143
If you had to redo your self hosting setup, what would you do differently this time around? (lemmy.world)
submitted 2 years ago by hogofwar@lemmy.world to c/selfhosted@lemmy.world
103 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] vegetaaaaaaa@lemmy.world 1 points 2 years ago

I’d encrypt all disks. Nevertheless, it covers my ass when they retire the server after I used it.

Good point. How do you unlock the disk at boot time? dropbear-initramfs and enter the passphrase manually every time it boots? Unencrypted /boot/ and store the decryption key in plaintext there?

[-] wgs@lemmy.sdf.org 2 points 2 years ago

I run openbsd on all my servers so I would be entering the passphrase manually at boot time. Saving the key on unencrypted /boot is basically locking your door and leaving the key on it :)

this post was submitted on 07 Jul 2023
143 points (98.0% liked)

Selfhosted

60024 readers
1122 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world