I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.

I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?

In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.

Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.

  • TedZanzibar@feddit.ukOP
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    That’s one of the issues I’m concerned about. I’m happy enough to let things auto-update on a tight schedule and capable enough to fix things if eg. Watchtower goes wrong or updates a container to a dodgy version, but what I don’t want is to have “keeping things secure” turn into a second job.

    • The Stoned Hacker@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      1 year ago

      I run plenty of stuff off my home network, although I use VPSs now more for the higher availability than residential internet. So long as you put basic protections in place like fail2ban and a sensible firewall, you shouldn’t have any issues.

    • The_Pete@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      1 year ago

      One option here is to host it internally, and then VPN or ssh tunnel to your network for access.

      Keeping openssh or a VPN up to date and secure is a much simpler thing than a web framework.

      Separate your network access and your services. You get in trouble trying to use your service to gate access to your network.