Indieweb and self-hosting my own space
As I'm moving all my online assets to a VPS (Virtual Private Server) I wanted to share my current setup. I also want to emphasise that I've been able to set this all up with decent technical knowledge and an understanding of how the internet works, but far from adept developer skills or any significant familiarity with running a server prior to this.
I really hope to learn over the next year and help others build the confidence to take similar steps. I'll try and keep this post as updated as possible along the way.
My reasons for doing this has been outlined in other posts, but it's about a few things:
- Owning and having control over my own content. i.e. not allowing my content to be collected and used by bigh tech for building their wealth, targeted advertising or emotional gaslighting.
- Lessening my dependency on big tech for my online presence, conversations and collaboration.
- Avoiding proprietary algorithms and their determination of what receives attention.
- Supporting small tech, a concept best described by Small Technology Foundation.
- Learning enough to help others. And to feel more confident I know what I'm talking about when speaking and writing about independence on the web.
First step: A VPS
A server is a computer connected to a network that can "serve" content, often for the web. A website is always hosted on a server. It can be private in the sense that I as the owner and administrator do not share it with others. On a shared server (which is the most common way for small entitities to host a website on a web hotel) your assets, and availability, are more vulnerable. You have to abide by more rules, you do not have access to all the settings of the server and can not install what you want on it. The shared environment means security issues, limited resources and the fact that your website could slow down becuse there are other popular websites on the same server.
Virtual can feel like a peculiar concept for a lot of people. What it means in this case is that my computer (the server) is one of many on the same physical machine. It is still running its own operating system and is completely isolated from other virtual servers. Specific memory and computing power is dedicated for each virtual server and never shared. For all intents and purposes, it's a standalone machine. It just isn't physically a standalone machine. It virtually is.
So there you have it: a virtual private server (VPS). A computer I can use to serve web content where I control all the settings, can install what I want and do not share it with others.
To be clear: some people argue that it isn't really private when you actually have multiple tenants on one physical machine. There are of course single-tenant options available. Still, this is the naming standard in use, and VPS is considered the premium option to shared hosting, giving owners much more control at an affordable price. Dedicated (single-tenant) hosting would be a significant step up in price.
You could of course completely host your own server in your own house, but that's another story. If you're up for that, you likely don't need this post.
Choosing a VPS
I did a fair bit of research with regards to suppliers in Sweden and landed on Hostup as the option that appealed to me the most. Beyond price I looked at response times and uptimes, and also geographical proximity. I think if you ask online you can get many different recommendations. If you are in the EU you likely want an EU-based host.
My shortlist of options might look like this:
Specifications is about what your server has in terms of memory and computing power. This will depend on how you plan to use it, how much traffic you expect and how many applications you intend to host.
I can say up front that I am doing quite a lot with mine and I realised just after two weeks I had to upgrade from my original setup. And this is one of the benefits of a VPS. Since it is virtual, you can often upgrade it quickly and even without having to restart it. In my case I sent an email and an hour later my server had more memory.
What I started with (and I think will be enough for most people) at about €10/month:
- 50 GB SSD Storage
- 2 Cores @ 3 GHz
- 2 GB ECC RAM
- 2 TB traffic
What I have now at about €20/month:
- 80 GB SSD Storage
- 3 Cores @ 3 GHz
- 4 GB ECC RAM
- 4 TB traffic
When I get into all the applications I'm running you will understand more about why I decided to upgrade.
Cloudron to the rescue
What originally had me hesitant about even starting down this route is the fact that I really do not have the time and skills to regularly maintain, update and keep a server secure. Sure, my skills are good enough to get by and find my way through help documentation. But my fear was that I would soon realise I had bitten off more than I can chew. I can enjoy midnight problem solving as much as the next geek, but there certainly is a limit. Especially when all my online publications are affected.
I received the advice on Mastodon to check out Cloudron (Affiliate link). And this pretty much changed everything for me.
Cloudron is a software solution that creates a user-friendly interface for your VPS. And it has production-ready packages of apps that can be installed with, essentially, one click. So a bit like an app store for your own server. With some more settings available.
Furthermore, Cloudron takes care of installing and running your own email service which can be a bit complex. Having a working one is really important for receiving messages from all your different installed applications. And potentially, if you also want to completely host your own email server.
Some key features and benefits are:
- Keeps all apps up-to-date automatically.
- Scheduled, encrypted backups to external storage.
- An email solution with automated DKIM, SPF, DMARC setup for reliable mail delivery.
- Portability. If I want to move my whole Cloudron setup to another cloud/VPS provider I can do that. No more exporting and importing blogs from one install to another.
