Plan A: Nextcloud on Linode. Probably not the dirt cheapest choice, but affordable as a steady expense right now, and it seems to provide a lot of resource headroom while I get on top of how it works and what my actual needs are gonna be re compute and bandwidth and so forth, as well as allowing me to stand up any extra services I may want on this web presence - Nextcloud's open nature is good for that as well, but I want access to the system itself.
What I need:
I will be using one of the Nextcloud office suites for the same stuff I currently do on Google - text documents (chord charts mostly), spreadsheets, etc.
Likewise I will be figuring out how to hoover every photo and video taken by our phones and computers up into a backup collection, and we can then treat our phones like "thin clients" which are only representing our data, not storing it. I have not successfully used any organizational aids for pictures before so for now I'll be happy just to have a collection of dated folders for each phone, and we'll improve from there. It will be stored in some sort of cheap bucket or block storage as well as on my local ZFS server (seems like block storage might be the better choice for that reason).
Likewise I want to get all my email history backed up somewhere other than gmail's servers on an ongoing basis. I don't think I'll stop using that email address and I don't expect to actually control my email (nor would I want to), but I don't want to be in a position anymore where Google could just up and decide to lock me out of my own communications history based on some algorithm. That said, I will probably also setup some sort of alternate email that is not on any .com platform and possibly transition to it over time, and all email will end up here.
Re platform, I think that I could probably do it a lot cheaper on AWS, and I think I know how to get that done without getting snagged by one of their runaway expense traps, but I'm not completely sure. I do not trust them not to find some way to slip a thousand dollar bill past me before I realize what their automated system is doing.
Linode, on the other hand, have a good reputation in terms of competence and reliability, and from what I can tell the price they are offering is not completely out of whack. They even offer the quick deploy version, but I do believe I would just take a raw server and stand it all up myself, I have security people in my family who can make sure I'm not hanging my junk out the front door before I go live.
I am also considering Digital Ocean, who I've dealt with a little bit in the past and found them great.
Future plans for this server include some kind of federated publishing - Nextcloud might even have some sort of blogging extension that could be further extended, or maybe even it's already implemented, I'm not that up on it yet. It's just a high profile self-hosting system that I noticed.
Or I might add a small Mastadon to the server for the same people who use the Nextcloud, but I'm hearing a lot about runaway transfer fees so I'm gonna wait and see before I stand one up myself. But that's why the raw server instead of the one-click solution, one way or another I'm gonna get on ActivityPub.
Anyways, thoughts anyone? Like I said, current plan is Nextcloud on Linode for a while and see how it goes, but if there's something leaner or more extensible or that handles ActivityPub better or whatever I'd love to know.
So I would probably avoid Amazon just because many of their services charge for data out. It isn't out, but it's a variable for you, and you probaly want something that's flat per month. Cheapest you are going to get with somewhat reliable service is either going to be Hetzner or BuyVM. Hetzner is better for someone who doesn't want to tinker, BuyVM for those who do (BuyVM is a little less reliable, but you can set it up cheaper if you are willing to do a little bit of manual work with shell commands).
Secondly, I'd suggest you host this through Cloudron. It helps you handle automatic security updates and backups. It's very nice, and worth paying for, although it's a little pricey for individuals.
Third, with email, you can host it yourself (in fact Cloudron has this built in), but I'm going to recommend against it, or at least recommend that you pipe important emails through another service like Fastmail. Let me explain why. There's going to be some point after hosting for 5 years, where your server is going to go down. Now email will be fine, it's built to deal with cases where servers go down, but... we rely so much on email right now, that it's going to really suck to have it down. So by all means, have your personal email come to the server, but keep anything that you can't do without running on a managed service. You can pipe it through your own domain, and set up automatic forwarding, but it's going to be a little better to run important stuff through someone else's server, imho.
Just my two (or three, I guess) cents.
I have a backup process running on it, but back up disk space is a lot cheaper than live disk space attached to a VM, so it's a lot cheaper than the requisite VM disk space would be.
That said:
"and I think I know how to get that done without getting snagged by one of their runaway expense traps, but I'm not completely sure. I do not trust them not to find some way to slip a thousand dollar bill past me before I realize what their automated system is doing."
