cross-posted from: https://compuverse.uk/post/5020
Preamble- I'm new to the fediverse, and I want some help. I'm trying to regain some of my privacy and data sovereignty, and I have recently gotten into self-hosting. I haven't been on social media for over a decade, except for Reddit, and that was mostly as a passive lurker. I just started getting more active on there this past year, and now they've turned me away with their shenanigans. I'm trying to get into federated communications to still have access to useful information while protecting my identity and data.
Goals- I'm thinking that I want to set up my own Lemmy instance, as well as my own xmpp server (like prosody), and switch over to jmp.chat. I also have my own domain.
Concerns- I want to spin up my own services so that I own my data and have greater control over my connections, and possibly have a hub that friends and family can use. However, I also don't want to expose my domain (Why not? I don't know. I'm completely new at this and until I learn more, I'm playing it cautious)
Questions- So, if I spin up my own Lemmy instance, doesn't that expose my domain,since my username will be username@my-domain.com? Is this the same for an xmpp server? One main reason to spin up my own xmpp server is to own my account for xmpp communications. However, can I tie that to my jmp.chat account, or would they need to be separate.
I kind of feel like a boat without an oar at the moment, and I'm not even sure if I'm asking sensical questions, but hopefully there's enough light in my ramblings to give you all a sense of my goals. Any help would be appreciated.
setting up the instance isn't complicated, particularly with ansible - the ansible install creates several docker containers, separating the database from the UI, etc. You approve all the sign ups so you can control who posts from the instance.
Since Lemmy is a public system, I wouldn't host it on a server where I had any important or confidential info stored. There is nothing wrong with setting it up as lemmy.yourdomain.com or anything.yourdomain.com - the domain name itself doesn't really matter - and lemmy isn't holding state secrets so just keep your own stuff secure - which starts with installing it on a system that isn't shared with anything else - and make sure the only ports open to the web server are 80 and 443 (80 is needed for letsencrypt to issue a certificate)
If you're not familiar with docker and hosting a public web site, it may be a little tricky but if you go the ansible route (all of my experience is on Linux - I have no idea about Windows), it's pretty straightforward and intuitive. If you get stuck, post and somebody will probably be able to help - you can also DM me if you have questions that you don't want to ask on the forum.
If you want to experiment with the set up, it is possible to install it on your home network as a sandbox, but if your ISP blocks port 80, you won't be able to use letsenrypt to get a cert - so just comment those lines out of the ansible playbook and generate a self-signed certificate after the install and use that instead. That way you can go through the process of setting up the lemmy instance without putting it on an internet facing-server so you can get comfortable with how it works - the install of my dev system on the home network was pretty straightforward and it can read everything from the fediverse, it just can't post anything. Lemmy admin is very basic so I encourage you to have a go.
So you're suggesting that I not set this up on the same VPS I have my nextcloud instance on, then? That makes sense. Would I basically need two completely different VPS services if I wanted to do this? One for my private services, and one for my communication services?
I recommend that you be very cautious when setting up anything that faces the internet - if there's a vulnerability in the OS or Lemmy app, there's a good chance it will be exploited and all federated server names are published, so you need to be prepared for that and not be devastated if your data gets stolen, wiped out or encrypted by ransomware. Back everything up regularly. If you have a personal system with any valuable data on it then I would stridently discourage you from installing Lemmy there. Use a very small dedicated server instance and give it a cute name. Lemmy runs fine for a few users on a single CPU with 1 GB of RAM. You will need around 8GB of storage initially - that's a bare minimum. This stuff might be covered in the install guides but this is from my own experience.
If you've never managed a public web server before I'm not sure that starting with Lemmy is ideal for learning, but then again, you won't learn anything by doing nothing - just be mindful about security of your own data and backing stuff up once you have the instance set up and you should be fine.