- Automated SSL-certificate management with Let's Encrypt. This is all managed behind the scenes by Cloudron for any domain I add.
Depending on your needs there may be a couple disadvantages attached to this. If you want to install apps that are not in their catalogue you either have to do that through terminal access (which would make it separate from everything you control via Cloudron) or create your own Cloudron-compatible Docker image for that app. Which, to be fair, has its own tutorial so not a show-stopper.
Cloudron does give you terminal and FTP access to each app that you install, but there are a fair amount of limits to what you can play around with. And this is tied to keeping things up-to-date and backed up in an efficient way. If you want the automated updates, you don't want too many personalised tweaks to clash with those. So again it's a bit of a tug-of-war between control and security.
I decided it's totally worth it. Cloudron is everything I ever wanted to control my own server and then some. Because truly what I'm personally really after, beyond the points I outlined at the start, is to spend more time writing and producing content rather than worrying about the tech.
Does it come with a price? Yes. $15/month when you pay yearly. So if you're keeping track, my setup is now at $35/month. I have no idea if that sounds feasible for you, but for me it really contributes to the peace of mind I'm looking for.
To be honest, in my case I'm actually reducing monthly costs at the same time as I'm becoming more independent. I've been using services like WPEngine, Ghost(Pro), some whiteboard solutions and the document collaboration platform bit.ai. A few more services as well, since I do enjoy testing and evaluating.
All of those are being replaced by software on the VPS.
The apps I'm running
To minimise concern I am sticking with the apps offered out of the box with Cloudron. They are plentiful.
- Mastodon. I'm running my own instance of this open source social media platform.
- Pixelfed. Also part of the Fediverse this is an Instagram alternative that I'm trying out for my cartoon. I may end up not using it and just sticking with the cartoon as a blog.
I've closed my Ghost(Pro) accounts where I had my two main blogs at a hefty price. Just one of those was almost priced the same as what I'm now paying for my entire setup.
I started with the Ghost platform almost two years ago now and I really love it for its ease of use. I make compromises here, because I can't edit the HTML of posts as much as I sometimes want to, but that's not the most important feature for running a blog. Actually writing is. And I have written a lot more regularly since moving to Ghost (from Wordpress, and many years ago also Drupal).
As it turns out I'm now running four Ghost instances on the VPS. There's my English and Swedish blogs, my newsletter, and my cartoon.
The blogs are obvious. The newsletter perhaps was not. I looked at Mailtrain first, which sounds like the logical choice because it's described as a newsletter application. But it felt too complex. Again: I just want to write and push publish. So I realised that a big part of Ghost is the ability to send out newsletters to "members". It is a newsletter platform as well.
Thinking about it, there is technically very little difference between a blog and a newsletter. Only the added delivery to email. Using Ghost for my newsletter also means there is an RSS feed people can use if they don't want to give up an email address. That's exactly the kind of web I want to promote and lead the way with. A web that matches my values.
A challenge with self-hosting newsletters is often the actual mail delivery. For this Ghost relies on Mailgun, which is a third-party service. I'm okay with that, as it is the reliability of mail delivery I want in this particular use-case. I can still send out all messages with zero tracking enabled. Currently it won't add to my costs as my subscriber count and schedule is within the free tier of 5,000 messages per month. Beyond that it would only be about $1 for each extra 1,000 messages.
On a whim I started drawing a comic strip called Wild Exploits in May, which is something I've wanted to do for years. Given how I'd just realised the simplicity of setting up my newsletter on Ghost it was a no-brainer to do the same for the cartoon. So each cartoon is just a blog post and anyone can read the cartoon by subscribing via straight-up email or RSS.
In case you're curious about the comic, here is the latest strip:
Document sharing and collaboration
I've always been a big fan of wikis, but also the power of live collaboration in documents. I've been trying out a couple of the wikis in the Cloudron library, but haven't decided finally yet on which one I'll finally use, but I have found something else: Hedgedoc.
I often have to share explanations, guides, tutorials, agendas and other types of quick content with clients. Things others may send in email. I've used Dropbox Paper and bit.ai for this in the past. The obvious benefit being that I can update content without having to send new emails.
The other thing is of course working on content together with others in cloud-hosted documents, which many people have experienced with something like Google Docs.
Cloudron does offer Etherpad, which I may consider installing as well but have not yet. It's the more well-known open-source solution for editing documents collaboratively in real-time. It is definitely more novice-friendly if I share a link for collaboration.
But thanks to Cloudron I also discovered Hedgedoc. It's a super-fast way of creating online documents and will also allow collaboration. The collaboration part I haven't tried out much yet, though, as it requires a bit of a geek on the other end as well.
