1
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 22 Oct 2023
1 points (100.0% liked)
Self-Hosted Main
504 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
- Service: Dropbox - Alternative: Nextcloud
- Service: Google Reader - Alternative: Tiny Tiny RSS
- Service: Blogger - Alternative: WordPress
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
- Awesome-Selfhosted List of Software
- Awesome-Sysadmin List of Software
founded 1 year ago
MODERATORS
There’s nothing inherently insecure about exposing a service to the internet. But it does create an attack surface.
A firewall or proxy (Cloudflare, Nginx etc) allows you to restrict access via ip address or authentication, but if there’s a bug in your service it can still be exploited.
The good news about a service you write is that there are no ready built tools to exploit it. The bad news is that there are almost certainly more bugs.
So it really comes down to what your ap has access to (is it jailed or restricted in someway), is it read only or does it allow modifying file in the system? How confident are you with your code? If someone starts bashing in it, will you be alerted? Is it did get a coloured how serious would that be? There is no “right” answer, is a risk assessment you have to make based on your situation.
My APIs require just a simple api key to be placed in a json header to make a request.
It is just some personal android apps connected to these APIs to interact with certain databases. While there's no sensitive data involved, I am more concerned about specifically, if there's a possibility that an attacker could use this to gain access to my personal computer or other devices connected to my home network.
Should I create a sub network and get a raspberry pi to host these apps?
A DMZ is always recommended in such cases.
> Should I create a sub network and get a raspberry pi to host these apps?
Yes, it's always better. However, Pi may be overpriced now. Take a look at NUC-sized miniPCs, for roughly the same price you'll get much more computing power.
Pi's have been regularly in stock for months now at MSRP.
https://rpilocator.com/?country=US
This new wave of "buy a core i7 4th gen USFF PC instead of a Pi" is wild. It's really case by case of what you are doing but lots of people seem to push "proxmox and tons of VMs! or GTFO" on everyone.