For example, something that is too complex for your comfort level, a security concern, or maybe your hardware can’t keep up with the service’s needs?

  • @[email protected]
    link
    fedilink
    English
    352 years ago

    Bitwarden actually. I was really split on this but ultimately I trust Bitwarden, the company, to run a secure server than myself.

    Who has time to track CVE’s and react to them in a timely manner? I don’t. If something happened, I probably don’t have the infrastructure or know-how to even realize I had been breached.

  • realcaseyrollins
    link
    fedilink
    192 years ago

    A social media platform where you can post or view images. I don’t wanna deal with CSAM.

  • Alvaro
    link
    fedilink
    132 years ago

    @[email protected] I would say in retrospective, email, but it is too late now.

    While I do have self hosted backups, I also have offsite, paid copies as well, not sure if that can be considered “self hosting” though.

        • @[email protected]
          link
          fedilink
          12 years ago

          Honestly I’ve got like 7 different addresses spread across 3 different providers. Email isn’t important enough for me to worry too much about privacy and control. It’s mostly just a place to collect spam for me these days.

    • @[email protected]OP
      link
      fedilink
      English
      42 years ago

      Email was one I figured I would get an answer for. I know plenty of people do it, but I’m not sure if I’d trust myself to do it right.

      The paid offsite backups just seem like a good idea. Some might have the ability to also self-host that, whether it be in a friend/family members home, but if that isn’t an option, paying for a service could save your ass some day.

      • @[email protected]
        link
        fedilink
        English
        42 years ago

        Email was one I figured I would get an answer for. I know plenty of people do it, but I’m not sure if I’d trust myself to do it right.

        It’s not even about doing it right. It’s a PITA to manage when big players can just decide to block your server and then you’ll be jumping trough hoops with Microsofts spam filtering program and whatnot just go get your messages trough. It’s got very little to do if you’ve managed things right on your end, random issues with delivery just pop out of the thin air and it’s your job to monitor it, swear by your mothers name to the big players that you’ll play nicely and hope that their robotic overlords are satisfied with your time and effort.

        And if you host email for anyone else it gets exponentially worse. I’ve been doing it long enough that apparently my server has a reputation now so those cases aren’t as frequent as they used to, but they still pop up now and then and it takes time to figure it out with no other reward than the issue goes away, until it returns without any way to really know why.

  • @[email protected]
    link
    fedilink
    English
    1032 years ago

    Hosting an email server is pretty sure a magnet for half the Chinese IP range… So I would refrain from hosting that myself.

    • @[email protected]
      link
      fedilink
      English
      5
      edit-2
      2 years ago

      Gladly, fail2ban exists. :) Note that it’s not just smtp anyway. Anything on port 22 (ssh) or 80/443 (http/https) get constantly tested as well. I’ve actually set up fail2ban rules to ban anyone who is querying / on my webserver, it catches of lot of those pests.

      • StarDreamer
        link
        fedilink
        English
        3
        edit-2
        2 years ago

        CrowdSec has completely replaced fail2ban for me. It’s a bit harder to setup but it’s way more flexible with bans/statistics/etc. Also uses less ram.

        It’s also fun to watch the ban counter go up for things that I would never think about configuring on fail2ban, such as nginx CVEs.

        Edit: fixed url. Oops!

        • @[email protected]
          link
          fedilink
          English
          22 years ago

          Thanks for mentioning it, I didn’t know about it. Protecting against CVEs sounds indeed awesome. I took a more brutal approach to fix the constant pentesting : I ban everyone who triggers a 404. :D Of course, this only work because it’s a private server, only meant to be accessed by me and people with deep links. I’ve whitelisted IPs commonly used by my relatives, and I’ve made a log parser that warns me when those IPs trigger a 404, which let me know if there are legit ones, and is also a great way to find problems in my applications. But of course, this wouldn’t fly on a public server. :)

          Note for others reading this, the correct link is CrowdSec

    • @[email protected]OP
      link
      fedilink
      English
      152 years ago

      I figured email would be a common theme. I’m just starting to dip my toes into all of this, so an email server is not on my to-do list (and may never be).

      • body_by_make
        link
        fedilink
        English
        202 years ago

        Google and other large scale providers have intentionally made it very difficult to self host your own email. It’s generally not considered a wise move these days and is very difficult to maintain.