What I love about Hedgedoc is that it uses Markdown syntax. For me that makes it super quick to write well-formatted documents that display beautifully. Using metatags Hedgedoc also allows me to set the language of the document, keywords and more. I've already been using it with clients and it's saving me bundles of time, which means it easily replaces bit.ai but also google docs at times.
Hedgedoc is a keeper. Saves me money and keeps my content on my own server, away from prying eyes.
As you will have realised, what I am self-hosting is probably a bit more than what an average blogger for example would want to host. I'd say that running one or two blogs you can easily do on the server specification I had at first.
The main reason I upgraded my VPS was because some apps started running out of memory. I may have been able to tweak this with settings and allocations of memory to different apps. But being me, I knew I was eventually going to have to upgrade. I just love testing new things and the higher tier allows me to do that without any issues.
What does happen when something runs out of memory on Cloudron is that Cloudron simply restarts the app and lets you know. Nothing more complicated than that. And sometimes it will recommend allocating more memory for an app, which you can simply do with a slider. Given that my two blogs are my primary publications, I have for example allocated more memory to them. It's about testing different settings in the beginning. The first weeks I got a few warnings, increased memory where recommended and then the warnings ended.
We are always reliant on backups to truly feel safe. Included with my VPS host are weekly backups of my server. I can pay a few kronor more per month for daily backups.
Backups of the Cloudron environment and each app are made by Cloudron. If you don't have an external server set, those backups will be saved on the same server, which is not ideal because:
- The backups take up a lot of space on your server, that could be better used by your apps
- If you need the backup because of a server issue how will you reach it?
I haven't set this up yet, but my plan is to buy a storage box at Hetzner and set up backups with CIFS (Common Internet File System) which is one of many storage provider solutions that Cloudron supports. It will set me back another €3.45/month, bringing my total for all this up to about €38.45/month.
I also want to clarify that the way Cloudron does backups is very resource-efficient. Here is their explanation if you're curious:
Unlike VM snapshots, these backups contain only the necessary information to complete re-instate the Cloudron or app. For example, application code and system libraries are not part of a backup because Cloudron packages are read-only and can never change. Runtime files (lock files, logs) and temporary files generated by apps are not backed up either. Only the database and app user data is backed up. This design significantly reduces the size of backups.
One benefit of the Hetzner storage box is that it also could be used for cloud backups of my photos and local documents. At a lower cost than running my own Nextcloud service on my VPS. Storage space is often a major weakness if you host a lot of content with images, or of course video. Specifically for video this means I will for the time being keep those on my Vimeo account, even though a Peertube feels more "right". Key aspect is that Vimeo does allow embedding without tracking.
Is all this worth it?
It's a resounding yes from me. I do realise the costs of what I'm describing will appear rather expensive for many. My costs are also run through my own company, allowing me to deduct VAT.
When considering the #indieweb path I think there are a few things to consider when evaluating the cost:
- Can I share the server and cost with some friends and/or family members? This could actually make it extremely cost-efficient to run your own services.
- What service costs do I have today that I'm not thinking of? i.e. Are there services I am paying for that I perhaps had not realised I could instead self-host?
- My values. Am I perhaps willing to pay a little extra (if that truly turns out to be the case) to not support big tech and surveillance capitalism?
- To what extent am I okay with losing content or letting others share my content for their own gains, given that it's stored with companies with growth as their primary goal and where I am a tiny, tiny voice often signing off my content to be used by algorithms?
More to come
I still haven't addressed email. This is perhaps my own biggest challenge. I have decades worth of email stored in my Google Workspace account and being able to search that treasure trove is a significant tool in many everyday workflows. I'm afraid replacing it will have an impact on my efficiency through a poorer search experience but also things like the lack of calendar integrations (yes, I use Calendly as well) and questionable spam filters.
Any words of encouragement and ideas that can be thrown my way when it comes to self-hosted email management (or perhaps going the Proton route) is much appreciated.
As mentioned I intend to update this post with significant developments, and if you want to make sure you don't miss anything there is always the newsletter.
Always happy to hear from you when it comes to your own hopes and fears related to this topic. And if you have ideas about what could make more people take the plunge. Today or in the future.
Get Per's newsletter
Per Axbom's newsletter on digital ethics and compassionate design helps you stay updated on human rights issues in the tech space. You will receive select posts in your inbox 2-3 times per month.
Become a Key Supporter
If you wish to support Per's efforts in writing and teaching on digital ethics and wellbeing in tech, you can become a key supporter and donate monthly.
For one-time donations you can use Swish (in Sweden) or PayPal.