How do people manage to self host, well anything, in the modern internet?
Networking stack is infinity growing and impossible to understand, all ISPs available to me use CGNATs and effectively break the two way street of the original internet, threat protection seems impossible unless you pay cloudflare....
@Rin3d I self-host a few services on an old desktop computer for personal use. Since I'm the only one using it, I don't expose the server to the public internet. Rather, I use Tailscale VPN to connect to the desktop from all of my other devices.
With that being said, I'm not sure how I would even begin self-hosting a publicly available website!
Generally, like this: Identift any way to reach the device from the outside. With CGNAT the main thing to test is ipv6. I like https://github.com/svenstaro/miniserve as a simple tool to run a small HTTP server. Run it in an empty directory and it'll start serving it over HTTP, giving you a list of possible addresses. I'm recommending miniserve because it shows a list of adresses on any system. If it doesn't show any address with 4-character blocks separated by colons, ipv6 isn't working and you probably need to enable it in your router or device settings. Look up the first block of 4 characters to see which of the addresses miniserve lists is a global address. Before this is accessible globally you'll likely need to open up the port in your routers firewall settings - ideally just the port miniserve uses. Then, try opening that IP on your phone using the mobile network (wifi off) - if it works, great! If it doesn't, troubleshooting might involve checking if miniserve is accessible through local network, checking ipv6 settings of the device, trying different ports, different router firewall settings, and worst case reaching out to the ISP to ask if they've blocked inbound ipv6 (most don't), or specific ports, and if they do, whether they can unblock it.
If it works, you probably still don't have a fixed ipv6 prefix, so you'll want to run some Dynamic DNS (DynDNS, DDNS) tool which automatically updates DNS records to always point at your devices global ipv6. Theres services offering a domain for this for free using a subdomain, or you can get a cheap domain for 6-9$/year. I like Porkbun as a registrar (= company that sells domains). Note: this is not redirecting or hosting anything, DNS is like the address book of the internet. DynDNS is just updating the address automatically, so if it changes, you don't have to do it manually.
@Rin3d you're right, i am struggling to understand what (not why, the "why" is usually very dependent on the "what") is hard for you, as my other reply perhaps shows.
So i'm asking you: Would you be willing to go into some more details about what you're trying to do, the situation you're trying to do it in, and perhaps your prior related experiences?
Perhaps even as a new post, not a reply, with some fitting tags. Tho if you do that, please mention me in a reply, my masto server doesn't show posts from mastodon.social by default.
@Rin3d CGNAT is only an issue for ipv4, if you're able to use ipv6 that should work around the issue with that
threat protection is all about what you want to do and what you care about. A static site? Not much to protect there except perhaps the content from AI scrapers, for which i'd use https://anubis.techaro.lol/
If its some service for myself, i'd just lock it down with a decent password. If its for public use and non-static, thats where things get more difficult.
As for networking stack: it takes a bit of time to learn, but its actually not that incredibly complex i feel. The most difficult part is likely to not get bogged down in concepts and solutions meant for larger scales. All you really need is a registrar for a domain and to know that a DNS record is just "if someone asks for X, they can find it at Y", if tou want a domain, and what a port is and how you can open (port-forward) one in your router. Not something you get done in half an hour, but also not something that should take days of research.
I'm not saying its easy, or simple. I'm saying its comparable to many many topics/hobbies/jobs: theres some stuff you gotta learn and a lot of stuff you don't need, and the difficulty lies not in the content but in distinguishing useless from useful information. And targeted (to selfhosting) resources will generally leave out or label the topics you might not need.
dunno if that helps, maybe i'm underestimating the amount of knowledge required because this is partially my job
Rin3d
Coca
BD103
laund
