I used to self-host because I liked tinkering. I worked tech support for a municipal fiber network, I ran Arch, I enjoyed the control. The privacy stuff was a nice bonus but honestly it was mostly about having my own playground. That changed this week when I watched ICE murder a woman sitting in her car. Before you roll your eyes about this getting political - stay with me, because this is directly about the infrastructure we’re all running in our homelabs. Here’s what happened: A woman was reduced to a data point in a database - threat assessment score, deportation priority level, case number - and then she was killed. Not by some rogue actor, but by a system functioning exactly as designed. And that system? Built on infrastructure provided by the same tech companies most of us used to rely on before we started self-hosting. Every service you don’t self-host is a data point feeding the machine. Google knows your location history, your contacts, your communications. Microsoft has your documents and your calendar. Apple has your photos and your biometrics. And when the government comes knocking - and they are knocking, right now, today - these companies will hand it over. They have to. It’s baked into the infrastructure. Individual privacy is a losing game. You can’t opt-out of surveillance when participation in society requires using their platforms. But here’s what you can do: build parallel infrastructure that doesn’t feed their systems at all. When you run Nextcloud, you’re not just protecting your files from Google - you’re creating a node in a network they can’t access. When you run Vaultwarden, your passwords aren’t sitting in a database that can be subpoenaed. When you run Jellyfin, your viewing habits aren’t being sold to data brokers who sell to ICE. I watched my local municipal fiber network get acquired by TELUS. I watched a piece of community infrastructure get absorbed into the corporate extraction machine. That’s when I realized: we can’t rely on existing institutions to protect us. We have to build our own. This isn’t about being a prepper or going off-grid. This is about building infrastructure that operates on fundamentally different principles:
Communication that can’t be shut down: Matrix, Mastodon, email servers you control
File storage that can’t be subpoenaed: Nextcloud, Syncthing
Passwords that aren’t in corporate databases: Vaultwarden, KeePass
Media that doesn’t feed recommendation algorithms: Jellyfin, Navidrome
Code repositories not owned by Microsoft: Forgejo, Gitea
Every service you self-host is one less data point they have. But more importantly: every service you self-host is infrastructure that can be shared, that can support others, that makes the parallel network stronger. Where to start if you’re new:
Passwords first - Vaultwarden. This is your foundation. Files second - Nextcloud. Get your documents out of Google/Microsoft. Communication third - Matrix server, or join an existing instance you trust. Media fourth - Jellyfin for your music/movies, Navidrome for music.
If you’re already self-hosting:
Document your setup. Write guides. Make it easier for the next person. Run services for friends and family, not just yourself. Contribute to projects that build this infrastructure. Support municipal and community network alternatives.
The goal isn’t purity. You’re probably still going to use some corporate services. That’s fine. The goal is building enough parallel infrastructure that people have actual choices, and that there’s a network that can’t be dismantled by a single executive order. I’m working on consulting services to help small businesses and community organizations migrate to self-hosted alternatives. Not because I think it’ll be profitable, but because I’ve realized this is the actual material work of resistance in 2025. Infrastructure is how you fight infrastructure. We’re not just hobbyists anymore. Whether we wanted to be or not, we’re building the resistance network. Every Raspberry Pi running services, every old laptop turned into a home server, every person who learns to self-host and teaches someone else - that’s a node in a system they can’t control. They want us to be data points. Let’s refuse.
What are you running? What do you wish more people would self-host? What’s stopping people you know from taking this step?
EDIT: Appreciate the massive response here. To the folks in the comments debating whether I’m an AI: I’m flattered by the grammar check, but I’m just a guy in his moms basement with too much coffee and a background in municipal networking. If you think “rule of three” sentences are exclusive to LLMs, wait until you hear a tech support vet explain why your DNS is broken for the fourth time today.
More importantly, a few people asked about a “0 to 100” guide - or even just “0 to 50” for those who don’t want to become full time sysadmins. After reading the suggestions, I want to update my “Where to start” list. If you want the absolute fastest, most user-friendly path to getting your data off the cloud this weekend, do this:
The Core: Install CasaOS, or the newly released (to me) ZimaOS. It gives you a smartphone style dashboard for your server. It’s the single best tool I’ve found for bridging the technical gap. It’s appstore ecosystem is lovely to use and you can import docker compose files really easily.