        • @[email protected]
          link
          fedilink
          English
          42 years ago

          Why do you say so? I’m not an expert in the fields, but isn’t a mail server pretty much the same as 20 years ago plus DKIM and SPF?

          • @[email protected]
            link
            fedilink
            English
            7
            edit-2
            2 years ago

            With DKIM and SPF, I’ve had zero problems in the last 15 years of selfhosting, most recently with Mailcow Docker on a residential IP. I don’t even have a reverse PTR to my mailserver hostname, just a PTR provided by the ISP that can be resolved.

            I’ve added a few fresh, un-reputed domains to the server and had no issues.

            I think many people’s problems with running email servers are self-inflicted. I remember even before there were things like blacklists, etc with large providers, many people had problems keeping mailservers running. It’s just not an easy task for a variety of reasons completely unassociated with the mega’s blacklisting you. I’ve been running mailservers at various scales for 20+ years so maybe it’s just second nature to me now.

          • @[email protected]
            link
            fedilink
            English
            12 years ago

            ip-reputation is also important. Mailgun, an email service for mass mailing, is doing an „ip-warmup“ if you choose a dedicated ip. So, if you are self-hosting with dynamic-ip, i think you would have a very very low ip-reputation.

            • @[email protected]
              link
              fedilink
              English
              22 years ago

              True, but this has nothing to do with Google and other, is a well done method to avoid spam.

              • @[email protected]
                link
                fedilink
                English
                12 years ago

                so what else is a factor for reputation? Or is it like if you dont pay to get your mail-domain whitelisted we lower your reputation score?

                • @[email protected]
                  link
                  fedilink
                  English
                  12 years ago

                  No idea! I don’t run my own mail server. But if you read a bit up here, there’s a guy who runs his own mail server(s) since years. But the selfhosted world seems to be full (well…not so full) of people that self host their mail server.

          • MaggiWuerze
            link
            fedilink
            English
            92 years ago

            Problem is, that most larger providers sort your mails to spam if the domain is not well known to them, which is not easy to achieve

            • @[email protected]
              link
              fedilink
              English
              52 years ago

              Mmm…are you sure about that? I happen to buy some random domain and I’ve never had any problem sending email even right after the domain created.

                • @[email protected]
                  link
                  fedilink
                  English
                  42 years ago

                  But there are even people that still self host email server (have a look in the selfhosted subreddit for example). IP reputation is a thing, for sure, but I don’t feel that it’s been brought up by the big corp wickedly, it’s a good way to prevent spam to arrive to the server. There are thousands of email providers in the world that are not Google, Amazon, Microsoft or some other big corp. This means that is possible. Is it difficult? For me for sure!!! But I think that the rising difficulty has been a result of this fields over the years. Just my 2 cents.

      • @[email protected]
        link
        fedilink
        English
        12 years ago

        I have an email server but it is not my main email account. I’m purely only using it to learn and to have email notifications sent out from a few services. I do not trust myself or my setup enough to have my main email account hosted on it

    • @[email protected]
      link
      fedilink
      English
      62 years ago

      I did host my email, but the problem wasn’t the spam but the bigger email providers. Best case was my mail was marked as spam. Worst case was that I was blocked until I jumped through hoops. Email hosting is unfortunately broken.

      • metaStatic
        link
        fedilink
        82 years ago

        what’s that? a federated service isn’t immune from a corporate take over? colour me shocked.

    • @[email protected]
      link
      fedilink
      English
      42 years ago

      Me too, I’ll never self host my email server. Too much time that I don’t have to set it up correctly, manage the antispam and other thing that I don’t even know . And if it goes down and I don’t have time to look into it (which would be the case 95% of the time 🙈), I’ll be without email for I don’t know how long.

      • @[email protected]
        link
        fedilink
        English
        12 years ago

        I’ve been self-hosting a personal email server for about half a year now, and it was definitely challenging! But it also tought me quite a bit about how the system works, so I think it was worth it. There are solutions for everything, but you definitely need some time and patience.

  • Mad A. Argon :qurio:
    link
    fedilink
    12 years ago

    @Tinnitus E-mail because of all reasons mentioned here.
    Tor exit node because I don’t want to have legal problems.
    Mastodon or similar fedi instance because of its resources requirements and usage.

  • poVoq
    link
    fedilink
    English
    252 years ago

    A public Matrix server. Its just a never ending black-hole of ever increasing storage requirements and the software is too buggy to not become a maintenance hassle.

