Ask HN: Tips to get started on my own server
Getting started environment
- Many suggest starting cheap and disposable: a $5–10/month VPS or local VM, expect to break/reinstall multiple times.
- Others recommend a home box (old laptop, mini PC, Raspberry Pi, NAS) for physical access and deep networking practice.
- Some propose first mirroring services you already run on Windows in a Linux VM to reduce unknowns.
- There’s a minority view that “real” bare-metal/colocation is more educational but higher effort.
Where to host: VPS vs home server
- Popular VPS options mentioned: DigitalOcean, Vultr, Hetzner (praised as good value), Linode, OVH, BuyVM, Scaleway, lowendbox offers.
- Cloud: AWS EC2/Lightsail and Azure burstable instances are suggested; some warn about IO and billing surprises.
- Oracle Cloud “always free” gets both praise (great free box) and strong criticism (random bans, data/2FA concerns, idle-instance archiving).
- Home hosting seen as cheap and empowering; critics warn about security, ISP limits, and uptime; proponents say it’s the best way to really learn.
- Dynamic DNS and Cloudflare tunnels are suggested for exposing home services.
OS, tools, and automation
- Beginner-friendly: Ubuntu or Debian server are most recommended due to documentation and community; Debian seen as “uncontroversial.”
- Others suggest Arch, Gentoo, Slackware, NixOS, Alpine, FreeBSD, or Illumos for deeper understanding, but as second steps.
- Use local hypervisors (VirtualBox, Orbstack, UTM) to spin up multiple test VMs.
- Heavy emphasis on automation and reproducibility: shell scripts, Ansible, Terraform, cloud-init, Proxmox containers; “executable notes.”
- Docker and higher-level platforms (CapRover, Yunohost) are proposed to quickly run apps, then inspect under the hood.
Security and reliability
- Core practices: firewall (UFW/iptables or provider firewall), SSH keys only, disable root login, possibly move SSH off port 22, use strong passwords elsewhere.
- Tools like fail2ban or CrowdSec to block brute-force attacks; VPNs (e.g., Tailscale) to reduce open ports.
- Use snapshots/backups (Proxmox, provider snapshots, rsync, external disks) and learn to restore often.
- Stick to LTS distros; consider CIS benchmarks and basic monitoring/perf tools as you advance.
Projects and learning approach
- Start with one service at a time: simple website (nginx/Apache, Let’s Encrypt), then app stack (e.g., Django + gunicorn + nginx), then databases, DNS, mail, backup, monitoring.
- Keep meticulous notes (or Obsidian/Zettelkasten-style docs); use shell history when you forget.
- Philosophy: don’t chase the “perfect” stack; build something small, run it for months, fix issues permanently, then iterate.