Self Hosting Retrospective

2023-01-02 • 5 min read • Tags: Comp Sysadm

According to my IRC client logs, I started self-hosting1 sometime during 2013, probably during the summer.

Origin, why and how

I can’t remember the exact motivations. I did have a minimal Wordpress blog and my official music website hosted remotely already. I distinctly remember setting up nginx with php which felt slightly weird after my long experience with apache. So hosting my blog by myself must definitely have been one of the first tasks. I know there was something else…

Was it mail? No that came later. Something I was not so experienced with, because I asked for some help on IRC. Some friendly guy offered to help but only if I’d use FreeBSD or maybe Debian… which would not have been my first choice (maybe CentOS?). He explained later he ran a small hosting company with FreeBSD hosts and its own Autonomous System (AS). I was tempted by learning more about BSDs, so eventually I gave it a try. IRC logs indicate my first install was FreeBSD 9.1.

I remember using an old Dell laptop from work from 2008 at the time. And since this was just a try, I didn’t bother with configuration management in the beginning (saltstack later) nor with BSD jails for service isolation.

Before jumping into FreeBSD and doing things by myself, I did consider alternatives. Especially since a bunch of colleagues were using Synology Disk Stations or XPEnology. This is still the advice I give to non-tech friends who want to regain control over their data. Colleagues were explaining how Syno’s enable them to collaborate on backups for example.

But that was overkill for my needs, too expensive or too much work. Or so I thought. Let’s reuse this old laptop and learn a bit along the way!

Since then I remember hosting all kinds of services for my own use: jabber, email, different web services (pad, privatebin, bookmarks, blogs or commerce apps for others, own cloud), IRC bouncer, media server, password manager, dev stuff (jupyter notebooks, testing), among others.

Takeaways

In no particular order:

  • Looking back and considering previously acquired knowledge on the job as a software engineer, the experience didn’t feel so much like learning rather than effort and getting familiar with new tools. Also it builds up with the years, there’s a kind of multiplier effect where you can do more and more as you grow infrastructure and services.

  • Adopting Letsencrypt. My personal certificate authority was fine. Although I was the main user of my tools, the browser war on self-signed certificates and the nice tooling around Letsencrypt made the switch to Letsencrypt appealing. This also made adoption by relatives easier.2

  • Salt-ssh became a pain. Self-hosting does require some care. Upgrades need to be conducted in a timely manner. For non-packaged software I use upgrade scripts. For Automation, Salt is the best in my experience. I thought I could start small with salt-ssh and possibly later deploy a master/minion setup. But maintaining a master and running one agent per jail was not an option. Salt-ssh is basically abandoned now and upgrades have become such a pain that I resorted to pinning the version (3003). I don’t see any alternative for now. I know about salt-sproxy but it’s unable to use GPG-encrypted data the way salt or salt-ssh do. And yes I gave a serious try to ansible, but it’s just super slow and felt unstructured and cumbersome.

  • Nearly no collaboration on self-hosting. When I started, auto-hebergement.fr provided a bunch of information around self-hosting including ways to collaborate3. I was hoping to collaborate on remote backups and MX mail server failover. This materialized partly for remote backups but I could never decide on the right amount to push remotely, provided we would exchange limited capacity.

  • Nearly no scaling. I never managed to convince friends and relatives to use my services, be it my cloud instance, or my password manager. Even shared calendars have been impossible since my wife switched to a new Android phone 😬. On the bright side, this definitely enabled me to move fast. Yes there are regular minor outages. Mostly due to FreeBSD upgrades needing a reboot. The most serious outage was when I was away on holiday and my ISP updated the router firmware which broke internet connectivity until I came back a week after and needed to restart the router.

  • My openwrt router’s configuration is not managed. I manually configure it and do manual backups on changes.

Extensions

Here are some further, more hardware-related, experiments I went into:

  • Add a Freifunk wifi access point. Freikunk is a initiative by volunteers to provide free wifi. But I haven’t managed to cross the borders that represents a window so it’s not used to its full potential to say the least.

  • Utilize an unused Pi Zero with Pihole to catch some ads traffic. While it did not catch all ads on mobile as hoped, it worked nicely for years. It broke recently after some power cuts and doesn’t boot properly anymore. The UPS should have prevented that but I had to change its battery 🌩.

Conclusion

I realized my first domain registration was on 2010-09-11. It took me 3 years to start self-hosting after that. I wonder what was the motivation for the domain back then? Probably a discount and curiosity.

For self-hosting I’m pretty sure now I wanted a DIY NAS for backups💡4 and testing ownCloud. Well, right after Snowden’s revelations

  1. Running services hosted on my infra in my living room ↩︎

  2. See this interesting critic of the Letsencrypt, the ACME protocol and why some people prefer old-school certificates ↩︎

  3. According to the Web Archive, hebergement.fr as I knew it died after March 2022. ↩︎

  4. I actually acquired a NAS on 2015-10-23. A ProLiant MicroServer N40L from December 2012! In the meantime, I used an external HDD. ↩︎