Meeting next week! March 14th 2024!
Hey Everybody! We've got a meeting next week! I think it's really worth talking about Self hosting. It's come up a couple of times, I think it's worth talking about what the options are, what they might cost and what can be hosted both using on prem hardware and your own cloud instances, options for networking, etc. I'd like people's ideas, caveats, etc. What have people hosted? Plex, etc. Thanks, Tim. -- I am leery of the allegiances of any politician who refers to their constituents as "consumers".
Tim Keller via WLUG <wlug@lists.wlug.org> writes:
We've got a meeting next week!
I hope to tune in via jit.si
I think it's really worth talking about Self hosting.
I'm not quite sure what you mean by "Self". For twenty years I had a DSL connection with a static routable IPv4 address. I had an intenet host with Tandy Monitor that ran a name server, mail server, and web server. That's all broken now because the ISP no longer does DSL. Instead I pay $10 month for a VPS (Virtual Private Server) from AfterBurst, which comes with an IP address. Pretty much everything that used to be in my basement is now in "the cloud". It's not "Self" because its not my computer, but almost everything else is the same. AfterBurst does not do anything, just let me use their computer to do it myself. The main problem I am dealing with now is that the internal (in home) network is notwork. I have been keeping notes and put them here: http://www.free-comp-shop.com/none/ipv6.html I am trying to use IPv6, which I have never done before. If anybody has any suggestions... -- Keith
"Keith" == Keith Wright via WLUG <wlug@lists.wlug.org> writes:
Tim Keller via WLUG <wlug@lists.wlug.org> writes:
We've got a meeting next week!
I hope to tune in via jit.si
I think it's really worth talking about Self hosting.
I'm not quite sure what you mean by "Self". For twenty years I had a DSL connection with a static routable IPv4 address. I had an intenet host with Tandy Monitor that ran a name server, mail server, and web server. That's all broken now because the ISP no longer does DSL.
That's certainly a definite form of self hosting! When you run your own internet infrastructure (http, mail, ftp, ssh) that's you doing the work and keeping the control.
Instead I pay $10 month for a VPS (Virtual Private Server) from AfterBurst, which comes with an IP address. Pretty much everything that used to be in my basement is now in "the cloud". It's not "Self" because its not my computer, but almost everything else is the same. AfterBurst does not do anything, just let me use their computer to do it myself.
I do this too with a Linode Droplet ($5/mo) but I'm thinking I should upgrade to something with more CPU and Memory so I can run some better anti-spam tools.
The main problem I am dealing with now is that the internal (in home) network is notwork. I have been keeping notes and put them here:
That sucks!
I am trying to use IPv6, which I have never done before. If anybody has any suggestions...
I've tried as well in the past, with the big issue for me being getting from IPv6 internally to a (mostly) IPv4 network outside. I think IPv6 probably works better as a gateway to your home, since you can then assign multiple distinct IPs to your own block of 64 (or whatever the count it) of internal IPs and make them visible to the outside. So it removes NATing and such. But IPv6 just is a pain to do. I keep reading that Charter/Spectrum offers IPv6 IPs, but I haven't made the leap. Still working on my wireguard setup, which has falled to the side lately.
I knew this topic would be of interest to people! As I'm writing this Gmail is yelling at me to buy more storage.. For me the "self" is the level of control I have over it. Lately ISP's have gone out of their way to make it very hard to host services on your own networks and expose them to the internet. Tim. On Wed, Mar 13, 2024, 3:47 PM John Stoffel <john@stoffel.org> wrote:
"Keith" == Keith Wright via WLUG <wlug@lists.wlug.org> writes:
Tim Keller via WLUG <wlug@lists.wlug.org> writes:
We've got a meeting next week!
I hope to tune in via jit.si
I think it's really worth talking about Self hosting.
I'm not quite sure what you mean by "Self". For twenty years I had a DSL connection with a static routable IPv4 address. I had an intenet host with Tandy Monitor that ran a name server, mail server, and web server. That's all broken now because the ISP no longer does DSL.
