this post was submitted on 21 Sep 2024
31 points (94.3% liked)

Self-hosting

2830 readers
1 users here now

Hosting your own services. Preferably at home and on low-power or shared hardware.

Also check out:

founded 2 years ago
MODERATORS
 

Hey guys!

I want to convert my now corebooted Thinkpad T430 into a Nextcloud server and possibly more (Syncthing, maybe Tor, maybe more)

1 500GB SSD, 1 1TB SSD

Currently runs Fedora Kinoite, I could rebase to something like secureblue uCore, Fedora IoT, uBlue uCore, ...

Not sure if those would have broken configs though.

Maybe I would prefer something with slower pace, but tbh the pace of CentOS bootc becoming a thing is quite frustrating. This would likely be the perfect 'install and forget' distro for many, a KDE Image would be there in no time.

I wouldnt want to use a traditional distro, even though a base Debian or AlmaLinux/ Rockylinux (what the hell was that of a hydra? Cut off one head, spawn 2? what are the differences??) could just be fine. I used Debian in the past, it really just works.

I would like

  • Nextcloud AIO docker image, maybe with podman? It is supposedly more secure but the world runs on Docker, and all is fine. Podman is a pain quite often.
  • some nice management like Cockpit
  • dyn DNS, for example with NoIP, best free
  • secure ssh, that should be no issue
  • btrfs? or zfs? with backups to a secondary drive
  • automatic updates with snapshot creation. Atomic system would be easiest here.
  • easy to use and secure reverse proxy, with DynDNS for reliable address on the internet. NGINX, Traefik, Caddy, what is the best here??

Here I am not sure if I should use 1TB + 1TB, or 500GB used and 1TB backup. BTRFS backups can be incremental.

while I made a list of BTRFS tools I still have no idea what the best tool for this job is.

you are viewing a single comment's thread
view the rest of the comments
[–] boredsquirrel 1 points 2 months ago

Yes this is true. That is why a separate method would be needed, to log into and hand the password to the LUKS decrypt of the server.

I heard Debian can do this with ssh in the initramfs?

Sounds like a hella pain of course.

Alternatively I thought about using a security key to unlock, and in scenarios where I am worried about getting hardware stolen, I can pull it out and need to manually enter the password.