Sign in Subscribe

Beginning My Self-Hosted Journey

Beginning My Self-Hosted Journey
Photo by Nik / Unsplash

From Paranoia to Port Forwarding

I have been itching to host my own services - including my own web site - for literal decades now. Due to some childhood trauma, my paranoia about being hacked or cyberstalked was pretty bad. It made it impossible for me to feel safe enough to justify opening up any ports to the public internet - except for WireGuard.

Building My Network Foundation

Before I started hosting my own WireGuard VPN, I had to make my own router out of an old desktop computer with an extra network card running OPNsense because I couldn't afford a router that supported any of the advanced features I wanted like VLANs, intrusion detection systems (IDS), and deep packet inspection (DPI). I'll go into the specifics of my setup in another post, but that project helped me understand IPv4, subnetting, and networking fundamentals.

Once I felt comfortable with basics in OPNsense, I wanted to learn how to separate my IoT devices from my main network. Doing that taught me how DHCP and DNS worked. Once I had the router handing out IPs to my personal devices and forwarding DNS requests with Unbound, I wanted to block ads. Once I found out how easy it is to setup DNS blocklists, I wanted to be able to block ads on my phone from wherever I was. The natural next step for me was a fairly big one - to consider opening up my first service to the internet, WireGuard.

My First Foray into the Wild West

Granted, WireGuard is really stealthy and theoretically impossible to scan for - even if it's exposed to the public facing internet so it barely counts. This is because the WireGuard protocol operates silently over UDP and is also authenticated via PKI. Even at my most paranoid, I could logically reason that whomever would be able to compromise my WireGuard VPN would likely be able to compromise my devices no matter what I did so it didn't matter. It was my way of getting my foot in the door in terms of exposing something to the internet.

Why I Keep Trying

After that, my urge to tinker has me wanting to host my own website again. I want to share my experiences, interests, passions, hobbies, and projects with the world; and I also want to help protect my family with a secure self-hosted VPN to block ads and protect their privacy by encrypting their internet traffic. That way, nobody can snoop on what they're doing when they're in places with open Wi-Fi like airports and hotels.

I've been failing for literal years trying to deploy websites and services to the internet - and I'm actually proud of that fact. I've had some short-lived successes which fueled my curiosity to continue, but I have always been principled my security-first mindset. If I can't guarantee that my devices are thoroughly secure, I will not expose them.

At the same time, I have been wanting to really level-up my networking knowledge in a hands-on and live environment. I want to be in complete control, so I keep trying to push myself and figure out how to make my network truly secure as well as truly my network. My failures have taught me so much about how each piece of the network stack fits in with each other piece, and I feel way more confident about hosting something like this now compared to when I first installed Linux in 2011.

a computer screen with a program running on it
Photo by Lukas / Unsplash

Learning Through Failure

My failures have also taught me some other fun and not-so-fun lessons about what it takes to host your own services.

There simply is no compromise when it comes to security.

It's imperative to take the time to create and maintain a good security posture for your network - especially if you're hosting others' private data. There are a lot of moving parts in any service so it can be daunting to configure them all correctly. You must configure them all correctly, however; otherwise, you are going to hurt people. With great power comes great responsibility, so be responsible!

Have a plan for when something breaks.

When you're just starting out, things will break - a lot. That means you will have to make plans - a lot. Over time this tends to take a lot of mental energy, which is a very finite resource for the attention deprived, like myself. It happens a lot less once you've setup everything up, but you had better have that 3-2-1 rule for backups memorized, implemented, and tested before you start any other projects. No exceptions, just do it!

"What happened to the internet?!?!"

You will anger everyone in your house when (not "if") you mess things up and cause the internet to go down. If you have been backing up your config files and/or taking snapshots, then this isn't a big deal. But woe unto the fool who takes down the internet with no config backups, as they will spend the next however-long-it-takes scrambling to figure out what went wrong.

Dollar dollar bills, y'all.

You will discover the joy of saving money on subscription-based services like Google Drive, Dropbox, One Drive, MS Office 365, Netflix, Hulu, Disney+, HBO Max, Nord VPN, and more. Seriously, it adds up to some serious savings over time! In the future I predict corporations will only get worse about making everything a subscription-based service incorporated with crappy implementations of AI. Oh well, not my problem anymore!

You get to be a hero

It's an incredible feeling that you get when you give someone access to a service and it "just works." People are appreciative. You did a good thing. Warm fuzzies ensue.

The Decision

With these things in mind, I decided that I still wanted to go for it. I've failed an innumerable amount of different times, but I wasn't going to let that deter me. I was determined to have a site up by the end of this Summer, and I'm proud to announce that I have succeeded in self-hosting my first website, as well as hosting my own private VPN!

I will admit that I have not really documented my process thus-far. The attention-deprived and sporadic nature of these projects didn't exactly lend themselves to being documented. But I plan on making tutorials of everything I've done so far so that you can begin your own journey into hosting your own services, too, and for free. Your services, your data, your control, your freedom.

Subscribe to my newsletter to get my articles and tutorials as soon as they're published, and to support my self-hosted journey. I'll see you next time, and here's to a brighter, safer, and freer internet.