I used to self-host because I liked tinkering. I worked tech support for a municipal fiber network, I ran Arch, I enjoyed the control. The privacy stuff was a nice bonus but honestly it was mostly about having my own playground. That changed this week when I watched ICE murder a woman sitting in her car. Before you roll your eyes about this getting political - stay with me, because this is directly about the infrastructure we’re all running in our homelabs. Here’s what happened: A woman was reduced to a data point in a database - threat assessment score, deportation priority level, case number - and then she was killed. Not by some rogue actor, but by a system functioning exactly as designed. And that system? Built on infrastructure provided by the same tech companies most of us used to rely on before we started self-hosting. Every service you don’t self-host is a data point feeding the machine. Google knows your location history, your contacts, your communications. Microsoft has your documents and your calendar. Apple has your photos and your biometrics. And when the government comes knocking - and they are knocking, right now, today - these companies will hand it over. They have to. It’s baked into the infrastructure. Individual privacy is a losing game. You can’t opt-out of surveillance when participation in society requires using their platforms. But here’s what you can do: build parallel infrastructure that doesn’t feed their systems at all. When you run Nextcloud, you’re not just protecting your files from Google - you’re creating a node in a network they can’t access. When you run Vaultwarden, your passwords aren’t sitting in a database that can be subpoenaed. When you run Jellyfin, your viewing habits aren’t being sold to data brokers who sell to ICE. I watched my local municipal fiber network get acquired by TELUS. I watched a piece of community infrastructure get absorbed into the corporate extraction machine. That’s when I realized: we can’t rely on existing institutions to protect us. We have to build our own. This isn’t about being a prepper or going off-grid. This is about building infrastructure that operates on fundamentally different principles:
Communication that can’t be shut down: Matrix, Mastodon, email servers you control
File storage that can’t be subpoenaed: Nextcloud, Syncthing
Passwords that aren’t in corporate databases: Vaultwarden, KeePass
Media that doesn’t feed recommendation algorithms: Jellyfin, Navidrome
Code repositories not owned by Microsoft: Forgejo, Gitea
Every service you self-host is one less data point they have. But more importantly: every service you self-host is infrastructure that can be shared, that can support others, that makes the parallel network stronger. Where to start if you’re new:
Passwords first - Vaultwarden. This is your foundation. Files second - Nextcloud. Get your documents out of Google/Microsoft. Communication third - Matrix server, or join an existing instance you trust. Media fourth - Jellyfin for your music/movies, Navidrome for music.
If you’re already self-hosting:
Document your setup. Write guides. Make it easier for the next person. Run services for friends and family, not just yourself. Contribute to projects that build this infrastructure. Support municipal and community network alternatives.
The goal isn’t purity. You’re probably still going to use some corporate services. That’s fine. The goal is building enough parallel infrastructure that people have actual choices, and that there’s a network that can’t be dismantled by a single executive order. I’m working on consulting services to help small businesses and community organizations migrate to self-hosted alternatives. Not because I think it’ll be profitable, but because I’ve realized this is the actual material work of resistance in 2025. Infrastructure is how you fight infrastructure. We’re not just hobbyists anymore. Whether we wanted to be or not, we’re building the resistance network. Every Raspberry Pi running services, every old laptop turned into a home server, every person who learns to self-host and teaches someone else - that’s a node in a system they can’t control. They want us to be data points. Let’s refuse.
What are you running? What do you wish more people would self-host? What’s stopping people you know from taking this step?
EDIT: Appreciate the massive response here. To the folks in the comments debating whether I’m an AI: I’m flattered by the grammar check, but I’m just a guy in his moms basement with too much coffee and a background in municipal networking. If you think “rule of three” sentences are exclusive to LLMs, wait until you hear a tech support vet explain why your DNS is broken for the fourth time today.