This is a per-service concern. EC2 may be old & busted & "just VMs, dude, get cloud native you early 2000s buffoon" & totally uncool... but also precisely because it is just a VM, it is also bounded. It won't blow up on you, because you can't just use 100 times the service you expected. Worst you can do is use the network like crazy, and for as expensive as bandwidth is at large scales, at this scale it's not going to break your bank unless you really screw up. I'm bounded by the fact my home network connection won't let me go too crazy anyhow. (Or on a small T3 instance you can turn on unlimited credits and then run those up, but there's a bound on how large that can be even if you're running 100% full time and it's not huge.)
Just some options. Mastadon is presumably more complicated to run on local resources, you'd still need something with a public IP that can be reached to work correctly.
Fujitsu D3417-B2
Xeon 1225v5
32GB ECC RAM
Pico PSU 150W
Samsung 980 Pro NVMe
It can even run macOS VMs[1] and raspberry pi virtualized[2]
Works great so far and way better than TrueNAS Scale (at least atm) or bare metal linux systems. Needs some research and learning though[4].
[1]: https://www.nicksherlock.com/2022/10/installing-macos-13-ven...
[2]: https://azeria-labs.com/emulate-raspberry-pi-with-qemu/
[3]: https://www.hardwareluxx.de/community/threads/proxmox-stammt...
[4]: https://www.youtube.com/watch?v=LCjuiIswXGs&list=PLT98CRl2Kx...
There you go, $300 one-time cost, and you have a very powerful private server that can run all your self-hosted stuff. Via Tailscale, it can even expose some services to the public internet, if you feel the desire to do so.
Prepare to spend much time debugging, configuring, reading tickets, etc. If you only want files and Cloud office, consider using alternatives like Seafile[1] or the new OwnCloud rewrite in Go called OCIS[2], which are MUCH more stable than Nextcloud.
[1]: https://www.seafile.com/en/home/ [2]: https://github.com/owncloud/ocis
What frustrates me, and why I don't do it any more, is we don't have a manageable story for most things. In many cases there's a good recipe you can follow to stand up the basic service. But hardening, security patching, etc. aren't covered. You have to come up with your own solution to make sure it's up, etc. On top of that, projects come and go, and someone may unfortunately choose a project that's a dead end and won't be patched. (And big-budget cloud doesn't solve many of these issues, either).
My personal fear is that a lot of self-hosted stuff becomes like all the unpatched Wordpress sites, years ago, that were just vectors for hacks. It wasn't that the data was stolen, they were pretty much pwned to launch other attacks. There are just too many solutions out there for all the bits and pieces needed to keep stuff up and secure. And all those fiddly bits are hand-integrated (for the most part). I'd like to find something that provided me a full stack, with all the boxes checked. I would get monitoring and security patching around all the bits.
In the interim, I try to use products from companies that either don't primarily make money by advertising based on my data (even if the products are more expensive). (Note that advertising is what you do when you're out of real ideas - so it's inevitable that all companies head that way when MBAs with no imagination want a safe return). Or, I use products that are (as much as possible) open source. (There are still disturbing amounts of proprietary blobs in my Raspberry Pi homely servers, for example).
With all that said, I wish you luck! I've run my own infra in the past and it's fun.
https://www.oracle.com/cloud/free/#always-free
I've used many other free tiers over the years (living in a low-income region you pretty much have to), and they make it difficult to fuck up your trial and go over the free limit. With GCP or AWS (especially AWS) it's trivial to start running paid resources and be surprised with a large bill at the end. Here you have to explicitly opt into it by clicking through multiple dialogs and confirming via an email link.
I have switched email providers 3 times in 25 years. With the last one, I bought a domain and pay for custom domain hosting. I don't have to think about my e-mail again until the next time I switch in 10 years. When I switch, I'll just sign up for the new provider and sync my IMAP folder over, change MX records, and boom: done. No paying for a VPS, no maintaining software patches or server or network issues, no e-mail administration or web interface administration or dealing with spam or IP reputation or anything else. It's all taken care of.
