What's the factor when you're planning to self-hosted a instance?

What's the factor when you're planning to self-hosted a instance?
from SuperDuperKitten@lemmy.blahaj.zone to fediverse@lemmy.world on 02 Oct 23:29
https://lemmy.blahaj.zone/post/32584234

I am interested of self-hosting my own instance but one the issue I have is:

Price for renting server and buying domain name. Mainly, I have low income.
Unsure if it be single-user instance or if I want multiple people on my instance.
If my instance is for multiple users, if I be the best fit for moderation as well, pitching it to non Fedizen (whatever you call people that use the Fediverse) as well as the theme of the instance as it would effect my Fedi software of choice (eg. Friendica, Mastodon/Glitch)

I just worried that I try just do it immediately without planning things out or have whatever things in mind which might otherwise help me know what’s the best choice and not be upset that I wasted my time and money on something that didn’t work out for me.

#fediverse

threaded - newest

scrubbles@poptalk.scrubbles.tech on 02 Oct 23:46 next collapse

Very smart to pause and weigh things. There was a lot more to it than I thought when I started mine.

Renting a server is not cheap, but it’s not expensive either. Most VPS’ will be able to host it fine. You will need to invest effort into swapping data over to S3, volume storage is what really costs money if you use it incorrectly.
I’ll say do you want to have an individual/known user instance (like family and friends you deeply trust), or do you want to allow randos? The thing you don’t mention at all is liability. I don’t know where you’re hosted but in most countries you are responsible for reporting material on your server. CSAM? Guess what, you are responsible. You can look at my server, it’s based out of the USA and any server is automatically a “mandatory reporter”. I am legally obligated to report CSAM that makes it to my instance, if I don’t I am legally complicit.
- Note that this has been drastically reduced with the image proxying, where if someone on say, .world posts CSAM it’s proxied through my server but not hosted by my server. So, liability is still a thing, but as long as the admins of .world take action then i’m protected with them. If proxying is disabled then the CSAM would live on my server too - and that means I’m legally required to report it.
- NEVER allow open signups. Spam is real here on the fediverse, and bots are actively trying to sign up for accounts. If you allow signups you need to require a captcha, and I recommend either email verification or asking for a signup message “Why do you want to sign up?”. This gets rid of 99.9% of spammers.
- This is also a huge reason for not selfhosting an instance. I started hosting mine in my home until I learned that since it’s in a home, the feds seizing an instance literally means they bust down your door and take your servers. I decided that I didn’t vibe with that, and opted for a hosting provider. If for some reason someone hijacks my server and starts hosting horrible stuff, the seizure will be with my cloud provider, not my front door.

My suggestion is to start a personal instance first. Get the feel for it, see how you like it. Maybe create one community on there that you’re passionate about and advertise that it’s there to the fediverse (since they won’t know about it until you tell them about it). Then judge your risk level and see how much you’re willing to do. For me, I host a bunch of swifties, it’s well within my risk tolerance. I approve everyone that comes in, and most have to ask to join. (Fight the urge to just create a ton of communities. You’ll just end up with dozens of empty communities, there’s no way you have the effort to kickstart a lot of communities. Pick one, maybe two, and really advocate for them. Shameless plug them, there’s no harm in that here).

None of this is meant to scare you off, obviously I still host and I’m glad for it. My Swiftie Community has over 1,000 subscribers now! I’m very happy to host our little niche community, but I also have learned a lot on the way.

poVoq@slrpnk.net on 02 Oct 23:59 next collapse

I am not sure OP is asking about hosting a Lemmy instance though. They mention non-Lemmy fediverse software.

However I think you misunderstood how proxying works:

Note that this has been drastically reduced with the image proxying, where if someone on say, .world posts CSAM it’s proxied through my server but not hosted by my server. So, liability is still a thing, but as long as the admins of .world take action then i’m protected with them. If proxying is disabled then the CSAM would live on my server too - and that means I’m legally required to report it.

It is actually pretty much the oposite of what you describe. The image proxy in Lemmy is a user privacy feature, but it comes with the downside that the server does indeed download and temporarily stores all media that are requested through it.

scrubbles@poptalk.scrubbles.tech on 03 Oct 00:21 collapse

It’s halfway between us. Without proxying images are pushed into my server and I end up hosting them indefinitely, requiring me to manually review and remove something if it’s removed on another server. (Moderation actions like that from what I understand are still not federated, although maybe that has changed in one of the last updates).

