I have been self-hosting for a while now with Traefik. It works, but I’d like to give Nginx Proxy Manager a try, it seems easier to manage stuff not in docker.
Edit: btw I’m going to try this out on my RPI, not my hetzner vps, so no risk of breaking anything
I used NPM, It was pretty solid
Then I changed headspace and now I run SearXNG through cloudflare, and tailscale everything that doesn’t need to be public.
Why shouldn’t stuff be public?
Zero Day Vulnerabilities. Smaller surface area, smaller threat.
If I surface something that runs PHP or Java under the hood and a new zero day is found in PHP / Java and my project or product doesn’t get updated, I’m at risk.
When zero days come out, people script against it.
Things that need to be public are worth it. But anything that’s just you looking at it? The thing with Tailscale, you can just let it run on your phone / laptop. If you don’t use an exit node in your house, you won’t even know you’re on VPN.