I work in tech and am constantly finding solutions to problems, often on other people’s tech blogs, that I think “I should write that down somewhere” and, well, I want to actually start doing that, but I don’t want to pay someone else to host it.

I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?

In theory that’s enough levels of protection and isolation but I don’t know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.

Update: Thanks for the replies, everyone, they’ve been really helpful and somewhat reassuring. I think I’m going to have a look at Github and Cloudflare’s pages as my first port of call for my needs.

  • originalucifer@moist.catsweat.com
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    11 months ago

    if you setup everything with even moderate attention to the security involved, youll be fine. sounds like youre already there.

    this is a common scenario, not a crazy idea or implementation. just keep your shit up to date

    • TedZanzibar@feddit.ukOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      That’s one of the issues I’m concerned about. I’m happy enough to let things auto-update on a tight schedule and capable enough to fix things if eg. Watchtower goes wrong or updates a container to a dodgy version, but what I don’t want is to have “keeping things secure” turn into a second job.

      • The Stoned Hacker@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        I run plenty of stuff off my home network, although I use VPSs now more for the higher availability than residential internet. So long as you put basic protections in place like fail2ban and a sensible firewall, you shouldn’t have any issues.

      • The_Pete@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        edit-2
        11 months ago

        One option here is to host it internally, and then VPN or ssh tunnel to your network for access.

        Keeping openssh or a VPN up to date and secure is a much simpler thing than a web framework.

        Separate your network access and your services. You get in trouble trying to use your service to gate access to your network.