The web services I self-host

Why self-host anything?

In a lot of ways, self-hosting web services is signing up for extra pain. Most useful web services are available in SaaS format these days, and most people don’t want to be a sysadmin just to use chat, email, or read the news.

In general, I decide to self-host a service if one of two things is true:

• Self-hosting is going to add a capability that’s difficult to find in a SaaS alternative. That might be privacy, or extra compute, or just an extra degree of customization that I want.
  
• I find it interesting or amusing to self-host it! I have been a professional sysadmin, and ran production web services for over a decade. So I enjoy messing around with servers, and can have a fair amount of fun with this.

Infrastructure and general tooling

Right now my self-hosted services are hosted on Oracle Cloud Infrastructure, for a very simple reason: OCI includes a very generous Always Free tier, which doesn’t even ask for a credit card! So I’m confident I’m not going to accidentally spend any money. I use ARM Ampere A1 Compute instances for service hosting.

The individual services are mostly managed using Docker Compose files, though a few are just running bare-metal. I have so far managed to resist the urge to put everything in Kubernetes.

Everything is backed up on a regular basis using Tarsnap.

I also use Tailscale to provide a VPN between my cloud servers and my various client devices (phone, laptop, tablet). If a service needs to be exposed to the public Internet to function, I do that… but otherwise, everything is only exposed within the Tailscale VPN, so that only my own devices can access them. This is both a lovely convenience (not having to manage as many DNS records), and provides an extra degree of security by hiding services that no one else needs to access.

Services that I self-host

• RSS reader: Despite the demise of Google Reader back in the mists of time, I’ve been a consistently heavy user of RSS feed since at least 2008. At times I’ve used commercial products such as Feedly, but these days I self-host the aggregator using FreshRSS. I use FreshRSS partly because it’s pretty easy to spin up and administer, and partly because it’s compatible with Reeder, a Mac and iOS app that I generally use to actually read my feeds.
  
• Fediverse instance: I run a self-hosted instance on the Fediverse ensemble of social networking sites. The best-known tool for this is Mastodon, but I currently use the Pleroma server, mostly because it seemed less painful to set up and configure. I run my own instance partly out of curiosity, and partly because I didn’t strongly resonate with any particular topic-specific server that’s already out there.
  
• IRC bouncer: I’m not on IRC very much these days, but I do like to avoid losing messages, and sometimes want to be logged into the same channels on different physical clients. So I run a ZNC server to maintain persistence.
  
• Matrix server: Matrix is a decentralized messaging platform that supports end-to-end encryption. Think of it as being a little like the Fediverse, but for chat rather than microblogging. This falls pretty squarely in the category of “I find this amusing to run”, because I mostly chat with less-nerdy folks on other, commercial platforms.
  
• Git server: I run a Gitea server which I use to mirror my own repos, as well as a variety of other open source repos. This is mostly to ensure that I have an up-to-date backup of repos I care about, independent of Github or whatever provider.
  
• Jupyter notebooks: I keep a persistent Jupyter notebook instance running for random code experiments and as a tiny development playground. This runs on its own VM where I also do other random software development, and it’s separate from the other services mostly so I don’t take down all my personal infra with an accidental OOM from a big build.
  
• Software package repository: I run an instance of Nexus Repository OSS, mostly to cache Docker images and other content that run the rest of the services above!

Services where I use managed hosting but don’t own the server

• This website! My regular website and this blog run on a shared hosting provider, mostly through inertia. (I’ve used the same hosting provider for web hosting since around 2008.)
  
• Email: In theory it’s an open, federated system similar to the Fediverse. In practice, the combination of spam and the growth of large providers makes it increasingly painful to run a server yourself. This post from Carlos Fenollosa does a good job of describing the difficulties.
  
  I do, however, run all my email through my own domain, though it’s hosted via Google Apps GSuite Google Workspace. I also back up my inbox locally on a regular basis. That means that if Google ever decides to remove my account, charge obnoxious costs, or otherwise misbehave, my email address is at least portable to other providers.