More importantly, a few people asked about a “0 to 100” guide - or even just “0 to 50” for those who don’t want to become full time sysadmins. After reading the suggestions, I want to update my “Where to start” list. If you want the absolute fastest, most user-friendly path to getting your data off the cloud this weekend, do this:
The Core: Install CasaOS, or the newly released (to me) ZimaOS. It gives you a smartphone style dashboard for your server. It’s the single best tool I’ve found for bridging the technical gap. It’s appstore ecosystem is lovely to use and you can import docker compose files really easily.
The Photos: Use Immich. Syncthing is great for raw sync, but Immich is the first thing I’ve seen that actually feels like a near 1:1 replacement for Google Photos (AI tagging, map view, etc.) without the privacy nightmare.
The Connection: Use Tailscale. It’s a zero-config VPN that lets you access your stuff on the go without poking holes in your firewall.
I’m working on a Privacy Stack type repo that curates these one click style tools specifically to help people move fast. Infrastructure is only useful if people can actually use it. Stay safe out there.
Dude like even 6 months ago Id read your post and would think alright man c’mon…
But now you are 100% right it’s getting tough and people will only realize when it’s too late. Imagine a far right government with palantir in Europe. That’s pretty much where we are heading and I try my best to get any of my data away from this sphere of influence
It’s not just media that doesn’t feed recommendation algorithms - I actually like recommendation algorithms (Jellyseerr does a pretty great job with this), it’s more about having control over my media and it not being taken away randomly. So many times an older show I would want to watch would no longer be “available” so I’d have to download it anyway, with no option of paying to watch for it.
Thank you for this post!
For me, getting into self hosting was nice because of the privacy and tinkering yes, but a huge part of it was just having my stuff work reliably and without enshittification.
I just set up my Home Assistant server and new Zigbee network in the past few weeks and it’s pretty awesome. Was already using Jellyfin despite having a lifetime Plex pass. Feels good man.
Thank you!
This is almost exactly my motivation when I recently started my homelab journey. A bit of privacy, but what pushed me over the edge is that I was supporting these anti-social corporations with my money or data, when they went fully mask-off.
I tried to set up some services last year and had some trouble getting immich to work through networking. The answer was tailscale. This past Christmas holidays I got nextcloud and immich up. I use nextcloud for my audiobooks and large files I want to keep but not on my phone. Immich for pictures and synching for small files I want synced often like my epub book arks and highlights and Obsidian notes vault.
I agree with your post 100% I think. Removing oneself from big tech/data services like Google and Microsoft is resisting the regime. It’s especially useful for folks that may not be able to get out and protest, meet with their representatives, etc.
As for me, I’m running my *arr/media stack for myself and my close friends and family. Fuck Disney, Netflix, and Paramount. For our household, HomeAssistant keeps the lights on and SyncThing backs up our files to the NAS.
Spot on. Self-hosting is the most effective form of quiet, material protest we have. Every time your family uses Syncthing instead of OneDrive, you’re starving the machine of the telemetry it needs to function.
Running that stack for your inner circle is essentially building a “digital mutual aid” node. You’re taking the burden of surveillance off their backs and putting it on your own hardware where you can actually defend it. That’s the work.
Can your neighborhood communicate when the Internet goes down like Iran?
By… Stepping outside and talking to people? I think all neighborhoods have that ability, even if we don’t really use it much.
Probably not unless everyone has some radio device that can send as well as receive.
Like a wireless router?
HAM works too for some things.
deleted by creator
Quick question. Home assistant.
We are hooked on “Hey Google turn off the lights”
Is there a way to remove the Google from that but still use the voice aspect?
Edit: great!!! Thanks for the direction folks!!!
Yes, Home Assistant has this.
https://rhasspy.readthedocs.io/en/latest/
Works great. My biggest challenge was finding a decent microphone setup and ended up like many do with old Playstation 3 webcams. That was a while back and I would guess it’s easier to find something more appropriate today.
Great! Thanks a ton! I appreciate the link and the info!
