this post was submitted on 16 Jun 2023
20 points (100.0% liked)

Selfhosted

40183 readers
769 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hey. I really like the idea of the fediverse and Lemmy and would want to know as a beginner/not so experienced regarding selfhosting what would be the best way to get started? I saw there are vps options, but don't know of I'm looking in the right direction.

top 45 comments
sorted by: hot top controversial new old
[–] happyhippo@feddit.it 6 points 1 year ago (2 children)

I have a somewhat related question: is is possible to help the infrastructure by providing a node to host an existing instance?

I don't wanna have to create and maintain/moderate my own, but would be willing to donate some power and bandwidth to the platform in order to improve performance/geographic distribution etc by having a replica node for an instance/instances of choice.

Thanks

[–] iKill101@lemmy.bleh.au 2 points 1 year ago

I don't believe that's possible. At least, not right now. Happy to be corrected though.

[–] ReducedArc@lemmy.world 1 points 1 year ago

I would also love to help in this way. I have a small home server and an internet connection that has plenty of capacity available.

[–] db0@lemmy.dbzer0.com 3 points 1 year ago* (last edited 1 year ago) (3 children)

Get a cheap linux VPS. My host provides 4 CPU sd and 8G for 8 eur per month which should be enough for something like 500 users.

Then just run the ansible playbook. It will do everything for you

[–] ThorrJo@lemmy.sdf.org 1 points 1 year ago

4 CPU sd and 8G for 8 eur per month

holy crap, that's cheap!

[–] Illecors@lemmy.cafe 1 points 1 year ago (1 children)

Is this an arm instance on hetzner? I was looking for something cheaper than digitalocean, but I like their networking quality a lot.

[–] jjakc@lemthony.com 0 points 1 year ago (3 children)

I have mine running on the cheapest arm Hetzner instance, working well so far

[–] Illecors@lemmy.cafe 1 points 1 year ago

Glad to hear that!

[–] SmugBedBug@lemmy.iswhereits.at 0 points 1 year ago (1 children)

I didn't know Lemmy could run on arm architecture. Is your installation with docker?

[–] jjakc@lemthony.com 1 points 1 year ago

No, with the Ansible method. I tried the docker method, but it really didn't want to work for me.

If you go the Ansible way though make sure you're using a Debian 11 based OS

[–] 2xsaiko@discuss.tchncs.de 0 points 1 year ago (1 children)

Oh, Hetzner has ARM machines now? Very nice. Guess I should finally move at least my mail server to ARM.

[–] jjakc@lemthony.com 0 points 1 year ago* (last edited 1 year ago) (1 children)

Yes, only in ~~Frankenstein~~ Falkenstein though. Which isn't a big deal if you're EU based anyway

[–] homelabber@lemmy.one 1 points 1 year ago

Frankenstein is the name of the doctor, not the name of the monster

[–] XenoBen@lemm.ee 0 points 1 year ago* (last edited 1 year ago) (1 children)

thanks, in VPS, any red flag I should care for? Privacy, monitoring, etc?

[–] db0@lemmy.dbzer0.com 1 points 1 year ago

Very low bandwidth caps will be a problem with fediverse.

Other than that, check your steal % once you have the VM. If it's over 20% consistently, you're being ripped off.

[–] iKill101@lemmy.bleh.au 1 points 1 year ago (4 children)

Personally... it was an experience to say the least. I went down the Docker path for my instance. I've tried to keep away from Docker for ages, but here I am.

I'd recommend using the ansible playbook to get it running, as the docker documentation isn't very detailed and it gets very confusing; especially for a beginner.

[–] flauschke@feddit.de 2 points 1 year ago (1 children)

Did you get it to run on docker? My personal instance is running, federation and community search semm to be working but when I subscribe to something it just says "pending" and does not seem to actually go through

[–] iKill101@lemmy.bleh.au 3 points 1 year ago* (last edited 1 year ago) (1 children)

I did, yes. It took me a few hours of troubleshooting though, spanned across two days. I'm using Nginx Proxy Manager instead of the Nginx proxy that comes with Lemmy, but it all translates similarly. I also followed this guide on YouTube.

If it's sitting there saying "pending" for your subscriptions, it may be that the "proxpass /" location ports are off by one. It'll look like it's federating properly, but really it isn't. That was one thing I noticed with the documentation/examples; things were off and not updated. Check my screenshot attached for what I mean. The documentation/example config for the proxy lists the Lemmy-ui port as 1235, but it's actually 1236.

Screenshot

Hopefully that makes sense. If I can be of any more assistance, let me know!!

[–] flauschke@feddit.de 2 points 1 year ago

Thanks! I'll check the video and I'll double check my configuration. The example compose file and config files already needed some tweaking for me to get to this point but maybe I've missed something.

