I had a website that was set up for only my personal use. According to the logs the only activity I ever saw was my own. However, it involves a compromise. Obscurity at the cost of accessibility and convenience.

First, when I set up my SSL cert, I chose to get a wildcard subdomain cert. That way I could use a random subdomain name and it wouldn’t show up on https://crt.sh/

Second, I use an uncommon port. My needs are very low so I don’t need to access my site all the time. The site is just a fun little hobby for myself. That means I’m not worried about accessing my site through places/businesses that block uncommon ports.

Accessing my site through a browser looks like: https//randomsubdomain.domainname.com:4444/

I’m going on the assumption that scrapers and crawlers are going to be searching common ports to maximize the number of sites they can access over wasting their time on searching uncommon ports.

If you are hosting on common ports (80, 443) then this isn’t going to be helpful at all and would likely require some sort of third party to manage scrapers and crawlers. For me, I get to enjoy my tiny corner of the internet with minimal effort and worry. Except my hard drive died recently so I’ll pick up again in January when I am not focused on other projects.

I’m sure given time, something will find my site. The game I’m playing is seeing how long it would take to find me.

A few years ago I was in a position where I was seeing two shitty, manipulative people taking advantage of three of my friends in three different situations. My three friends had all been warned about the manipulators but still felt the need to be nice, diplomatic and caring towards them anyways.

I ended up spending a lot of time talking with my friends, pointing out bad behaviour and encouraging my friends to put their own interests first. I never blamed my friends for their behaviour and instead tried to give them the tools for identifying and dealing with their manipulators.

Eventually they all came to realize of just how awful those manipulators were and I made myself available for my friends to vent when the time came. It sucked having to watch my friends go through all those emotions in the end. They all were really hurt.

I do think I did the right thing. They felt hurt but they did more than just get over it. They all learned from those experiences. We don’t talk as much as we used to but when we do talk, I’m always happy to hear that they are still putting themselves first and not giving any manipulators their time.

I also got to learn from all of that because too had been dealing several manipulative people in my own life at that time. Teaching my friends helped reinforce what I had learned and the results made me feel more confident in my own life choices that I had made in the recent past.

I haven’t tried it myself but https://wiki.termux.com/wiki/Termux:Boot seems to be able to start Termux and programs after a phone starts/reboots. It does require downloading an additional package https://f-droid.org/packages/com.termux.boot/ along with the main Termux app.

There’s a few things I backup from my phone.

• Music downloaded from Seeker
• Youtube audio downloaded from YTDLnis
• Backups of Termux
• Notes in plain text
• Backups from certain apps that make their own backup data
• Pictures that I have sorted and want to saved

I have an Android phone so I use Termux as a terminal emulator. I use ssh and passwordless keys to make transfers simpler and quicker.

Although this is closer to a backup process and not like SyncThing where it’s syncing a folder between two devices. I don’t believe rsync is capable of acting like SyncThing but I’m tempted to dig into rsync more and see if I can put something basic together one day.

I do something similar using only rsync. I’ve had nothing but headaches whenever I used automated file syncing programs. The bare bones aspect of just using rsync has made it a much more consistent experience.

I found using automated file syncing programs have too much complexity under the hood that just seems to lead to more time troubleshooting issues.

Another option that’s available is hosting your own Kiwix instance and downloading the Arch Wiki .zim file.

I have a few other .zim’s from the Kiwix library including Alpine Wiki, Stack Overflow, Man pages and a full copy of Wikipedia. There’s a lot available at that Kiwix library which can make for a good offline digital library.

I’ve been writing POSIX scripts as a sort of hobby and don’t really have any Bash experience but I think I can still give some insight. Hopefully what I say is accurate but this is what I’ve learned so far.

POSIX is a standard, to say it as simple as possible, it sets the minimum requirements for environment, programs, commands and options for those commands with the purpose of having those commands be as portable as possible. That way a POSIX script will work on any POSIX compliant system. For example a POSIX script could work on Arch, Debian, on a Raspberry Pi or even Mac products. In theory if could work on windows too. If an Operating System ships with a POSIX compliant shell, you are very likely able to run a POSIX script.

