I recently became interessted in learning about static site generators. So I decided to start a little 11ty blog, in which I teach people, who are new to self-hosting, how to securely set up their own server with Ubuntu and Docker.
For now, I’ve got my Beginners Guide series as well as a more detailed introduction to SSH and its features. I plan to eventually write down all I’ve learned about self-hosting in the past 20 years.
Hope it ends up being helpful for some of you.
I have wanted to self host ever since I joined the fediverse 5 years ago. Always ends up with one or another error message that I cant get through. But I might give this a chance.
One thing I wish I knew earlier is the “man” command to display the documentation of a command.
Hahahaha what a joke!!
Talks about Selfhosting - Run blog on Netlify aka AWS SaaS
Practice what you preach.
Thank you for your very helpful and friendly criticism. I temporarily used Netlify, because I haven’t gotten around to program a proper deploy script for my Forgejo git repo.
You could just rsync it over and let apache/caddy/nginx handle it. We developers make everything complicated before it’s necessary.
What was your thought process on publishing a blog post abut local hosting on your aws website? 🤡
Practice what you preach.
freeing yourself from your dependance on big corporations
Setting up a VPS with Ubuntu Server
This shouldn’t exist in the same article lol. You will just end up paying in subscriptions anyways while at the same time maintaining all the stacks — that too on Ubuntu where some articles will become useless after a few updates. Even 10$ a month will result in $120 every year — which can buy you a half decent second hand PC or a new Mini PC. You won’t even own your data when you rent a VPS.
You will end up saving a lot more by self hosting on your own hardware with vanilla Debian and be more independent at the same time. You will only need a VPS if you want to self-host your own reverse tunnel like Pangolin or FRP.
The amount of baseless Ubuntu Server hate in this sub is pretty sad. I’ve used Ubuntu Server, without any problems, for more than a decade. And at no point where there any significant changes to the way things are done. So I really think your comment about articles becoming useless has no basis in reality.
As for using your own hardware. Nothing in this guide necessarily requires a VPS. And you seem to completely ignore the upkeep and electricity costs of having your own hardware at home.
Not to mention the convenience of a public IP, which is something not every ISP around the world offers. And yes, you can use a dynamic DNS provider to get around that, but then you publish your private IP onto the entire internet.
The guide was focused on being as simple and convenient as possible, with the target audience being absolute beginners to self-hosting. If it doesn’t speak to you, feel free to write your own.
I’ve used Ubuntu Server, without any problems
If it works for you then great. But it doesn’t stand with your goal of Corporate Independence and Willingness to Learn — Given that it is slightly easier to setup than Vanilla Debian. But at the end of the day it is just Corporate Debian with more up-to date packages but overall less stable than Vanilla Debian.
upkeep and electricity costs of having your own hardware at home
It really won’t be much unless you’re gonna go for extremely beefy hardware like for Jellyfin hosting hundreds of newer codec 4k files with HDR and shit with dozens of users or some LLM — which anyways still would be cheaper than renting a VPS. Otherwise even a Raspberry Pi can do a decent job or even a mini pc (with something like Intel N100) which draws less power than a Mobile Phone charger. It also aligns with the idea of beginner friendly setup than using a VPS which half the people will even skip reading the Terms & Conditions and Privacy Policies. So hosting something like Immich or Nextcloud, which is not encrypted at rest, is pretty much available for the VPS provider at instant.
convenience of a public IP
You don’t need a public IP to self-host. A beginner should start with private at first, learn from there and gain and grow otherwise it can lead to security risks — e.g you have mentioned to self-host Immich which doesn’t have any native 2FA. The self-hoster then will have to know about SSO based logins to secure instances like these.
use a dynamic DNS provider to get around
You also have Cloudflare Tunnel, Tailscale. Or you can use a 5$/month VPS in this instance to self-host Pangolin with Crowdsec for public access and block malicious or suspicious IPs. All of these options will mask your real public IP.