The Photos: Use Immich. Syncthing is great for raw sync, but Immich is the first thing I’ve seen that actually feels like a near 1:1 replacement for Google Photos (AI tagging, map view, etc.) without the privacy nightmare.
The Connection: Use Tailscale. It’s a zero-config VPN that lets you access your stuff on the go without poking holes in your firewall.
I’m working on a Privacy Stack type repo that curates these one click style tools specifically to help people move fast. Infrastructure is only useful if people can actually use it. Stay safe out there.
Great post, can’t agree more.
But instead of relying on Tailscale (US company) I use plain mTLS for securing my services. It’s about the same security level, but without active vpn clients drawing energy and without external dependency.
Works really great, can definitely recommend it.
Hell yeah! I’d argue it’s even true of 2026!
Just FYI unless you self-host headscale, tailscale is centralised and not private. They claim it is end to end encrypted but their proprietary centralised control server distributes the keys, so they could very easily MITM you.
Tailscale is good tech and good crypto, but Applied cryptography cannot solve a security problem. It can only convert a security problem into a key-management problem, and tailscale does not do decentralised key management.
Don’t stop at self-hosting. We need all forms of community building, from organizing like-minded people to gardening, off-grid energy, etc.
What’s stopping people you know from taking this step?
I’m a noob when it comes to IT. (Even though in my family I’m the one people ask when they have computer issues lol.) I would really like to get into self-hosting and all that, and I think if I found some good guides I would probably be able to make things work, but it still sounds very daunting to me. Like, I imagine days if not weeks of sifting through online resources to fix a thousand little errors and issues that would come up. (Maybe I’m mistaken, maybe it’s all really easy even for noobs. Just trying to explain my feelings on the matter.)
Edit: Woke up to 10 replies lol. Thanks for everybody’s input and helpful links. I think this might become a future project for me, but not before winter 26/27 (for life reasons).
It is a skill much like maintaining a car yourself, or your own lawn/garden.
It’s pretty easy to get started, and there are certain ways of doing things that keep it pretty simple forever, at the cost of some flexibility.
But no matter how you do it, there will be a non-zero amount of work involved indefinitely. Just like you need your cars oil changed, your garden mulched and weeded, or your server patched and cleaned up once in awhile.
I feel this deeply. I used to volunteer at a library teaching “Cyber Seniors” digital literacy, and the biggest hurdle was always the fear of “breaking” something. The truth is, the big tech companies want you to think it’s too hard so you’ll keep paying them with your data.
You don’t need to be a sysadmin to start. It’s not about days of fixing errors; it’s about taking one small win at a time; like setting up a password manager first. If you can follow a recipe, you can build a node. We’re working on better, no-jargon guides to make sure the “thousand little errors” don’t stand in your way. You don’t have to be an expert to be part of the resistance.
“one small win at a time” 100%
I agree with you, but something jumped out at me while reading this thread. To a degree, the fear of “breaking something” is completely legitimate, but it’s based on not getting quick feedback from systems. For instance, if you are walking in a direction that you think is east, but the sun is setting ahead of you, you know you’re headed in the wrong direction. Computers often don’t provide such useful feedback, often leading users to “break things.”
I’m right there with ya. I’m thinking it might be a case of picking easy pieces (projects) of the puzzle to start with and then building from there. Like I’m considering setting a pi-hole soon - seems like an easier networking project. But yeah, I’m not really sure what’s the best order of eaiest to hardest projects in terms of self hosting etc.
@phant Pi-hole is super easy to set up and easy to build on. It’s been very robust for me and also eye-opening due to the excellent UI. About 5% of the network traffic in my house is now blocked. Thousands of DNS requests per day. Most of that is trackers. Apps and “smart” devices are very determined to phone home so you’ll have to block many of these domains manually as they show up. Be forewarned, some apps and web sites will simply stop working if you block their tracking and other info gathering on your network. Luckily, there is good #FOSS to substitute.
Maybe I’m mistaken, maybe it’s all really easy even for noobs
I’ll be the first to admit, shit is complicated, especially networking, but it’s not insurmountable. Do you already have a server deployed? How familiar are you with Linux?
See what you think: https://linuxupskillchallenge.org/
Do you already have a server deployed? How familiar are you with Linux?