Bash is a shell but it has a bunch of features that expand beyond the basic features set by the POSIX standard. Bash also has more features and flexibility for scripting which is why it’s so common to see Bash scripts. Those scripting features are usually referred to as “bashisms.” Since it expands on POSIX scripting, it can look similar to a POSIX script but would not work as intended if you ran a Bash script outside of a Bash shell.

With a lot of modern OS’s, they would likely have Bash installed and you most likely don’t need to worry about anything. However, Bash is not a standard and not required to be installed on every system.

If you care about your script working on as many systems as possible without the worry about what shell is being used, you will probably prefer writing a sh shell, POSIX compliant script.

Since POSIX shells and scripts work on a much more basic level, it can lack some depth and finding work arounds for issues can start to look unreadable/insane. A good example is how arrays are handled. POSIX is limited to one array where Bash has much better support for arrays.

There are advantages to using either but with the popularity of Bash, it’s not really that big of a deal in the end.

I do something something like this using wildcard certs with Let’s Encrypt. Except I go one step further because my ISP blocks incoming data on common ports so I end up using an uncommon port as well.

I’m not hosting anything important and I don’t need to always access to it, it’s mostly just for fun for myself.

Accessing my site ends up looking like https://randomsubdomain.registered-domain-name.com:4444/

My logs only ever show my own activity. I’m sure there are downsides to using uncommon ports but I mitigate that by adjusting my personal life to not caring about being connected to my stuff at all times.

I get to have my little hobby in my own corner of the internet without the worry of bots or AI.

I have two systems that sort of work together.

The first system involves a bunch of text files for each task. OS installation, basic post OS installation tasks and a file for each program I add (like UFW, apparmor, ddclient, docker and so on). They basically look like scripts with comments. If I want to I can just copy/paste everything into a terminal and reach a a specific state that I want to be at.

The second system is a sort of “skeleton” file tree that only contains all the files that I have added or modified.

.
├── etc
│   ├── crontabs
│   │   └── root
│   ├── ddclient
│   │   └── ddclient.conf
│   ├── doas.d
│   │   └── doas.conf
│   ├── fail2ban
│   │   ├── filter.d
│   │   │   └── alpine-sshd-key.conf
│   │   └── jail.d
│   │       └── alpine-ssh.conf
│   ├── modprobe.d
│   │   ├── backlist-extra.conf
│   │   └── disable-filesystems.conf
│   ├── network
│   │   └── interfaces
│   ├── periodic
│   │   └── 1min
│   │       └── dynamic-motd
│   ├── profile.d
│   │   └── profile.sh
│   ├── ssh
│   │   └── sshd_config
│   ├── wpa_supplicant
│   │   └── wpa_supplicant.conf
│   ├── fstab
│   ├── nanorc
│   ├── profile
│   └── sysctl.conf
├── home
│   └── pi-user
│       ├── .config
│       │   └── ash
│       │       ├── ashrc
│       │       └── profile
│       ├── .ssh
│       │   └── authorized_keys
│       ├── .sync
│       │   ├── file-system-backup
│       │   │   ├── .sync-server-fs_01_root
│       │   │   └── .sync-server-fs_02_boot
│       │   └── .sync-caddy_certs_backup
│       ├── .nanorc
│       └── .tmux.conf
├── root
│   ├── .config
│   │   └── mc
│   │       └── ini
│   ├── .local
│   │   └── share
│   │       └── mc
│   │           └── history -> /dev/null
│   ├── .ssh
│   │   └── authorized_keys
│   ├── scripts
│   │   ├── automated-backup
│   │   └── maintenance
│   ├── .ash_history -> /dev/null
│   └── .nanorc
├── srv
│   ├── caddy
│   │   ├── Caddyfile
│   │   ├── Dockerfile
│   │   └── docker-compose.yml
│   └── kiwix
│       └── docker-compose.yml
└── usr
    └── sbin
        ├── containers-down
        ├── containers-up
        ├── emountman
        ├── fs-backup-quick
        └── rtransfer

This is useful to me because I can keep track of every change I make. I even have it set up so I can use rsync to quickly chuck all the files into place after a fresh install or after adding/modifying files.