Home Assistant has its own locally running voice assistant. There’s even hardware for it (think self hosted Alexa) that you can buy or build yourself
Oh great! I’ll check it out!
I know others have answered, but I wanted to give you a link. I have their device and it works great for turning things off and on out of the box. You can run it locally—if you have the hardware—or use their reasonably priced cloud subscription. I do the latter wanting to support them monetarily.
Thanks a bunch! I appreciate the link!
Home assistant has their own system I believe? If you sign up too their subscription? Or you can locally host whisper and piper yourself and go completely local.
Hell yeah! I’d argue it’s even true of 2026!
Just FYI unless you self-host headscale, tailscale is centralised and not private. They claim it is end to end encrypted but their proprietary centralised control server distributes the keys, so they could very easily MITM you.
Tailscale is good tech and good crypto, but Applied cryptography cannot solve a security problem. It can only convert a security problem into a key-management problem, and tailscale does not do decentralised key management.
Glad to see this comment on the chain. I haven’t tried it myself (yet) but I’ve got a friend that does and says it works great.
It’s on my list. Unfortunately, it’s a really long list.
Are you serious? I had no idea Tailscale was a “trust me bro” kind of operation. I’ve always heard “serious” people boosting it.
Well they are a serious company with serious engineering capabilities. Just know that whoever runs the control server can control your network, and almost everyone uses Tailscale’s centralised control server, so they control the networks of almost all of their customers. Most of their customers are for internal use by companies which don’t care about relying on SaaS products. But if you self-host for resilience, using Tailscale doesn’t make much sense without also self-hosting the control server through the unofficial headscale implementation.
Can you help me understand what head/tail scale do? I’m at the “get friends and family on” stage so I’ve been struggling figuring out how to get friendly domain names working through Wireguard.
Note: I have only done this with Tailscale. I have not looked into this with headscale.
You can invite them to your network, or share a machine to their network. The second option is probably more likely what you will do with Tailscale since it is unlimited and the first option has a limited number of users for the free tier. The biggest hurdle will be them getting devices added to their tailnet so those devices can access your machine.
I imagine it’s maybe a little easier with headscale. I haven’t gone down that route yet. I would probably want to have my DDNS point to a VPS and have that be the entry point to my network. I could point it to my ISP IP, but one more layer that isn’t very expensive is probably smarter security wise.
Thanks!
Like all the “selfhosters” and their Cloudflare proxies lmao.
just use wireguard. :/
Along with headscale, I have also hosted Pangolin instance. Multi network setup with docker
Don’t stop at self-hosting. We need all forms of community building, from organizing like-minded people to gardening, off-grid energy, etc.
What’s stopping people you know from taking this step?
I’m a noob when it comes to IT. (Even though in my family I’m the one people ask when they have computer issues lol.) I would really like to get into self-hosting and all that, and I think if I found some good guides I would probably be able to make things work, but it still sounds very daunting to me. Like, I imagine days if not weeks of sifting through online resources to fix a thousand little errors and issues that would come up. (Maybe I’m mistaken, maybe it’s all really easy even for noobs. Just trying to explain my feelings on the matter.)
Edit: Woke up to 10 replies lol. Thanks for everybody’s input and helpful links. I think this might become a future project for me, but not before winter 26/27 (for life reasons).
It is a skill much like maintaining a car yourself, or your own lawn/garden.
It’s pretty easy to get started, and there are certain ways of doing things that keep it pretty simple forever, at the cost of some flexibility.
But no matter how you do it, there will be a non-zero amount of work involved indefinitely. Just like you need your cars oil changed, your garden mulched and weeded, or your server patched and cleaned up once in awhile.
I use these analogies too, it’s like becoming a digital gardener.
I feel this deeply. I used to volunteer at a library teaching “Cyber Seniors” digital literacy, and the biggest hurdle was always the fear of “breaking” something. The truth is, the big tech companies want you to think it’s too hard so you’ll keep paying them with your data.
