I find the idea of self-hosting to be really appealing, but at the same time I find it to be incredibly scary. This is not because I lack the technical expertise, but because I have gotten the impression that everyone on the Internet would immediately try to hack into it to make it join their bot net. As a result, I would have to be constantly vigilant against this, yet one of the numerous assailants would only have to succeed once. Dealing with this constant threat seems like it would be frightening enough as a full-time job, but this would only be a hobby project for me.
How do the self-hosters on Lemmy avoid becoming one with the botnet?
Step 1 is to do everything inside your network with data you don’t care about. Get comfortable starting services, visiting them locally, and playing around with them. See what you like and don’t like. Feel free to completely nuke everything and start from scratch a few times. (Containers like Docker make this super easy).
Step 2 is to start relying on it for things inside your network. Have a NAS, maybe home assistant, or some other services like Immich or Navidrome. Figure out how to give services access to your data without relying on them to not harm it (use read only mounts, permissions, snapshots, etc.)
Step 3 is to figure out how to make services more accessible away from home. Whether that is via a VPN, or something like tailscale, or just carefully opening specific ports to specific secure and up-to-date services. This is the part you’re feeling anxious about, and I think you’ll feel less anxious if you do steps 1 and 2 first and not even think about 3 yet. Consider it its own challenge, and just do one challenge at a time.