The guide was focused on being as simple and convenient as possible, with the target audience being absolute beginners
Ok but this asks for a lot of upfront investment. You don’t need to buy a domain or a VPS as a beginner (or even a mini PC as I mentioned). Just start with a PC or a Laptop you already own. Host the service and access it via private IPs instead of handholding them to copy and paste commands, configs and compose files from the internet (although you do have mentioned official documentation so kudos for that) just for the convenience of public access. A lot of people don’t know the 3-2-1 backup rule. One error might wipe off their entire Immich Library, Password Vaults or important documents in Nextcloud.
This is cool keep it up
Personally I strongly recommend Debian over Ubuntu.
Personally I would recommend Proxmox. It’s a debian based distro for hosting containers and virtual machines
+1 for ProxMox.
I have that running and it’s pretty easy to work with
And what OS do you implement there? Debian? :p
Yes, as I said it’s a debian base. But Proxmox is built for servers and using it to host and share containers or virtual machines is super simple. Especially with the community helper scripts that can set up different self-hosting projects within minutes with minimal tinkering.
Sorry I think I forgot to write the word.
What do you use as your guest OS? Debian? :pIt depends on the project/container. Some containers run Debian, some Alpine, some Ubuntu. I mostly rely on the community scripts from here and use the defaults.
https://community-scripts.github.io/ProxmoxVE/
I guess everything that supports containers, QEMU and KVM is compatible to use as a guest OS in Proxmox.
What about Mint /s
But Mint though :-)
This +1 because just an upvote didn’t feel strong enough
Why is that, if I may ask? I’ve used both for years and personally I find Ubuntu has fewer footguns for a new user, and an easisr upgrade process.
I prefer Debian’s community-driven governance model, the higher degree of freedom over the system and lack of preinstalled software that I neither need nor want, and the quiet stability that Debian offers.
I also have just not liked Ubuntu’s decisions over the years. Little things that piled up like the Unity stuff a few years back (or I guess almost a decade at this point), the forced inclusion of snapd, that time they said they wouldn’t offer 32-bit libraries, the little message advertising Ubuntu Pro in the shell.
I’ve always felt like Debian is happy to just get out of the way and let you use it how you want to use it. That control is what I look for in a distro. What you call “footguns” are to me just more options for control.
For me the footguns in debian have been an unintuitive upgrade process that lets you break things, and configurations/software that don’t work well out of the box without user knowledge and intervention. But for my server, Debian has been very nice and lightweight.
Even though Ubuntu is not always pure good the way that Debian is (remember when they had Amazon advertisements and search integrated into the desktop), and minor annoyances like the apt advert are annoying, but they offer an amount of stability and ease of use that I think earns the nickname “preconfigured Debian”
Debian’s footguns are better documented and are generally there for good reason. Ubuntu’s footguns are there because “fuck the user”.
Yeah, I don’t know anything about self-hosting, but I’ve recently been working on switching from Windows 10 to Linux and I’ve been really enjoying Kubuntu so far.
Whille I agree, when it comes to the Ubuntu Desktop, their Server OS has been a stable, reliable and well supported system for me.
Ubuntu and Docker.
Really? Netplan alone disqualifies Ubuntu as a “friendly stable starter distro”, and I can guarantee you that your guide will somehow become outdated with a single new Ubuntu release, or some poor soul who accidentally selected an LTS release.
Docker doesn’t matter as much, but there’s a reason beyond just FOSS licensing why podman exists.
Would highly recommend Debian instead.
I started on Ubuntu similar to this many years ago and both the server and desktop experience was not fun at all.
Whats wrong with netplan? Has worked great in my experience.
Netplan alone disqualifies Ubuntu as a “friendly stable starter distro”
OP didnt mention anything about stability. Just ease of use.
Whats wrong with netplan? Has worked great in my experience.
Neither did I? Yaml defined networking is incredibly easy to use.
Has worked great in my experience.
I read your comment as implication as either hard to use or unstable.
Honestly, I’m not sure how you get “hard to use” from “worked great”
As someone who manages a mail server, new debian releases have the same effect.
If you want to avoid this, use a rolling release distro.
I think you are conflating desktop Ubuntu with Ubuntu Server. On a server, you absolutly want a stable, long supported LTS version.
I’ve been hosting on Ubuntu Server for over 10 years now, and at no point were any packages required to keep it up to date and running outdated.
