How To Ditch Google & Co and go self-hosted

SHARE THIS NEWS ON SOCIAL MEDIA: Share

CORRRUPT GOOGLE.pngCLICK FRAUD IS WHAT GOOGLE USES.png

 

 

 

How To Ditch Google & Co and go self-hosted (technology)

 by Futt

I am not happy about how much I rely on shady multinationals for my essential services, and decided to see how much of this stuff I could self-host. After github went full retard, I already have a cheap VPS I found on LowEndBox that I use to host my own git repos; but decided to see what else I could host myself. So far, I have the server set up with (among other things):

  • PowerDNS to provide name-resolution for my home network, and SOA for domains I own.
  • Apache web server with LetsEncrypt certificates to provide an HTTPS enabled web server for my applications
  • Postfix and Dovecot with Sieve to provide email (SMTP and IMAP)
  • Roundcube webmail for a slick email frontend with lots of features and plugin support.
  • NextCloud (an ownCloud fork) to provide "cloud" storage and groupware functions w/syndication
  • Icinga2 provides monitoring and alerts for all the services

So far, so good - everything works just fine. Of course, a more integrated 'turn-key' solution would be preferable (Kolab maybe?) but it's working and performing well. Open standards and protocols also make it easy to integrate the different services. What solution have you chosen? Are there any other services that can easily be self-hosted like this? I am missing a self-hosted online office suite ala google docs, preferably with NextCloud integration.

want to join the discussion? login or register in seconds.

sort by: 

New Bottom Intensity Old

Sort: Top

 

[–] hairybawbag 4 points (+4|-0)  ago 

Nice setup. I've been meaning to do a similar thing for a year now but only got as far as using bittorrentsync for backing up mobile phones. Will give NextCloud a go soon hopefully.

 

[–] boggle247 1 points (+1|-0)  ago 

Check out Nextcloud plus first. Has many other features already setup so it makes the process a little more noob friendly

 

[–] Professor_de_la_Paz 3 points (+3|-0)  ago 

I bookmarked this page for later reference then archived it once I remembered how fragile this site is.

Great post!

 

[–] Surfer 3 points (+3|-0)  ago 

Nice! How long did it take you to set up, all in all?

As a noob I’ve set up my Synology NAS with its integrated cloud solutions, with vpn connection everywhere. Now I’m only needing to increase internet speed, and it’s good to go.

 

[–] Futt [S] 1 points (+1|-0)  ago 

I love the Synology NAS software, absolutely a great alternative and covers most of the bases if you have the pipes and uptime to handle it. I had an old DS209 that kicked the bucket earlier this year, been meaning to get a new one.

As for time, it's hard to tell. I have been tinkering with it on and off for a couple of days but it would depend on how familiar you are with the software.

 

[–] SuperConductiveRabbi 1 points (+1|-0)  ago 

If you look into email hosting with any seriousness you'll see countless stories of people who rejected self-hosting. If their experiences are typical, once you start using your email address for serious purposes your life will be plagued by the double-headed dragon of SPAM and silently failed delivery. If you're lucky you'll get emails bounced back, but you'll always be concerned that incredibly important emails failed to deliver, or the sender was unable to deliver them to you.

 

[–] BentAxel 1 points (+1|-0)  ago  (edited  ago)

Thank you for your overview. Best of luck. I as well am so woven into these people's company, I wish there was an easy alternative. But I guess that is the rub. Want easy, I am ripe for picking. Saving this post for later. I might have just inspired me.

 

[–] boredTech 1 points (+1|-0)  ago 

Have you messed with docker? It takes a bit of getting used to, but maintenance is easy when in place.

 

[–] InflationSlave 1 points (+1|-0)  ago 

Docker is a turd, useful in case you want another layer of abstraction to slow things down or can't otherwise script install/setup.

 

[–] boredTech 0 points (+0|-0)  ago 

I'm really not surprised about that opinion of it. But, personally I do like the extra layer of abstraction. It keeps resource management simple, and I have a stupid security setup of running two containers parallel while restarting them (out of rotation). It is a bit more of a resource drain, but not enough for me to care. Plus it's stupid simple to use. But, to each his own.

 

[–] karcyon 1 points (+1|-0)  ago 

I am really interested in the cloud storage thing. Replacing Dropbox would be a good thing.

 

[–] ZYX321 1 points (+1|-0)  ago  (edited  ago)

Add ejabberd for chat and SIP signaling and baby you've got a soup going.