You don’t need to be a sysadmin to start. It’s not about days of fixing errors; it’s about taking one small win at a time; like setting up a password manager first. If you can follow a recipe, you can build a node. We’re working on better, no-jargon guides to make sure the “thousand little errors” don’t stand in your way. You don’t have to be an expert to be part of the resistance.
“one small win at a time” 100%
I agree with you, but something jumped out at me while reading this thread. To a degree, the fear of “breaking something” is completely legitimate, but it’s based on not getting quick feedback from systems. For instance, if you are walking in a direction that you think is east, but the sun is setting ahead of you, you know you’re headed in the wrong direction. Computers often don’t provide such useful feedback, often leading users to “break things.”
I’m right there with ya. I’m thinking it might be a case of picking easy pieces (projects) of the puzzle to start with and then building from there. Like I’m considering setting a pi-hole soon - seems like an easier networking project. But yeah, I’m not really sure what’s the best order of eaiest to hardest projects in terms of self hosting etc.
@phant Pi-hole is super easy to set up and easy to build on. It’s been very robust for me and also eye-opening due to the excellent UI. About 5% of the network traffic in my house is now blocked. Thousands of DNS requests per day. Most of that is trackers. Apps and “smart” devices are very determined to phone home so you’ll have to block many of these domains manually as they show up. Be forewarned, some apps and web sites will simply stop working if you block their tracking and other info gathering on your network. Luckily, there is good #FOSS to substitute.
Maybe I’m mistaken, maybe it’s all really easy even for noobs
I’ll be the first to admit, shit is complicated, especially networking, but it’s not insurmountable. Do you already have a server deployed? How familiar are you with Linux?
See what you think: https://linuxupskillchallenge.org/
Do you already have a server deployed? How familiar are you with Linux?
No server. I just installed Linux a few months ago as dual boot after being a lifelong Windows user (since 3.1 lol). Currently using both OS but will move fully to Linux once I have some projects finished. Self-hosting might become a future project after that and if yes, I’ll come back to this community and this thread!
I just installed Linux a few months ago as dual boot after being a lifelong Windows user (since 3.1 lol).
Well then, you are on your way.
Hi! I am also slowly getting the hang of it (just set up my first NAS with truenas last weekend) but there are dozens of youtube channels focused on it. I like Serversathome and the accompanying Wiki helped me a lot. This mainly focuses on an arr stack but there is also wiki pages for immich and nextcloud. Right now I’m using cloudflare tunnels to access services (i know feeding the machine etc.). If anyone knows an alternative to cloudflare tunnels (without putting everything into the same tailscale network) I would be happy to hear about it!
@Deckname @Bonifratz
Pangolin is an alternative to cloudflare tunnels, TrueNAS supports the Newt client for Pangolin as a community app. You can either host yourself with a VPS, or Pangolin offers a management dash they host. Under the hood is Wireguard.Nice! Thank you for the info! I will look into it :)
I used this guide to setup the Immich side. I’m sure I diverged from it, but I would not have figured out proxy headers without it.
I’m not an expert but I have a decent set up going. If you think it would be helpful shoot me a DM and I’ll find a way to show you what I’ve got set up and give any tips I can. It sounds like I started in a similar position to you and I’d be happy to share what I’ve learned so far.
Edit: anyone else reading this is welcome to do the same.
Thanks a lot for the offer. This might become a project of mine in the future but not before the end of this year. I might get back to you then. :)
Currently in that “sifting through online resouces” phase, but less because of broken stuff, and more because I want to set up everything prefectly the first time. Which is probs impossible lol. I am majoring in Cyber, so tech is my life, but this homelab is how I actually put what I’ve learned to use and learn even more than what college will probably teach me.
I’m on winter break and having a blast (kind of 😅) setting up my Proxmox to have all the services I want. I have gotten stuck several times, but I can find info eventually, and keep moving forward. Thankfully there’s a website that contains Proxmox setup scripts for almost every service imaginable, making a homelab way more accessible.