No server. I just installed Linux a few months ago as dual boot after being a lifelong Windows user (since 3.1 lol). Currently using both OS but will move fully to Linux once I have some projects finished. Self-hosting might become a future project after that and if yes, I’ll come back to this community and this thread!
I just installed Linux a few months ago as dual boot after being a lifelong Windows user (since 3.1 lol).
Well then, you are on your way.
@Bonifratz @h333d Before I begun this self-hosting journey, I hosted Pi-Hole on a docker container on my PC (was Manjaro KDE that time I think). Then, I learnt how to set up AdGuardHome on a VM (on both Manjaro and Arch iirc), using virt-manager and KVM. Now, I’m using an old laptop to host Proxmox and some services like AdGuardHome, Prometheus, Grafana, Uptime Kuma, and a Debian-made game server customized by myself. I had help of a colleague to begin the Proxmox journey.
@Bonifratz @h333d It isn’t easy, but it’s so worth the effort, and I just begun the Proxmox journey and I have plenty of things to learn!
Since this is a complex subject, you need to take your time and don’t hurry the learning process. Begin with baby steps, and hosting services restricted to a LAN, just to be safe. When you are comfortable (after some weeks or months), think about sharing a service to the public, if possible, and what you have to do to properly secure your devices and network!
I’m not an expert but I have a decent set up going. If you think it would be helpful shoot me a DM and I’ll find a way to show you what I’ve got set up and give any tips I can. It sounds like I started in a similar position to you and I’d be happy to share what I’ve learned so far.
Edit: anyone else reading this is welcome to do the same.
Thanks a lot for the offer. This might become a project of mine in the future but not before the end of this year. I might get back to you then. :)
Currently in that “sifting through online resouces” phase, but less because of broken stuff, and more because I want to set up everything prefectly the first time. Which is probs impossible lol. I am majoring in Cyber, so tech is my life, but this homelab is how I actually put what I’ve learned to use and learn even more than what college will probably teach me.
I’m on winter break and having a blast (kind of 😅) setting up my Proxmox to have all the services I want. I have gotten stuck several times, but I can find info eventually, and keep moving forward. Thankfully there’s a website that contains Proxmox setup scripts for almost every service imaginable, making a homelab way more accessible.
Linux skills/terminal knowlege helps this process go by faster, and my networking knowledge helps too. But that’s basically all I got lol. I can understand an okay amount of what scripts do, but I’m no programmer/scripter. I screw up mount points, look up how to check ssh key fingerprints every 10 mins, I fail to get VPN tunnel configs to work, a whole slew of issues. But I always end up learning something in the end, and get one step closer to that sweet sweet setup. So just learn and break things while you don’t care about it. Who cares if I fuck up the jellyfin config? It only had like two videos in it anyway. Best to screw up now so when I go data hoarder I know how to save my info.
Edit: Just got SMB to work for both my VM and LXCs, and I’m so happy. Every accomplishment with my homelab has me fistbumbing the air and floating on clouds. Make a homelab just the high it gives you when you do something right.
Hi! I am also slowly getting the hang of it (just set up my first NAS with truenas last weekend) but there are dozens of youtube channels focused on it. I like Serversathome and the accompanying Wiki helped me a lot. This mainly focuses on an arr stack but there is also wiki pages for immich and nextcloud. Right now I’m using cloudflare tunnels to access services (i know feeding the machine etc.). If anyone knows an alternative to cloudflare tunnels (without putting everything into the same tailscale network) I would be happy to hear about it!
@Deckname @Bonifratz
Pangolin is an alternative to cloudflare tunnels, TrueNAS supports the Newt client for Pangolin as a community app. You can either host yourself with a VPS, or Pangolin offers a management dash they host. Under the hood is Wireguard.Nice! Thank you for the info! I will look into it :)
I used this guide to setup the Immich side. I’m sure I diverged from it, but I would not have figured out proxy headers without it.
Digital solidarity will be essential as we move forward. We will need both social solutions which facilitate community technical support and engineered solutions which make that support more effective. I like to imagine systems of distributed sever management where we build upon the computational capacity of those around us and the human capacity of those that care for them. I want to rely on people I love instead of opaque tech firms that only care about money. Compute power must not defeat humanity.
I was just thinking this week, that those who self host (and more importantly, those who program the code we self host), are at the front line of the modern digital resistance: in the sense that the world is burning due to the greed of the tech bros that run our daily lives. Convienience for the masses is what gives them power over us, and any one who rejects their systems is helping to fight back.