At Swiftpoll -- https://swiftpoll.net (The best polling app on the web! We promise!), we use a combination of Racknerd (https://www.racknerd.com/NewYear/) and Contabo (https://contabo.com/en!)
For our Gitlab runners, the metrics server, and the test server, we use Racknerd. For the production server, we use Contabo.
Racknerd costs about $10-30 per year per virtual machine. Racknerd runs crazy sales, such as black Friday's double bandwidth deals and free giveaways (https://lowendtalk.com/discussion/182479). Over 1000+ pages of craziness on lowendtalk!
The only caveat we have with Racknerd is the lack of support as a terraform provider. Racknerd uses Solus, and unfortunately, we did not have access to the admin APIs, such as reinstalling instances. To solve this, we made a playwright library that automated installation and maintenance tasks on the Racknerd Solus control panel.
For Swiftpoll production, we went with a Contabo instance in their St. Louis data center. Contabo has support as a terraform provider with APIs to do just about anything you'd like. It works out of the box, and we didn't need to create anything hacky in Javascript, which we loved. Our only caveat is Contabo may charge "setup fees" when making changes to instances. Contabo costs about $9 per month and up.
We have been using Racknerd and Contabo for a year. So far, we did not encounter any problems. We keep our hosting costs under $50 a month. Downtime with either provider is super rare, and I don't remember when the last time it happened was. Both providers offer generous bandwidth measured in terabytes.
Similar offer and simplicity as DigitalOcean, but way lower prices. I had to reach support a few months ago, and they were pretty responsive.
They also show the prices per month, not per hour/milisecond/byte/whatever. As I'm also the one paying the invoices, I really like that.
Anyway, here's my current setup:
- Hetzner Cloud VPS -- https://www.hetzner.com/cloud -- I use it for a public website - https://vlad.studio/ - otherwise I'd get the cheapest option); 4€/mo
- 1Tb Hetzner Storage -- https://www.hetzner.com/storage/storage-box -- mounted as an external drive to the server above; € 3.81
- Filerun -- https://www.filerun.com/ -- used as web interface and file manager, instead of NextCloud. I wanted to like NextCloud, but couldn't. Filerun looks nice. It is not as complex .
- Various mobile Nextcloud-compatible apps connect to my Filerun instance. I'm not happy with this part of setup yet.
Host it on cheap hardware at home, with plenty of RAM and CPU. If the power is off for 15min, that doesn’t matter for personal use.
As a plus, you can host it in plaintext (or at least, load the LUKS key), so that applications can index your data, allowing a lot of cool stuff. You can lock it in down more strictly, tailoring it to your specific environment.
There's a bunch of Bitcoin related Apps as well but it's easy to just ignore those.
Full list of "apps" here: https://github.com/getumbrel/umbrel-apps
When you’re ready to reduce prices and increase privacy, take a look at a tiny (like t3a.micro or .nano) ec2 instance that forwards to/from your “real” server at home which can be beefier. The home server maintains a vpn connection to the ec2 instance. you also need to configure nat and port forwarding on both sides so you’ll need to get your hands dirty with nftables/netfilter (probably a night or two of pain realistically).
Once it’s set up and working and you can get your monthly spend down to $3-$4 (I pay up front for three years of ec2 credits). You need your own hardware but a used nuc for example is pretty cheap and adding storage is a matter of buying an external usb hard drive.
And if you stick to https/tls (via letsencrypt) the Amazon forwarding instance can’t see what’s in your traffic (just which ips are visiting you and when).
(You could obviously cut Amazon out entirely if you’re comfortable hosting directly from your home ip but I never wanted to deal with the potential isp headaches.)
If I was going to go with anyone I would use AWS. Their stuff works better than any other company I've found and also support is actually existent. But expect to pay for it.
I don't want to pay for it so I keep my DNS and static web content on S3/CloudFront/R53 and let Apple handle the cloudy shit like email, calendars etc. Both AWS and iCloud+ cost me about £4 a month in total.
Someone will own you in one way or another. Better to leverage that and have an exit plan than not leverage it and cost yourself time, money and sanity because that's the real outcome of what you want to do.
In the long run, independence is worth something. It is just costly.
