What can I do to make this more secure? - eviltoast

I’m just a novice at self hosting and I see a lot of talk about the risks of exposing stuff to the world. Here’s my setup:

-Rpi4 hosting Overseerr
-Desktop computer hosting Nginx and some Cloudflare DDNS update containers

Cloudflare directs request.domain.com to my home IP address. Nginx forces HTTPS and directs the request to the Pi.

Is there any risk in this setup or are there more steps I can take to secure it?

  • cstine@lemmy.uncomfortable.business
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Anything on the public internet is some amount of risk.

    It sounds reasonably configured, and for a single service that’s been fairly robust, the only thing you really should make sure you’re doing is updates - better if you configure automatic updates, so you don’t even have to think about it.

    unattended-upgrades is what you’d want on a Debian-alike for updates, and Overseerr depends on how you installed it.