Voting with your wallet helps, so not giving them your money is the first step. Then managing and keeping your own data private is the next one.
You’re right. We’ve been traded convenience for our autonomy for way too long, and it’s created this massive power imbalance where a few tech bros basically own the digital roads we walk on. Voting with your wallet is a huge first step, but like you said, the real work starts when we actually take responsibility for our own data.
That’s exactly why I’m moving toward helping local businesses and groups build out their own nodes. It’s one thing to stop paying for a subscription, but it’s another thing entirely to stand up your own infrastructure that doesn’t report back to a corporate mother-ship. Every person who rejects the “default” and builds a private alternative is a small win for the rest of us, it’s about making the corporate extraction model fail by simply making it unnecessary.
The average person doesn’t understand anything about technology and probably won’t even be able to install an operating system. The Internet literally became what it is now precisely because everything was left to corporations. For example, sip telephony is as decentralized and secure as possible, but how many people keep their own telephone exchange? therefore, it is more realistic for the average person to simply use services outside the jurisdiction of the state than to install something on their own. In some countries, it is also illegal to engage in self-hosting.
but if we talk about people who are interested enough, then yes, you can do self-hosting. However, people who are ready to understand at least a little, for example, according to the latest steam statistics, make up about 5% of the total mass.
Honestly, you’re right about the skill gap, the convenience trap is exactly how Big Tech won in the first place, but I don’t think the goal is to turn every single person into a sysadmin. My time teaching at the library with the Cyber Seniors program showed me that people don’t need to know how to flash an OS to deserve privacy, they just need a doorway that isn’t owned by a corporation.
If the 5% who actually know how this stuff works start building “community nodes” for their family, their block, or a local shop, then the 95% get all the benefits without the technical headache. We don’t need everyone to be an expert, we just need enough local infrastructure so that “the cloud” isn’t the only option left. It’s not about total purity for everyone, it’s just about building enough exit ramps so the machine becomes optional, you know?
so you’re suggesting storing sensitive data, work documents, passwords, not from a company with which there are at least some legal agreements, but from a neighbor, simply because you see him from time to time? what could possibly go wrong…
UPD: By the way, if we are talking about a state, your neighbor will be approached in the same way as Google, because everyone in the country obeys the same laws.
You’re hitting on the two biggest myths of the current era: that “legal agreements” with giants actually protect you, and that a neighbor is a bigger risk than a faceless corporation.
First, when a tech giant gets a broad subpoena, they don’t fight it for you; they automate the handover because you’re just a line in a database of billions. When you host locally, you’re a specific node. If the state wants your data from a private server, they have to physically knock on a specific door. That is a massive increase in the “cost of surveillance” compared to a silent API request sent to a corporate data center.
Second, this isn’t about “trusting a neighbor” with your plaintext data. In a proper sovereign setup, the data is end-to-end encrypted. I can host your Vaultwarden or your Nextcloud backups, but I don’t have the keys; I’m just providing the “digital real estate.” It’s the difference between giving someone your house keys and just letting them provide the land your safe sits on.
The goal isn’t to make law enforcement impossible; it’s to make the “dragnet” impossible. If they want one person’s data, they have to work for it, rather than just pulling it from a corporate warehouse.
I do not know about Amazon, but in telephony you simply have to install a threat management system in accordance with the law. I think Amazon has the same thing. if there is a court decision, the servers will be arrested or a request for data will be received. It’s exactly the same thing.
what is configured on the server may or may not be enabled. and your neighbor just knows some of your data (your name, address, etc.), which increases the likelihood of an attack. To an Amazon engineer, you’re just bytes out of nowhere.
the normal story would be to encrypt everything on the client before anything gets to the server at all. but who exactly is going to bother so much? in this case, you might as well upload a bunch of encrypted data to Google.
Actually, you’re exactly right about client-side encryption being the answer, and that is the standard we are pushing for. But the reason you don’t just dump those encrypted files into a Google Drive is because of the metadata. Even if Google cannot read your “letter,” they are still mining the “envelope,” they know when you wrote it, where you were, and who you sent it to. In 2026, metadata is often more dangerous than the content itself because it is so easy to automate into a threat profile.
