Initial commit: HPR Knowledge Base MCP Server
- MCP server with stdio transport for local use - Search episodes, transcripts, hosts, and series - 4,511 episodes with metadata and transcripts - Data loader with in-memory JSON storage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Lee Hanken
92
hpr_transcripts/hpr3532.txt
Normal file
92
hpr_transcripts/hpr3532.txt
Normal file
@@ -0,0 +1,92 @@
|
||||
Episode: 3532
|
||||
Title: HPR3532: Self-hosting in small scale E0: Disclaimer and general idea
|
||||
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3532/hpr3532.mp3
|
||||
Transcribed: 2025-10-25 01:03:35
|
||||
|
||||
---
|
||||
|
||||
This is Hacker Public Radio Episode 3532 for Tuesday the 15th of February 2022.
|
||||
Today's show is entitled, Self-hosting in Smalls Klee Zero, Disclaimer and General
|
||||
Idea.
|
||||
It is the first show by Newhost TAC on 751, and is about 9 minutes long, and carries
|
||||
a clean flag.
|
||||
The summary is, this end is just explanation of the general idea, and introducing
|
||||
useful communities around the topic.
|
||||
Hello everyone, TAC of 751 speaking.
|
||||
I would like to apologize beforehand for the quality, as I am trying to wrap my head
|
||||
around, recording, and basically giving a talk like this is highly unlikely of me.
|
||||
So with that said, I am by no means professional at the moment, and just trying to share what
|
||||
I learned about self-hosting.
|
||||
And today episode is just a starter of a series, where I am trying to explain how to
|
||||
self-host services on your land without exposing too much on the wide and dangerous internet
|
||||
to keep your attack surface as small as you can.
|
||||
Because I had some really bad time, because I made some poor choices.
|
||||
So with that said, I am trying to apply the infrastructure as a cold principles, and
|
||||
easy way to record what I mean behind it, that as a runtime I am trying to use Docker
|
||||
for everything.
|
||||
And using the Docker Compose, which is a neat solution, where you basically able to define
|
||||
a wall service stack in one file, and how they connect to each other.
|
||||
And which container has internet connection, which is separated from the network, you
|
||||
can do segmentation in this case, where containers can see only each other, for example, without
|
||||
any internet connection.
|
||||
And that can prevent many, many issues.
|
||||
The other neat feature is if you own a public domain, and you have a DNS provider, which
|
||||
is supported by Let's Encrypt.
|
||||
You can request a white card certificate for that domain without any DNS record involved,
|
||||
just the API keys for the DNS provider, so that the DNS challenge by Let's Encrypt
|
||||
can be done, which set both other solutions, I would say.
|
||||
And with that you will have a white card certificate, as I said before, and you can serve
|
||||
up on your LAN.
|
||||
And with the help of a local DNS server, you can resolve that domain to a local LAN IP address.
|
||||
And that way, you don't need to fiddle around with a ding root certificate or a self-signed
|
||||
certificate to every single device every time.
|
||||
And then you have to redo it at least in two years, because some operations systems like
|
||||
the iOS and basically all the Apple operation systems has a requirement of certificate where
|
||||
the expired date is less than a year, and the root certificate expired date is less than
|
||||
two years, otherwise it wouldn't even allow to audit as a trusted certificate, which is
|
||||
a pain in the bomb.
|
||||
The next thing is, and as I said before, you will need the DNS server on your LAN to do
|
||||
the domain resolves, and you have to set your devices to use that DNS server as the primary
|
||||
DNS, and you can choose any as a secondary, as a fallback in case your DNS server is not
|
||||
responding or any other issues.
|
||||
And then we can add to this infrastructure a VPN solution as well.
|
||||
I'm going to speak later about their scale and via guard.
|
||||
Well via guard is a really neat solution, and their scale is based upon via guard with enhanced
|
||||
features like really good security features, but there's some downsides as well, because
|
||||
you will need to use a public, it called lighthouse, which is basically a service which helps
|
||||
the client finding each other, and you can set your configurations with the command line
|
||||
and on their online interface, which need only out-indicated with GitHub, Facebook or Gmail
|
||||
I believe, but I will speak about that later in more detail in probably in the next episode.
|
||||
And I wanted to talk about a few communities which are helpful at the very least, and
|
||||
they have really good resources and tutorials, and one of them is linuxserver.io.
|
||||
The community builds and hosts their Docker images, which have a few neat ones.
|
||||
They have, for example, jellyfin, which is a plaques alternative.
|
||||
They have sync thing, they have their own via guard solution, next cloud, swag, and this
|
||||
is one of them which I'm going to speak in more detail because this is one of the neatest
|
||||
one, because it is a modified engine next.
|
||||
Server, which applies for certificates and renewing them automatically, and you basically
|
||||
just need to edit the Docker Compose file on first start and modify a configuration file
|
||||
afterward, and when you want to put a service behind the reverse proxy, you just have to
|
||||
use their templates and modify them to your needs.
|
||||
I will speak about this one as well later because this will be one of the pillars of our
|
||||
project.
|
||||
And the next one is Home Assistant.
|
||||
This one is basically, as it says, a home automation service, which is fully open source.
|
||||
I think it was acquired by Nebuchasse recently, but they working with a patch license, and
|
||||
most of their code is written in Python.
|
||||
So it's easy to make integrations and your own plugins and your own automation, and
|
||||
you can run it on basically in Raspberry Pi.
|
||||
They recommend 3 or 4, but I would say Raspberry Pi 4 is more than capable of running this.
|
||||
It mostly depends what you want to, or what extent you want to use it, as with many services.
|
||||
By the end of this series, I would like to end up with a GitHub or GitLab repository with
|
||||
scenarios and example configuration files, which you can then download and replicate it yourself.
|
||||
I believe a few links in the show notes where you can check out these communities and
|
||||
a few interesting services, which can be useful in a small infrastructure for a family,
|
||||
the more a small company I would say.
|
||||
You've been listening to Hecker Public Radio at HeckerPublicRadio.org.
|
||||
Today's show was contributed by an HBR listener like yourself.
|
||||
If you ever thought of recording a podcast, then click on our contributing to find out
|
||||
how easy it really is.
|
||||
Hosting for HBR is kindly provided by an honesthost.com, the internet archive and our sync.net.
|
||||
Unless otherwise stated, today's show is released under Creative Commons, Attribution, Share
|
||||
Like it's Dito Tonyell License.
|
||||
Reference in New Issue
Block a user