That's certainly a definite form of self hosting! When you run your own internet infrastructure (http, mail, ftp, ssh) that's you doing the work and keeping the control.
Instead I pay $10 month for a VPS (Virtual Private Server) from AfterBurst, which comes with an IP address. Pretty much everything that used to be in my basement is now in "the cloud". It's not "Self" because its not my computer, but almost everything else is the same. AfterBurst does not do anything, just let me use their computer to do it myself.
I do this too with a Linode Droplet ($5/mo) but I'm thinking I should upgrade to something with more CPU and Memory so I can run some better anti-spam tools.
The main problem I am dealing with now is that the internal (in home) network is notwork. I have been keeping notes and put them here:
That sucks!
I am trying to use IPv6, which I have never done before. If anybody has any suggestions...
I've tried as well in the past, with the big issue for me being getting from IPv6 internally to a (mostly) IPv4 network outside. I think IPv6 probably works better as a gateway to your home, since you can then assign multiple distinct IPs to your own block of 64 (or whatever the count it) of internal IPs and make them visible to the outside. So it removes NATing and such.
But IPv6 just is a pain to do. I keep reading that Charter/Spectrum offers IPv6 IPs, but I haven't made the leap. Still working on my wireguard setup, which has falled to the side lately.
Tim, I could swear I read before, at least for residential services that Charter (now Spectrum) internet did NOT allow you to host a site which is why I have never tried to do it. I would guess that its all about the bandwidth dollars. Below is a link to their current TOS (terms of service) in case it is of interest: Ron https://www.spectrum.com/policies/internet-use-policy [https://www.spectrum.com/content/spectrum/residential/en/policies/internet-use-policy.thumb.200.200.png?ck=1621880089]<https://www.spectrum.com/policies/internet-use-policy> Spectrum - Internet Use Policy<https://www.spectrum.com/policies/internet-use-policy> Learn about our Internet Use Policy for Spectrum Internet® and data subscription. www.spectrum.com ________________________________ From: Tim Keller via WLUG <wlug@lists.wlug.org> Sent: Thursday, March 14, 2024 6:34 AM To: John Stoffel <john@stoffel.org> Cc: Worcester Linux Users' Group General Discussion <wlug@lists.wlug.org>; Keith Wright <kwright@keithdiane.us>; Tim Keller <turbofx@gmail.com> Subject: [WLUG] Re: Meeting next week! March 14th 2024! I knew this topic would be of interest to people! As I'm writing this Gmail is yelling at me to buy more storage.. For me the "self" is the level of control I have over it. Lately ISP's have gone out of their way to make it very hard to host services on your own networks and expose them to the internet. Tim. On Wed, Mar 13, 2024, 3:47 PM John Stoffel <john@stoffel.org<mailto:john@stoffel.org>> wrote:
"Keith" == Keith Wright via WLUG <wlug@lists.wlug.org<mailto:wlug@lists.wlug.org>> writes:
Tim Keller via WLUG <wlug@lists.wlug.org<mailto:wlug@lists.wlug.org>> writes:
We've got a meeting next week!
I hope to tune in via jit.si<http://jit.si>
I think it's really worth talking about Self hosting.
I'm not quite sure what you mean by "Self". For twenty years I had a DSL connection with a static routable IPv4 address. I had an intenet host with Tandy Monitor that ran a name server, mail server, and web server. That's all broken now because the ISP no longer does DSL.
That's certainly a definite form of self hosting! When you run your own internet infrastructure (http, mail, ftp, ssh) that's you doing the work and keeping the control.
Instead I pay $10 month for a VPS (Virtual Private Server) from AfterBurst, which comes with an IP address. Pretty much everything that used to be in my basement is now in "the cloud". It's not "Self" because its not my computer, but almost everything else is the same. AfterBurst does not do anything, just let me use their computer to do it myself.
