Great, I accidentally deleted my original comment because the Lemmy web interface doesn’t ask for confirmation when you click the delete button. And the buttons are so small on mobile that it‘s really easy to click the wrong button.
Great, I accidentally deleted my original comment because the Lemmy web interface doesn’t ask for confirmation when you click the delete button. And the buttons are so small on mobile that it‘s really easy to click the wrong button.
If you want to use these features for security, access them manually. But, OP said they are kind of a noob. Telling them to just use containers is dangerous and leads to false assumptions.
You are absolutely correct. I should have stated explicitly that I didn’t mean docker and/or using pre-built container images. I was talking about something like systemd-nspawn. And you are right that I should not have brought this up in this context. I will edit my original comment.
So, putting a process in its own network, file-system, user etc. namespace does not increase security in your opinion?
I see. That‘s a valid use case. Although, in the spirit of self-hosting, I personally would either get another ISP or run a reverse proxy on a cheap VPS and connect the homeserver to that via Wireguard.
Why would anyone DDOS a random home server? I don‘t think OP has to worry about that.
Could you please be more specific what exactly Crowdsec brings to the table? In which way does it “secure the network”?
When I looked around for CalDAV solutions the last time Nextcloud was the only one that allowed me to share calendars with my SO. Nextcloud isn‘t very taxing on my system because it doesn‘t do anything most of the time.
Do you know about problems reaching the big player mailservers?
Honestly, I don‘t know. I have never had a confirmed case of an email being rejected or classified as spam. There were some cases of not getting an answer to an email. But that could also be explained by shitty customer service.
It is tricky to setup everything correctly if you are trying to do it all on your own but SNM holds your hand for setting up DKIM, SPF and DMARC. That‘s where some people may have problems. Also, forget about setting up a mail server at home with any IP address you get from your internet provider.
Most of this stuff runs on my server at home (ASRock J4105-ITX, 8 GB RAM , 250 GB SSD, 18 TB HDD). The mail server and the blog run on a cheap VPS (1 vCPU, 2 GB RAM, 20 GB SSD). Both servers run NixOS.
I would definitely go fangless. I have been bitten enough times. A bite might also transfer viruses. Nowadays I defang all my computers.