Want to selfhost a Lemmy server
Hey. I really like the idea of the fediverse and Lemmy and would want to know as a beginner/not so experienced regarding selfhosting what would be the best way to get started? I saw there are vps options, but don't know of I'm looking in the right direction.
Get a cheap linux VPS. My host provides 4 CPU sd and 8G for 8 eur per month which should be enough for something like 500 users.
Then just run the ansible playbook. It will do everything for you
Is this an arm instance on hetzner? I was looking for something cheaper than digitalocean, but I like their networking quality a lot.
No, Contabo.
How long have you been using Contabo? Are they reliable enough?
They're good enough for hobby projects, but don't rely on them for very critical infrastructure, unless you can setup reliable high availability yourself. Multiple times they took down my DB for hours on the weekend and were unavailable to fix until Monday.
However they're one of the best power for money available. I've been using them for something like 10 years now, but I started using them way more extensively 1 year ago when I started the AI Horde
These random unannounced outages are what I had heard multiple times before. While I'm under to illusion my lemmy instance is something special, I do aim for 100% uptime. Shit happens, things go down, but it appears Contabo has grown a reputation for it :( I may try hetzner at some point.
you get what you pay for. but there's no 100% uptime. and five 9s are really expensive to setup. You can work around contabo's iinstability by smart clustering, but I don't know if lemmy supports that very well. You might need some expertise with k8s etc.
Oh, don't get me wrong - I'm under to illusion of having 100% uptime, I'm simply aiming for it :D The idea of cloud is so that hardware redundancy problems are handled by them - that's the selling point. Otherwise I can achieve random outages quite well on my own hosting stuff at home :D
I do understand what you mean, though - you get what you pay for.
I have mine running on the cheapest arm Hetzner instance, working well so far
Glad to hear that!
Oh, Hetzner has ARM machines now? Very nice. Guess I should finally move at least my mail server to ARM.
Yes, only in
FrankensteinFalkenstein though. Which isn't a big deal if you're EU based anywayFrankenstein is the name of the doctor, not the name of the monster
oh no, that'll team me for using LanguageTool!
I didn't know Lemmy could run on arm architecture. Is your installation with docker?
No, with the Ansible method. I tried the docker method, but it really didn't want to work for me.
If you go the Ansible way though make sure you're using a Debian 11 based OS
Hosting on Ubuntu 22.04, worked a charm with Ansible. Docker was a mess, couldn't figure it out.
holy crap, that's cheap!
thanks, in VPS, any red flag I should care for? Privacy, monitoring, etc?
Very low bandwidth caps will be a problem with fediverse.
Other than that, check your steal % once you have the VM. If it's over 20% consistently, you're being ripped off.
Personally... it was an experience to say the least. I went down the Docker path for my instance. I've tried to keep away from Docker for ages, but here I am.
I'd recommend using the ansible playbook to get it running, as the docker documentation isn't very detailed and it gets very confusing; especially for a beginner.
The docker documentation is not kept in sync with the docker-compose.yml it asks you to use. So you download the latest one as per instructions, but that's being regularly updated with no thought to the documentation also being updated. It's also doesn't seem aimed at production deployment, just developer test environments. Then there are stupid simple things like the port number being changed in the docker-compose.yml but not in the nginx.conf or the lemmy.hjson. There desperately needs to be better control of that.
There is a lot wrong there and it doesn't fill me with confidence. It took me 3 hours to piece it all together last night and had to revert to picking bits out of the ansible documentation.
Right? Thank you for confirming that I'm not extremely stupid when I didn't manage to get the docker installation working, only the Ansible one.
Exactly, I’ve spent ages yesterday and today trying to piece together a set of configs that all work together. I thought it must have been me missing something because the last time I did it everything worked exactly as described in the documentation and it took about ten minutes to get a working instance up and running, but not this time!
It helps slightly (slightly!) if you refer to the configs from the last release rather than the ones on the main branch that are constantly being changed, but even then you’ll have to maybe use the docker-compose.yml from the Ansible repo if you don’t want to build nginx as part of the docker install.
Got there in the end though!
Turns out I can't upload photos due to the config file they point you at being wrong. Ffs! Direct users to a labelled release and production version. At the moment it's chaos at the very time it needs to be as seemless as possible.
I thought I was going crazy. I'm glad I wasn't the only one having issues.
thanks, wanted to go that route
Make sure you use a Debian base OS, as the playbook uses aptitude to install the dependencies. Also, you can't use anything over Debian 11, as the way the apt repositories and gpg keys are added, and the pip packages are installed don't work with the newer OS'.
I found out the hard way lol
The fact that this wasn't in their install instructions made waste multiple hours yesterday. Eventually got a server working on Ubuntu 22. But then after starting to subscribe to other communities my server stopped responding Soni gave up
Did you start with arch or something 😂 sounds like you went through it lol
Not even ha, just tried to install on Debian 12
+1 for Docker, specifically Docker Compose. Lemmy probably isn't the right container to learn Docker with, but once you have the fundamentals down spinning up Lemmy was pretty seamless.
Did you get it to run on docker? My personal instance is running, federation and community search semm to be working but when I subscribe to something it just says "pending" and does not seem to actually go through
I did, yes. It took me a few hours of troubleshooting though, spanned across two days. I'm using Nginx Proxy Manager instead of the Nginx proxy that comes with Lemmy, but it all translates similarly. I also followed this guide on YouTube.