I do this too with a Linode Droplet ($5/mo) but I'm thinking I should upgrade to something with more CPU and Memory so I can run some better anti-spam tools.
The main problem I am dealing with now is that the internal (in home) network is notwork. I have been keeping notes and put them here:
That sucks!
I am trying to use IPv6, which I have never done before. If anybody has any suggestions...
I've tried as well in the past, with the big issue for me being getting from IPv6 internally to a (mostly) IPv4 network outside. I think IPv6 probably works better as a gateway to your home, since you can then assign multiple distinct IPs to your own block of 64 (or whatever the count it) of internal IPs and make them visible to the outside. So it removes NATing and such. But IPv6 just is a pain to do. I keep reading that Charter/Spectrum offers IPv6 IPs, but I haven't made the leap. Still working on my wireguard setup, which has falled to the side lately. [https://s-install.avcdn.net/ipm/preview/icons/icon-envelope-tick-green-avg-v1.png]<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Virus-free.www.avg.com<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Funnily enough, I get a 403 error when I try to view that page. Last I remember it allowed services for private use. --cs -------- Original Message -------- From: THE HAMMER via WLUG <wlug@lists.wlug.org> Sent: March 15, 2024 1:14:21 AM GMT+11:00 To: John Stoffel <john@stoffel.org>, Worcester Linux Users' Group General Discussion <wlug@lists.wlug.org> Cc: Keith Wright <kwright@keithdiane.us>, Tim Keller <turbofx@gmail.com>, THE HAMMER <hammerron@hotmail.com> Subject: [WLUG] Re: ISPS limiting..was Re: Meeting next week! March 14th 2024! Tim, I could swear I read before, at least for residential services that Charter (now Spectrum) internet did NOT allow you to host a site which is why I have never tried to do it. I would guess that its all about the bandwidth dollars. Below is a link to their current TOS (terms of service) in case it is of interest: Ron https://www.spectrum.com/policies/internet-use-policy [https://www.spectrum.com/content/spectrum/residential/en/policies/internet-use-policy.thumb.200.200.png?ck=1621880089]<https://www.spectrum.com/policies/internet-use-policy> Spectrum - Internet Use Policy<https://www.spectrum.com/policies/internet-use-policy> Learn about our Internet Use Policy for Spectrum Internet® and data subscription. www.spectrum.com ________________________________ From: Tim Keller via WLUG <wlug@lists.wlug.org> Sent: Thursday, March 14, 2024 6:34 AM To: John Stoffel <john@stoffel.org> Cc: Worcester Linux Users' Group General Discussion <wlug@lists.wlug.org>; Keith Wright <kwright@keithdiane.us>; Tim Keller <turbofx@gmail.com> Subject: [WLUG] Re: Meeting next week! March 14th 2024! I knew this topic would be of interest to people! As I'm writing this Gmail is yelling at me to buy more storage.. For me the "self" is the level of control I have over it. Lately ISP's have gone out of their way to make it very hard to host services on your own networks and expose them to the internet. Tim. On Wed, Mar 13, 2024, 3:47 PM John Stoffel <john@stoffel.org<mailto:john@stoffel.org>> wrote:
"Keith" == Keith Wright via WLUG <wlug@lists.wlug.org<mailto:wlug@lists.wlug.org>> writes:
Tim Keller via WLUG <wlug@lists.wlug.org<mailto:wlug@lists.wlug.org>> writes:
We've got a meeting next week!
I hope to tune in via jit.si<http://jit.si>
I think it's really worth talking about Self hosting.
I'm not quite sure what you mean by "Self". For twenty years I had a DSL connection with a static routable IPv4 address. I had an intenet host with Tandy Monitor that ran a name server, mail server, and web server. That's all broken now because the ISP no longer does DSL.
That's certainly a definite form of self hosting! When you run your own internet infrastructure (http, mail, ftp, ssh) that's you doing the work and keeping the control.