I also created and maintain a “quick install” guide so I can install a fresh OS, rsync all the modified files from my skeleton file tree into place, then run through all the commands in my quick install guide to get myself back to the same state in a minimal amount of time.

I actually started with RPi’s. The first one, a used Pi 4b, is dedicated only to HomeAssistant. I don’t tinker with it anymore because it does what I want and I don’t want unexpected downtime when I have to use the bathroom or use the lights in my room.

I bought a used Pi5 with the intention of upgrading later. In life I am quite minimal and find a joy in using what little tools and material I have to create something new. That seems to hold true to technology and scripting too. The RPi5 with an old USB3 HDD is actually way more power than I can currently use and can imagine using for a long time. The extra room to work is convenient though.

I’ll have a look into some of the places you suggested, those seem like the places to draw good inspiration from, thank you.

I don’t have much experience with curl. From what I understand, it’s an old but constantly maintained command line tool. If you type curl https://www.google.com/ in your terminal of choice, you should get a text display in return of google’s search page. That’s if the curl command is installed on your system, which it most likely would be.

You won’t be able to interact with it since it’s in text but you can see how the page has been written in the HTML language before it gets rendered into the website you would normally see in a web browser.

When it comes to terminal commands, I find it helpful to do web searches using linux <command name>. For example linux curl and that will lead me to many sites that help explain the command and give multiple examples of how to use the command.

Once you get more experienced with using a terminal, using the command options --help or -h will give you information that could help you use the command. For example curl --help

There’s also manual pages, or man pages that give a more technical look at commands within your terminal of choice. You can access them with man <command name>. Example: man curl.

In the case of federation, every platform that is using federation is using a communication protocol called ActivityPub. Simplified, it functions like email but instead of private emails, it’s transferring public social media content. Microbloggers and threaded conversations can communicate with each other using ActivityPub but the information exchanged between the two platforms is slightly different. That’s how we get quirks like this when two different ActivityPub platforms communicate with each other.

Different federated platforms talking to each other will look like this sometimes. In this case it’s a microblogging platform talking to a threaded conversation platform. It’s just a quirk of federation in general.

I started out rewriting my network backup scripts only to realize I was adding functionality to a previous script I wrote to automatically mount and dismount luks encrypted volumes. I still want to type in my luks passphrase because I don’t want everything automated and prefer to include inconvenience as an additonal security measure in securing some of my data.

I also came to the realization recently that the reason I don’t relate strongly to other self hosters is because I’ve unknowingly been trying to create a minimal self hosted system that is more beneficial to small, low powered devices.

I’ve been using Alpine Linux, I install only the bare, older but well established tools and have been creating scripts soley based off those tools instead of seeking out bigger, more complicated modern tools. For example creating workflows by only using rsync or using https://github.com/RayCC51/BashWrite to create a blog that only uses bash and GNU sed to create a static blog site.

At least now that I’m aware of this, I can keep an eye out for such projects or communities and would hopefully be able to contribute something in that direction.

Shellcheck is a great tool for scripting.

When I’m building a new script, I usually add the following function to the script and run the function before anything else. The script will exit immediately if any issues are found so I have a chance to correct things. If no issues are found, the script will simply continue.

It’s small and simple so it’s easy to remove when I’m done building a script.

script_check() {
    if ! shellcheck "${0}"; then
        exit 1
    fi
}

script_check

Shellcheck has helped me learn a lot about scripting and I strongly recommend using it too.

I’ve experienced gatekeeping issues long before I got into self-hosting specifically. Years ago I wanted to learn C++ for Arduino and I was constantly talked down for asking questions.

“Why don’t you just do …” in response to a question feels very rude as a newcomer because it feels like I am being talked down to for not knowing what others already know. Even when I made an effort to show I was making an effort to learn on my own, I was still belittled.

I’m all for hearing different ways of approaching my issue but from the replies, it often feels like other people insist there is only one true specific way to handle an issue.

When I first got into self-hosting, people kept pushing Cloudflare on me. When I expressed concern over a large centralized corporation having that much control and how they might have service issues, I was mocked really hard. Half a year later and there was a significant outage and suddenly there’s all this talk about how centralized the internet is and how that is bad.