Linux skills/terminal knowlege helps this process go by faster, and my networking knowledge helps too. But that’s basically all I got lol. I can understand an okay amount of what scripts do, but I’m no programmer/scripter. I screw up mount points, look up how to check ssh key fingerprints every 10 mins, I fail to get VPN tunnel configs to work, a whole slew of issues. But I always end up learning something in the end, and get one step closer to that sweet sweet setup. So just learn and break things while you don’t care about it. Who cares if I fuck up the jellyfin config? It only had like two videos in it anyway. Best to screw up now so when I go data hoarder I know how to save my info.
Edit: Just got SMB to work for both my VM and LXCs, and I’m so happy. Every accomplishment with my homelab has me fistbumbing the air and floating on clouds. Make a homelab just the high it gives you when you do something right.
@Bonifratz @h333d Before I begun this self-hosting journey, I hosted Pi-Hole on a docker container on my PC (was Manjaro KDE that time I think). Then, I learnt how to set up AdGuardHome on a VM (on both Manjaro and Arch iirc), using virt-manager and KVM. Now, I’m using an old laptop to host Proxmox and some services like AdGuardHome, Prometheus, Grafana, Uptime Kuma, and a Debian-made game server customized by myself. I had help of a colleague to begin the Proxmox journey.
@Bonifratz @h333d It isn’t easy, but it’s so worth the effort, and I just begun the Proxmox journey and I have plenty of things to learn!
Since this is a complex subject, you need to take your time and don’t hurry the learning process. Begin with baby steps, and hosting services restricted to a LAN, just to be safe. When you are comfortable (after some weeks or months), think about sharing a service to the public, if possible, and what you have to do to properly secure your devices and network!
Man, I’m pretty techy. I work in tech. I’ve learned programming, etc, I use Debian. but selfhosting seems so daunting, not to mention inconvenient. I need to get into it though 😓
It’s not overly.
I used “perfect media server 2017” the first time I set up a mass storage server for Plex.
https://perfectmediaserver.com/
My setup is a lot different now… but dude laid out some step by step instructions. And apparently has continued to evolve his setup over time
Just a brief skim of this and I’m already so lost lol. Thanks for the link though, I’ll have a more detailed read through later.
You’re welcome!
Good luck in your journey!
Digital solidarity will be essential as we move forward. We will need both social solutions which facilitate community technical support and engineered solutions which make that support more effective. I like to imagine systems of distributed sever management where we build upon the computational capacity of those around us and the human capacity of those that care for them. I want to rely on people I love instead of opaque tech firms that only care about money. Compute power must not defeat humanity.
I was just thinking this week, that those who self host (and more importantly, those who program the code we self host), are at the front line of the modern digital resistance: in the sense that the world is burning due to the greed of the tech bros that run our daily lives. Convienience for the masses is what gives them power over us, and any one who rejects their systems is helping to fight back.
Voting with your wallet helps, so not giving them your money is the first step. Then managing and keeping your own data private is the next one.
You’re right. We’ve been traded convenience for our autonomy for way too long, and it’s created this massive power imbalance where a few tech bros basically own the digital roads we walk on. Voting with your wallet is a huge first step, but like you said, the real work starts when we actually take responsibility for our own data.
That’s exactly why I’m moving toward helping local businesses and groups build out their own nodes. It’s one thing to stop paying for a subscription, but it’s another thing entirely to stand up your own infrastructure that doesn’t report back to a corporate mother-ship. Every person who rejects the “default” and builds a private alternative is a small win for the rest of us, it’s about making the corporate extraction model fail by simply making it unnecessary.
To the folks in the comments debating whether I’m an AI: I’m flattered by the grammar check
This is the world we live in. If you can actually string words together into grammatically correct sentences, then you are AI. It matters not whether you are or you aren’t. Like the witch hunts of Salem, all that is necessary is the accusation. I personally don’t care if you used AI, the message resonates. Don’t let 'em give you shit about your pony tail.