If it's sitting there saying "pending" for your subscriptions, it may be that the "proxpass /" location ports are off by one. It'll look like it's federating properly, but really it isn't. That was one thing I noticed with the documentation/examples; things were off and not updated. Check my screenshot attached for what I mean. The documentation/example config for the proxy lists the Lemmy-ui port as 1235, but it's actually 1236.
Screenshot
Hopefully that makes sense. If I can be of any more assistance, let me know!!
Thanks! I'll check the video and I'll double check my configuration. The example compose file and config files already needed some tweaking for me to get to this point but maybe I've missed something.
The cheapest way is to get a small vps. If you don’t care to much about the cost and might want to learn more about modern infrastructure practices you could try to getting it running using AWS ECS.
What I'm curious about is running a server only for myself. Am I gonna have problems with being defederated? I'm wanting to run Matrix right next to it on the same domain but they seem much more open to the concept of personal servers.
it's alright, i run a personal server with closed registrations. looking for new communities is a bit glitchy, you might need to search a few times before it appears.
e: one thing i have to note is that docker-related documentation is somewhat inaccurate and, in my opinion, their setup is a bit overcomplicated.
Using their docker set up as well and I thought it was quite lean. Out of curiosity, what do you think is overcomplicated about it?
it's all minor stuff, really, but it adds up and people who are not particularly savvy might give up on self-hosting lemmy because of if. so some polish and cleanup might be a good idea.
i know there's an ansible role too but i haven't looked through it. i have to do way too much ansible code review & refactoring at work. :)
I'm planning on self-hosting an instance (and some other web apps) on my local server at home, but over a VPN on a public VPS. I feel like that's gonna make an overcomplicated setup even more overcomplicated lol
i'm hosting lemmy on a vds using an S3 storage hosted at home (over wireguard). :)
i've decided against hosting lemmy at home because there's no way to setup a proxy for outbound connections (or i couldn't find it) so any federation request your lemmy instance makes reveals your home IP to owners of that particular instance.
Wait, how would that work? If I'm using OpenVPN, would it not be using the source and/or destination IP as my OpenVPN client IP, and not my home IP? After all, OpenVPN is completely bypassing my routing and NAT from my home connection, and it just tunnels traffic through the VPN instead.
I believe the source IP would be the IP of any server trying to contact my server, and then the destination IP would be my VPN client IP because of the DNAT rule I have on my VPN server (say 10.0.0.2) so it would not expose my home IP, or is that not correct? If both Lemmy and Nginx are either using a local docker IP (not on my home network) or the OpenVPN client IP from tun0, how would they even be aware of my home IP which would be on a separate network interface?
Are you saying I'd be exposing my IP if I tried my home-based VPN port forwarded setup? I am pretty sure it wouldn't be exposing my home IP, but maybe I am mistaken.
if you pass all outbound connections through vpn you'll be fine.
Good to know, thanks!
I also asked ChatGPT because I was curious, and ChatGPT said since I am using a VPN, when my home server makes outbound requests, they will first go through the VPN tunnel and emerge from the VPS which means that to external systems (like the servers receiving my federation requests), the source IP will appear to be the public IP of my VPS, not my home IP.
Very cool stuff! It makes sense that VPNs can be used to mask home IPs even in this way, since VPNs are literally designed for security and privacy lol
No, I don't think so. I've just been adding sub..."lemmys" and the flow is a little wonky but it seems to be working well after a few days.
I have a somewhat related question: is is possible to help the infrastructure by providing a node to host an existing instance?
I don't wanna have to create and maintain/moderate my own, but would be willing to donate some power and bandwidth to the platform in order to improve performance/geographic distribution etc by having a replica node for an instance/instances of choice.
Thanks
I don't believe that's possible. At least, not right now. Happy to be corrected though.
I would also love to help in this way. I have a small home server and an internet connection that has plenty of capacity available.
I'm using a hetnzer VPS, and the ansible script. It's working well.
I was considering it.
There is the cost for the vps which would have to be separate in "quarantine" from the rest of our stuff.
Extra cost. $6/ Month sounds cheap but it's not unless you really feel the need to spend 5+ hours a day troubleshooting the tech side.
Then there is the risk of becoming a platform for pedophiles and terrrists.
More time going in that for moderating it and not risk getting our cloud account banned because we hosted illegal stuff - even if it's by mistake it's still a risk to get the whole account shut down.
Only way I can see this works is for someone who is knowledgeable enough or has trusted people who are knowledgeable to keep the server clean.
It's a fun experience I bet but too risky.
Learning to setup infra is a great chance but there are other ways to learn and still not contribute to internet filth or spam.
Better a few big sites than 1000 small unmaintained ones.
You don't have to allow sign-ups, therefor no modding to do if it's only you.
That's what I'm doing. Totally closed sign-ups except for a few close irl friends.
This is what im going to do when I get a spare few hours to set it up.
Im looking at it in the same way as my searx instance. Just a private portal that will have as much uptime as I can maintain, federated with who I want and no one I dont.
Same. I'm glad I found this thread because I was wondering if it was ok to do this.
Like this it does make sense for learning and it can be done locally on a regular PC. No need to even have it running more than 5h/ week.
Only start it when trying something.
There are other more interesting things to learn and setup. Something like a honeypot.
Counterpoint, someone will learn about Debian, ansible, docker, and troubleshooting all of the above.
Personally I've run into many bumps along the way, some really dumb and not documented at all. But it was a fun learning experience.
Running a public instance is 100%, definitely not suitable for someone without experience or at the very least a solid background and a sincere willingness to learn and spend time maintaining it.
A private server for yourself and a group of buds?
There isnt really a reason not to give it a go if youre interested.