Instead I pay $10 month for a VPS (Virtual Private Server) from AfterBurst, which comes with an IP address. Pretty much everything that used to be in my basement is now in "the cloud". It's not "Self" because its not my computer, but almost everything else is the same. AfterBurst does not do anything, just let me use their computer to do it myself.
I do this too with a Linode Droplet ($5/mo) but I'm thinking I should upgrade to something with more CPU and Memory so I can run some better anti-spam tools.
The main problem I am dealing with now is that the internal (in home) network is notwork. I have been keeping notes and put them here:
That sucks!
I am trying to use IPv6, which I have never done before. If anybody has any suggestions...
I've tried as well in the past, with the big issue for me being getting from IPv6 internally to a (mostly) IPv4 network outside. I think IPv6 probably works better as a gateway to your home, since you can then assign multiple distinct IPs to your own block of 64 (or whatever the count it) of internal IPs and make them visible to the outside. So it removes NATing and such. But IPv6 just is a pain to do. I keep reading that Charter/Spectrum offers IPv6 IPs, but I haven't made the leap. Still working on my wireguard setup, which has falled to the side lately. [https://s-install.avcdn.net/ipm/preview/icons/icon-envelope-tick-green-avg-v1.png]<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Virus-free.www.avg.com<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Cara Salter via WLUG <wlug@lists.wlug.org> writes:
Funnily enough, I get a 403 error when I try to view that page. Last I remember it allowed services for private use.
-------- Original Message -------- From: THE HAMMER via WLUG <wlug@lists.wlug.org> https://www.spectrum.com/policies/internet-use-policy
I get a page titled: Spectrum Internet Acceptable Use Policy, which says, in part: 2. Prohibited Activities Using the System, Network, and Service. Any activity or use of the Service which violates system or network security or integrity are prohibited and may result in criminal and civil liability. Such violations include, without limitation, the following: L. Running any type of server on the system that is not consistent with personal, residential use. This includes but is not limited to FTP, IRC, SMTP, POP, HTTP, SOCS, SQUID, NTP, DNS or any multi-user forums. So they threaten you with jail time for listening on port 25. PHLHT!! -- Keith
I've had my house-server on the internet via Charter Spectrum for many many years. I send and receive (a tiny amt of) email, there's a webserver, and other small items. I've made no attempt to conceal any of this. --MCV. On 3/14/24 10:14 AM, THE HAMMER via WLUG wrote:
I could swear I read before, at least for residential services that Charter (now Spectrum) internet did NOT allow you to host a site which is why I have never tried to do it. I would guess that its all about the bandwidth dollars.
I think the answer is "it depends". As Mike Voorhis says, his home stuff just works. And I certainly allow incoming SSH and other traffic to my home network. I honestly haven't tested if they block outgoing SMTP (port 25 traffic) recently, but checking now, they don't seem to be blocking it since I could get to my VPS on port 25 from home no problem. I *have* been slowly working to get Wireguard setup at home so I can tunnel over a VPN to my VPS to make some things simpler, so I just have one end-point on my OPNsense Firewall at home which allows connections from remote devices into my network. This way I don't need quite as many firewall rules on OPNSense. At least that's the idea, but lack of time and bugs have slowed my progress here.
I could swear I read before, at least for residential services that Charter (now Spectrum) internet did NOT allow you to host a site which is why I have never tried to do it. I would guess that its all about the bandwidth dollars. Below is a link to their current TOS (terms of service) in case it is of interest:
I think if you start hosting something that gets their attention, they'll shut you down. *shrug* not really sure.
This is the alcohol on the beach clause.. Become a pain in the ass and they'll point to clause L on their website and kill your access. It's interesting there's no SSH on that list.. What is also interesting is that they don't want you running squid.. because I think they don't want people blocking ads.. Tim. On Fri, Mar 15, 2024 at 12:36 PM John Stoffel <john@stoffel.org> wrote:
I think the answer is "it depends". As Mike Voorhis says, his home stuff just works. And I certainly allow incoming SSH and other traffic to my home network. I honestly haven't tested if they block outgoing SMTP (port 25 traffic) recently, but checking now, they don't seem to be blocking it since I could get to my VPS on port 25 from home no problem.