It is freeing really. I used to proof read my comments, then paste in google search to check for easy to catch typos. When AI arrived, I was even putting my text through them so they are more “common tongue” and not my personal shorthands.
Now I just post it.
It’s a tool. A tool that needs some heavy regulation, but a tool nonetheless
In a fascistic enough world where this would matter, people who abstain from the system are automatically flagged to be shot too, just fyi. You gotta also fill the normie services with conformist content to not become a detected anomaly if you really want to do it properly.
This is the “Gray Man” strategy. If you have zero digital footprint in 2026, that absence of data becomes a data point itself. Anomalies get investigated.
I think we need to separate Camouflage from Logistics.
I’m not suggesting you delete your digital existence and live in a Faraday cage. By all means, keep the normie accounts. Post the cat photos on Instagram. Keep a Gmail address for the spam. Feed the algorithm just enough “conformist” content to look boring. That is your camouflage.
But Resistance Infrastructure isn’t about hiding, it’s about capability.
It’s about ensuring that when the “system” decides to de-platform your community group, or lock your bank account, or shut off the internet in your region during a protest, you still have a way to function.
The average person doesn’t understand anything about technology and probably won’t even be able to install an operating system. The Internet literally became what it is now precisely because everything was left to corporations. For example, sip telephony is as decentralized and secure as possible, but how many people keep their own telephone exchange? therefore, it is more realistic for the average person to simply use services outside the jurisdiction of the state than to install something on their own. In some countries, it is also illegal to engage in self-hosting.
but if we talk about people who are interested enough, then yes, you can do self-hosting. However, people who are ready to understand at least a little, for example, according to the latest steam statistics, make up about 5% of the total mass.
Honestly, you’re right about the skill gap, the convenience trap is exactly how Big Tech won in the first place, but I don’t think the goal is to turn every single person into a sysadmin. My time teaching at the library with the Cyber Seniors program showed me that people don’t need to know how to flash an OS to deserve privacy, they just need a doorway that isn’t owned by a corporation.
If the 5% who actually know how this stuff works start building “community nodes” for their family, their block, or a local shop, then the 95% get all the benefits without the technical headache. We don’t need everyone to be an expert, we just need enough local infrastructure so that “the cloud” isn’t the only option left. It’s not about total purity for everyone, it’s just about building enough exit ramps so the machine becomes optional, you know?
so you’re suggesting storing sensitive data, work documents, passwords, not from a company with which there are at least some legal agreements, but from a neighbor, simply because you see him from time to time? what could possibly go wrong…
UPD: By the way, if we are talking about a state, your neighbor will be approached in the same way as Google, because everyone in the country obeys the same laws.
You’re hitting on the two biggest myths of the current era: that “legal agreements” with giants actually protect you, and that a neighbor is a bigger risk than a faceless corporation.
First, when a tech giant gets a broad subpoena, they don’t fight it for you; they automate the handover because you’re just a line in a database of billions. When you host locally, you’re a specific node. If the state wants your data from a private server, they have to physically knock on a specific door. That is a massive increase in the “cost of surveillance” compared to a silent API request sent to a corporate data center.
Second, this isn’t about “trusting a neighbor” with your plaintext data. In a proper sovereign setup, the data is end-to-end encrypted. I can host your Vaultwarden or your Nextcloud backups, but I don’t have the keys; I’m just providing the “digital real estate.” It’s the difference between giving someone your house keys and just letting them provide the land your safe sits on.
The goal isn’t to make law enforcement impossible; it’s to make the “dragnet” impossible. If they want one person’s data, they have to work for it, rather than just pulling it from a corporate warehouse.