As for the law, you’re right that a court order is a court order, but there is a massive difference in the “cost of surveillance.” Big tech companies have dedicated departments to automate data handovers for thousands of users at a time; it is a streamlined pipeline. A private server forces the state to slow down, to get a specific warrant for a specific physical machine, and to actually do the legwork. It turns a massive dragnet into a targeted investigation, which is exactly how the system is supposed to work.
And regarding the “Amazon engineer” versus a neighbor, an engineer might not know my name, but the Amazon algorithm knows my pulse, my politics, and my habits better than anyone. If I use E2EE, the person hosting the hardware doesn’t have the keys anyway, so they are just a landlord for my digital safe, not a spy.
Well, I don’t work in the USA, but in a telecom company, and I can say that if you really need it, they will just kick down the door and seize the server. no matter what. and a campaign interested in business is, after all, more technologically advanced than some guy who set up a server based on guides on the Internet. you won’t need to take anything from him, with a fairly weak literacy, it’s enough just to intentionally make a mistake in the public guide. Do you remember Hillary Clinton’s private email server case?
You’re right that if the state really wants you, they can always resort to physical force, but that’s exactly the point. In the current system, they don’t have to kick down any doors, they just send a silent request to a corporate office and get everything they need without you or your neighbors ever knowing. Forcing them to physically show up at a specific address in the real world drastically changes the “cost of surveillance,” it turns a cheap, automated dragnet into a slow, expensive, and public operation.
As for the Hillary Clinton example, that’s actually a perfect lesson in what happens when you prioritize convenience over security. Her setup was “shadow IT” at its worst, it had open ports, unencrypted connections, and none of the basic hardening we use in modern sovereign stacks like Docker or NixOS. It wasn’t built for resistance, it was built to bypass government record-keeping, and that lack of professionalism is exactly why it failed.
The “Amazon engineer” might only see bytes, but the Amazon algorithm sees your entire life story, your politics, and your vulnerabilities. If we use end-to-end encryption, it doesn’t matter if the guy hosting the box is a neighbor or a stranger, they can’t read the data anyway. We aren’t just following random guides, we are building professional-grade infrastructure that makes the “dragnet” fail by design. If the state has to kick down a door for one person’s data, the system is at least forced to follow a transparent process again.
I dont think this really responds to the comment you replied to.
Lots of comments in this thread are talking about people who dont have the time or expertise to manage their own nextcloud instance.
Saving you stuff on your neighbour’s instance includes genuine risks to your privacy or sensitive information.
The “legal agreements” that commenter referred to are simply the manner in which the host is allowed to use your data. The things you might store might be your will, maybe a spreadsheet of passwords, maybe some notes about your plans for a side hustle, maybe some naughty photos of your wife. Not information thats actionable by Google or Microsoft, but certainly things people dont want their neighbour to access.
“what could possibly go wrong”… looks around
In some countries, it is also illegal to engage in self-hosting.
Really?! Can you elaborate?
It is impossible to place telephone nodes in Russia without equipping the server with threat protection equipment. Of course, I won’t buy a box for hundreds of dollars to use a home PBX, so technically I’m outside the law. =) It is also impossible to host sites with more than 10,000 visitors without registering with Roskomnadzor. and all accounts with authorization must support logging in through the public services portal or by phone number. considering that only legal entities can do this, of course I don’t do it.
The United States and the European Union have data protection laws, so if you decide to save money on hosting for friends and install a server outside the Eurozone, depending on the data you store, you are also formally violating the law.
you are also formally violating the law
As a population, I would venture to say that we are all formally violating the law in some form or other. Laws are written to be purposefully vague and ambiguous.
It is impossible to place telephone nodes in Russia without equipping the server with threat protection equipment.
I assume you are from Russia since you speak in first person, however, if the laws are so stringent against self hosting or private hosting, why is it a large portion of Warez sites emanate from Russia? They exist all over really, but it seems a lot of the very popular ones are in Russia.
It is also impossible to host sites with more than 10,000 visitors without registering with Roskomnadzor
This sort of ties in with the PBX thing. I am certain that popular Warez sites in Russia get way over 10,000 visitors and I’m sure they don’t register with Roskomnadzor.
Just curious. I’ve always had a curiosity with Russia among other countries. The history is very intriguing and vastly unknown in the West because of obvious propaganda. There used to be a blog I followed years ago about people visiting and photographing abandoned structures in Russia. It was very interesting, but sadly I have lost track of it over the years. I always wanted to visit the Red Square, but sadly I am too old to realize that dream. I have been as far as Latvia, which is not part of Russia, but very beautiful as I remember.
