kat revised this gist 13 hours ago. Go to revision
1 file changed, 6 insertions
basic_home_server_setup.md(file created)
| @@ -0,0 +1,6 @@ | |||
| 1 | + | - if you can port forward (AKA no CGNAT from your ISP, look it up), only open ports 80/443 for a web server. reverse proxy will handle everything else | |
| 2 | + | - if your router's capable of VLANs, put your homelab network on one. i have no experience with VLANs so i can't help here but there's plenty of guides online and it's best practice | |
| 3 | + | - install `fail2ban` first thing. it takes care of most automated bot login attempts without any configuration | |
| 4 | + | - use debian or ubuntu server if you don't wanna suffer. ubuntu server is alright but debian is best bc no snap shit. same package manager (`apt`) | |
| 5 | + | - best web server to use is [caddy](https://caddyserver.com/) it's really fucking simple look at [my guide](https://bubblegum.girlonthemoon.xyz/articles/basic-caddy-uses) | |
| 6 | + | - **do not use password SSH auth** PLEASE set up key only auth. passwords are easy to break, keys are way harder. [basic guide here](https://www.simplified.guide/ssh/configure-passwordless-login) | |
Newer
Older