DevOps dude, self-hoster, space nerd.

  • 0 Posts
  • 27 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle
  • You like deploying infrastructure, probably in a cloud environment, but you don’t want to push a bunch of buttons in their web interface, so you use Terraform to declaratively define the things you want, and it goes and builds them for you. Super useful for when you need to build resources often, to detect and correct config drift, and get started down the path of Infrastructure as Code.






  • I wouldn’t want to host anything on Windows unless you have to, or you want to learn more about Active Directory / Exchange / etc to help with a day job (assuming your day job is sysadmin / IT). Even then I’d do that inside Windows VMs on a Linux / ESXi host.

    I personally wouldn’t (and don’t) host authoritative servers externally to the internet. I do split-horizon DNS, so that my internal BIND server handles my LAN, but I have outside DNS handled by someone that has an ACME (Let’s Encrypt) module, so that I can do wildcart certs.

    One thing to look into as you spin up services at home would be some sort of VPN like Tailscale, WireGuard, or even something like Cloudflare Tunnel so that you’re not exposing services directly to the internet if you don’t absolutely have to. I believe some of these projects/products let you specify DNS servers so that when your phone (for example) is connected to the VPN, it uses your home DNS servers instead of public ones.

    Your very own self-hosting legend is about to unfold! A world of dreams and adventures with self-hosting awaits!



  • I’ve actually done this for a Microsoft owned IP before. Someone was Wordpress-scanning a particularly fragile application of one of my clients (which was not Wordpress) which was causing it to fall over. The scan stopped within an hour of sending the abuse email.

    Edit to add: I used to work in a NOC for a tier 1 ISP. We had an “abuse department” (a couple people) that investigated these and opened tickets with the NOC. I’ve emailed customers and disconnected circuits as a result of abuse emails, so I wouldn’t say they’re totally useless, but I’m sure it depends on the company involved.









  • Couple questions:

    • What’s your ISP at home?
    • What’s the ISP of the remote IPv6 server?
    • Are the other networks you’ve tried from the same or different?

    I’d start with traceroute and see how far your IPv6 traffic gets before it fails. It could very well be some peering or routing issue between some of the ISPs in between you and wherever that IPv6 address lives. If this ends up identifying where the traffic dies, a lot of the tier 1 ISPs have BGP looking glass servers so you can get an idea of what they know about that subnet.