• 0 Posts
  • 12 Comments
Joined 1Y ago
cake
Cake day: Jun 13, 2023

help-circle
rss


Yes, in the sense that you are responsible to update the Docker container and often this can lead to vulnerable containers. No, in the sense that it is much easier to scan for dependencies inside a Docker container and identify vulnerabilities. Also most containers are based on Linux distribution, so those distribute the security fixes for specific libraries. All you have to is update the base image.


Dependency-free doesnt mean they dont have dependencies. Its just that they bundle them all in the executable. When there is a security vulnerability in a library on your Linux system the vendor of your distribution (Canonical, Redhat, SUSE) takes care that it is fixed. All dependent software and libraries are then fixed as well. All I say? Not the ones which have been bundled in the executable. First they need to find out that you are affected and then the maintainer has to update the dependency manually. Often they can only do this after there has been a coordinated release of the fix by the major distributors, which can leave you vulnerable no matter how fast the maintainer is. This is the way it is in Windows. (This was a short summary)


Are you just starting out? I got started with home labbing with a Raspberry Pi 2B (1GB RAM!) and an external HDD I had lying around. I host Yarr, Navidrome, backups and a dashboard app Ive written on there and I am quite satisfied. I would really recommend starting small with hardware you already have and then buy new hardware as you go along. I am also using Tailscale. With this you can get your initial setup up and running in a day and save money if it turns out home labbing isnt for you or you dont really need the hardware.


There is plant-it written in Java and HortusFox written in PHP. Both using MySQL. Is there anything available which is written in Go or Rust and uses SQLite?


I chose Navidrome, with which you can stream music from your hard drive. It has very easy setup and it feels just great to stream your own music. I use Tailscale to connect the server to my phone and Ampery as an iOS app.


Well thats what backups are for, but may be start with a mirror or with unimportant stuff for at least a year ;) Also proprietary service can delete your data, too. This happens especially when you are using the generous free tier and they decide to make more money. See Evernote, Gitlab, Heroku…


It is also very resource efficient. I am running it on a Raspberry Pi 2 and it works flawlessly.


  • Use sqlite instead of Postgres, MariaDB
  • Avoid enterprise software (Kubernetes, Elastic Search)
  • Only use projects with efficient programming languages such as Go, Rust, etc.
  • Try to run things bare metal
  • Lookout for projects which name themself minimal or light-weight

I use a Raspberry Pi 2 to self host a Dashboard written in Rust (Axum), a RSS reader called yarr and a music streaming server Navidrome. The latter two are written in Go and very resource efficient. The electricity bill should be under a Euro a month (6.4W max power consumption).


I‘ve recently started using Tailscale for my home setup and I really can‘t recommend it enough. In my opinion it takes a lot of the dangers regarding IT security out of self hosting. Depending on who you ask it is not true self hosting, but I couldn’t care less :)

With Tailscale you can create a VPN for your devices including your phone and even expose services to the outside world with SSL already setup (havent tried that out, yet)

They have guides/tutorials for a lot of stuff (web server, Minecraft).


Some cruise ships equip Starlink nowadays