Most active commenters
  • telgareith(3)

←back to thread

I Self-Hosted Llama 3.2 with Coolify on My Home Server

(geek.sg)
221 points whitefables | 17 comments | 16 Oct 24 05:26 UTC | HN request time: 0.221s | source | bottom
1. bambax ◴[16 Oct 24 08:59 UTC] No.41857017[source]
> I decided to explore self-hosting some of my non-critical applications

Self-hosting static or almost-static websites is now really easy with a Cloudflare front. I just closed my account on SmugMug and published my images locally using my NAS; this costs no extra money (is basically free) since the photos were already on the NAS, and the NAS is already powered on 24-7.

The NAS I use is an Asustor so it's not really Linux and you can't install what you want on it, but it has Apache, Python and PHP with Sqlite extension, which is more than enough for basic websites.

Cloudflare free is like magic. Response times are near instantaneous and setup is minimal. You don't even have to configure an SSL certificate locally, it's all handled for you and works for wildcard subdomains.

And of course if one puts a real server behind it, like in the post, anything's possible.

replies(3): >>41857088 #>>41857339 #>>41857709 #
2. Reubend ◴[16 Oct 24 09:16 UTC] No.41857088[source]
Is the NAS exposed to the whole internet? Or did you find a clever way to get CloudFlare in front of it despite it just being local?
replies(3): >>41857124 #>>41858097 #>>41860131 #
3. cheema33 ◴[16 Oct 24 09:21 UTC] No.41857124[source]
You can use CloudFlare Tunnel (https://www.cloudflare.com/products/tunnel/) to connect a system to your cloudflare gateway, without exposing it to the Internet.
replies(1): >>41857342 #
4. archerx ◴[16 Oct 24 10:01 UTC] No.41857339[source]
You could also use openVPN or wireguard and not have a man in the middle for no reason.

I have a VPN on a raspberry pi and with that I can connect to my self hosted cloud, dev/staging servers for projects, gitlab and etc when I’m not on my home network.

replies(2): >>41858280 #>>41859061 #
5. rmbyrro ◴[16 Oct 24 10:02 UTC] No.41857342{3}[source]
Or Tailscale, which is pretty cool piece of tech.
replies(1): >>41857938 #
6. ghoomketu ◴[16 Oct 24 11:02 UTC] No.41857709[source]
> Cloudflare free is like magic

Cloudflare is pretty strict about the Html to media ratio and might suspend or terminate your account if you are serving too many images.

I've read far too many horror stories about this on hn only so please make sure what you're doing is allowed by their TOS.

replies(2): >>41857752 #>>41857898 #
7. hdra ◴[16 Oct 24 11:09 UTC] No.41857752[source]
do they ever publish an actual number on this? given the size of HTML documents v.s. images, I imagine its something thats something that can be exceeded very easily without knowing..

e.g. is running a personal photography website OK?

replies(1): >>41857931 #
8. telgareith ◴[16 Oct 24 11:31 UTC] No.41857898[source]
Cloudflare removed that bit from their TOS entirely about a year ago now. Are you citing a more recent source?

PS: talking about Cloudflare being snappy when content is being served from a austore nas made me chuckle.

replies(1): >>41858655 #
9. telgareith ◴[16 Oct 24 11:37 UTC] No.41857931{3}[source]
Cloudflare removed those restrictions from the TOS 12+ months ago.

Take a look at if Cloudflare Pages + Cloudflare R2 meets the needs of your site.

I'd also recommend using cloudflare tunnels (under Zero Trust) rather than punching a hole in your firewall. For a number of reasons.

10. telgareith ◴[16 Oct 24 11:38 UTC] No.41857938{4}[source]
Tailscale is wireguard with advertising, a convenient UI, and a STUN/TURN server.
replies(2): >>41858385 #>>41858580 #
11. bambax ◴[16 Oct 24 12:04 UTC] No.41858097[source]
The web server of the nas is exposed to the Internet (port forwarding of 80 from the router to the nas); the rest of the nas is not exposed / not accessible from outside the LAN.

The images that are published are low-res versions copied to a directory on a partition accessible to the web server.

This is not the safest solution, as it does punch a hole in the lan... It's kind of an experiment... We'll see how it goes.

12. dweekly ◴[16 Oct 24 12:26 UTC] No.41858280[source]
I believe the suggested setup was for making a site and images available to the public, for which hiding the origin behind Cloudflare seems a very good reason. Some public IP will need to have ports 443/80 open.
13. calgoo ◴[16 Oct 24 12:39 UTC] No.41858385{5}[source]
exactly, which means setting up a vps, generating certificates, setting up some type of monitoring to make sure the tunnel is working, etc. I agree that wireguard is the best option, if you have the time and knowledge, but for some dev people that just wants to put up a webpage with a few users, tailscale/cloudflare is a much easier system to maintain (especially as it handles ssl for you as well - to some degree...).
14. rmbyrro ◴[16 Oct 24 12:58 UTC] No.41858580{5}[source]
I'm aware they wrap OSS, but they made it very, very easy to adopt and maintain for a large chunk of potential users. This requires significant effort and should not be undervalued, in my opinion.
15. jgalt212 ◴[16 Oct 24 13:08 UTC] No.41858655{3}[source]
I think the OP meant once the resource was cached by Cloudflare. The first time served is not snappy.
16. nirav72 ◴[16 Oct 24 13:55 UTC] No.41859061[source]
That requires opening a firewall port on router. For some people, that might not be possible. Either due to ISP restrictions such as CGNAT. In those cases, they're better off using something like Tailscale.
17. shepherdjerred ◴[16 Oct 24 15:20 UTC] No.41860131[source]
I've used Tailscale funnel which works quite well for this.

https://tailscale.com/kb/1223/funnel