When most people think of self-hosting services at their HomeLab, they often think of the last mile. By last mile I mean the last hop before a user accesses your services. This last leap, whether using certificates or a reverse proxy, is incredibly important, but it’s also important to know that security starts at the foundation of your HomeLab. Today, we’ll work from hardware security to OS, networking, containers, firewalls, IDS/IPS, reverse proxies, authentication proxies for authentication and authorization, and even rely on a third-party vendor. like Cloudflare. A BIG thank you to Micro Center for sponsoring this video! Exclusive for new customers: get a free 240gb SSD at Micro Center: https://micro.center/0ef37a (paid) ★ Subscribe! https://l.technotim.live/subscribe
★ I’m live on Twitch https://l.technotim.live/twitch
★ Get help from our Discord community! https://l.technotim.live/discord
★ Subscribe to Techno Tim Talks! https://l.technotim.live/subscribe-ttt
★ Documentation found here https://l.technotim.live/docs
_____________________________________________ ⚙ Equipment Recommendations ⚙ ► https://l.technotim.live/gear
(Affiliate links may be included in this description. You may receive a small commission at no cost to you.) __________________________________________ ♦ Patron https://l.technotim.live/patreon
♦ GitHub https://l.technotim.live/github
♦ twitching https://l.technotim.live/twitch
♦ Twitter https://l.technotim.live/twitter
♦ discord https://l.technotim.live/discord
♦ Instagram https://l.technotim.live/instagram
♦ Facebook https://l.technotim.live/facebook
♦ TikTok https://l.technotim.live/tiktok
__________________________________________ 00:00 – Introduction 01:10 – Advertising 02:06 – No self-hosting 02:27 – Disclaimer 02:33 – Self-hosted VPN 02:57 – Public Cloud 03:24 – Last Mile 03:50 – Hardware 04: 28 – Virtual vs. Bare Metal 04:56 – Operating System 05:47 – Container Security 06:58 – Container Labels 08:07 – Network Segmentation 09:32 – Firewall and Port Forwarding 10:11 – Cloudflare (Reverse Proxy) 11:26 – Cloudflare Settings and Statistics 11:58 – Cloudflare + Conditional Port Forwarding 13:24 – Cloudflare Firewall Rules 13:46 – IDS and IPS 15:03 – Internal Reverse Proxy 15:53 - Auth Proxy (Authentication and authorization ) 16:42 – Security overview 17:07 – Will you use Self-Host? 17:41 – Stream Highlight “I’m big in the Netherlands (no)” #SelfHosted #HomeLab #Security “Overzealous Punch” is from Harris Heller’s album Sunset.
https://l.technotim.live/sb-music-license
The icons in this video have been created by Freepik from flaticon https://www.flaticon.com/authors/freepik .
Source Link
COMMENTS