It has always been a concern for me to see which commercial providers I entrust my private data to and pay money for regularly. I’m not alone in this, because the search term “self hosted” brings up several blogposts describing the path away from commercial providers to self-hosted open source services. In the following, I describe my (still not fully completed) journey towards a self hosted digital life.
Protecting my private data, no subscription fees and 100% control over any desired features were my main reasons for going self-hosting. Also the urge to learn and have fun was high on the list. This was crucial as there are also some reasons against running your own server. On the one hand, there are the costs for the server rent in the datacenter (just because of hosting my mailserver an operation from home instead of in the datacenter was impossible). On top of that, there are some hours of setup and administration work combined with the challenge of secure operation in terms of failure and intrusion protection. In my case, however, this was no reason to give up my experiment, as it feels great to have complete control over all my digital services.
Self Hosted Services
Which digital services did I replace with self-hosted services?
So far I relied on the paid mail service of Microsoft Office 365. This allowed me to use my own domain already, but only in a very limited way. By running my own mail service based on Mailcow, I now have endless features. In addition, with the help of a good configuration, I hardly ever end up in a spam mailbox…
Most of my private data were previously stored in Microsoft’s cloud as well. With my Office 365 subscription, each member of my family got 1TB of online storage for a low annual price. But that’s over now, too, and I’m turning to Nextcloud for data storage and sharing. With its own apps, there are even more options here, so I don’t have to worry about losing an online office. Further applications like bookmarks, tasks, calendar, contacts, RSS feed management, chat, and so on are also possible via Nextcloud.
For a long time, I follow the philosophy to use a separate, secure password for each service. 1Password was a loyal companion for a long time. With the self-hosting of Vaultwarden (an open-source spin-off of Bitwarden), I have found a great open-source replacement. Apps for all possible platforms are available for Bitwarden.
Blogs My small blogs (tickerverbot.de, smartpassivehouse.com) are super resource-efficient with the approach of static websites based on Hugo. Until now the HTML files were located on servers from Gitlab or Google Firebase. However, I have now moved these to my server as well to have my services less fragmented.
Smart Home As already described here in the blog, I use local services for my smart home. No function in our Smart Home is dependent on the connection to a cloud. However, I now host the measurement data recorded in our passive house (such as my electricity consumption) on my own server, using the smart home trio Node-Red, InfluxDB and Grafana.
Two things were very important to me when running my own server besides the listed features: The operation should be as safe as possible in the sense of data loss. Backups and failover protection should be considered right from the start. In addition, the data should be protected against unauthorized access. Protection of my data even though physical access to the server was possible and the use of important security basics as far as possible was therefore also a must.
A little insight into the implementation of my self-hosting experiment:
There are countless hosting providers with different server concepts. It was important to me to use a dedicated server where the entire hardware is used by me alone. Virtualization concepts or cloud services were therefore not an option. Since I didn’t want to spend a lot of money and wanted to run my server in my home country (Germany), I decided to use the server auction from Hetzner. My chosen model has 2TB of storage and enough power to run a wide range of services.
Before setting up the individual server services, my first installation step was to encrypt the server hard disks completely. Thus, my data is protected even when accessing the hardware in the data center. When starting the server, I have to enter the unlock password every time, but this additional step was worth the extra security.
To separate different services on my server from each other and to be able to restart them quickly, a virtualization service was very important to me. For this purpose, I use the free software Proxmox.
I also rely on the Proxmox Backup Server for backups. It regularly backs up my entire server encrypted to my home NAS.
The next important software on my server is pfsense. Used as a firewall, all incoming connections arrive here first. Depending on the subdomain used, the respective virtualized services described above are then addressed.
Self Hosting Tutorials
Creating a complete set of instructions for my self-hosted experiment would be a bit too much for a blog post. It would also be only partially helpful for you, as setting up a server depends very much on your requirements. However, if you want to learn more about this topic, I recommend the following three YouTube channels:
Summary & Forecast
I have to admit: Several hours of work went into setting up my server. And a few emails ended up in the spam folder of the recipient. And a little bit of frustration came up sometimes when the comfortable functions of a commercial provider were not 100% available with the open-source alternative. But if you have read this far, you might be interested in this topic anyway and I strongly encourage you to give it a try. If you don’t want to rent a complete server, just start with the Hetzner Cloud services.
What is the next step for me? I haven’t managed to replace all commercial cloud services with my self-hosting approach yet. I continue to work on my finances with YNAB. But also in this area, I started to use the open-source alternative Firefly III.
What about you? Would you like to host your data and services or are you already doing it? I would be very happy to read about it in the comments!