I do not know about Amazon, but in telephony you simply have to install a threat management system in accordance with the law. I think Amazon has the same thing. if there is a court decision, the servers will be arrested or a request for data will be received. It’s exactly the same thing.
what is configured on the server may or may not be enabled. and your neighbor just knows some of your data (your name, address, etc.), which increases the likelihood of an attack. To an Amazon engineer, you’re just bytes out of nowhere.
the normal story would be to encrypt everything on the client before anything gets to the server at all. but who exactly is going to bother so much? in this case, you might as well upload a bunch of encrypted data to Google.
Actually, you’re exactly right about client-side encryption being the answer, and that is the standard we are pushing for. But the reason you don’t just dump those encrypted files into a Google Drive is because of the metadata. Even if Google cannot read your “letter,” they are still mining the “envelope,” they know when you wrote it, where you were, and who you sent it to. In 2026, metadata is often more dangerous than the content itself because it is so easy to automate into a threat profile.
As for the law, you’re right that a court order is a court order, but there is a massive difference in the “cost of surveillance.” Big tech companies have dedicated departments to automate data handovers for thousands of users at a time; it is a streamlined pipeline. A private server forces the state to slow down, to get a specific warrant for a specific physical machine, and to actually do the legwork. It turns a massive dragnet into a targeted investigation, which is exactly how the system is supposed to work.
And regarding the “Amazon engineer” versus a neighbor, an engineer might not know my name, but the Amazon algorithm knows my pulse, my politics, and my habits better than anyone. If I use E2EE, the person hosting the hardware doesn’t have the keys anyway, so they are just a landlord for my digital safe, not a spy.
Well, I don’t work in the USA, but in a telecom company, and I can say that if you really need it, they will just kick down the door and seize the server. no matter what. and a campaign interested in business is, after all, more technologically advanced than some guy who set up a server based on guides on the Internet. you won’t need to take anything from him, with a fairly weak literacy, it’s enough just to intentionally make a mistake in the public guide. Do you remember Hillary Clinton’s private email server case?
You’re right that if the state really wants you, they can always resort to physical force, but that’s exactly the point. In the current system, they don’t have to kick down any doors, they just send a silent request to a corporate office and get everything they need without you or your neighbors ever knowing. Forcing them to physically show up at a specific address in the real world drastically changes the “cost of surveillance,” it turns a cheap, automated dragnet into a slow, expensive, and public operation.
As for the Hillary Clinton example, that’s actually a perfect lesson in what happens when you prioritize convenience over security. Her setup was “shadow IT” at its worst, it had open ports, unencrypted connections, and none of the basic hardening we use in modern sovereign stacks like Docker or NixOS. It wasn’t built for resistance, it was built to bypass government record-keeping, and that lack of professionalism is exactly why it failed.
The “Amazon engineer” might only see bytes, but the Amazon algorithm sees your entire life story, your politics, and your vulnerabilities. If we use end-to-end encryption, it doesn’t matter if the guy hosting the box is a neighbor or a stranger, they can’t read the data anyway. We aren’t just following random guides, we are building professional-grade infrastructure that makes the “dragnet” fail by design. If the state has to kick down a door for one person’s data, the system is at least forced to follow a transparent process again.
I dont think this really responds to the comment you replied to.
Lots of comments in this thread are talking about people who dont have the time or expertise to manage their own nextcloud instance.
Saving you stuff on your neighbour’s instance includes genuine risks to your privacy or sensitive information.
The “legal agreements” that commenter referred to are simply the manner in which the host is allowed to use your data. The things you might store might be your will, maybe a spreadsheet of passwords, maybe some notes about your plans for a side hustle, maybe some naughty photos of your wife. Not information thats actionable by Google or Microsoft, but certainly things people dont want their neighbour to access.
“what could possibly go wrong”… looks around
In some countries, it is also illegal to engage in self-hosting.
Really?! Can you elaborate?