I assume you are from Russia since you speak in first person, however, if the laws are so stringent against self hosting or private hosting, why is it a large portion of Warez sites emanate from Russia? They exist all over really, but it seems a lot of the very popular ones are in Russia.
because you might be surprised, but warez is not illegal in Russia. We have slightly different legislation in the field of intellectual property. Only the person who profits from warez can be held responsible. That is, either an organization that uses it commercially, or a seller. If I break the software or record a movie for the sake of art or love for my neighbor without money or donations it’s legal. of course, websites are responsible even if they receive income from advertising, well, many of them are blocked for Russians. I go to rutracker via VPN =)
But just try to talk with a voice call via telegram… You won’t be able to do that, because direct calls without anti-threat systems (i.e., after completely listening in on calls) are illegal.
Fascinating. I did some digging through old bookmarks and finally found the site I was refering to with Russian life and a lot of abandoned structures in Russia: https://englishrussia.com/?s=abandoned
Thank you for kicking this hornet’s nest. There is a lot of great info and enthusiasm here, all of which is sorely needed.
We have massive and widespread attention paid to every cause under the sun by social and traditional media, with movements and protests (deservedly) filling the streets. Yet this issue which is as central and crucial to our freedoms as any rights currently being fought for (it intersects with each of them directly), continues to be sidelined and given the foil hat treatment.
We can’t even adequately talk about things like disinformation, political extremism, and even mental health without addressing the role our technologies play, which has been hijacked by these bad actors, robber barons selling us ease and convenience and promises of bright, shiny, and Utopian futures while conning us out of our liberty.
With the widespread, rapidly declining state of society, and the dramatic rise and spread of technologies like AI, there has never been a more urgent need to act collectively against these invasive practices claiming every corner of our lives.
We need those of you recognize this crisis for what it is, we need your voices in the discussions surrounding the many problems and challenges we face at this critical moment. We need public awareness to have hope of changing this situation for the better.
As many of you have pointed out, the most immediate step we need to take is disengagement with the products and services that are surveiling, exploiting, and manipulating us. Look to alternatives, ask around, don’t be afraid to try something new. Deprive them of both your engagement and your data.
Keep going, keep resisting, do the small things you can do. As the saying goes, small things add up over time. Keep going.
[Edited slightly for clarity]
To the folks in the comments debating whether I’m an AI: I’m flattered by the grammar check
This is the world we live in. If you can actually string words together into grammatically correct sentences, then you are AI. It matters not whether you are or you aren’t. Like the witch hunts of Salem, all that is necessary is the accusation. I personally don’t care if you used AI, the message resonates. Don’t let 'em give you shit about your pony tail.
Great points, and there’s some amazing discussions going on here!
One thing I’d like to add is EVERYONE needs to start setting up some meshtastic nodes. It’s really easy to setup (just hook up a USB cable from your computer to a esp32 board, visit a website to get the configuration, and that’s pretty much it), it’s cheap (as little as $30) and it is secure. Build 2 nodes (one to leave at home, and another for your backpack). This way you’ll be able to communicate should the Internet become unavailable or unsafe. You can also use this at a protest so that you still have a means of communication without needing to bring your phone that the Feds will be able to track.
In a fascistic enough world where this would matter, people who abstain from the system are automatically flagged to be shot too, just fyi. You gotta also fill the normie services with conformist content to not become a detected anomaly if you really want to do it properly.
This is the “Gray Man” strategy. If you have zero digital footprint in 2026, that absence of data becomes a data point itself. Anomalies get investigated.
I think we need to separate Camouflage from Logistics.
I’m not suggesting you delete your digital existence and live in a Faraday cage. By all means, keep the normie accounts. Post the cat photos on Instagram. Keep a Gmail address for the spam. Feed the algorithm just enough “conformist” content to look boring. That is your camouflage.
But Resistance Infrastructure isn’t about hiding, it’s about capability.
It’s about ensuring that when the “system” decides to de-platform your community group, or lock your bank account, or shut off the internet in your region during a protest, you still have a way to function.
My excuse was I don’t act for what I believe in because I don’t know how to. Your post showed me, I kinda do. I was doing it already, I should double down on it and most important help others on their journey. You’re a force multiplier today. Tomorrow some folks who read your post will be as well.
