Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil.
-
No spam.
-
Posts are to be related to self-hosting.
-
Don't duplicate the full text of your blog or readme if you're providing a link.
-
Submission headline should match the article title.
-
No trolling.
-
Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.
-
AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
People exfiltrating movies from your Jellyfin account sounds harmless until you get a knock on the door from the police asking why you're running a piracy sharing site. Depending on the attacker's level of access, they may also wonder why your server is now serving kiddie fiddling videos. Or maybe the attacker just replaces all your movie metadata images with ones from the Bee Movie.
To me at least, DOS and region locking should come after properly locking down public facing services. They aren't 100% reliable at preventing intrusions.
I'd be surprised if there wasn't a large difference between the power usage of a cpu at rest (like most servers will be) and one at full power. Especially if it had a gpu in it. They certainly sound a lot louder in my experience.
You can never be truly sure how bad a compromised system has been compromised, or even easily detect when it has happened. It could be running as part of a botnet, stealing your credentials or probing your local/mesh network.
In my eyes, competent cybersecurity abilities are an important part of selhosting which seems to fall by the wayside. It's important to know exactly what your server is doing, what is running and who has access. If your system is on the public internet, you have a moral obligation to behave and not have it turn into a botnet or spam machine.
I like your point about power monitoring - that would be an interesting secondary method for alerting to a possible breach, if you have a consistent power-use profile.