I'm sorry that my attempt to find out what you want to be able to provide useful help annoyed you.
rentar42
joined 1 year ago
Without any text it's really hard to guess what you want and that's why you get so many different answers.
Do you want to
- host a copy of wikipedia for yourself locally? Then download the database from https://en.wikipedia.org/wiki/Wikipedia:Database_download (thanks zygo_histo_morpheus) and the sofware from https://www.mediawiki.org and get going. Both are freely available
- host a site that works like wikipedia but doesn't contain its content, but your own? Just use MediaWiki.
- host a wiki, but not necessarily the one that powers wikipedia? Then pick one from https://github.com/awesome-selfhosted/awesome-selfhosted?tab=readme-ov-file#wikis
Note that I suspect you actually want the third one, in which case I suggest you avoid MediaWiki. Not because it's bad, but because it's almost certainly overkill for your use-case and there's way simpler, easier-to-setup-and-maintain systems with fewer moving parts out there.
Increase the attack surface compared to what? If you don't allow/enable any access to services inside your network from outside, then by definition you have fewer attack surfaces than if you add a VPN to that empty list.
So trivially the answer is "yes, it adds an attack surface".
But what are the alternatives? If you directly expose each individual service on a dedicated port, for example, then you'd add many more (and usually less well hardened) attack surfaces instead.
So if the comparison is "expose 5 web-based services directly" vs. "expose one VPN like wireguard", then the second option is almost always the clear winner when it comes to security (and frequently also when it comes to ease of setup as well as comfort).
This isn't specific to just netdata, but I frequently find projects that have some feature provided via their cloud offering and then say "but you can also do it locally" and gesture vaguely at some half-written docs that don't really help.
It makes sense for them, since one of those is how they make money and the other is how they loose cloud customers, but it's still annoying.
Shoutout to healthcheck.io who seem to provide both nice cloud offerings and a fully-fledged server with good documentation.
I've not found a good solution for actual constant monitoring and I'll be following this thread, but I have a similar/related item: I use healthcheck.io (specifically a self-hosted instance) to verify all my cron jobs (backups, syncs, ...) are working correctly. Often even more involved monitoring solutions do not cover that area (and it can be quite terrible if it goes wrong), so I think it'll be a good addition to most of these.
At a big enough LAN even just getting everyone to change that setting is probably harder than setting up a central cache. Don't underestimate the amount of people that listen to instructions, say sure and then just either not do it, or fail to do it correctly.
USB SATA controllers are also very hit-and-miss. There's plenty of really, really bad ones out there. Either missing features, slow, getting hot or all of the above. If you found one that works well, good for you, but I'd avoid most noname brands, unless I had specific knowledge about the product or the very least the chipset they use.
That example makes sense to me, because it's an alternative to something like hosting a blog on some third party site: generate it statically and host the result somewhere.
I've got the same setup! What I love about authentik is that I can even add a Google login as an authentication method. That severely increases the spouse-acceptance factor, as they don't have to "remember yet another password" or "carry around another thingie". Personally I use a YubiKey anyway, but for others who aren't into it "for fun" or for philosophical reasons reducing the friction as much as possible is paramount.
That's a great answer if one already has a NAS (which is not unlikely, given the name of the community). But if that's not already present (or desired for other reason) then a simple media-PC with some built-in storage is simpler to set up.
I suggest to avoid the temptation to get one of the many cheap Android boxen meant for media playback from Ali Express or the like, as they have a strong tendency to be heavily loaded with malware. Definitely not all of them, but it's really hard to tell which specific one you'll get.
Oh, I'm 100% there with you on syntax. But having multiple pieces of software that support the same syntax seems useful.
Personally I've turned into more markdown kind of person rather than the traditional wiki syntax. And at least that one gained some level of standardization over time ...