That means a lot, the force multiplier thing is exactly why I posted this. Building for yourself is a great start, but bringing others along with you is how we actually scale the resistance. We need more nodes in the network, so keep doubling down.
On the one hand I do support the existence of open-source self-hostable alternatives to surveillance-capitalist offerings. But at the same time it has been driving me crazy how many things are being shifted toward this server-based architecture. For one example, I want an open-source app that will allow me to import recipes from any text or website automatically. But I want those recipes to save in files, be offline, and I do not want to maintain a whole damn server just to manage my fucking recipes.
Not everything needs to be web connected by default, and most people have no interest in running any kind of server.
If your recipes are formatted like markdown, then there are offline notes apps like Obsidian. The new issue becomes keeping your files backed up in case of whatever, and that’s when the self hosted server comes into play. This is a really good usecase for synching which can keep your small recipes files duplicated on your phone and your computer without ever leaving your network.
Synthing does not use a server based architecture.
If you have a Wi-Fi router in your home you are technically already running a server. With OpenWRT even quite practically, although sadly most routers are slighly too underpowered to do much with them.
Those same routers that still have problems with security updates, and are frequently the targets of cyber attacks? So how is it in any way a good idea to run entire server stacks, and databases (which throw a wrench in data portability compared to standard file formats), creating so much bloat and unnecessary attack surface, and then making all of these apps network-facing - opening them up to attacks?
How about instead I just use a standard text editor to save my recipe as a markdown file, and if I need to move it I can either get a usb cord or use Syncthing? Sorry but this whole self host movement is pretty insane.
I agree with most of what you’re saying, I disagree with the last part of what you’re saying.
The self-host movement is about taking control away from companies, and running web services locally instead of having to rely on companies for them and pay for them. Most things you can run locally without needing a server, but there are absolutely good use cases for server-based services. Some great examples of this are cloud storage, code repositories, and chat servers. You could run each of those things locally, but they are each improved by running them on a dedicated server designed for 24/7 uptime and centralized access.
My problem isn’t with open-source online services existing. Of course some things are inherently net-based. My problem is with the way everything is being done as a server even when it’s completely unnecessary. Syncthing alone - which is not server-based btw - is more than enough to take care of cloud needs for everything from calendars, to photos, recipes, text files, password databases, and more.
Hell, it’d actually be pretty interesting if someone did come up with a way to make a e2e chat client that works through Syncthing.
My point is I just want to download an app, have that app convert a recipe webpage into its own standard format, and then save that file on my own device. I do not want to deal with the hassle of getting Docker installed and working, nor to have it gobble up tons of computer resources just to do that one simple thing.
Been wondering for a while if it was worth sticking around on this plane of existence. Feeling like nothing was going to get any easier or better, wondering if my life would just be watching horror rafter horror until the tech I loved stop working and the world went dark as they came for me and mine.
Then I saw Benn Jordan’s Anarchist Gift Guide video and realized the same thing as you: I may not have a lot of skills to offer the world, but I’m neurodivergent, a sysadmin for higher ed, and (used to, at least) like to tinker. I realized my disdain for the humanitarian and moral failings of the system we currently reside in could be married to my hobbies and feel like I was doing something more than just protesting, donating, and waiting to die.
My goals are to fix up my home environment, get my 3D printers working, set up an exercise area, set up a Meshtastic relay and other support networks for my local area, update a media server for friends and family to enjoy, including a request system, and do anything else along the way the provide a system of communication and sanity that removes as much reliance on the government and corporations as I can.
It finally got me to fix some bugs in existing services I already manage and this weekend my wife and I are starting the work on the exercise room, for the benefit of our bodies. Not saying Benn’s video saved my life, but it gave me a purpose, again, in a world that feels increasingly aimed at reducing me to a sad data point on some graph. I hate what this world has become and avoid social media at all costs, but now I can do something locally that will feel like I’m doing something to help.
I have a particular set of skills that make me a nightmare for groups like ICE. I just need coffee, my ADHD meth, and some weed gummies to see it through. Thanks for posting this! I will save it and refer to it as I go.
How can I learn more about this stuff because I think like a lot of people I’m not that tech savvy
Just start. Even the most tech savvy of us started not knowing any of this. More importantly do what you’re interested in and that benefits you. You don’t have to have some grand implementation. Start simple and the rest follows.
