I am wanting to self host a fediverse instance. I don’t hope to make it big. Hoping for 200 users at most, and I won’t advertise it heavily so it’ll probably be a while before it gets there.
Is it a bad idea to host something like this on local hardware at home? I have a lot of local-only self hosted services, and I wouldn’t want those to be compromised.
But my biggest fear is overloading my network. I already don’t get the fastest signal in some parts of my house, and I am worried the extra traffic might put more pressure on the network.
What are your thoughts on hosting local? Should I just avoid the headache and host on public instance?
But my biggest fear is overloading my network. I already don’t get the fastest signal in some parts of my house, and I am worried the extra traffic might put more pressure on the network.
This line concerns me. How experienced are you with servers and networking? Your WiFi network should be fine unless you have your server on WiFi - which you absolutely should not. Ethernet only.
If you set this up limit it to just yourself and friends to start. Get a feel for it before exposing it to strangers.
I have it on WiFi unfortunately.
If I put it the server on Ethernet, would it no longer impact the WiFi connection of any other device? I guess it makes sense that it wouldn’t.
Extending Ethernet to the server won’t be trivial, but I think you’re right I might have to do it.
Either that or maybe a separate wifi network so it can have the network to itself.
You can always start with it where it is and start small - get comfortable with hosting and how the server will behave. You don’t need to solve all the problems at once.
Could be a target of intentional or unintentional DDOS.
On a technical level, user count matters less than the user count and comment count of the instances you subscribe to. Too many subscriptions can overwhelm smaller instances and saturate a network from the perspective of Packets Per Second and your ISPs routing capacity - not to mention your router. Additionally, most ISPs block traffic traffic going to your house on Port 80 - so you’d likely need to put it behind a cloudflare tunnel for anything resembling reliability. Your ISP may be different and it’s always worth asking what restrictions they have on self-hosted services (non-business use-cases specifically). Otherwise going with your ISP’s business plan is likely a must. Outside of that, yes, you’ll need a beefy router or switch (or multiple) to handle the constant packets coming into your network.
Then there’s a security aspect. What happens if you’re site is breached in a way that an attacker gains remote execution? Did you make sure to isolate this network from the rest of your devices? If not, you’re in for a world of hurt.
These are all issues that are mitigated and easier to navigate on a VPS or cloud provider.
As for the non-technical issues:
There’s also the problem of moderation. What I mean by that is that, as a server owner you WILL end up needing to quarantine, report, and submit illegal images to the authorities. Even if you use a whitelist of only the most respectable instances. It might not happen soon, but it’s only a matter of time before your instance happens to be subscribed to a popular external community while it gets a nasty attack. Leaving you to deal with a stressful cleanup.
When you run this on a homelab on consumer hardware, it’s easier for certain government entities to claim that you were not performing your due diligence and may even be complicit in the content’s proliferation. Now, of course, proving such a thing is always the crux, but in my view I’d rather have my site running on things that look as official as possible. The closer it resembles what an actual business might do, the better I think I’d fare under a more targeted attack - from a legal/compliance standpoint.
That’s a long winded way of saying “if you have to ask, you’re not ready”
Eh, but then he won’t learn anything. I’ve never found that response acceptable. It just perpetuates the problem. To each their own though!
Your biggest fear should be something like the CSAM attack from a few months ago. I doubt you have tens of thousands to spend on a lawyer.
That’s why I killed my instance.