The problem is when you upgrade
You mean from one LTS to the next? It’s been a while, but as far as I remember, it worked fine on my last server (22.04 to 24.04).
And even if something doesn’t work, I can have all my stuff spun up on a new server in less than an hour. But that, of course, depends on the amount of data you host.
I’d say that docker is still more user friendly than podman
In the future that may change but right now podman is still green
In which way do you find podman hard?
It isn’t necessarily hard. However, it has some quirks and isn’t as well documented online.
That makes me very odd, I started with mandrake. Got very frustrated with the hand holding and moved to Debian, I’m not touching Ubuntu with a 10 foot clown pole.
Who in their right mind uses yaml for network config?
Avoiding eye contact while glancing at traefik and authelia
I wrestled with whether or not I should be that guy, but self-hosting by definition generally means everything down to the bare metal, i.e. not a VPS.
I can understand how the term could apply to the broader definition of running your own services on managed infrastructure, but it seems odd not to make that distinction in a beginners guide.
Making the term self hosting exclusive to running stuff at home feels unnecessarily elitist. Not everyone has the space, bandwidth or family approval to run stuff at home.
You can have the term homelab if you wantRight, I self-host email and have done for ten years or more, but I don’t do it out of a server at home. Does my Postfix not count as selfhosting any more?
Hmmm, definitely a grey area in my mind especially with the definition of “host”. The host is where the software lives and that isn’t yours. Maybe self-managed?
I’m ambivalent as to who uses the term and how, but a deviation from the general consensus of its definition might cause confusion for newcomers to the field who can’t make the distinction. That said, I enjoyed OPs post and appreciate the time they put into it.
Homelab on the other hand is not synonymous with self-hosted infrastructure and services, as its intended use is not for production workloads.
I see your point. But to me, self-hosting just means being responsible for the server and services and not necessarily having my own hardware server at home. And just calling it hosting is too broad a definition for me. And at the end of the day, the guide works just as well for your own hardware or a VM, as it does for a VPS.
Hell yeah. Looking forward to more to pass on to future self-hosters!
Awesome, thanks OP!
Awesome to read. Thank you. Also, your images aren’t loading for me.
Thanks, glad you liked it.
Yeah, I know that the images are borked. But it’s pretty late here and I was too lazy to fix it. I’ll fix it tomorrow.
I get that. Sometimes there are things for another day. I hope you get a good nights rest
You should check out the official 11ty images plugin if you haven’t already. Itll generate multiple sizes for your output. Its the best feature imo.
Took me an embarrassing amount of time to realize my mistake. I forgot to actually use the npx @11ty/eleventy build command instead of always relying on npx @11ty/eleventy --serve. Now the images are properly linked and transformed / optimized.
Nice guide, thank you!
This 11ty sounds like a nice off the shelf solution to getting a blog started, which I want to do, but how to allow comments? I guess I’m asking what’s everyone around here solution for comments
I have been pleased with giscus on my blog (http://roguesecurity.dev/ ) Its powered via github discussions.
I think I want to do a coding / dev blog and hope that some comments help me explore other ways to write code that’s why I’m thinking of allowing comments. Thoughts on this? Also, discus might work. Thank!
Can’t really help you there, since comments were never a consideration for me. They would add an unneeded amount of moderation, and potential threat, to my blog.
I think I want to do a coding / dev blog and hope that some comments help me explore other ways to write code that’s why I’m thinking of allowing comments. Thoughts?
I love 11ty, I build my blog with it.
Yeah, took me a while to get the hang with Nunjucks, which I had never heard of or used before. But once I got it all properly set up, it was super simple and easy. I’ll definetly write a guide to it too, eventually.
For getting your stuff available over the internet, y I recommend a secure tunnel with wire guard between your vps and servers running the services.
Make your vps an authentication portal using stuff like Authelia and Fail2ban.
If you’re really needing out, get ELK stood up for free and get agents on your containers/services to keep visibility into any potential… Anything
I’ve personally never found the need to do that. If you follow basic security guidelines and keep your server os and the docker service up-to-date, there really isn’t any real threat.
Though I have heard of Authelia before and was interested in reading up on SSO, one of these days.