    I do run a Synapse server for bridging purposes, so I am not just talking in theory.

      • @[email protected]
        link
        fedilink
        English
        22 years ago

        And so damn easy to self-host in general. Ejabberd is batteries included down to offering stun/turn for audio/video calls, Erlang is just unrivaled when it comes to hot reloading so updates are effectively zero-downtime (unsurprising considering all the business critical environments it’s deployed).

        At first (and especially because I went with Matrix originally) I wouldn’t think of self hosting all my instant messaging, but in retrospect, ejabberd is one of the easiest services I’ve got to maintain. I highly recommend everyone to give it a shot, especially to all the matrix refugees to whom it was a surprise/disappointment.

  • @[email protected]
    link
    fedilink
    English
    16
    edit-2
    2 years ago

    not complicated or hard, just don’t care enough: music, spotify is fine, especially on the family plan.

  • @[email protected]
    link
    fedilink
    English
    862 years ago

    Password manager like Bitwarden. I’d rather they take care of it for me. The consequences would be too great if I messed it up.

    • @[email protected]
      link
      fedilink
      English
      172 years ago

      Smart move, unless you really know what you’re doing and have redundancy. When I first made the switch from Lastpass to Bitwarden I had tried to host the vault myself instead of using the cloud version, which worked fine right up until the moment I had a server outage and lost access to all my passwords.

      • @[email protected]
        link
        fedilink
        English
        132 years ago

        Eh, the clients all cache your vault. It shouldn’t be a huge issue for it to be down even for a few days.

        But I do upload encrypted backups of the server every 6 hours to cloud storage

        • Engywook
          link
          fedilink
          English
          2
          edit-2
          2 years ago

          Same.

          Plus, my instance is proxies through Clouflare and only IPs from my country are allowed.

      • @[email protected]
        link
        fedilink
        English
        20
        edit-2
        2 years ago

        I’ve managed to keep my KeePass database for almost 20 years going back as far as when I was a dumb teenager. Back then it was as simple as having a couple extra copies on usb drives and Google Drive, but now I keep proper backups.

        My take is, I’d rather control it myself, I am responsible enough to take care of my data, and I actually wouldn’t trust someone else to do it. That’s a huge reason I selfhost in the first place, a lack of trust in others’ services. Also, online services are a bigger target because of the number of customers, and maybe even the importance of some of their customers, whereas I’m not a target at all. No one is going to go after me specifically.

        • @[email protected]
          link
          fedilink
          English
          82 years ago

          I think that’s what’s kept me at KeePass rather than moving to something like Bitwarden. Since it’s file-level encryption, anything that can serve files can also serve my KeePass database. When I upgrade servers or change to different services, restoring my database is as simple as throwing the file into that new service and going on with my life.

          • @[email protected]
            link
            fedilink
            English
            6
            edit-2
            2 years ago

            Yeah, my recommendation is basically this:

            Do you need to share passwords?

            No - use KeePass

            Yes - use Bitwarden

    • @[email protected]
      link
      fedilink
      English
      102 years ago

      Oh man, that’s actually really good advice! I recently switched to Vaultwarden, but you’re right: If my server goes down, I can’t even restart it, because the password for my account is in there! Damn! Close call!

      • newIdentity
        link
        fedilink
        English
        122 years ago

        Usually the password are also stored locally.

        I can definitely access all my passwords offline with bitwarden

      • @[email protected]
        link
        fedilink
        English
        172 years ago

        Well with bitwarden/vaultwarden you can have a copy of your entire vault on your phone or computer or both… so even if your server was totally dead, you’d have access to your passwords. Solid backups is a must, I follow the 3-2-1 rule on super critical systems (like vaultwarden) and test that you can actually recover. Something as simple as spinning up a VPS, testing a restore, testing access, see if that could work in a pinch until you get your server back online, then tear it down. Linode is very cheap for this kind of testing, it’d only cost you a few pennies to run a “dr” test of your critical systems. Of course you still want to secure it, I’d recommend wireguard or tailscale instead of opening access to your DR node to the internet, but as a temporary test it’s probably fine if your running patched up to date versions of docker, vaultwarden, and I’d always recommend putting a reverse proxy in front like nginx.

