A Guide to Self-Hosting Your Online Services

Take charge of your data by self-hosting email, chat, file sync, and more.

In a post-PRISM world, you've probably accepted the fact that the NSA, CIA, or some other three-letter agency will read your email, text messages, smartphone pictures, and basically anything else you send over the internet. And if it's not the government spying on you, it will be some monolithic corporation like Google or Facebook eager to catalog every minutia of your digital life so they can sell it to whatever advertising company comes along.

Many of the digital protocols in use today—such as email, XMPP, and CalDAV—were originally designed with self-hosting in mind. In ages past, universities, large companies, and even some nerdy individuals hosted their own mail servers and the like. It's only recently that we have traded our privacy for the walled-garden convenience of letting advertising companies handle all our data. Every online service costs some amount of money to operate, so if you aren't paying for it, then you are the product.

In this guide, I will share the steps I have taken to take back my family's digital privacy. By self-hosting online services like email, chat, file synchronization, calendar/contacts sync, and more, you can be the master of your data—and most of the time, your homegrown solution will work better than proprietary alternatives. All it takes is a little work, and I've already done the hard part for you.

The downside: it takes time and effort to get this stuff up and running. It's fairly set-and-forget once you've configured everything, but you're essentially signing up to be your own Systems Administrator. Nerds and techies will probably view it as a fun side project, but it's definitely not for everyone.

What You'll Need

A domain name: you will need a personal domain name to access your digital world. I use c0ffee.net (obviously), but you will need to register your own at one of the numerous domain registrars. I've always been happy with Namecheap.
A hosting provider: you will need a server somewhere to host all your services. For most people hosting email, chat, and maybe a blog for their immediate friends or family, a VPS is more than adequate. If you plan to have 100+ users or want to store terabytes of music or backups, a dedicated sever may be a more cost-effective option.
I'm a FreeBSD guy, so I use ARP Networks for my hosting. But I have used Linode, DigitalOcean, and Vultr in the past and been happy with them.
If you have an awesome home internet connection and a static IP address, you may be able to get away with using a server in your house. However, many ISPs block certain ports—almost all of them block port 25 for example—making hosting a mail server impossible. In addition, most major email providers will reject mail from residential IP addresses due to spammers. For the smoothest experience, nothing is going to beat a dedicated server or VPS in a colocation facility.
Some DevOps skills: you will need to be familiar with Unix/Linux, as well as some basics in networking. If you've ever installed Linux, set up a webserver, or built a package from source, you probably know enough to make it through. But be careful, you may end up learning enough to make this your career (like me)!

Some Notes on Security

Along the way, I will point out some common-sense security measures you can take to keep government agents and attackers from pwning your system. However, only you can judge the security requirements and risk tolerance for your circumstances. The advice I give you may prevent a script kiddie from brute-forcing your password, but it's unlikely to prevent a state-sponsored actor from exploiting a zero-day in Postfix to gain access to your system. Ultimately, as long as your server is hosted off-site, you are trusting someone with your data.

Friends of mine have often asserted that my self-hosting efforts are futile, because (1) the government can probably crack most encryption protocols, and (2) most communication goes to someone else using Gmail or Facebook, etc. To this I have the following replies:

Our current situation will never get any better if we continue to hand our private data to governments and corporations on a silver platter. With NSA programs like XKeyscore, our government has a search engine for our private data in Gmail. At least by hosting my own services, I can make their unlawful surveillance a little more difficult.
I do not want my private emails or chat messages scraped in order to facilitate more effective advertisements. I wouldn't let a random corporation go through my postal mail, email is no different.
I do not want to be dependent on the whims of a corporation for the services I depend on. Consider this list of discontinued Google products. Google may have canned Google Reader, but my Tiny Tiny RSS instance is still chugging along.
It is my hope that by documenting my efforts here, we may be one step closer to an automated, open-source solution for average users to host their own online services.
I actually enjoy tinkering with self-hosted software. It's a fun hobby, and it often provides better features than the proprietary alternatives.

With that out of the way, let's get to the guide!

Configuring Your Own Digital Empire

The following links will become available as I get time to write these blog posts. I'll take you through how I've set up each of the services below. I'm running everything on a FreeBSD server, so the instructions will be from a BSD perspective. They should work equally well for most Linux distros with some minor tweaks.