Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
-
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
Ah sneaky. You added a question.
The answer to is there somewhere you can learn about this? Yes and no. You will ultimately learn by doing for this stuff.
Comptia network+ study guides will have all this knowledge and more.
If you're all in, Hack The Box is a freemium platform (think codecademy but less hand-holdy) that isn't designed to teach you this, but will absolutely teach you this in the process. It is a platform for offensive and defensive cybersecurity. These things are covered as afterthoughts in bigger pictures, but it will (at least for folks who learn by doing) force you to familiarize yourself with it implicitly.
Otherwise as far as IPs and ports and containers, I can tell you all you need to know, because it ain't much. It feels confusing/overwhelming at first but everything individual slice of this stuff is pretty simple. It's just an absurd amount of knowledge. Just take baby steps and learn what you need to know to get done what you seek.
I didn't have too much coffee, you had too much coffee.
IP address: a machine's address on a network. Like a street address.
Port: a numbered door on that machine. The IP gets you to the building; the port gets you to the right room. Different programs listen on different ports.
DNS: the phonebook. Maps friendly names like example.com to IPs so you don't have to memorize numbers.
Router: the doorman between your home and the internet. Stuff inside can reach out; nothing gets in unless you tell it to.
Container: a sandboxed mini-computer running on your machine. Isolated by default. You map a host port to a container port to let traffic in.
Reverse proxy: a switchboard. One program that takes all incoming traffic and routes it to the right service based on the hostname.
Welcome to foggy's IP, ports, and containers lesson, take a shot of espresso, we're going in!
special IP addresses:
127.0.0.1 - "This same machine." Talking to yourself. Also written as localhost.
192.168.x.x - private home network range. What your router hands out to your devices. Not routable on the internet. 10.x.x.x - another private range. Bigger, used by businesses and some routers. Same idea as 192.168.
172.16.x.x to 172.31.x.x - the third private range. Docker likes this one for its internal container networks.
0.0.0.0 - "all interfaces" or "any address." When a service binds to this, it means "listen on every network this machine is connected to." Also sometimes means "no specific address" depending on context.
255.255.255.255 - brosdcast. "Everyone on this network." Rarely something you'll type, but you'll see it.
169.254.x.x - link-local. What your machine assigns itself when it wanted a DHCP address from the router but didn't get one. If you see this, something's wrong with your network.
Port talk:
Ports 0-1023: well-known ports. Reserved for standard services. On Linux you need root to bind to these. The ones you'll actually see:
Ports 1024-49151: registered ports. Assigned to specific apps by convention. A sampling:
Nothing enforces these: they're just conventions. You could run Jellyfin on port 7777 if you wanted.
Ports 49152–65535: ephemeral ports. A neato part:
When you connect to a servers port 443, for example, your machine connects to the server's port 443, but it also needs a port on your end for the server to send replies back to. Your OS grabs a random unused port from this high range, uses it for that one connection, and releases it when done. Thus, 'ephemeral'
Containers? Sure:
A container is a program packaged in a bubble. It's basically a VM without the machine part. Let's say you wanna run Jellyfin AND Plex. Let's say tomorrow there's a brand new video file format and Jellyfin supports it and Plex doesn't. Jellyfin needs to use some new version of ffmpeg that Plex cannot use. The solution? Containers.
Each program is containered with what it needs to run happily. Nothing more. Your machine does the rest.
@foggy I never thought ephemeral ports were still a thing. How do I increase this range, e.g. on a machine expecting to make a lot of connections?
You should be a teacher. You made me go from despising Networking to interested in learning it more