this post was submitted on 27 Jun 2023
0 points (50.0% liked)

Selfhosted

39257 readers
202 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
0
Choosing an hypervisor (lemmy.world)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
13 comments fedilink hide all child comments
 

Hello everyone! During one of those illuminated evenings, I got the idea to move my small server in Scaleway to some more powerful server in Hetzner. If I will make the move, I am thinking of splitting the server in various VMs, to host different services that belongs to different trust boundaries, for example:

  • A Lemmy/writefreely instance
  • Vaultwarden/Gitea
  • Wireguard tunnel to my home infrastructure
  • Blogs, and other convenience services

In order to achieve the best level of separation, I was thinking of using VMs. My default choice would be Proxmox, because I used it in the past, and because I generally trust it, however I am trying to evaluate multiple options, and maybe someone has good or better experiences to share.

Other options I thought about are:

  • Run everything in Docker. I am going to do this nevertheless, but Docker escapes are always possible, especially with public facing images that I did not write myself and/or that require a host volume.
  • KVM directly? I am OK even without a GUI to be honest. I am not aware if there is some ansible module or even better Terraform provider for this, it would be great. (EDIT: I found https://registry.terraform.io/providers/dmacvicar/libvirt/0.7.1 which seems awesome!)
  • ESxi? I have no experience with this solution.

Any idea or recommendation?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago (1 children)

Personally, after looking at what the industry wants; I would start my homelab trying to automate it with Ansible/Terraform. libvirt should be decent, and if you want to go over to BSD, I think ansible supports bhyve? If not, libvirt definitely runs on BSD so you could just automate that

[–] [email protected] 1 points 1 year ago (1 children)

I work in security, so there is no really devops/sysadmin prospect for me. That said, I use ansible and (mostly) terraform professionally and for my lab, so that's a good idea nevertheless. I don't have much BSD experience, what do you think are the key reasons to go that route instead of Linux?

[–] [email protected] 1 points 1 year ago

For me, it's a personal decision. I find BSD more cohesive. That is subjective and has been debated for a decade now. I also find bhyve a bit easier to use, albiet the features are newer and more in number in KVM (for example: bhyve until very recently didn't have VirtIO drivers, so Windows machines would be useless on it).

I'm interested in working in Security myself. Would you be able to tell me a little more about your work? Also, what role/path in security would you recommend for a Cloud admin/System Admin?