    • @[email protected]
      link
      fedilink
      English
      1
      edit-2
      2 years ago

      I still don’t get why people want to have cloud-based password managers. Keepass works in all major platforms, it’s just one file, which it is super easy to sync and/or merge. It can integrate with your browser/Os if you want, but otherwise the surface attack is basically zero.

  • @[email protected]
    link
    fedilink
    English
    10
    edit-2
    2 years ago

    I tried getting a music setup to work, but I couldn’t find a good solution for generated playlists with new song recommendations. The self-hosted music service just can’t add songs it doesn’t have yet, so it’s not really feasible. Plus I still have a very cheap YouTube Music subscription from the GPM days.

    • chiisana
      link
      fedilink
      English
      62 years ago

      You can use Lidarr to subscribe to artists’ new album/singles. But you’d still need to have a workflow to add new artists every now and then to incorporate them into your library.

      • @[email protected]
        link
        fedilink
        English
        72 years ago

        I want to be able to pick a song and say “give me a playlist of similar songs I don’t know yet”, and have that play immediately. That’s just not something a self-hosted setup can do. :/

        • chiisana
          link
          fedilink
          English
          42 years ago

          Yeah I think the closest thing I’m aware of is Plex and album/track mood on smart playlist, and even then that’s kind of janky (ie: cannot shout into smart assistants to creat one on the fly). Music is so cheap now, even the free Amazon Music I get from Prime serves my needs, so I don’t even bother with it.

  • 子犬です
    link
    fedilink
    English
    22 years ago

    I think someone else already mentioned it, but just to reiterate… Anything for other people who aren’t my wife and future kids.

    Password manager, file backups, photo backup, whatever.

    If something happens to me, or I pass away, wifey has instructions on shutting everything down (probably should write instructions on how to save all the important stuff).

    But I don’t want to deal with other peoples stuff. I like tinkering with my server and different docker containers, etc. So I don’t want someone complaining they can’t access their photos because I wanted to try something new. Also, just don’t wanna be responsible for storing their photos and important documents.

  • @[email protected]
    link
    fedilink
    English
    82 years ago

    Mail server, but mostly because deliverability in this day and age is a nightmare. If you’re some one off running your own mail server in 2023 be prepared to deal with many headaches around IP reputation.

    • @[email protected]
      link
      fedilink
      English
      42 years ago

      I did this for a couple of years and it became such a major hassle I just closed my server and told everyone to go get their own subscriptions. 30 terra-bytes of data deleted!!

      • newIdentity
        link
        fedilink
        English
        22 years ago

        It’s not that hard honestly. I only have one TB though but it really isn’t that much of a hassle.

      • @[email protected]
        link
        fedilink
        English
        32 years ago

        Ouch that’s brutal. You must have spent so much money on running all that and so much time collecting all that media.

    • @[email protected]
      link
      fedilink
      English
      42 years ago

      I was the same way for a while, but the last few years have just gotten worse and worse for streaming. I have a handful of streaming services I don’t have to pay to access (some through phone provider, prime video, parents accounts, etc), but anything not on there I’m just going to pirate. I use sonarr/radarr with Plex so it’s super easy to get and maintain media and it’s easy to access on all my devices, and my 4 tb hdd was $100, which I more than made up for after 4 months or so by not paying for hbo max and Netflix. No way in hell I’m going to pay for every streaming service for every show that looks good, or buy them individually.

  • @[email protected]
    link
    fedilink
    English
    2
    edit-2
    2 years ago

    In the early days it was cloud and mail, since Mailcow works really good, it’s just the cloud. Because nextcloud is too much hassle, all this php stuff… I have a managed nextcloud at hetzner and I am really happy this is something I haven’t to worry about.

    I check ocis from time to time, if it is usable the same way, I would selfhost my cloud again. NC on selfhost? Only if they do the same steps ocis already made. Because ocis is a simple single binary without php.

  • @[email protected]
    link
    fedilink
    English
    62 years ago

    Nothing really. I’m comfortable hosting mail, chat, my passwords and important documents. However:

    Hosting personal/important data for other people is a bit intimidating because you kind of guarantee for safety and availability.

    And services that are likely to be misused for illegal stuff and would be too bothersome. Otherwise i might host an anonymous spam eating email-forwarder, maybe a tor exit-node and a forum where adults can practise free speech. But that kind of stuff just attracts the wrong kind of idiots.