If you are into self hosting swing by #!:matrix.org
Don't forget that running your stuff and putting your data onto servers belonging to big corporations means that even if they're not scanning everything the way Google scans your email, they can still access it, so it's better, but not worry free.
I'm using the Nextcloud Android client, which could be better but does its job, to sync photos from my phone to the cloud. That can also be configured quite nicely to have specific folders for uploads, that should help you with keeping stuff seperate with several devices.
I've no experience with the office suite to be honest, never really looked into that.
Using shared hosting will come with the benefit that you will, most likely, have custom TLD to run your mail from/to. Shared hosting also does regular backups without you taking care about that etc. etc.
I'd say you should get yourself a Hetzner "Level 4" shared webhosting for domain, mail and "root" of the Nextcloud and then mount a storage box into that. Should be around 9 €/month then.
I don't have a ton of concerns about publicly-accessible Sandstorm, but if you're using something else, either Cloudflare Tunnel or Tailscale are relatively good options to hide your home connection and secure your access to your server from the public.
I'm not super hot on Nextcloud as a product, I tested it and found it slow and janky. It's exceedingly popular, but there's a lot of better apps out there if you run something that can spin up some containers.
Sure you can use an old computer and host at home much cheaper than AWS / Azure / etc. But on AWS / Azure / etc if the physical machine your VM is running on dies, your VM moves to another physical box within seconds without you having to do anything, within seconds, and without data loss. What is that WORTH to you?
That said, you can get a Synology NAS (easy) or build your own NAS (harder) and run Nextcloud in Docker. In the event of hardware failure (it will happen, it's just a matter of when), you'd just have to bring that Docker container + backing storage back up on the replacement gear.
A dedicated server on something like Hetzner is ~£50 a month, put portainer or proxmox (or portainer inside proxmox) and run whatever you want.
Use traefik to direct things.
Use backblaze, or hetzner boxes etc as storage backups etc
There's a variable I don't understand with self-hosted cloud/storage: what guarantees do you have that they're not peeking at what you store? Why do you trust them over $CORP? Do you encrypt your data at-rest (dm-crypt, fscrypt, etc.), and do block storage providers support this?
edit: fix typo
2) how much stuff are you planning on hosting?
3) how much bandwidth do you need?
nextcloud was (I've not checked recently) very hard to secure properly, so you'll probably want to hide it behind a VPN or some such.
The other thing to think about is the amount of time you have budgeted for initial setup, and on going maintenance. you will need to have backups, and those backups need to be tested.
For hosting, you need disk space, so if you have enough bandwidth at home, its car cheaper to have a low power server with a couple of big disks in it, than it would be to host that data on S3/other block storage.
AWS will be much more expensive than linode or DO. assuming you are not using the managed services.
finally, I would advise getting your physical instances controlled via ansible or terraform, and if you are using docker, get that config in some sort of repo, so you can teardown and bring up your infra on demand. This make disaster recovery much easier (or porting)
I thought I wanted this, then realized I really can live without all the old emails. Once you decide that you're left with photos and that's about it, which makes archiving easier.
It beat AWS's m5a.large's 3 year RIs ($27/mo) & 3 year compute savings plan ($31/mo) (no upfront).
It beat Azure's D2a v4's 3 year RI ($30.75)
It best GCP's e2-standard-2's 3 year committed use pricing ($22/mo)
It beat Digital Ocean's 2 CPU 4Gi Shared ($24/mo)
It beat Vultr's 2CPU 4Gi Shared ($20/mo).
It beat Linode's 1CPU 4Gi Shared ($20/mo).
I just heard about hetzner.com from this post, and it seem like they can beat namecheap's pricing. Hetzner's CPX31 offers 4 CPU / 8Gi for ~$14.77/mo. I might have to check them out
There's also https://www.pikapods.com/ that offers to host it for you in a simplified manner if you don't wont all the server hassle.
There's a lot of Hetzner in this thread, and in my comment. There's a reason for that.
I would suggest evaluating this for yourself.
Good luck!
One thing: Get the 3/4 drives models. I thought two drives will be enough, but I actually had an instance where one drive failed and the second drive quickly failed after that (thankfully I had already swapped the first defective drive with a newer one). But it could have been possible that two drives go bad at the same time.