It is impossible to place telephone nodes in Russia without equipping the server with threat protection equipment. Of course, I won’t buy a box for hundreds of dollars to use a home PBX, so technically I’m outside the law. =) It is also impossible to host sites with more than 10,000 visitors without registering with Roskomnadzor. and all accounts with authorization must support logging in through the public services portal or by phone number. considering that only legal entities can do this, of course I don’t do it.
The United States and the European Union have data protection laws, so if you decide to save money on hosting for friends and install a server outside the Eurozone, depending on the data you store, you are also formally violating the law.
you are also formally violating the law
As a population, I would venture to say that we are all formally violating the law in some form or other. Laws are written to be purposefully vague and ambiguous.
It is impossible to place telephone nodes in Russia without equipping the server with threat protection equipment.
I assume you are from Russia since you speak in first person, however, if the laws are so stringent against self hosting or private hosting, why is it a large portion of Warez sites emanate from Russia? They exist all over really, but it seems a lot of the very popular ones are in Russia.
It is also impossible to host sites with more than 10,000 visitors without registering with Roskomnadzor
This sort of ties in with the PBX thing. I am certain that popular Warez sites in Russia get way over 10,000 visitors and I’m sure they don’t register with Roskomnadzor.
Just curious. I’ve always had a curiosity with Russia among other countries. The history is very intriguing and vastly unknown in the West because of obvious propaganda. There used to be a blog I followed years ago about people visiting and photographing abandoned structures in Russia. It was very interesting, but sadly I have lost track of it over the years. I always wanted to visit the Red Square, but sadly I am too old to realize that dream. I have been as far as Latvia, which is not part of Russia, but very beautiful as I remember.
I assume you are from Russia since you speak in first person, however, if the laws are so stringent against self hosting or private hosting, why is it a large portion of Warez sites emanate from Russia? They exist all over really, but it seems a lot of the very popular ones are in Russia.
because you might be surprised, but warez is not illegal in Russia. We have slightly different legislation in the field of intellectual property. Only the person who profits from warez can be held responsible. That is, either an organization that uses it commercially, or a seller. If I break the software or record a movie for the sake of art or love for my neighbor without money or donations it’s legal. of course, websites are responsible even if they receive income from advertising, well, many of them are blocked for Russians. I go to rutracker via VPN =)
But just try to talk with a voice call via telegram… You won’t be able to do that, because direct calls without anti-threat systems (i.e., after completely listening in on calls) are illegal.
Fascinating. I did some digging through old bookmarks and finally found the site I was refering to with Russian life and a lot of abandoned structures in Russia: https://englishrussia.com/?s=abandoned
100%
I do find it funny that I offer so many friends and family access to these services, and they generally just take the accounts and never use them.
This! I’d say that the best we can do is educate. Over the last 20 years people got taught to be lazy and go with the herd. They don’t want to change, all their stuff is already “in the cloud” and “I don’t have time to go tinker with that nerd stuff, I need something that works”.
“Why learn a new messaging app if everyone is using WhatsApp already”
– some of my friends and acquaintances 2025
Give them a reason to care : hosting series they want to watch but don’t have access to, easier ways to share images and data (close relative works part time in an enterprise that banned emails from non corporate addresses, she used to send the photos she needs for work to her work laptop through email, it’s the reason she uses Immich now) hosting banned movies, inaccessible old movies or any thing that may peek interest gets their finger in the cogs. Key aspect is : initial access must be EASY (an app launcher is often all that should be required)
Because you, and everyone, is in a huge bubble.
Normal people don’t give a shit where stuff is hosted, or if it’s hosted at all. The vast majority of people couldn’t care less what happens to their catpics if their phone gets crushed and they don’t want to use a separate messaging platform just to talk to you.
The things you think are important absolutely don’t matter to them. Most people don’t give a single second of thought to where their documents should live, and will just download it again on a second device instead of synchronizing anything.
It’s really nice that these things exist, but why would someone do anything with them if they literally don’t have a purpose for it?