I *have* been slowly working to get Wireguard setup at home so I can tunnel over a VPN to my VPS to make some things simpler, so I just have one end-point on my OPNsense Firewall at home which allows connections from remote devices into my network. This way I don't need quite as many firewall rules on OPNSense. At least that's the idea, but lack of time and bugs have slowed my progress here.
I could swear I read before, at least for residential services that Charter (now Spectrum) internet did NOT allow you to host a site which is why I have never tried to do it. I would guess that its all about the bandwidth dollars. Below is a link to their current TOS (terms of service) in case it is of interest:
I think if you start hosting something that gets their attention, they'll shut you down. *shrug* not really sure.
-- I am leery of the allegiances of any politician who refers to their constituents as "consumers".
Outgoing SMTP is not blocked and will function, but is frequently blacklisted by recipients who refuse to accept email originating from a residential IP block. I have a relay in Amazon-EC2 that sends the email. Some recipients continue to not like that, but doing SPF/DKIM/DMARC goes a long way, and I've had no trouble sending to recipients at gmail and at various MS outlook/o365ish recipients. The biggest issue I have is that if the cablemodem goes offline for a long enough time, my IP address changes. But I've got by now a well-established checklist of stuff that I need to do when the house IP changes, so I just walk through the list and all is well in a few minutes. Decent email senders will queue the bounced email for a few days before bouncing back to sender and I'm not aware of having lost anything. --MCV.
I think the answer is "it depends". As Mike Voorhis says, his home stuff just works. And I certainly allow incoming SSH and other traffic to my home network. I honestly haven't tested if they block outgoing SMTP (port 25 traffic) recently, but checking now, they don't seem to be blocking it since I could get to my VPS on port 25 from home no problem.
On 3/17/24 04:52, Michael Voorhis via WLUG wrote:
Outgoing SMTP is not blocked and will function, but is frequently blacklisted by recipients who refuse to accept email originating from a residential IP block. I have a relay in Amazon-EC2 that sends the email. Some recipients continue to not like that, but doing SPF/DKIM/DMARC goes a long way, and I've had no trouble sending to recipients at gmail and at various MS outlook/o365ish recipients.
+1 to SPF/DKIM/DMARC dealing with a lot of challenges related to selfhosting email. I'm not using my residential IP, but they're still really easy to set up for a large payoff.
The biggest issue I have is that if the cablemodem goes offline for a long enough time, my IP address changes. But I've got by now a well-established checklist of stuff that I need to do when the house IP changes, so I just walk through the list and all is well in a few minutes. Decent email senders will queue the bounced email for a few days before bouncing back to sender and I'm not aware of having lost anything.
I've found that OctoDNS + iCinga pair well for both detecting when my external IP changes, and getting fresh DNS records out quickly. I wonder how difficult it'd be to figure out some automation to do it all for me... --cs
I am very interested in this topic. Hoping I will make it to the meet. If not hope I can at least connect on line. cheers Ron ________________________________ From: Tim Keller via WLUG <wlug@lists.wlug.org> Sent: Friday, March 8, 2024 5:03 PM To: Worcester Linux Users' Group General Discussion <wlug@lists.wlug.org> Cc: Tim Keller <turbofx@gmail.com> Subject: [WLUG] Meeting next week! March 14th 2024! Hey Everybody! We've got a meeting next week! I think it's really worth talking about Self hosting. It's come up a couple of times, I think it's worth talking about what the options are, what they might cost and what can be hosted both using on prem hardware and your own cloud instances, options for networking, etc. I'd like people's ideas, caveats, etc. What have people hosted? Plex, etc. Thanks, Tim. -- I am leery of the allegiances of any politician who refers to their constituents as "consumers".
participants (6)
-
Cara Salter -
John Stoffel -
Keith Wright -
Michael Voorhis -
THE HAMMER -
Tim Keller