I am wanting to self host a fediverse instance. I don’t hope to make it big. Hoping for 200 users at most, and I won’t advertise it heavily so it’ll probably be a while before it gets there.
Is it a bad idea to host something like this on local hardware at home? I have a lot of local-only self hosted services, and I wouldn’t want those to be compromised.
But my biggest fear is overloading my network. I already don’t get the fastest signal in some parts of my house, and I am worried the extra traffic might put more pressure on the network.
What are your thoughts on hosting local? Should I just avoid the headache and host on public instance?
You must log in or register to comment.
On a technical level, user count matters less than the user count and comment count of the instances you subscribe to. Too many subscriptions can overwhelm smaller instances and saturate a network from the perspective of Packets Per Second and your ISPs routing capacity - not to mention your router. Additionally, most ISPs block traffic traffic going to your house on Port 80 - so you’d likely need to put it behind a cloudflare tunnel for anything resembling reliability. Your ISP may be different and it’s always worth asking what restrictions they have on self-hosted services (non-business use-cases specifically). Otherwise going with your ISP’s business plan is likely a must. Outside of that, yes, you’ll need a beefy router or switch (or multiple) to handle the constant packets coming into your network.
Then there’s a security aspect. What happens if you’re site is breached in a way that an attacker gains remote execution? Did you make sure to isolate this network from the rest of your devices? If not, you’re in for a world of hurt.
These are all issues that are mitigated and easier to navigate on a VPS or cloud provider.
As for the non-technical issues:
There’s also the problem of moderation. What I mean by that is that, as a server owner you WILL end up needing to quarantine, report, and submit illegal images to the authorities. Even if you use a whitelist of only the most respectable instances. It might not happen soon, but it’s only a matter of time before your instance happens to be subscribed to a popular external community while it gets a nasty attack. Leaving you to deal with a stressful cleanup.
When you run this on a homelab on consumer hardware, it’s easier for certain government entities to claim that you were not performing your due diligence and may even be complicit in the content’s proliferation. Now, of course, proving such a thing is always the crux, but in my view I’d rather have my site running on things that look as official as possible. The closer it resembles what an actual business might do, the better I think I’d fare under a more targeted attack - from a legal/compliance standpoint.
That’s a long winded way of saying “if you have to ask, you’re not ready”
Eh, but then he won’t learn anything. I’ve never found that response acceptable. It just perpetuates the problem. To each their own though!
I understand this policy of needing to report them to official authorities is a new thing they now added out of fear of losing their grip of control on social media when people swarm to private instances.
My standards however will always remain on “No government has any business in private stuff.” Just like everybody follows default trafficlaws on private parkings, but in reality they are just rules of the owner and unless you do damage the police can’t do anything for driving wrongly on them. Same goes inside a store. Government has no say in how internals are handled and will only be allowed to note damage and allow the owner to press charges, if they so chose. I’m just drawing that basic right further to everything, including any privately setup software.
I kinda also feel that if I have to go and involve government authorities, it takes away a large basic reason to even go private. I’m not paying servercosts to still having to deal with government [insert bad word here]…
Governments can suck it and I’ll just deal with my own issues. There is absolutely no way in hell I’m going to voluntarily contact any government [insert different bad word here] for things I am doing in private. They can go stand on their heads for all I care…
NB: This is in no way an attack towards you or what you commented, voting it up even cause you were very helpful and I do agree in general it’s best to give the legals and leave it up to people to choose to follow that or not, I just needed to get this frustration about government control in private setups off my chest… 😅
My standards however will always remain on “No government has any business in private stuff.”
I never thought I’d see someone openly admit, even advocate, that they’re willing to host child sexual assault material on hardware they own. That’s a sad hill to die on.
I don’t really care about anything else you’ve written to justify your blanket standards either. All it takes is one example (CSAM) to show the depravity of your standards.
I’m all about privacy, even so far as to emigrate from the US to a country in the EU for privacy. But I have compassion and empathy and am also aware of ethical behavior, morality, and decency.
Privacy is not more valuable than protecting innocent human lives. If you can’t see that, you are lost. I’m sorry.
I agree, yet privacy is still more important than people watching media they didn’t make. I advocate any and all people making those should be our target, not senselessly give up rights so we can punish those that didn’t hurt anyone. And I just don’t believe in the current legal system and allowing people that unpunished do attrocities to deal with other people doing them does not form an ok with me. 🤷♂️
You are literally going to idiots that don’t solve the problem and are proven to do similar bad things themselves, who are using offense towards the people so attention diverts away from them, and you are arguing to ‘me’ that I don’t want to do the same stupidity…? 🤷♂️
Go take a better look at your own actions, dude…
deleted by creator
This comment could answer your previous… 😅 You’re not even being consistent in your attacks that have no base.
I certainly did not advocate to enable child abuse anywhere. I just advocated against going after the wrong people and outing frustrations on the ones that didn’t do it. Just like you are proving to do now with me… 🤷♂️
Why are you so offensively upset on a comment that did not say what you put into it as retaliation. Literally changing my point to be able to attack me with it. 😅
Like I said. Keep your anger for people actually doing wrong, not on the ones that merely think differently than the exact way you do.
Also if somebody films a murder, do we punish everybody that wants to see the video? No.
