My Journey to Self Hosting
The Dark Days
Formerly, I was in fact a Google fan-boy. There was a point in the not-too-distant past when I was glad to share my life story with the big G, and was gracious for all the service they provided with the measly price of my data.
Of course, at the time, my reasoning was a distinct lack of funds. There’s room for commentary on the sort of manufactured consent this creates for the destitute to have their data devalued. In my case I was young and without a job. This is the sort of problem that will only grow in time as kids are growing up in an increasingly connected world, with more and more services vying for their attention. With little else to give, and no wisdom or guidance otherwise kids will happily press Accept to all the terms and conditions, fake their age, and so on to get “free” stuff.
Turning Point
Around my first year of college, I began to understand the impact of the sorts of survailance companies were engaging in. The tipping point for me was Facebook. It had grown from a tool I used to keep in touch with family, and to chat with friends, into a toxic miasma of shared stories intended to incite rage, and increasingly divided echo-chambers with feedback loops that encouraged people to dive in for hours. It became clear to me then that this was earning facebook a lot of money. I began making the connections that these big internet companies were making profits by exploitation. And to make matters worse, the sort of exploitation they were doing was making people worse people.
Gaining Interest
As I progressed through University, I gained interest in open source software. Just like Google and Facebook, the products were free. However, here there was no profit motive. This did mean, at least at the time, lower quality software. At the same time, it was evident that this was a higher level of “free” than what companies were providing.
At this point in my studies, programming was still very new. I had used linux a couple times, and I have always been a power user of sorts. My interest was usually in the hardware up until this point, and hardware cost money that was still scarce as an undergraduate. As such, I turned my attention toward using privacy respecting open source software. For me privacy and security were two sides of the same coin. A high security design will provide inherent privacy through confidentiality, and any attempt to provide strong privacy guarantees will inevitably result in use of strong cryptography. Of course then, they only way to know that an application has good privacy practices, and or good security, is if you can see for yourself!
The First Domino
As a former Google fan, and someone who has entirely abandoned Facebook, I’ve been through many, many chat applications. There is no shortage of high-quality chat applications to this day. It seems like a problem that everyone thinks they have a solution to. Myself included.
Naturally, I began seeking alternatives to the brand new and dying Google Allo. Unfortunately, I picked Telegram, which I’ve since learned is not fully open, nor as privacy preserving as the alternatives. It served as the gateway though. I was using something completely competitive with the likes of WhatsApp, but without the corporate ties, and with a client which I could audit.
At this point I was well convinced, and decided that I would at least try an open source alternative. An added benefit to which was the much more prevalent cross-platform nature of these applications. Microsoft may not have the incentive to provide linux versions of their applications – though this is changing now – when source is available, you have the option to port to whatever platform you want. Although most open source developers provide cross-platform support, or else there is a community supported port.
Expanding horizons
Over the next year I found communities and resources that helped me to discover many great applications. I was a long-time follower of Level1Techs, which exposed me to much linux and open source tools and guides. I also found privacytools.io
During this time I discovered services such as Simple Notes, Matrix/Riot.im/Element, Nextcloud, and so much more.
A running theme with many of the things that I wanted to try then at this point, were self-hosted services. Of course open source, especially the AGPLv3 license, software means that some privacy can be guaranteed. Pesky things like logging laws from governments and bots targeting big servers were always looming threats. There was another problem with big centralized services that is sort of against the internet. The entire premises of a world-wide-web is that it is decentralized. Decentralized doesn’t mean hosting 1000 Tor nodes on AWS either!
So I started plotting out what it would look like to cut ties with the Big internet companies. What services can I run myself? What are the competitive options? Can I build something good enough to bring my friends and family on board? Where can I host it and how can I access it?
Self(hosting) Actualization
So skipping some steps (to be covered in a separate post) Here I am! The very site you’re reading is hosted on hardware I own, running an operating system and software that I control and have source for. I’m now able to have almost all the luxuries provided by the cloud, but without worrying about my pictures being used to feed algorithms. I don’t need to stress about an eventuality of some centralized service being shutdown or altered.
Good, But…
While I’m now satisfied with my setup (that’s a lie, but we’re pretending I’m not going to tinker with this endlessly for now), it has taken at this point, four years of planning and learning to accomplish it. Even now I’m continually learning more to better my services – Learning how Ansible might be able to replace my usage of Docker-compose, or about how to get better fail2ban rules setup for better DoS protection. Not to mention the substantial upfront investment needed to get here. Most people don’t have extra computers, and terabytes of storage lying around to start such a venture. Even if they do, the time investment is also a factor.
My point here, is that as great as it is that I’ve been able to make this transition for myself. That I’ve been able to give myself and those close to me a repreive from what feels like data extortion happening elsewhere on the internet, but there are still billions around the world that probably don’t even have the idea that options like this exist. I know that I’m of a small minority with the skills required to scale up and host a personal cloud, but I don’t want that to be the case.
I love that the open source community creates such options, and that the devoted come together to make these things a reality. But let’s be realistic, most people will never be able to use stuff like this. I don’t want it to be this way, and I think this is an aspect that keeps us a minority. I’m a perpetuator of it too, I’ve been guilty of assuming an end-user has much more knowledge than they actually do, and making something that was incredibly un-ergonomic for them in the process.
What I would like to see, is a better way of doing all of this. I’m not presenting any solutions, but I think it’s obvious that if a federated internet is going to grow substantially in the next 20 years, and be a real competitor to the big guys, there needs to be substantial effort in getting this stuff doable by the average person. Education, simplification, and automation, I think, will be key factors in helping more people be like me, and take back control of their data, and their online homes.