Hey guys,

after reading up on selfhosting for weeks now I finally decided to take the plunge today and tried setting up my own nextcloud & jellyfin instances. For this purpose I am using a mini PC. (similiar to an Intel NUC)

Now I would like to make both services available to the internet so I could show images to friends while I’m at their place / watch movies with them.

The problem is I am currently not very educated on which security measures I would have to take to ensure that my server / mini PC doesn’t immediately become an easy target for a hacker, especially considering that I would host private photos on the nextcloud.

After googling around I feel like I find a lot of conflicting information as well as write-ups that I don’t fully grasp with my limited knowledge so if you guys have any general advice or even places to learn about all these concepts I would be absolutely delighted!

Thank you guys sooo much in advance for any and all help, the c/selfhosted community has been nothing but a great resource for me so far!!!

  • rambos@lemmy.world
    link
    fedilink
    English
    arrow-up
    26
    ·
    1 year ago

    I went for wireguard VPN instead of exposing services. Its much more safe afaik, but you have to configure each device you want to give access (aka scanning QR code). You also dont need to buy a domain for that. Exposed services would be easier to use, especially if you want to use it on many devices

    • ccryx
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      I’m also using wireguard and once you wrap your head around what the addresses and allowed IPs mean, it’s actually quite simple and has been very stable for me.

      I’ve had to fiddle a bit with firewalld though - ended up adding the wg interface to my home zone instead of having it in a separate zone. The wg port is the only thing that’s exposed to the internet.