18
More adventures in self-hosting the fediverse (piefed.keyboardvagabond.com)
submitted 2 days ago* (last edited 2 days ago) by ragingHungryPanda@piefed.keyboardvagabond.com to c/selfhosted@lemmy.world
12 comments fedilink hide all child comments

Usually I post updates like these on my gotosocial account, but my computer/server is at my parents house and their modem has been having a moment for the past day and a half and they're not the best sys-admins. I have more posts and updates that would normally be found on mastodon, but again - parents modem haha.

Anyway, for background I've been renting a couple of VPS servers out of the Netherlands and I'm running Talos OS and kubernetes. I'm in the works of standing up some digital-nomad / backpacker oriented instances called "keyboardvagabond.com" and eventually I'll get a landing page, etc. There's still more work to do before going live even though the services are running.

The lates bit of work came after a meetup at my job where no one came for official discussion, so we talked about self-hosting. I was strongly encouraged to get off of using external-dns and dns routing to use Cloudflare's tunnels instead. I had avoided them because I felt a bit intimidated. I got the first test pod running in like 15 minutes and then began migrating all of the application endpoints. I still need to seal off the k8s and talos ports, for which I might use warp.

The adventure part came to me realizing that I wasn't pulling in images on the piefed instance, so I figured that something was wrong. I checked k9s and there was about 50 cron jobs the send queue all in ImgePullBackoff. When I migrated harbor registry, I just went to the landing page, but didn't sign in. It took a bit of figuring things out, but I had to switch the backend in nginx to use https, port 443, and tls no verify, then change cloudflare to use HTTPS with a different host name than a host name for a specific pod (the new one is harbor-registry.harbor-registry.svc.cluster.local:443).

Anyway, it's all working now and the jobs slowly cleaned up, but it's fun seeing that the latest jobs can't be made due to "not enough memory" (crying with sunglasses emoji here). The piefed-worker pod is screaming along at its maximum of 1cpu core and 60% maximum memory, so it's all looking good.

Edit

Event MORE fun in self hosting. The ISP blocked my ports! Thankfully I was talking with my manager about cloudflare tunneling. I just moved my domain names over to cloudflared and everything is back up again. Took about an hour or so to migrate everything.

top 12 comments
sorted by: hot top controversial new old
[-] poVoq@slrpnk.net 15 points 2 days ago

Selfhosting and using the centralized MitM service from Cloudflare seems directly contradictory to me 🤷

[-] non_burglar@lemmy.world 12 points 2 days ago

You're free to have that opinion, and I share it personally.

However, self-hosting doesn't have to be all-or-nothing, and some ppl have requirements that make cloudflare a sensible option.

[-] ragingHungryPanda@piefed.keyboardvagabond.com 5 points 2 days ago

the ISP blocked my ports and cloudflare got me around it. I'll accept the compromise ;)

[-] possiblylinux127@lemmy.zip 2 points 2 days ago

Just use a VPN tunnel

It actually isn't bad to setup

[-] poVoq@slrpnk.net 3 points 2 days ago

There are other options to achive the same goal 🤷

[-] rtxn@lemmy.world 3 points 2 days ago

Please share those options, don't keep them secret.

[-] poVoq@slrpnk.net 2 points 2 days ago

Rent a cheap VPS and run Wireguard on it.

[-] lepire@lemmy.world 1 points 2 days ago

Pangolin also potentially relevant

[-] possiblylinux127@lemmy.zip 1 points 2 days ago

Please don't expose things to the internet

[-] 3dcadmin@lemmy.relayeasy.com 1 points 1 day ago

Using Cloudflare so they aren't

[-] possiblylinux127@lemmy.zip 1 points 1 day ago

They are though

Putting Cloudflare in between can help but it is certainly not a silver bullet. You are still putting it on the public internet. (Unless Cloudflare has some sort of authentication that I'm unaware of)

[-] 3dcadmin@lemmy.relayeasy.com 1 points 1 day ago

Cloudflare tunnels so yes it does, as long as you do it right.

this post was submitted on 06 Aug 2025
18 points (100.0% liked)

Selfhosted

50282 readers
402 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz