I am wanting to self host a fediverse instance. I don’t hope to make it big. Hoping for 200 users at most, and I won’t advertise it heavily so it’ll probably be a while before it gets there.
Is it a bad idea to host something like this on local hardware at home? I have a lot of local-only self hosted services, and I wouldn’t want those to be compromised.
But my biggest fear is overloading my network. I already don’t get the fastest signal in some parts of my house, and I am worried the extra traffic might put more pressure on the network.
What are your thoughts on hosting local? Should I just avoid the headache and host on public instance?
On a technical level, user count matters less than the user count and comment count of the instances you subscribe to. Too many subscriptions can overwhelm smaller instances and saturate a network from the perspective of Packets Per Second and your ISPs routing capacity - not to mention your router. Additionally, most ISPs block traffic traffic going to your house on Port 80 - so you’d likely need to put it behind a cloudflare tunnel for anything resembling reliability. Your ISP may be different and it’s always worth asking what restrictions they have on self-hosted services (non-business use-cases specifically). Otherwise going with your ISP’s business plan is likely a must. Outside of that, yes, you’ll need a beefy router or switch (or multiple) to handle the constant packets coming into your network.
Then there’s a security aspect. What happens if you’re site is breached in a way that an attacker gains remote execution? Did you make sure to isolate this network from the rest of your devices? If not, you’re in for a world of hurt.
These are all issues that are mitigated and easier to navigate on a VPS or cloud provider.
As for the non-technical issues:
There’s also the problem of moderation. What I mean by that is that, as a server owner you WILL end up needing to quarantine, report, and submit illegal images to the authorities. Even if you use a whitelist of only the most respectable instances. It might not happen soon, but it’s only a matter of time before your instance happens to be subscribed to a popular external community while it gets a nasty attack. Leaving you to deal with a stressful cleanup.
When you run this on a homelab on consumer hardware, it’s easier for certain government entities to claim that you were not performing your due diligence and may even be complicit in the content’s proliferation. Now, of course, proving such a thing is always the crux, but in my view I’d rather have my site running on things that look as official as possible. The closer it resembles what an actual business might do, the better I think I’d fare under a more targeted attack - from a legal/compliance standpoint.
That’s a long winded way of saying “if you have to ask, you’re not ready”
Eh, but then he won’t learn anything. I’ve never found that response acceptable. It just perpetuates the problem. To each their own though!
I understand this policy of needing to report them to official authorities is a new thing they now added out of fear of losing their grip of control on social media when people swarm to private instances.
My standards however will always remain on “No government has any business in private stuff.” Just like everybody follows default trafficlaws on private parkings, but in reality they are just rules of the owner and unless you do damage the police can’t do anything for driving wrongly on them. Same goes inside a store. Government has no say in how internals are handled and will only be allowed to note damage and allow the owner to press charges, if they so chose. I’m just drawing that basic right further to everything, including any privately setup software.
I kinda also feel that if I have to go and involve government authorities, it takes away a large basic reason to even go private. I’m not paying servercosts to still having to deal with government [insert bad word here]…
Governments can suck it and I’ll just deal with my own issues. There is absolutely no way in hell I’m going to voluntarily contact any government [insert different bad word here] for things I am doing in private. They can go stand on their heads for all I care…
NB: This is in no way an attack towards you or what you commented, voting it up even cause you were very helpful and I do agree in general it’s best to give the legals and leave it up to people to choose to follow that or not, I just needed to get this frustration about government control in private setups off my chest… 😅