@Rebel
Your external IP address is always public, just not strongly associated with you, the person.
Kiran said:
@Rebel
Your external IP address is always public, just not strongly associated with you, the person.
Ah, the good old days of P2P chat, when a /whois a la IRC would give you the IP of the user you’re talking to… 
But you’re perfectly correct, your IP is always public and visible and should be treated as such when facing the internet.
Tilden said:
@Rebel
Super noob question - what is a VPS? Thnx.
Virtual Private Server. It’s a virtual box within a beefier box.
Tilden said:
@Rebel
Super noob question - what is a VPS? Thnx.
Virtual Private Server. It’s a virtual box within a beefier box.
Thank you.
Check out r/selfhosted.
It really depends on how computationally expensive the application is. A basic webpage can definitely be safely hosted on a Raspberry Pi with decent performance.
Ultimately it will really depend on what you are doing. I suggest testing it out on your computer first and then you can look at the resources it’s using to see if a Raspberry Pi will be sufficient.
As far as my experience goes, a lot of I/O on flash memory will burn the memory card faster than expected. Be careful to not log too much useless data and make sure to have regular (automated) backup of the DB and the data.
It’s just a small hardware version of a VPS, as far as the hosting side goes. No problems with hosting on an RPi. It’ll handle it fine at first, especially a newer one with a PCIe SSD.
The home network part is a bit more tricky. If you want to handle traffic directly, you’ll need to port forward incoming traffic to your router on a certain port to the RPi host. You are letting traffic from the wider public network into your home network. There are risks. You should understand these or use a tunnel service.
You’ve also got the problem that your router’s public IP will probably change. You can use dynamic DNS services to deal with this.
Then you’ve got the problem of your ISP potentially blocking ports such as 80.
You’ll want to disable password authentication for SSH and use an SSH key instead. Lock everything else down so nothing is listening on other ports. Check your firewall/packet filter config.
TL;DR: Cloudflare Tunnel is pretty awesome.
You also need to make sure your web server (e.g., nginx) is configured properly, e.g. not serving up anything it shouldn’t.
These are the basics. Beyond that, there are all the normal security concerns of any website or web app. I wouldn’t recommend storing anything on the RPi that isn’t related to your website. E.g., a file inclusion vulnerability exposing personal files could be bad.
It’s not too hard once you’ve done it once. Just a lot to learn the first time. But it’s quite fun and only as risky as you make it really.
That entirely depends on how much database performance needs you have.
If you can keep things simple, like a chat room or something, you could handle thousands of users.
If you want to start processing images and indexing with AI vector columns, then you hit a wall pretty quickly.
@Dallas
It would be a simple app to manage a local hockey team. Think of it like a planner for games, team handling, tournaments handling, and all that jazz. I think it should be okay, but the security aspect of it throws me off.