[superkuh]

How I Blog with HTML and nginx - Zero Cost, Fully Owned: Step 1. install nginx from repos on my home desktop computer. Step two: write html files and put them in directories under the web root. Step 3. forward port 80 to the webserver internal IP on my router config. Step 4. Link people to http://your.ip.here.a/somepage.html or maybe rent a .com domain.

I've been doing it for 20+ years (xitami and thttpd before nginx) and it not only has an infinite lifetime (because it's .html and files) but it also has no attack surfaces or mantainence required.

All that static site generator and remote corporate services stuff will break within a year if left untouched. And re: security, running a static nginx server from home is about 10,000x less of a security risk than opening a random page in $browser with JS enabled. nginx RCEs are less than once a decade. And DoS re: home IP? A vastly over-stated risk for most human people. In my 20+ years I've never had a problem, and even if I ever do, who cares? It's not like my personal website needs nine 9s of uptime. It can be down for days, weeks, with no issue. It's just for fun.

[quesera]

Yikes, I'd strongly discourage unfiltered ingress PAT to your desktop machine.

I know you have acknowledged the decision to entrust nginx with all of your personal data and tax records and bank statements and legal documents and browser history and GitHub credentials and ssh private keys and so on.

But it's still madness. You are one oversight, accident, or bug away from total pwnage.

[superkuh]

All of this applies to using your browser and your browser automatically executes code from random sources. If this is your threat model then how are you even posting on HN? Shut down that insecure browser quickly. It is tens of thousands of times more likely to expose your personal data etc etc than nginx.

Running nginx isn't madness. Thinking nginx is more of a risk, or even comparable to, your normal daily browser behavior certainly is.

Go look up the last nginx RCE. I think you'll be in the 2000s for just bare nginx.

[quesera]

You are not educating me in any way. And obviously I don't browse with JavaScript enabled.

We could go back and forth all day about the likelihood of a v8 sandbox escape vs RCE in a big C program. But another risk to consider is a non-obvious misconfiguration. A default server block with a wildcard server name. A stray symlink inside the docroot. An unexpected mount point. A temporary config change that you forget to revert. So many ways to fail...

Regardless, trusting your entire personal data security to a single layer of protection is madness.

Perhaps only exceeded by the logic of "it hasn't happened for a long time, therefore it will never happen again".

Good luck.

[superkuh]

I guess you're right. Humans make mistakes so we should just not have any control where we might make a mistake at all and host all our personal data at large corporations who definitely have our privacy as the #1 priority and never leak. And before you say, "I don't do that, false dichotomy." we're not talking about us, here, it seems. Since we both are obviously huge nerds capable of securing things (I have js disabled by default too). We're talking about the type of person that runs javascript.

[quesera]

I thought we were talking about blog posts.

Host your personal data on your local machine. Encrypt it and sync to another physical location for backup.

But serve your blog from somewhere else. If you want to self-host it at home, buy a cheap NUC (or RPi) and hang it off the guest network on your WiFi router. Or, minimally, a VM or a zone/jail/container. I don't like the idea of a compromised host sitting on my home LAN, but it's better than a compromised daemon running on my desktop OS.

Or don't self-host at home, but mirror the data up to GitHub Pages or Cloudflare Pages for free. Or pay for a cheap VPS (people elsewhere in these comments mentioned a $20/yr host). Or OVH, Hetzner, even AWS low-spec instances...all reasonable options.

If you're no longer talking about blog posts, but you want worldwide access to arbitrary personal data on your home desktop, that's a job for a VPN -- preferably one that still does not terminate on your desktop itself, and of course not one that gives a sketchy third party direct access to the desktop.

I completely agree that pushing your personal files and such up to Dropbox (e.g., etc) would also be madness!

You say we're not talking about us, but I'm responding to your specific mention that you serve blog posts to the public Internet from nginx running on your desktop. We may not be able to help to average consumer, but I'm talking about you! :)

[superkuh]

>but I'm talking about you! :)

I am confident in my digital security for my threat model. Physical security, less so. The only time my data has ever been taken was when the FBI broke into my apartment at 6am in 2010 and held me at gunpoint and stole every computer in my apartment. They never charged me with a crime, never even indicted me. It was all just the feds squashing political dissent back in the Occupy wallstreet days and I was one of hundreds on the mass warrant issued for that morning's cross-country raids meant to intimidate and destroy lives. As was the FBI's style, they stole all the bitcoin I had on those computers, which I discovered when they kindly returned them (in parts) 10+ years later in 2021.

I'd argue the real risk for me living in the USA is not from random hackers finding a unicorn nginx RCE (or me misconfiguring), but from the government. And they're going to come in the front door not through my computer.

Given the state of things I think this applies to far more people than just me. So start up those home static servers. It's a relatively low risk, all things considered. And free communication with other humans, not shaped by corporate policy and opinion shaping, might just mitigate the government problem a bit.

[ingav]

But I’d say “infinite lifetime” only holds as long as your hardware, power, and IP setup stay stable. If your home machine dies or your router resets, things go offline fast.

That’s part of why I prefer hosting the static output somewhere external. Not perfect, but it lets me step away from the setup for months and still have it running.

[superkuh]

Yes, I do need society to continue existing and for me to not be homeless. I guess I hadn't considered the needs of the unhoused. For them self-hosting is going to be a problem. For everyone else, not a problem. Going briefly offline for a week literally doesn't matter at all. This isn't a business or institutional service. Once you stop trying to fulfill the needs and constraints typical of those endevors you can see just how easy it is.

As for IP, when it changes you can just copy the new IP and stop sending links with the old IP to friends. It's not a big deal. But a domain is nice (either some dyndns subdomain or a real tld with free DNS hosting (and dyndns updates) by zoneedit or the like).