Nah, I host it on a web hotel.

I am using a very generic ISP and they tend to have a dim view of running servers on their network.

I did have an RPi running SSH and a Mumble server directly connected to the internet years ago, but after a few years I realized that I was bringing needless attention to my network when I found my server on Shodan.

So I took it down…

I’ve been self-hosting my blog for 21years if you can believe it, much of it has been done on a server in my house. I’ve hosted it on everything from a dusty old Pentium 200Mhz with 16MB of RAM (that’s MB, not GB!) to a shared web host (Webfaction), to a proper VPS (Hetzner), to a Raspberry Pi Kubernetes cluster, which is where it is now.

The site is currently running Python/Django on a few Kubernetes pods on a few Raspberry Pi 4’s, so the total power consumption is tiny, and since they’re fanless, it’s all very quiet in my office upstairs.

In terms of safety, there’s always a risk since you’re opening a port to the world for someone to talk directly to software running in your home. You can mitigate that by (a) keeping your software up to date, and (b) ensuring that if you’re maintaining the software yourself (like I am) keeping on top of any dependencies that may have known exploits. Like, don’t just stand up an instance of Wordpress and forget about it. That shit’s going to get compromised :-). You should also isolate the network from the rest of your LAN if you can. Docker sort of does this for you (though I hear it can be broken out of), but a proper demarcation between your laptop and a server on the Open web is a good idea.

The safest option is probably to use a static site generator like Hugo, since then your attack surface is limited to whatever you’re using to serve the static sites (probably Nginx), while if you’re running a full-blown application that does publishing etc., then that’s a lot of stuff that could have holes you don’t know about. You may also want to setup something like Cloudflare in front of your site to prevent a DOS attack or something from crippling your home internet, though that may be overkill.

But yeah, the bandwidth requirements to running a blog are negligible, and the experience of running your own stuff on your own hardware in your own house is pretty great. I recommend it :-)

Yes I host everything public with cloudflare tunnels. Everything more heavy is VPN with DDNS on invite basis to friends and fam. For the former it’s Hassle-free HTTPS, no reverse proxy, no firewall, no nonsense.

Biggest problem will be BW and latency to your lab from the Internet. I would use dedicated hardware and subnet for it. Security wise, if you can make your site 100% static it will help a lot with security. I’m personally set on AWS S3 + CloudFlare combo with static site generator running in my lab. Yes it is not really “self hosted” but worries free solution for me.

I self hosted many websites for about 20 years, but sadly I had to take it all down this year. In the process of moving to another state. Also going to really miss my 1gbps unlimited fiber connection.

I hosted my websites from windows server 2003, 2008, virtual machines, Linux, and other ways. It was fun times. I have very good up time using 2 servers and UPS battery backups.

I self-host everything from my home network including my website. I like to keep all my data local. 😁

It’s a simple setup: just a static site made with Lume, and served with Caddy. The attack surface is pretty small since it’s just HTML and CSS files (no JavaScript).

I self host a Grav site among other things on a 15 Euro VPS.

Also, I started with Ghost but the fact that they locked up the newsletter side of business to a single provider and were unwilling to rework things at the time made me walk away. Yes, I know you could go code side, and add others, but that was a complicated setup in itself. Grav works perfectly for me.

So many suggestions here but I thought I’d chime in because I have a setup very similar to what you suggested and I found a very easy way of hosting it securely. I am using Unraid on a system in my house. I have my web service running in a docker container. I exposed it using a cloudflare tunnel. There is an Unraid plugin for cloudflare tunnels that takes out a lot of the configuration work involved in getting it running locally. You just have to also set up a corresponding endpoint on Cloudflare’s website and have a domain name registered with them for you to link to it.

The way it works then is when someone requests your domain (or subdomain) in their browser, Cloudflare gets the request and redirects the traffic to the cloudflare tunnel client app that you set up in your computer. That app on your machine then redirects the traffic to your other container that is hosting your web service and established bidirectional communication that way.

The benefits to this system are:

• Relatively easy setup, especially if you want to expose more services in the future (you’ll need to run a separate cloudflare container for each service exposed though)
• No need to open ports in your router or firewall on your home network. Cloudflare just knows how to communicate between its server and its client app on your computer (I think you have to set up an access token so it is secure).
• None of your users ever learn your home IP address because once they connect at Cloudflare’s server, they don’t get any more knowledge than that about what’s on the other side.
• It’s free (not including the cost of registering your domain)
• You don’t have to worry about changing anything if your ISP randomly changes your IP address. Hell, you could even move to a new house and take your computer with you and you wouldn’t have to reconfigure anything.

Downsides:

• You have to trust that Cloudflare is not scraping all the traffic going through the tunnel.
• Some people have a moral issue with giving Cloudflare more responsibility for hosting “the Internet”. We already rely on their infrastructure heavily for large sections of the Internet. If they ever become malicious or compromised, there is a lot to lose as a society.

I believe you can use Wireguard and a rented VPS to recreate this setup without Cloudflare but it will require a lot more knowledge in order to set it up with more points of failure. And it would cost more because even though Wireguard is FOSS, a VPS will cost you a monthly fee of at least a few bucks per month.

I currently have 2 services exposed using Cloudflare tunnels on my Unraid system at home. They’ve been running for over a year now with 0 interruption.

I have hosted a wordpress site on my unraid box before, but ended up moving it to a VPS instead. I ended up moving it primarily because a VPS is just going to have more uptime since I end up tinkering around with my homelab too often. So, any service that I expect other people to use, I often end up moving it to a VPS (mostly wikis for different things). The one exception to that is anything related to media delivery (plex, jellyfin, *arr stack), because I don’t want to make that as publicly accessible and it needs close integration with the storage array in unraid.

Yea depends on your website bandwidth/uptime requirements. I use a VPS running nginx and wireguard, and tunnel into that from a VM in my homelab, so no ports are open on my home firewall. nginx drops all random traffic at the VPS that isn’t destined to a preconfigured service, expected traffic is forwarded through the wireguard tunnel to the right VM’s, segregated from the rest of my home network by VLANs. I host a bit of web content where I’m not concerned with bandwidth or uptime really, as well as home assistant, file browser, a few dedicated game servers, etc.

yes, i have a few Rust framework based sites for mostly personal use

I self-host a Ghost blog. It’s about as safe as any other service exposed to the internet.

I use a VPS and generate static sites using Hugo. Works fine.

I could host it in my network, but I don’t see a point, and I’d really rather not have a power outage or loss of internet break my site (much more likely at home than at a datacenter). I host pretty much everything else within my network though.

Static site hosted by someone else for free is the way to go. I wouldn’t invite that sort of pain upon my network.

I host mine just like you want to do. Ghost running in a docker container on my homelab, with reverse proxy and domain pointing to it.

Haven’t had any issues so far.