The privacy community has an obsession with self-hosting. Ask a question about which email provider is better and you’ll inevitably get someone saying “self host your own email.” Generally speaking, I don’t always subscribe to this advice. I trust an actual email company to handle updating, securing, and maintaining a server better than I trust myself. But a few months ago, I decided I wanted to take the leap into Nextcloud. I know Proton and Tutanota both offer encrypted calendars and contacts, but I wanted something that integrated with my iPhone. I know that I’m probably surrendering some privacy just by that alone, but honestly I was willing to give up a little bit to regain the convenience. I could write another article on that alone, but the short version is I have iCloud turned off on my account and device, and so I feel pretty confident that I have a small degree of privacy with these things.
Anyways, I wasn’t really happy with any of the existing Nextcloud services. Nextcloud lists a few providers on their website, but then adds a disclaimer saying they don’t really guarantee any of the providers. “Buyer beware.” Well my girlfriend happened to have an old desktop tower lying around, so I cleaned it up and plugged it in and thus began my adventure in self-hosting a Debian server. I figured this might make a fun journey to discuss. I’ve had my server up and running smoothly for a few months now, so I feel pretty confident sharing what I’ve learned. Remember: I’m not an expert. I’m sure there’s areas I could do better, and I’m not claiming I’ve done everything right, I’m just sharing what worked for me in an effort to help others who might be considering running their own server.
Lesson 1: Basic Install Isn’t Hard
I’ve never run a server. I’ve known for a while that the basic principle is the same as operating a computer – or, to put it another way, it’s basically a computer that stays on 24/7. But I’ve never actually committed to it. Turns out, it’s actually pretty much the same as installing a regular OS. So if you’ve ever installed Linux or Windows it’s almost identical.
Lesson 2: It Takes Energy/It’s Kind of Like a Final Exam
Maybe this one is “me-specific,” but I quickly found that initial work on the server required a certain amount of “emotional and mental bandwidth” as I like to call it. Basically I had to make sure I had energy and a few hours to really get lost. This is because setting up a server was – at least for me – sort of like a final exam in the sense that it combined everything I had learned so far about networking and computers. I knew a little bit about ports – that different ports use different things – and IP addresses – that there’s public and local ones. Setting up a server required me to learn how to use port forwarding, which ports I needed to open, how to find my public and local IPs, and all that kind of stuff. It sort of coalesced all these random tidbits of knowledge and combined them into a single cohesive practical application.
Lesson 3: I F*d up. A Lot.
The catch phrase for the first couple months that I ran my server was “I gotta reinstall my server this weekend.” Some of this is probably my own fault for not understanding how these things work. For example, installing Nextcloud requires Apache. I was also interested in installing Rocket.Chat, which requires Mongodb. Apache and Mongodb are two completely different server softwares, and they can’t run at the same time. So I often had to pick between one or the other. I also frequently fell down rabbit holes trying to make a specific feature or program work (usually due to user error), and a lot of the time it was easier to restart rather than fix it. In other words: don’t put anything important on it or open it up to the public until you’ve had it running for a few weeks and you’re positive it’s ready.
Lesson 4: It’s Really Not Hard
Like I said, I’ve been running my server for months now. Over six, I think. And it’s really not hard. Sure, it required a lot of energy and trial and error at first. And yeah, I messed up and had to restart a lot. But once I got the hang of it, it’s really not hard. I just run updates regularly and check on it. The really fascinating part of this is that it became sort of addictive. I’m now going around asking everyone I know if they have any old computers I can use to turn into another server. I don’t even really know what to do with them. Maybe I’ll self-host a mastodon instance. Or Bitwarden. I don’t even know. It was just a fun challenge. But then again, I’m the kind of person who likes a moderate challenge.
I still think that self-hosting isn’t always the right answer. Once again, I trust an actual email provider to do a better job than me, even if that does mean I’mplacing my trust in another entity that I can’t control. But having had this experience, self-hosting really isn’t as hard as it seems, and I definitely understand why some people push for it. I think self-hosting is a great future. I don’t know if my server is as secure as I wish it was. It’s encrypted, and it’s using TLS. Does that technically make it end-to-end encrypted? I dunno. I’ll ask on a day when I care more. But I will say that I rest quite easy knowing that I am truly in control of my data. I don’t have to wonder if someone is peering through it, because I AM “someone” and I’m not. (Well, obviously I’m peering through my own data, but not the data of people I let use my server.) I never have to wonder what’s going on behind the scenes. It’s really reassuring. Next time you upgrade computers, I highly encourage you to hold onto the old one and at least give self-hosting a crack.