How-To-Secure-A-Linux-Server
PhotoPrism
How-To-Secure-A-Linux-Server | PhotoPrism | |
---|---|---|
48 | 510 | |
16,701 | 32,590 | |
- | 1.3% | |
4.6 | 9.9 | |
20 days ago | 7 days ago | |
Go | ||
Creative Commons Attribution Share Alike 4.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
How-To-Secure-A-Linux-Server
- An evolving how-to guide for securing a Linux server
- How to Secure a Linux Server
-
Should I set up my own server?
- own server costs about $5/month. I recommend using docker to deploy hbbr and hbbs. Back up the key in case you need to re-deploy. You do need to secure your Linux server, and this community-driven Github guide has some good tips to get started.
- How-To-Secure-A-Linux-Server: An evolving how-to guide for securing a Linux server.
-
Automating the security hardening of a Linux server
I have been using the How To Secure A Linux Server guide for quite a while and wanted to learn Ansible, so I created two playbooks to automate most of the guides content. The playbooks are still a work in progress.
-
Connecting to docker containers rarely work, including via Caddy (non docker) reverse proxy
If it works, I will then follow the hardening guide I did before (https://github.com/imthenachoman/How-To-Secure-A-Linux-Server) and test after every step
-
Resources to learn backend security from scratch
Maybe these two repos can help you, I've used them both from time to time to look up stuff I have no idea about as a frontend main: https://github.com/imthenachoman/How-To-Secure-A-Linux-Server https://github.com/decalage2/awesome-security-hardening
- Time to start security hardening - been lucky for too long
-
Ask HN: How can a total beginner start with self-hosting
> In short itβs all about control, privacy, and security, in that order.
I am going to strongly urge you to consider changing that order and move *security* to the first priority. I have long run my own servers, it is much easier to setup a server with strong security foundation, than to clean up afterwards.
As a beginner, you should stick to a well known and documented Linux server distribution such as Ubuntu Server LTS or Fedora. Only install the programs you need. Do not install a windowing system on it. Do everything for the server from the command line.
Here are a few blog posts I have bookmarked over the years that I think are geared to beginners:
"My First 5 Minutes On A Server; Or, Essential Security for Linux Servers": An quick walk through of how to do basic server security manually [1]. There was a good Hacker News discussion about this article, most of the response suggests using tools to automate these types of security tasks [2], however the short tutorial will teach you a great deal, and automation mostly only makes sense when you are deploying a number of similar servers. I definitely take a more manual hands-on approach to managing my personal servers compared to the ones I professionally deploy.
"How To Secure A Linux Server": An evolving how-to guide for securing a Linux server that, hopefully, also teaches you a little about security and why it matters. [3]
Both Linode[4] and Digital Ocean[5] have created good sets of Tutorials and documentation that are generally trustworthy and kept up-to-date
Good luck and have fun
[1]: https://sollove.com/2013/03/03/my-first-5-minutes-on-a-serve...
[2]: https://news.ycombinator.com/item?id=5316093
[3]: https://github.com/imthenachoman/How-To-Secure-A-Linux-Serve...
[4]: https://www.linode.com/docs/guides/
[5]: https://www.digitalocean.com/community/tutorials
-
Selfhosting Security for Cloud Providers like Hetzner
I suggest these resources: - Some fundamentals: https://www.cyberciti.biz/tips/linux-security.html - One of the best imho ( exhaustive list ): https://github.com/imthenachoman/How-To-Secure-A-Linux-Server - Ansible playbook to harden security by Jeff Geerling: https://github.com/geerlingguy/ansible-role-security - OAWSP Check list ( targeted for web apps... and honestly a bit overkill ): https://github.com/0xRadi/OWASP-Web-Checklist
PhotoPrism
-
Show HN: Memories, FOSS Google Photos alternative built for high performance
I have been using https://www.photoprism.app for a couple of years, and it works better than expected, with the latest updates it's actually quite fast and the face tagging works reasonably well.
