• mightyfoolish@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    4 months ago

    A system that needs ID verification to access a site is a problem. What if it’s used for other websites as well?

      • mightyfoolish@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        4 months ago

        Yeah, that could work; however, it would be a hassle. Just remember to save everything important locally.

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          3
          ·
          4 months ago

          One step ahead of you, I’m actively replacing all of my online accounts with self-hosted alternatives. My state passed both porn ID and social media ID laws, and I assume they’ll try to add this to anything with age gates (e.g. streaming sites).

          So I’m moving my stuff to my personal cloud:

          • Jellyfin - I’m going back to buying Blurays and DVDs and adding them to my own streaming service
          • NextCloud/ownCloud - still playing with it, but I got Collabora set up for docs and spreadsheets, at it supports calendar sync as well
          • Vaultwarden - working on switching from the hosted Bitwarden
          • Actual Budget - I switched from Mint -> TillerHQ (hosted at Google Docs), and this is the next step (it integrates with SimpleFIN for bank sync)

          All of this is available both over my self-hosted VPN, and over the internet with certain services exposed over my domain (all use LetsEncrypt certificates). So I can access whatever I want wherever I am. I do offsite backups with Backblaze B2 ($6/month/TB), and I sync important stuff to my phone w/ syncthing.

          It’s a bit of a pain, but there’s no way my state can take any of that away from me. I’ll be adding more services as I find time, and I’ve got a good system now where a new service only takes a few minutes to spin up. Basically, my setup process is:

          1. add subdomain for the service to my DNS - could use a wildcard, but I like control and ability to move things around
          2. add haproxy config at my VPS - just copy/paste like a dozen lines of config
          3. update Caddyfile on my NAS to handle the new service - again, copy like 5 lines
          4. add and configure container in my compose.yml
          5. docker compose up -d (to build the new service) followed by docker compose restart to get Caddy to reload the config

          Caddy fetches the TLS certificates, and docker handles setting up the service. Unless I make a mistake. Since everything is in docker, I don’t need any ports exposed except 80 and 443, which is managed by Caddy.

          I wouldn’t have bothered if Netflix had kept reasonable rates for ad-free watching, but here we are. And now my state is being a pain, so I’ll probably configure my WIFI with a VPN out of state so I don’t have to deal with the stupid ID verification crap.

          • mightyfoolish@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 months ago

            This is fantastic. Hopefully, crazy politics will at least have a side effect of all of this self hosted software becoming easier. It’s gotten to the point where companies like Hetzner will maintain nextcloud services for a monthly fee but Caddy is already more intuitive compared to what came before it.

            • sugar_in_your_tea@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              2
              ·
              4 months ago

              Yup. I’m thinking of making a blog series or something about my setup. It’s a little complex, but the individual pieces are pretty simple, so anyone with time and interest could totally replicate it. Mine would focus on Linux, but since everything is in containers, it could easily be replicated on Windows as well.

              Oh, and I’m working from the worst possible setup, I’m behind CGNAT, so I have to go through an outside server to make my internal stuff public. A lot of people can just use their router IP instead, which eliminates the VPN entirely (just port forwards from your router).