Caricature of the author - Kavith
Kavith Kamaraj

My self-hosting experience (so far!)

Published: 03-Jun-2024 | Tags: self-hosting

Note: This article is not a tutorial or a set-up guide. It simply describes my self-hosting journey, makes some recommendations for absolute beginners, and contains links to resources that I found useful.

TLDR; Self-hosting is a fun and liberating hobby. For newbies, I’d recommend:

  1. Starting off by setting up a Pi-hole with any unused hardware.
  2. Not worrying too much about best-practices.
  3. Not exposing anything to the internet.

How I started self-hosting?

I’ve been running Pi-hole on a Raspberry Pi 1 (the OG from 2012!) for the past three years. And, except for that one time where I choked the measly 8GB SD Card by logging every request for a year, things have been smooth sailing.

Once the self-hosting bug bit me with the Pi-hole, I started lurking around on r/selfhosted - this subreddit taught me all about the various services people run on their servers (Nextcloud, Jellyfin, Immich, *Arrs, etc.), and about the different approaches people took to self-hosting (Proxmox, Unraid, Portainer, Synology NAS, CasaOS).

Armed with all that knowledge, when a friend donated her old work laptop to me, I knew exactly what I was going to do with it! Sure, laptops aren’t typically the best self-hosting machines, but this chunky Lenovo ThinkPad x270 (i5-6300U CPU; 8GB RAM; 256GB SSD) with a full-size ethernet port seemed like the perfect starter server for me. I creatively named it dub-server (DUB being the IATA Airport code for Dublin - the city I currently live in)!

My current setup

I first experimented with Proxmox because, well, everyone was raving about it. But I quickly realised it was a bit too complicated for me. So, I decided to stick with a familiar setup: Docker containers running on Ubuntu Server.

Docker

To make Docker container management easy for myself, I chose to use Portainer. Portainer was actually the last container I installed using the Docker CLI. Everything after that was set up using Portainer Stacks, which is basically Portainer’s version of Docker Compose.

While many serious self-hosters prefer reading changelogs and manually updating their images to ensure minimal downtime, I use Watchtower to update my containers automatically. I think the upside of not having to think about updates but always having my services up-to-date outweighs the occasional risk of a service breaking due to an improperly applied update. I’ve been using it for about three months now and have zero complaints.

Here are some of the docker images I use: Homepage, Changedetection.io, Glances, Gluetun, Speedtest-tracker.

Pi-hole

I still have my original Raspberry Pi running Pi-hole on the side, blocking ads, handling DNS, and functioning as a DHCP server. I didn’t retire the device and turn Pi-hole into a containerised service on dub-server because I consider Pi-hole to be a “production” service - as in it’s critical to keep it running 24/ 7. And for now, I consider dub-server “experimental”, so if something breaks on the server, I don’t want us to lose internet connection.

For anyone interested in venturing into the world of running services on your own infrastructure, I’d recommend starting off by setting up a Pi-hole instance on whatever piece of unused hardware you might have lying around. Pi-hole is easy to set-up, rarely causes any problems and gives you a good introduction to hosting a service!

Tailscale

I don’t trust myself enough to expose dub-server to the internet, but I still wanted to access my services when I’m away from my home network, and that’s where Tailscale comes in - it’s an easy to use mesh Virtual Private Network (VPN). I was pleasantly surprised at how quickly Tailscale allowed me to connect all of my personal devices and dub-server, enabling access to my self-hosted services from anywhere in the world!

Tailscale also got me thinking about remote backups and having a secondary server at my parents’ house in Chennai, India. With some help from my dad, I converted my old PC (i5-6600; 8GB RAM; 250GB SSD; 1TB HDD) into a secondary server. It should come as no surprise that I named it maa-server! This server hosts a few services for my parents and also acts as a backup server, albeit a shoddy one at the moment - I’ll explain why in an upcoming section.

Now I can access services on both servers no matter where I am. My flatmates can use the services on dub-server when they’re at home, and similarly, my parents can use the services on maa-server when they’re at home!

Network diagram

A feature of Tailscale that provides me with a sense of security and confidence is ACLs (Access Control Lists) - it lets me precisely control the flow of traffic between all my devices. Here’s how I’ve set up my ACLs:

  1. All personal devices can initiate a connection to everything else on the tailnet.
  2. dub-server can initiate a connection to maa-server, but the reverse isn’t possible.
  3. Both servers cannot initiate a connection to any of my personal devices.

As much as this seems like I’m shilling Tailscale here, my favourite feature is exit nodes - it lets you route your traffic through another device that has been set up as an exit node. I’ve set up both my servers to be exit nodes, thus allowing me to spoof my IP/ location to either Dublin or Chennai without relying on a commercial VPN solution. This setup lets me watch Indian films using my dad’s “premium” Netflix account by routing my traffic via maa-server.

Backup Strategy

Always remember the 3-2-1 rule, kids. A good backup strategy is like insurance - you don’t need it until you need it.

Now that the mandatory PSA is out of the way, here’s my current, somewhat haphazard backup strategy:

  1. Nightly external backup: I’ve a nightly cron job that copies a specific data folder, and my Docker configs and volumes into an external SSD (which is precariously hanging off the side of dub-server [pictured below]).
  2. Manual off-site backup: Every now and then, I manually rsync the same stuff above to maa-server.

Please don’t follow my lead. My procrastination, coupled with the convenient excuse of “my servers are a work in progress” has led me to live life on the edge…literally

dub-server with the external SSD hanging off of it

Future Plans

I believe self-hosting is a continuously evolving hobby, and I’ve barely scratched the surface. So, here’s an ordered list of things I wish to do going forward:

  1. Implement a solid backup strategy
  2. Host critical services like photo and document storage
  3. Give Proxmox another go or try NixOS as the host next time
  4. Get a modern TinyMiniMicro node or upgrade hardware
  5. Think about high availability & disaster recovery
  6. Securely expose some services to the internet

I hope you found that useful or entertaining. If you’ve any comments, suggestions, or just want to say hi - please email me at [email protected]; I love hearing from kind internet strangers! :)