-
Ente: Open-Source, E2E Encrypted, Google Photos Alternative
For self-hosting, there's Photoprism[1] as well.
Ente's strength lies in end-to-end encryption[2] and its cloud[3] offering so you don't have to worry about reliability.
So if self-hosting is what you're after, Immich, Photoprism and Damselfly (TIL!) are perhaps better designed to serve your needs.
[1]: https://github.com/photoprism/photoprism
[2]: https://ente.io/architecture
[3]: https://ente.io/reliability
-
Switching to Android Was Easy
For quite a while I'm also in search for a solution which allows me to share galleries with my family, without having to ask them to jump through hoops in order to access them.
After some searching I'm now testing photoprism [1] which is a fantastic application, especially for self-hosting of photos. There's no mobile app for it (yet) and user-management is just starting to get implemented, but it shows alot of promise. Unfortunately not yet enough for putting it on the tablet of my granny but one can hope (and donate!)
Either way, I'm afraid that building a good mobile gallery app is an equally large task, after all the best solution would be to replace the users' native gallery-app with an equivalent that also supports custom Online-Galleries...
[1]: https://www.photoprism.app/
-
I write HTTP services in Go after 13 years (Mat Ryer, 2024)
out of curiosity, why no sort-of-established pkg and internal dirs? What do you think of https://github.com/photoprism/photoprism structure?
-
Escaping Surveillance Capitalism, at Scale
Thank you!
Ente was first a piece of hardware, then a self-host-able project, but we had a hard time monetizing both, which lead to the E2EE pivot.
TIL about TagSpaces, thanks!
Our server can be open-sourced, but we're unsure of the value E2EE will provide, with services like Photoprism[1] and Immich[2] already doing a good job of serving customers who prefer to self host. In this context E2EE might become a constraint, rather than a feature.
[1]: https://github.com/photoprism/photoprism
[2]: https://github.com/immich-app/immich
-
Google Photos alternative with OCR
Ive seen github issues like this one https://github.com/photoprism/photoprism/issues/907 in which it is implied that this is very very difficult.
- New Release 231128-f48ff16ef βοΈπ
-
Photo gallery frontend with encryption and search
Hi. I want to implement an image server similar to Photoprism using ImageAI to tag images based on objects and context. However I don't want to spend to much time working on the frontend, at first I were thinking about using Danbooru and use Flexbooru or the web interface on my phone. But it doesn't have any encryption or password protection (since the purpose of it is to be used as a public image board).
-
Suche Fotoverwaltungssoftware
https://www.photoprism.app in Docker.
-
Ask HN: How do you manage photos, philosophically?
PhotoPrism[0] and some ugly plumbing[1] to semantically tag all images in the gallery.
0: https://github.com/photoprism/photoprism
What are some alternatives?
authelia - The Single Sign-On Multi-Factor portal for web apps
Piwigo - Manage your photos with Piwigo, a full featured open source photo gallery application for the web. Star us on Github! More than 200 plugins and themes available. Join us and contribute!
Gitea - Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
immich - High performance self-hosted photo and video management solution.
docker-socket-proxy - Proxy over your Docker socket to restrict which requests it accepts
librephotos - A self-hosted open source photo management service. This is the repository of the backend.
PowerDNS - PowerDNS Authoritative, PowerDNS Recursor, dnsdist
Lychee - A great looking and easy-to-use photo-management-system you can run on your server, to manage and share photos.
debian-cis - PCI-DSS compliant Debian 10/11/12 hardening
Photonix - A modern, web-based photo management server. Run it on your home server and it will let you find the right photo from your collection on any device. Smart filtering is made possible by object recognition, face recognition, location awareness, color analysis and other ML algorithms.
lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Photoview - Photo gallery for self-hosted personal servers [Moved to: https://github.com/photoview/photoview]