Glossary — Digital Infrastructure Terms

A

API (Application Programming Interface) — A defined way for software to communicate with other software. Your app talks to a server's API to send and receive data.

APT — The package manager used by Debian and Ubuntu. apt install installs software. apt update refreshes package lists.

B

Bare Metal — Running software directly on physical hardware, without virtualisation or containers. "Bare-metal install" means installing on the server's OS directly.

BTRFS — A modern Linux filesystem with built-in snapshots, compression, and self-healing. Used by Synology for SHR (Synology Hybrid RAID).

C

Caddy — A reverse proxy and web server with automatic HTTPS. Popular with self-hosters for its simplicity.

Container — A lightweight, isolated package containing an application and its dependencies. Runs on a shared OS kernel. Docker and Podman create containers.

CIDR (Classless Inter-Domain Routing) — A notation for IP address ranges. 192.168.1.0/24 means 256 addresses from 192.168.1.0 to 192.168.1.255.

Cron — A Linux time-based job scheduler. Cron jobs run commands at specified times (e.g., daily at 3 AM for backups).

D

DHCP (Dynamic Host Configuration Protocol) — Automatically assigns IP addresses to devices on your network. Your router usually runs DHCP.

DNS (Domain Name System) — Translates domain names (example.com) to IP addresses (93.184.216.34). The phone book of the internet.

Docker — A platform for building and running containers. The most popular container runtime for self-hosting.

Docker Compose — A tool for defining multi-container applications in a YAML file. Standard for self-hosted stacks.

E

ECC (Error-Correcting Code) RAM — Memory that detects and corrects single-bit errors. Important for NAS and file server reliability.

Egress — Outbound data transfer from a server or cloud service. Many cloud storage providers charge for egress.

F

Fail2ban — Software that monitors logs and bans IP addresses showing malicious behaviour (e.g., repeated failed logins).

Firewall — Software or hardware that controls network traffic based on rules. Blocks unwanted connections, allows permitted ones.

G

GDPR (General Data Protection Regulation) — EU/UK regulation governing personal data handling. Relevant if your self-hosted services process others' data.

H

Home Lab — A personal computing environment used for learning, experimentation, and self-hosting. Ranges from a Raspberry Pi to a server rack.

HTTPS — HTTP secured with TLS encryption. The padlock in your browser. Required for any service accessible over the internet.

I

Ingress — Inbound data transfer to a server or service.

IP Address — A numerical address assigned to every device on a network. IPv4 (192.168.1.1) or IPv6 (fe80::1).

J

Jellyfin — A free, open-source media server. Self-hosted alternative to Plex/Netflix for your own media.

JSON (JavaScript Object Notation) — A lightweight data format used for configuration files and API responses.

K

Kernel — The core of an operating system. Linux is technically a kernel, not an OS (GNU/Linux is the full OS).

L

Let's Encrypt — A free Certificate Authority providing TLS certificates. Used by Caddy, Traefik, and Certbot.

LUKS (Linux Unified Key Setup) — The standard for Linux disk encryption. Encrypts entire partitions.

M

Mount — Attaching a storage device or network share to a directory in the filesystem. "Mount the USB drive at /mnt/backup."

N

NAT (Network Address Translation) — Allows multiple devices on a local network to share one public IP address. Your router does this.

NAS (Network Attached Storage) — A dedicated file storage device connected to your network. Synology, QNAP, TrueNAS, and Unraid are common platforms.

Nextcloud — A self-hosted cloud platform (files, calendar, contacts, video calls). The most popular self-hosted file sync solution.

NVMe — A high-speed storage protocol for SSDs. Much faster than SATA.

O

OPNsense — An open-source firewall and routing platform. Installed on dedicated hardware (mini PCs) to replace consumer routers.

P

Pi-hole — A DNS sinkhole that blocks ads and trackers for all devices on your network. Runs on a Raspberry Pi or any Linux machine.

Podman — A daemonless container engine, compatible with Docker commands. More secure by default (rootless).

Port — A numbered endpoint for network communication. HTTP uses port 80, HTTPS uses 443, SSH uses 22.

Port Forwarding — Directing traffic from your router's public IP to a specific device on your local network.

R

RAID (Redundant Array of Independent Disks) — Combining multiple drives for redundancy and/or performance. RAID 1 mirrors data. RAID 5/6 uses parity. RAID is not a backup.

Reverse Proxy — A server that sits between the internet and your backend services, routing requests based on domain names and handling TLS.

Rsync — A fast, incremental file synchronisation tool. Copies only changed parts of files.

S

SHR (Synology Hybrid RAID) — Synology's RAID system that allows mixed drive sizes.

SSH (Secure Shell) — Encrypted remote access to a server's command line. The primary way to manage Linux servers.

Subnet — A subdivision of a network. 192.168.1.0/24 is a subnet with 256 addresses.

Systemd — The init system and service manager used by most modern Linux distributions.

T

TLS (Transport Layer Security) — The encryption protocol that powers HTTPS. Successor to SSL.

Tailscale — A mesh VPN based on WireGuard that connects devices without port forwarding.

U

UPS (Uninterruptible Power Supply) — A battery backup that keeps equipment running during power cuts and protects against surges.

V

VLAN (Virtual Local Area Network) — A logical network separation on shared physical hardware. Used to isolate IoT devices, servers, and guest networks.

Volume (Docker) — Persistent storage that exists outside a container's lifecycle. Data in volumes survives container restarts.

VPN (Virtual Private Network) — An encrypted tunnel between two points. Used for remote access and privacy.

W

WireGuard — A modern, fast VPN protocol built into the Linux kernel. The default choice for new VPN setups.

Y

YAML — A human-readable data format used for configuration (Docker Compose, Ansible, Kubernetes). Whitespace-sensitive.

Z

ZFS — An advanced filesystem with built-in RAID, snapshots, compression, and checksumming. Used by TrueNAS. Robust but memory-hungry (1GB RAM per TB of storage recommended).

Product links may include affiliate partnerships — see our affiliate disclosure for details.