The proxy feature is a privacy feature, but for us admins it also works from a liability standpoint. If proxying is set to ProxyAllImages, it will send the image URL down to pict-rs. From there, pictr’s will cache the image based on time that you set. So yes, it’s stored temporarily in Pict-rs for quick retrieval, but then I time out after a day also, so if something was banned I hosted it for max a day before it was purged. It removes me manually needing to manually trace back to events that happened a month ago and wiping it from my S3. If my S3 was searched you’d find images from today, and a bunch of images of Taylor Swift.

So you’re not wrong, but it switches it from “Image is pushed to my server and there indefinitely” to “Image is requested from someone on my server (very few of us) and is there at most a day”

Shadow@lemmy.ca on 03 Oct 01:05 next collapse

We dont proxy on lemmy.ca yet, but I assumed thumbnails would still be stored in pictrs like usual? I thought it was just the actual image links that got proxied, and thumbnails were still dumped in like usual.

We turned on cloudflare’s CSAM scanner and remove anything it flags for us.

scrubbles@poptalk.scrubbles.tech on 03 Oct 02:25 collapse

They are but there’s an environment vatiable to set how long it stays in cache. Cloudflare actually just ended their csam auto submission, at least the auto reporting. Does it still at least flag it?

Shadow@lemmy.ca on 03 Oct 03:53 collapse

Yeah it emails us and pops up a thing in the ui where we can mark it as resolved

scrubbles@poptalk.scrubbles.tech on 03 Oct 04:27 collapse

oh that’s good to hear, I’ve never had anything pop up on mine, I’m sorry something has for yours. While I have you, do you have a script or anything you use for removing the flagged item?

Shadow@lemmy.ca on 03 Oct 14:08 collapse

We just delete them from minio (our object storage)

poVoq@slrpnk.net on 03 Oct 08:29 collapse

Hmm, afaik other than some generated small thumbnails no remotely sourced images are stored on your server when you turn off the proxy. At least in theory, but the entire Pictrs integration in Lemmy is such a mess with random unexpected behavior that at this point I am hesitant to claim that no remote images ever get stored (there seem to be alternative code paths for specific image hosts like Imgur and crap like that).

scrubbles@poptalk.scrubbles.tech on 03 Oct 12:53 collapse

I read the source code, the proxy essentially just hands all the responsibility down to pict-rs. Then pictrs has that environment variable where you can set how long-loved you want the thumbnail to be.

SuperDuperKitten@lemmy.blahaj.zone on 03 Oct 00:46 collapse

None of this is meant to scare you off, obviously I still host and I’m glad for it.

I hadn’t been too scared off and actually found your answer useful so thank you very much!

But for multiple-user instance, I was thinking of maybe having community based on just being fan of music but more leaning on pop music so sort of like your Lemmy instance if it was hosting Mastodon instead. I won’t lie, it what I sort of miss Twitter just being a fanboy (minus the bigotry, bullying and just the cult-like behaviour) and just post stuff related to music I enjoyed, even if it just some random photoshoot I think looks great! I just concern that people on Fediverse would see it as it being a pro-“worshipping celebrities” instance instead of instance that just wants to say “Love their music, it means a lot to me”.

poVoq@slrpnk.net on 03 Oct 00:03 next collapse

The main issue with hosting your own fediverse instance is that federation doesn’t happen by itself and you need to quite actively search for accounts to subscribe to so that the servers start talking to each other.

Tealk@rollenspiel.forum on 03 Oct 08:27 collapse

I didn’t give it nearly as much thought before I started.

In terms of price, you can set a very low price for a single-user instance. Hetzner and Netcup, for example, offer very affordable VPS (these are providers I know of, but there are certainly others).

I don’t see open registration as a problem either. I’ve had it for years, and when I get waves of spam, which is very rare, I switch to moderated mode, otherwise it remains open.

I would host software according to your preferences. I should have kept Friendica running and turned off Mastodon, but that ship has sailed for me.

For a single-user instant, it might be interesting to connect to a relay; it is important that it is moderated. Fedimins offers such a service.