Then why are we punishing people that just watch it while not solving anything on those making them? 🤷♂️
Logic is a thing people apparently give up for authority. Not me though. Someone that wants to watch CSAM is not your business, just like it isn’t if they watch murder, space stuff of baby cats… (And no, I don’t think they are the same. Taking that from this would just be not wanting to think logic to make another inconsistent counter-attack, so please, don’t.)
The harm with CSAM is already done and you’re taking it out on the wrong persons with help of even worse people, wasting time on targets for what they might do instead of using it on people who actually did/do the bad things creating them.
Good job… Meanwhile I’ll continue to focus on people that actually did something wrong…
deleted by creator
You shouldn’t… You should also not be on the internet with that temper against strangers with different opinions…
You do know it’s full of those, right?
Either way, I did not advocate for any such a thing. I’m only saying that the way to deal with a problem is by taking on the cause, not the results… Results will keep coming if the cause remains.
Go stick your effort into getting rid of CSAM’s creation. That way there’s no more children harmed instead of you just making yourself feel better cause you attacked someone on the internet that wouldn’t hurt anyone, but you just preassumed did cause he thinks differently on the subject. I’m not even a CSAM interested person. I hate children getting hurt as much as the next guy. I just wish we worked on a solution instead of bandaids.
And I’m just not taking part in the bandaid part. 🤷♂️
Your biggest fear should be something like the CSAM attack from a few months ago. I doubt you have tens of thousands to spend on a lawyer.
That’s why I killed my instance.
You could just disable pict-rs, I believe.
Did that instance have public registration? What speaks against having it for private (family) use only, as a gateway to the public instances?
Public registration has nothing to do with federation. My instance required admin approval for all new registrations. Illegal content is much more likely to come through federation than from inside.
IMHO, the few reasons to host your own instance largely disappeared with 0.19 and the risks were never worth the rewards to run a tiny instance. Things are likely to continue improving with future releases. Which is why sdf.org became my main.
I run my own Pixelfed and Lemmy instances on not so young consumer grade hardware and it’s fine, but I am the only user. I would not want to have to deal with other users’ complaints, bad behavior, or other BS.
You may want to also look at offloading media with pict-rs to a object storage like an S3 API compliant bucket. Otherwise, you’ll find Lemmy soaks up lots of storage.
That’s part of my concern behind going with local setup. I have a lot of unused HDD storage.
Cloudflare R2 is the cheapest here, it’s free for some gigabytes and egress is free too.
To be honest, I’d just disable image uploads…
R2 is $0.015/GB, B2 is $0.005/GB and it also has free egress when put behind cloudflare.
I’m doing what you want to do now. I’m running lemmy.fan on a NAS with really good hardware on a fiber connection. My ISP provides symmetric bandwidth and doesn’t block anything, though emails can’t be sent with a local smtp server since most places don’t trust the IP addresses of residential subscribers.
I learned a ton, I’m enjoying running things, and though it’s an open instance I don’t advertise it. I say go for it. Experiment and have fun. If it sucks and you hate it you just stop the containers.
Though now its been advertised 🤣
Realistically, how much bandwidth does Lemmy need if pict-rs is disabled, if you tested that?
I am thinking of something a bit crazy if freenom shows up working again. Since my only internet connection is mobile data, I am thinking about the possibility of hosting Lemmy in Termux and using a Cloudflare tunnel. The biggest problem is probably bandwidth. It varies between 0.02-6Mbps, hanging around 1Mbps for most of the day.But I am not sure if Lemmy could even run in Termux in the first place.
Probably a stupid idea regardless.Definitely not stupid.
Lucky! I wish I had symmetrical fiber with all the ports available.
I totally have a server capable of hosting a LOT of things but lack the upload to make use of it. I’m considering transferring to a rack mount and sending it to be colocated at a datacenter within driving distance.
But my biggest fear is overloading my network. I already don’t get the fastest signal in some parts of my house, and I am worried the extra traffic might put more pressure on the network.
This line concerns me. How experienced are you with servers and networking? Your WiFi network should be fine unless you have your server on WiFi - which you absolutely should not. Ethernet only.
If you set this up limit it to just yourself and friends to start. Get a feel for it before exposing it to strangers.
I have it on WiFi unfortunately.
If I put it the server on Ethernet, would it no longer impact the WiFi connection of any other device? I guess it makes sense that it wouldn’t.
Extending Ethernet to the server won’t be trivial, but I think you’re right I might have to do it.
Either that or maybe a separate wifi network so it can have the network to itself.
You can always start with it where it is and start small - get comfortable with hosting and how the server will behave. You don’t need to solve all the problems at once.
Could be a target of intentional or unintentional DDOS.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CSAM Child Sexual Abuse Material IP Internet Protocol NAS Network-Attached Storage VPS Virtual Private Server (opposed to shared hosting)
[Thread #337 for this sub, first seen 5th Dec 2023, 02:25] [FAQ] [Full list] [Contact] [Source code]
You missed one:
ISP - Internet Service Provider
I’m fairly sure the obligation to report goes back as far as the DMCA at least. That law gave carriers and hosting providers certain limited liability against user generated content provided they had reasonable moderation policies and acted promptly to take down content either subject to copyright complaints or other legal demands. Basically a you’re ok as a host if somebody does something bad, just so long as you clean up the mess as soon as you become aware.