Edit: Also, Debian (upon which Ubuntu is based) has a strict policy about only including free and open software in its Repos. They're stable branches are REALLY stable, which means, they're also somewhat old. Testing is sufficiently stable with much more frequent updates.

Edit 2: Note that you can use Google or Amazon cloud storage for your next/owncloud instance; But you can have your data encrypted. Nice to be able to use their storage without revealing anything except how often your server reads and writes to their container. Consider using their cheapest tiers of storage for encrypted backups, as well, a la Duplicity. Or find a few buddies with similar interests (Me, I have no friends) and give each other some space for encrypted backups at your homes/businesses; Then you have off-site backups for free.

 

[–] FortniteBlitzkrieg 0 points (+0|-0)  ago 

Does that just coordinate a bunch of chat services so you can use them seamlessly? I'm not getting a clear picture by browsing their website.

 

[–] ZYX321 2 points (+2|-0)  ago  (edited  ago)

Ejabberd's primary function is as an XMPP server, which is primarily text based chat, but has support for video, sharing files, multi user rooms, etc. It is fully federate-able with other peoples' XMPP servers. So as with email you can talk to people from other domains. Facebook's chat, Google's chat, and I think Whatsapp were all originally based on XMPP derivatives. Google used to even do federation with other domains. That's one of the ways they built their userbase, and then they shut it down... Check out the Conversations client on Android, Gajim on PC, and get fucked on iOS. With OMEMO encryption, you don't even have to trust the server operators.

SIP is useful for VOIP and video calling.

1 reply

 

[–] Futt [S] 0 points (+0|-0)  ago 

Not a bad idea; I've used prosody before but I am not sure if it handles SIP, might be XMPP only.

 

[–] boggle247 1 points (+1|-0)  ago  (edited  ago)

Nextnote is being worked on right now (not to be confused with Nextcloud notes). It will have rich text format and sharing the doc for collaboration. So it will be very similar to Google docs. I have looked very hard to find anything with collab sharing features and have no luck. There is collabra suites but from what I've read it breaks a lot.

Also, I'd recommend Nextcloud plus. It was originally Nextcloud pi designed for use with raspberry pis and arm chips. But now it can be used on non arm chips. I like it bc it has many security features built in (fail2ban, mod security, firewall, and others) also has several ddns options built in. Also has auto backup features.

 

[–] hairybawbag 1 points (+2|-1)  ago 

What security do you have on that server? I'd consider port knocking or something similar to hide it from the rest of the planet when it runs that many open services. If you only use it for yourself that shouldn't be too much problem.

 

[–] Futt [S] 1 points (+1|-0)  ago 

It's just for me, but does have it's own firewall, fail2ban, https + reCaptcha for the web services. Public-facing services like ssh, https, smtp/imap and dns are naturally exposed but monitored by fail2ban and encrypted (ssl/tls). All other services only listen on loopback. I would definitely tighten it up a bit if this was a public service though.

 

[–] WhatWouldOdinDo 2 points (+3|-1)  ago 

You should think about changing the port sshd is listening on if you haven’t already. A lot of attacks assume the default port and that will cut down your visibility.

There’s also replacing passwords with key authentication if you’re comfortable with keeping track of your public keys.

2 replies

 

[–] OryHaraG 0 points (+0|-0)  ago 

change out apache for nginx, its better :)

 

[–] mynewaccountagain 0 points (+0|-0)  ago 

You host your own SOA for DNS... yeah that's brilliant.

 

[–] RumpRangerRick 0 points (+1|-1)  ago 

Look into https://www.clearos.com/ - I've been using them for years back when they were called ClarkConnect.

 

[–] Futt [S] 0 points (+0|-0)  ago 

Interesting, never heard of them. What's your experience with them? How integrated are the apps they provide? Do you host your own hardware or did you opt for a hosted solution?

 

[–] RumpRangerRick 0 points (+0|-0)  ago 

I run it as my border firewall. Paid support has always been good. Run it on own hardware.

The apps integrated from their Store are done really well (much of the add-ons are free).

I pay an annual fee for their updated intrusion detection filters. Pretty much the only service of theirs I actually pay for.

 

SHARE THIS NEWS ON SOCIAL MEDIA: Share

They posted on the same topic

Trackback URL : https://congressionalreview.net/index.php?trackback/2632

This post's comments feed

Aperçu de site