How do you protect your data from accidental loss then? Simply backup using Restic to a Backblaze B2 bucket.
And that's how you get dirt cheap self hosted services.
Or you can just rent a storage share, a managed nextcloud instance, hosted by hetzner. https://www.hetzner.com/storage/storage-share
i run nextcloud on a vps from a gaming provider and got it hauling, heres a few things i learned
- avoid the snap of nextcloud, i could not get it working 100% (many apps would mysteriously not work etc), i am using a manual install from zip w zero issues
- if you are planning on using s3 as backing store, set it up BEFORE any users, otherwise you may lose data on disk. with that said, i use local storage and backup to s3, using s3 as the backing store in nextcloud made it obviously slow
once youre setup i recommend tuning php-fpm following their guides
With Hosting, you largely pay for reputation. Reliable/trustworthy providers are gonna cost more.
On one end of the spectrum you have good-enough-for-the-CIA AWS. $$$
On the other end of the spectrum you have communists running Data Centers out of their basement. $
I suggest Linode. Super reliable provider, much less price than the big names. I would expect the same service out of DigitalOcean, Vultr... just pick the company where you like the owners honestly. Linode's the one me teacher used tho.
Assuming you got the income, $40/mo for 8GB should be good enough to run a ton of hobby projects. Or maybe $20 for 4GB to start, I think Linode lets you upgrade droplets.
Avoid AWS. Using AWS for a hobby project is retarded. Its meant for enterprise.
Option B would be to use a RaspberryPi. Its extra work for less performance, but Pis are a lot of fun. Its like owning a toy that can run NextCloud.
If you're getting into self-hosting btw check out https://yunohost.org/ and https://landchad.net/
I'll say right off the bat that I don't see any red flags with your proposed plan. The following bullet points are primarily meant to offer some additional options or mental nudges to help you brainstorm - like I said, there's nothing abjectly wrong with your architecture, so this list may just offer more ideas:
- I've self-hosted a few email servers (and still do) and I think punting on that (or just doing the backup plan) is probably the right approach - you can DIY it today, but it's a part-time job. If you ever do decide to take ownership of your email, bringing your own domain to Fastmail or Proton Mail has also worked well for me. Today I host one domain on Linode and one on Ramnode. As with most things email, there are tons of nuances with doing it yourself - I had to get both my email servers' public addresses placed on an allowlist with their respective providers.
- I self-host most of my services on my own hardware in my homelab. I eschew the big, expensive, loud, power-hungry hardware in favor of smaller, cheaper, and swappable hardware, and the strategy has worked out really well. I primarily use ODroid hardware (they offer both ARM and x86-64 hardware). You mentioned a floating/non-public address as a constraint, so you could still do this with tailscale/headscale/something similar and gain the benefit of cloaking your services inside a private network (and using some public/free cloud instance as a low-power VPN endpoint). I don't think DigitalOcean/Linode are bad choices, but I very much like owning the hardware layer as well.
- I've been self-hosting before Nextcloud existed and used its progenitor (ownCloud) and developed a harsh distate for the huge, sprawling complexity of the system (it was hungry for resources, broke on upgrades constantly, etc.). That story may be better now, but I've sinced move on to hosting very targeted, smaller services. For example, instead of Nextcloud's file syncing, I run syncthing everywhere, and instead of Nextcloud's calendaring, I run radicale. Nextcloud will probably be fine, but I've been happier with running a smaller collection of services that do one thing well (syncthing in particular is an exceptional piece of software)
I could really ramble on but I'll just include a list of the stuff I host if you have any questions about it. I blog[1] about some of these, too: Transmission, Radarr, Sonarr, Jackett, Vaultwarden, espial, glusterfs, kodi, photoprism, atuin, Jellyfin, Vault, tiny tiny rss, calibre, homeassistant, mpd, apache zeppelin, and minio. Outside my lab hardware I run a few instances of nixos-simple-mailserver, mastodon, and goatcounter (used to run plausible). I also run a remove ZFS server that I mirror snapshots to as my remote backup solution.