I haven’t thought of a cool code name yet, but I have been referring to it as “The Project” or the “Self-Hosting Project”. That doesn’t quite cover everything it’s about, but it will do for now until I think of a better name.
This project is as much a philosophy and set of guidelines for making technology and lifestyle decisions as anything else. These may change or evolve over time, but here they are in a nutshell:
- Based on open standards
- I own my data
- Encryption everywhere both in transit and at rest
- Platform and infrastructure agnostic
- Automation is key
- Give Back
Let’s look at each of these in more depth.
The Internet was and continues to be built on open standards.The standard protocols that make up the Internet are published and allow anyone to build systems and platforms that can communicate with one another. Sometimes those standards take a while to solidify and sometimes the best technical standard doesn’t always win in the end, but open is always better than any person or corporation acting as a gatekeeper.
These walled gardens are usually built with a profit motive. Nothing wrong with making a profit, but a business model built on lock-in is almost always bad for the consumer and individual freedom.
The early days of the web was almost completely decentralized and the parts that weren’t decentralized such as the root DNS servers were originally run by an independent group with a specific educational and research mission. If you wanted to share information, you could use someone else’s server or you could build your own and share it with others.
Now everyone uses the same sites: Google, Facebook, Amazon, Twitter, YouTube, Wikipedia. These are all great sites, I use them too. However, if someone decides that you are violating their Terms of Service or they just don’t like what you have to say then they can kick you off aka “de-platform you”. Then you are isolated and no longer part of the conversation.
In many cases this de-platforming is done not because of some altruistic reason, they are done for revenue reasons. Ad revenue. Controversial ideas make brands uncomfortable and they won’t buy ads. Of course, bad ideas are bad, but my philosophy is that it’s up to the individual to decide for themselves what content they want to see.
I Own My Data
I need to control my data so that I ensure that it’s secured and backed up. It’s my responsibility to ensure private information stays private and public information is accurate. I’m talking primarily about content that I generate such as comments, social media posts, and images. Yes, I would like to also own and control data about me, but it would be an impossible task to try to attempt to control all of the data I generate as I go about my day. More about this later.
Where possible my data needs to encrypted and only I and those I intend to see need the ability to decrypt it. I don’t mind taking advantage of cloud services, especially free ones, but if I don’t have the unique ability to decrypt it then my data is subject to surveillance or could be exposed in a security breach. Whether it’s law enforcement or a state agency or a hacker makes no difference. If one can decrypt it, then they can all decrypt it. A well-known free cloud storage provider has this problem - they use a single decryption key for all accounts.
This goes without saying. Keep anyone not authorized out of my systems, my data, and my network. I used to know how to harden a server, but security techniques and attacks have gotten more sophisticated. This is an area in which I need to be very careful and learn what has changed.
I could say my goal is just simply to self-host so that I will always be able to plan the kind of infrastructure and platforms I need to design. There are two problems with this. First, it’s never going to practical to host everything on my own hardware in my own network. First, it would be prohibitively expensive to do. Second, I may not have the time and knowledge to maintain it in every case.
No, I want everything to be portable and platform agnostic. It needs to be able to run in the cloud or on my own hardware or some combination. I need to be able to pick it up and move it to a new infrastructure provider or move it back to my own hardware.
One of the things that seduced me to the dark side of corporate ad-sponsored services was the lack of maintenance and tinkering I had to do. It just worked. If I’m now responsible for maintenance, updates, and fixing things when they break then that means I have to find time take care of it. If the family is relying on these services, they aren’t going to be happy if something breaks and I can’t find time to fix.
Just as I’ve turned to home automation and remote control to improve my quality of life, automation of services should improve my quality of life when things break.
I’m a huge supporter of the free and open source community. They have given me much knowledge and support. I need to contribute back where I can. This blog is part of that. it’s to document my journey and mistakes along the way.