need to worry about public IP changes (but you can get around this with dyndns or similar, where your machine just pings a remote service that keeps track of the originating IP). Automatic power-on is fortunately something I haven't needed to think about because I mostly self host with Pis. Security wise, Tailscale-bound SSH IP or fail2ban at least.
@arch well, the power issue isn't a problem then since I also plan to mainly use Pis (they can do that? neat!)
tailscale does look like a promising solution to that dynamic ip thingy (though I might look into a more "stock" or "standalone" dyndns thingy first since that seems like a smaller solution), and fail2ban looks like the solution to the one thing I was mainly concerned about security-wise haha thanks for the pointers!
(also, completely and utterly unrelated, but you're working on stuff for Furality? that's awesome)
@Yoshi Thanks! I work on the infrastructure side of things :3
Yep, Pis auto-power on when connected to power, which is handy. In terms of dynamic DNS, some aftermarket routers have this capability natively. It's relatively trivial to set up your own with a function-as-a-service provider (e.g CloudFlare Workers), but managed solutions are fairly common as well (can't think of any to recommend off the top of my head).
SSH-wise, fail2ban + disabling password and root login will get you far.
@Yoshi Ayy I was about to point out a lot of mobos have auto-power-on-after-unexpected-power-loss features, like the amd Mobo my PC uses has it in the BIOS.
@orangestar1 if this is a thing in most mobos as a whole then I might be able to use those shitty spare PC parts that you know I have to host stuff
@Yoshi you would need a static IP address or otherwise utilize a dynamic DNS service/solution. you would also need to make sure that your ISP allows port forwarding of the ports that you want to use (lots of ISPs block forwarding ports 80/443, for example). those are probably the biggest issues right there: static IP and port forwardng. then you need to check bandwidth (up+down speeds).
the solution i ended up using was finding a local colocation center to rent hosting space for my hardware.
@sevenonetwo unfortunately, there are quite literally zero colocation centers within a multi-hundred mile radius from my area, so that's off the table
I'd need to check if my ISP blocks port 80 later today, as I'm about to go somewhere. I don't *think* it does, but it's good to be sure
for now, I'll take what @arch said and leave that in the back of my mind, then just see what I can do when I, well actually /get/ the hardware for hosting and time to set stuff up
We are a general-purpose Mastodon instance focused mainly on gaming, tech, and posting whatever! Come join the Scuttlebug jamboree!