[–] blackstrat@lemmy.fwgx.uk 2 points 1 year ago* (last edited 1 year ago) (1 children)

The docker documentation is not kept in sync with the docker-compose.yml it asks you to use. So you download the latest one as per instructions, but that's being regularly updated with no thought to the documentation also being updated. It's also doesn't seem aimed at production deployment, just developer test environments. Then there are stupid simple things like the port number being changed in the docker-compose.yml but not in the nginx.conf or the lemmy.hjson. There desperately needs to be better control of that.

There is a lot wrong there and it doesn't fill me with confidence. It took me 3 hours to piece it all together last night and had to revert to picking bits out of the ansible documentation.

[–] kristian@lemmy.astheriver.art 1 points 1 year ago (1 children)

Exactly, I’ve spent ages yesterday and today trying to piece together a set of configs that all work together. I thought it must have been me missing something because the last time I did it everything worked exactly as described in the documentation and it took about ten minutes to get a working instance up and running, but not this time!

It helps slightly (slightly!) if you refer to the configs from the last release rather than the ones on the main branch that are constantly being changed, but even then you’ll have to maybe use the docker-compose.yml from the Ansible repo if you don’t want to build nginx as part of the docker install.

Got there in the end though!

[–] blackstrat@lemmy.fwgx.uk 1 points 1 year ago

Turns out I can't upload photos due to the config file they point you at being wrong. Ffs! Direct users to a labelled release and production version. At the moment it's chaos at the very time it needs to be as seemless as possible.

[–] travis@lemmy.blue 1 points 1 year ago

+1 for Docker, specifically Docker Compose. Lemmy probably isn't the right container to learn Docker with, but once you have the fundamentals down spinning up Lemmy was pretty seamless.

[–] XenoBen@lemm.ee 0 points 1 year ago (1 children)

thanks, wanted to go that route

[–] jjakc@lemthony.com 1 points 1 year ago (1 children)

Make sure you use a Debian base OS, as the playbook uses aptitude to install the dependencies. Also, you can't use anything over Debian 11, as the way the apt repositories and gpg keys are added, and the pip packages are installed don't work with the newer OS'.

I found out the hard way lol

[–] netburnr@lemmy.world 1 points 1 year ago

The fact that this wasn't in their install instructions made waste multiple hours yesterday. Eventually got a server working on Ubuntu 22. But then after starting to subscribe to other communities my server stopped responding Soni gave up

[–] jedi@lemmy.dyslexicjedi.com 1 points 1 year ago

I'm using a hetnzer VPS, and the ansible script. It's working well.

[–] hashferret@lemmy.world 0 points 1 year ago (1 children)

What I'm curious about is running a server only for myself. Am I gonna have problems with being defederated? I'm wanting to run Matrix right next to it on the same domain but they seem much more open to the concept of personal servers.

[–] fox@lemmy.fakecake.org 3 points 1 year ago* (last edited 1 year ago) (1 children)

it's alright, i run a personal server with closed registrations. looking for new communities is a bit glitchy, you might need to search a few times before it appears.

e: one thing i have to note is that docker-related documentation is somewhat inaccurate and, in my opinion, their setup is a bit overcomplicated.

[–] lckdscl@whiskers.bim.boats 0 points 1 year ago (2 children)

Using their docker set up as well and I thought it was quite lean. Out of curiosity, what do you think is overcomplicated about it?

[–] fox@lemmy.fakecake.org 4 points 1 year ago* (last edited 1 year ago) (1 children)
  • why use two networks, instead they shouldn't expose any internal ports if using reverse proxy container within compose (I'm using a separate external load balancer/reverse proxy, so I exposed lemmy & lemmy-backend only);
  • stuff like hostname: shouldn't be needed because it matches service name;
  • instead of using generic nginx container image with custom nginx.conf you need to place somewhere manually they should pre-build a container which would work OOTB with the compose setup, this would also solve current situation where nginx.conf and compose file are seemingly maintained separately because they don't match (i had to change one to match the other);
  • a minor thing but i would appreciate environment-based setup instead of needing configuration files (lemmy.hjson) on the filesystem (my ansible-based container deploy system has provisions for this stuff, still its something that i'd rather not have to use...);
  • in general compose setup feels like development environment because of all the debugging that is enabled, i think it also tries to build one of lemmy components instead of using an image by default;

it's all minor stuff, really, but it adds up and people who are not particularly savvy might give up on self-hosting lemmy because of if. so some polish and cleanup might be a good idea.

i know there's an ansible role too but i haven't looked through it. i have to do way too much ansible code review & refactoring at work. :)

[–] ipkpjersi@lemmy.one 1 points 1 year ago (1 children)

I'm planning on self-hosting an instance (and some other web apps) on my local server at home, but over a VPN on a public VPS. I feel like that's gonna make an overcomplicated setup even more overcomplicated lol

[–] fox@lemmy.fakecake.org 1 points 1 year ago (1 children)

i'm hosting lemmy on a vds using an S3 storage hosted at home (over wireguard). :)

i've decided against hosting lemmy at home because there's no way to setup a proxy for outbound connections (or i couldn't find it) so any federation request your lemmy instance makes reveals your home IP to owners of that particular instance.