I’m not tech savvy either. but it has been fun trying to figure the basics out, and researching all of this has been way better for my mental health than consuming endless social media.
It’s a bit steep, you can go on YouTube for a bit, then browse the documentation of any word you don’t understand (AI can help a lot with understanding but will get confused at any troubleshooting task) the steps can be resumed quite easily:
Find an OS:
- see what kind of data you’re working with (photos, videos, films,…) it all depends on your orientation/hobby/personality
- find what kind of applications you’d want to run, for how many people roughly ( personally I knew I would aim to replace netflix and cloud for close family and maybe a couple friends and circumvent as much as possible things like WeTransfer and compressions when sharing pictures in chats)
- see how much money and time you are willing to put in : first for the launch, then on a weekly basis (you can go for very cheap non redundant app first os like OP mentioned if you can pay to back it all up remotely/ have a separated NAS or see if you’d prefer to assume resilience mainly on your side)
Then you have a rough idea of your needs (this is all YouTube knowledge thus far, you can start looking at videos of people trying to use, comparing, ranking different solutions and tutos for how it’s like to set up for the first time and how do app work in those systems (docker, app stores, how big the community is around them, how much of a sysadmin you have to be to run and set it up…)
Then from that you can start seeing how which install fits in your budget and time allocation. After that, sinking hours of troubleshooting and setup is almost straightforward, it’s just going to be a list of side quests to complete the main one with a side of documentation.
On my side I initially wanted to go full free software, I wanted to use my 10 years old windows desktop to run trueNAS (it was already running jellyfin in docker desktop, useless for the process but is a fun starter to dip a toe in to get a feel). I bought on eBay a couple hard drives (ended up buying very cheap enterprise SAS, I recommend, mind you you’ll need a daughterboard)(you’ll see that different OS require different RAM, SSD, HDD ratios to run smoothly so recycling old hardware often requires upgrades) I completely failed to make trueNAS work correctly and since it’s enterprise first it has very… unfriendly conceptions about flexibility and user friendliness (brutal on the kind of budget and time I had).
After abandoning the project for a couple of months (due to exams mainly, and the fact I couldn’t repress myself from spending nights on unresolved issues) I decided to go the Unraid route (which is paid, yikes, but truly hasn’t let me down once, the community is huge and the software is rock solid and really helps you not fuck everything up (which trueNAS will happily let you do), I truly recommend that investment, they have a generous trial period, it’s really really great).
After that it’s just more setup for hours on end, transferring files to Immich, re-setting all the AI knowledge about faces (also for me a lot of metadata correction for very old family photos), letting disks and parity initialize, moving old backups from old drives into the new system, including the clean disks into the array, setting up prowlarr, radarr, sonarr, jellyfin.
Then comes the other hard question : how to do you access remotely ? (By now you already have a better idea about how docker and local network works and how important it is to secure it properly; and you’re about to learn how little your ISP cares about you)
I tried boilerplate wireguard, it’s wonderful but a very MANUAL setup with a DDNS. But honestly (even though I really did not want to spend another penny) the cloud flared tunnel with your own domain is kind of what you want (because they have neat zero trust features, for exemple to access any of the services I host that do not have to have in-app access (Immich, jellyfin, that have authentication built-in) are behind 2FA based on a short whitelist of email addresses which reduces immensely how much protection I have to care about.
After that you can go on to nextcloud (requires remote access on a domain) and all the rest of the fun stuff.
Now the thing is (like every hobby) there is a perfect solution, it’s at least tens of thousands of euros and you need a guy to manage it, but it’s bulletproof and will survive any attack.
You are not that person, you try stuff that is on your level, you don’t assume perfect functionality in one weekend and you take time to learn on every step of the way. In my quick little summary you can already feel (as I am a noob as well) that it’s a very iterative process, often you’ll half-ass something to move on, then come back to upgrade it when needed. You are very much building a machine, first from the hardware side, then mainly from the inside.
At some point you’ll have people around you start finding out how useful and interesting all this is, and it’s a very rewarding feeling to see what you assembled (because you haven’t typed a single command line in the terminal thus far) starting to get some use.
Hope this helps as a little piece of motivation, and if you are to start now I hope you have some old RAM laying around, in any case, start small and build up :)