After that I took it upon myself to find alternative ways to protect myself without Cloudflare’s services but every step of the way has been an isolating experience. Every step of the way has been full of people saying that my efforts are pointless and that the bots will win anyways so I shouldn’t bother.

I decided to try to secure myself through multiple layers of obscurity and every question in that direction has been full of people saying that obscurity is not security, the bots will find you anyways!

I’ve stopped myself from asking too many questions now. I still keep learning in my direction. I feel like I’ve managed to find multiple solutions that both obscure and protect myself. I’ve constantly check my logs for months now and the bot is less than I expected in places I expect them to be and completely zero in other places I thought there would be some activity.

I want to share what I have learned and my experiences but I know I will receive backlash for deviating from the norm.

I’ve spent a lot of my self-hosting efforts trying to find ways to protect myself with minimal use of third party services, documenting as much as I could only feel afraid to share what I have learned.

This comment may not be about learning self-hosting as a beginner specifically but the vibe has been pretty damn consistent throughout me learning C++, self-hosting, linux and shell scripting. All things I enjoy but all so full of people ready to talk down to someone who wants to learn.

I have three backups. One is my laptop where all the backups initially start. Then that gets copied to a plugin USB SSD. Then another copy goes to my server which has another USB SSD. That means I don’t have an off site backup.

I don’t have a place to host an off site backup and I’m not comfortable or interested in using cloud services. Instead I just decided that if it all goes up in flames. So be it.

It’s just data and backups are just nice a convenience. I’ll be upset but there’s more important things in life to worry about.

I’ve always lived a life of minimalism and to me stuff is stuff. None of it mattered before I was born and none of it will matter after I die. That happiest and most free feeling I ever experienced was when I spent years travelling with only a 34 litre backpack and that’s kind of been my baseline for happiness ever since.

I’ve had so many people in the past abuse my trust and acceptance. They basically loved the way I treated them as individuals that are able to do things their own way but deeply hated me for being me. I don’t conform to their perspective of me and so they spent great amounts of time and energy trying to change me.

I’m really fortunate to have met people in the last 4-5 years who love and accept me just as I am. So now I have a stronger sense of what I want in a friend.

There are a few things I look for in a friend. Over a period of time, I want to see how they talk about and treat other people. How they talk about and treat themselves. I want to see if they have the ability to self reflect and make choices and changes in a way that betters themselves. I want to see if they treat me the same way they treat other people. I want to see how accepting they are about people are situations that are very different from their lived experiences. I also want to see how they treat animals and the environment around them.

Since no two people are the same, I have no strongly defined criteria. Instead I observe and try to view their words and actions as a whole. There’s a lot of ways to judge who is healthy for me and who is only interested in themselves.

I may only have a few friends now but I have a deep love for the friends that I have because they keep proving to me how caring and amazing they are to me.

apk seems to have some tricks in there that aren’t as well known.

I managed to catch in the IRC channel that apk add doc will automatically download any related man pages for packages with any future downloads through apk. That made life a bit more convenient instead of downloading all those packages separately.

My web facing server has just enough packages installed to (kinda securely) host a Caddy and Kiwix docker container to work with my domain name and make a comfortable work environment through SSH. My Pi for my HomeAssistant docker container has less because it’s locked down to just my local network.

I also wrote my own install scripts so reinstalling everything and getting it back to a running state would take about 15 minutes for each device.

And I also wrote my own backup/restore scripts that evolved over 3/4 of a year. I use them often so I have confidence in those scripts.

I personally don’t really care too much. I have multiple ways of dealing with issues for something that’s a hobby to me. Which is why I stick to simplicity.

I’m sure this is a thing for people to worry about when dealing with more complex setups. I just wanna vibe out in my tiny corner of the internet.

On Alpine Linux I update my two Pi servers at 2 in the morning daily. It’s simpler compared to Debian which needs unattended-updates. Just add apk update && apk upgrade to a cron job and you’re good to go.

I only have three docker services which is simple enough to update manually.

I like to keep things as simple as possible for my already chaotic brain.