[–] ipkpjersi@lemmy.one 1 points 1 year ago* (last edited 1 year ago) (1 children)

i’ve decided against hosting lemmy at home because there’s no way to setup a proxy for outbound connections (or i couldn’t find it) so any federation request your lemmy instance makes reveals your home IP to owners of that particular instance.

Wait, how would that work? If I'm using OpenVPN, would it not be using the source and/or destination IP as my OpenVPN client IP, and not my home IP? After all, OpenVPN is completely bypassing my routing and NAT from my home connection, and it just tunnels traffic through the VPN instead.

I believe the source IP would be the IP of any server trying to contact my server, and then the destination IP would be my VPN client IP because of the DNAT rule I have on my VPN server (say 10.0.0.2) so it would not expose my home IP, or is that not correct? If both Lemmy and Nginx are either using a local docker IP (not on my home network) or the OpenVPN client IP from tun0, how would they even be aware of my home IP which would be on a separate network interface?

Are you saying I'd be exposing my IP if I tried my home-based VPN port forwarded setup? I am pretty sure it wouldn't be exposing my home IP, but maybe I am mistaken.

[–] fox@lemmy.fakecake.org 2 points 1 year ago (1 children)

if you pass all outbound connections through vpn you'll be fine.

[–] ipkpjersi@lemmy.one 1 points 1 year ago

Good to know, thanks!

I also asked ChatGPT because I was curious, and ChatGPT said since I am using a VPN, when my home server makes outbound requests, they will first go through the VPN tunnel and emerge from the VPS which means that to external systems (like the servers receiving my federation requests), the source IP will appear to be the public IP of my VPS, not my home IP.

Very cool stuff! It makes sense that VPNs can be used to mask home IPs even in this way, since VPNs are literally designed for security and privacy lol

[–] sandros@lemmy.world 1 points 1 year ago

I've followed the official guide on how to set it up using docker. I had to tweak the compose file in a way it was not mentioned in the docs. Also I have an already set up nginx web server and while I was able to set up a reverse proxy vhost to the reverse proxy that was defined in the compose I wasn't able to get websocket working. I thought of removing the proxy entirely from the compose file and configure the "main" nginx server for lemmy, I just gave up and removed everything because I felt like it doesn't worth the time.

[–] ionhowto@kbin.social -1 points 1 year ago (2 children)

I was considering it.
There is the cost for the vps which would have to be separate in "quarantine" from the rest of our stuff.
Extra cost. $6/ Month sounds cheap but it's not unless you really feel the need to spend 5+ hours a day troubleshooting the tech side.

Then there is the risk of becoming a platform for pedophiles and terrrists.

More time going in that for moderating it and not risk getting our cloud account banned because we hosted illegal stuff - even if it's by mistake it's still a risk to get the whole account shut down.

Only way I can see this works is for someone who is knowledgeable enough or has trusted people who are knowledgeable to keep the server clean.

It's a fun experience I bet but too risky.
Learning to setup infra is a great chance but there are other ways to learn and still not contribute to internet filth or spam.

Better a few big sites than 1000 small unmaintained ones.

[–] netburnr@lemmy.world 3 points 1 year ago (2 children)

You don't have to allow sign-ups, therefor no modding to do if it's only you.

[–] ionhowto@kbin.social 1 points 1 year ago (1 children)

Like this it does make sense for learning and it can be done locally on a regular PC. No need to even have it running more than 5h/ week.
Only start it when trying something.

There are other more interesting things to learn and setup. Something like a honeypot.

[–] netburnr@lemmy.world 1 points 1 year ago

Counterpoint, someone will learn about Debian, ansible, docker, and troubleshooting all of the above.

Personally I've run into many bumps along the way, some really dumb and not documented at all. But it was a fun learning experience.

[–] TheOneCurly@lemmy.theonecurly.page 0 points 1 year ago (1 children)

That's what I'm doing. Totally closed sign-ups except for a few close irl friends.

[–] nude@kbin.social 0 points 1 year ago (1 children)

This is what im going to do when I get a spare few hours to set it up.

Im looking at it in the same way as my searx instance. Just a private portal that will have as much uptime as I can maintain, federated with who I want and no one I dont.

[–] techgearwhips@lemmy.world 2 points 1 year ago

Same. I'm glad I found this thread because I was wondering if it was ok to do this.

[–] nude@kbin.social 1 points 1 year ago

Running a public instance is 100%, definitely not suitable for someone without experience or at the very least a solid background and a sincere willingness to learn and spend time maintaining it.

A private server for yourself and a group of buds?
There isnt really a reason not to give it a go if youre interested.

load more comments
view more: next ›