Adventures in Self-hosting
Track 101 – 11:40am
Jason Halley | SecComet Senior Cyber Security Analyst | Capgemini
Bio
Jason Halley (AKA The SecComet) is a Senior Cyber Security Analyst at Capgemini, where he specialises in delivering documentation and operational processes for a dedicated client SOC. Jason is a active volunteer at community cyber conferences, including BSides Leeds. He has also spoken on topics including Bluetooth fitness tracker security, train disasters, and comparing cyber security to the Titanic! When not working, Jason can be found riding the rails both IRL & virtually, or deploying new apps on his home server (swearing at Docker Compose files).
Pronouns
he/him/his
Talk Abstract
We all know of the 3 2 1 rule for backing up important data, but how many of us implement it? How many random photos, videos, or other files do you have on devices that aren’t backed up? And what would you do if any of those devices were lost, destroyed, or suffered a storage failure? “Cloud is the solution!” we are told, but I don’t fancy paying monthly fees for the rest of time while trusting *insert big tech firm here” to protect my data and not use it as training data for yet another AI project. This is my story in the world of self-hosting, starting with late nights on eBay, through running nothing more than Plex media server on an old Windows machine, to running 3 servers with multiple services, all accessible remotely without being exposed to the web, and with offsite backup because say it with me; “RAID is not a backup”. The journey has not been easy, many a night and weekend has been spent cleaning out dust, migrating files, and swearing at Docker compose files. But, in sharing the lessons that I have already learned, I hope to show that self-hosting is open to anyone at any budget. We’ll cover:
Hardware Operating Systems Networking Docker Tailscale Backups Services you can run (and how) Naturally, given the cyber security nature of BSides, we’ll look at security considerations when hosting your own services. TL;DR, NEVER OPEN PORTS ON YOUR HOME ROUTER. There are magical ways to make remote access work (card magic demo included). You will leave this talk with an appreciation for why more people should consider self-hosting, some pathways into it (regardless of budget), and some ideas for what to deploy first on your own server infrastructure. Our data is now a currency. You wouldn’t give away your hard-earned money to a for profit company, why give away your data? There is a better way!
Intended Audience
The intended audience is people who have considered doing some self-hosting, but aren't sure where to start, perhaps they're overwhelmed but really want to give it a go. not a lot of technical knowledge is needed, a little familiarity with with Linux/bash would be useful, but other than that very little is needed. I plan on making various compose files for starter projects available on GitHub as a nudge top help people jump in.
How NSFW is this talk?
(How spicy is your talk in chilli's?)
Mild/medium. No explicit content but I will probably swear.