A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Get your own domain, find a free DNS service that provides an API, and it becomes a simple matter of updating a DNS A record whenever your IP changes.
Here's a starting point: https://community.letsencrypt.org/t/dns-providers-who-easily-integrate-with-lets-encrypt-dns-validation/86438
Don't use a DynamicDNS service, they're usually crap and they make you depend on a domain you don't own.
Self hosting doesn't mean you should host everything yourself at home, using a VPS you manage (so the data inside it is still yours) is also a viable option for selfhosting. I myself host some services at home and a few others in a VPS.
As for Dyndns, I've used a few providers over the years. DuckDNS is the one I've been using for 5 years or so and it's not failed me once. Pretty happy with it.
Maybe you could have a duckdns pointing to your dynamic IP and your domains / subdomains with a CNAME pointing to the dyndns address?
Since you run already OpenWrt, you can check out https://openwrt.org/docs/guide-user/services/ddns/client
There is a list on this page of compatible services. If you don't want to use one more service (DNS), you can use a domain registrar with an API (like porkbun) and find online tools that work with that.
Be aware of the risks of hosting your websites publicly from home, make sure to run them in very isolated environments. Having your VPS compromised is bad, but having your home network compromised is much worse!
Be aware of the risks of hosting your websites publicly from home, make sure to run them in very isolated environments. Having your VPS compromised is bad, but having your home network compromised is much worse!
Agree - Not something I will throw myself into.
I use afraid.org to keep my dynamic dns pointed at my routers ip. With afraid.org dns you only need a curl statement scheduled on the open~~dns~~wrt router to keep the dynamic ip updated.
Afraid.org gives you subdomains on other people's domains, who can decide to stop letting you use them at any moment.
Yeah, you don't have to share yours if you don't want to.
I was assuming that you don't own a domain. If you do why would you use Afraid? There are lots of reliable DNS services to choose from and you can have interface and features that aren't frozen in 1995.
I own a lot of domains. Why would I want to run my own DNS when I can use a simple uncomplicated system that is time proven and reliable. They could of course set it up with a fisher price interface for thumb suckers who need flash. What feature do you need beyond standard records and a simple dynamic feature? The price isn't that bad either.
You don't run your own DNS, they are services hosted by someone else, just like Afraid. The difference, on top of the interface, is that they support modern record types, they have redundant servers all over the world, there's a team working on them instead of just one guy, they have APIs that can let you manage your many domains easier, they have zone backup and restore etc.
I've used Afraid too, back when I was starting out and didn't know any better, but once I've seen some of the other services out there I've never looked back. You'll never know what extra features you could want if your current service doesn't offer you any.
You don't think you can run your own DNS? Currently I'm using local bind server at work to filter using commercial blocklists. It forwards all windows domain queries to the local AD servers DNS ensuring all internal windows related domains function normally. The external DNS queries though goes through bind and doesn't care about anything except the root servers. I have firewall rules in place that prevent anyone from using any other DNS. Even DNS over TLS traffic is diverted to my DNS or blocked. It doesn't rely on anything or any other organization other than the root servers.
In the twenty something years I've used afraid.org for personal use I've had very little down time. I've tried other services many, many times and other than something like cloudflare there is no point in switching. If you don't want to use it, don't. It works just fine and you can't match the price anywhere else. To give you a sense of how many years I've been doing my own DNS I set my first DNS server for a dial up ISP in 95.
Finally, what record types are you referring to not being supported?
what record types are you referring to not being supported?
AFAIK it only supports a small subset of all the types currently in use.
I guess I'll worry about the obscure when its needed for something.
CAA and DNSSEC aren't obscure. I would not even consider managing any domain nowadays without them.
Neither are ALIAS/DNAME/HTTPS, which you'll be running into more and more in the future if you haven't already. You could argue there are multiple competing standards at work there but Afraid doesn't implement any of them.
I'll worry about it when it happens until then its obscure and of no importance.
If anything ever happens that involves [the lack of] DNSSEC or CAA you'll have to buy another domain because the old one will be on every block list.
Go away dude. I get that you have hived down the subject to the point of obsession but I've got websites that have been up for decades and if they go on a blocklist it will be for another reason. Not because of two barely used DNS records. Further if they become required then I'm sure they will be supported.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
| Fewer Letters | More Letters |
|---|---|
| DNS | Domain Name Service/System |
| HTTP | Hypertext Transfer Protocol, the Web |
| HTTPS | HTTP over SSL |
| IP | Internet Protocol |
| SSH | Secure Shell for remote terminal access |
| SSL | Secure Sockets Layer, for transparent encryption |
| TLS | Transport Layer Security, supersedes SSL |
| VPN | Virtual Private Network |
| VPS | Virtual Private Server (opposed to shared hosting) |
| nginx | Popular HTTP server |
9 acronyms in this thread; the most compressed thread commented on today has 8 acronyms.
[Thread #891 for this sub, first seen 27th Jul 2024, 19:35] [FAQ] [Full list] [Contact] [Source code]
VPS with a tunnel between it and home services (Wireguard/Tailscale, etc)in my opinion is Best Way as it isolates your home gateway (no open ports, because you make outbound connections to your VPS), and let VPS handle Identity and Access Management
(Or an equivalent isolating architecture).
Alternatively, Tailscale has a Funnel feature which can route public traffic into your Tailscale network. Though I don't love this approach, it does work for low-volume connections.
+1 for using Tailscale funnel Don't use a lot of resources and easy to setup
You can get super cheap VPSs and use them just as a reverse proxy (with access via VPN). I host 11 servers using one single-core VPS as a reverse proxy. All data resides on premises, in house. I pay 10/yr for VPS. It definitely does not defeat the purpose.
Yeah maybe I need to consider this.
From where can you get a VPS for that price?
Check out low end box. I found coupons for racknerd. I have one VPS that's $10/yr, another that's $18/yr. I've had zero downtime in the 18 months I've used them. No complaints from me. YMMV of course.