To expand a little bit on this – my previous message was written on my phone while I was out and about – here are some concerns I’d have if I was you:
If you had an agreement with that user (or part of your ToS, if they exist) to wipe everything upon their death, do that. I assume you don’t, so unless you have serious concerns about what they have there, I wouldn’t. And if you have such concerns, why the hell did you host that in the first place.
Depending which services you were offering them, a lot of stuff that they had on their account, they would “own” or have certain rights (e.g. copyright) in. – e.g. blog posts, documents, photos, e-mails, … These rights get inherited, so their heirs would be the ones “owning” those rights (or licenses) now.
One thing you could do is disable their account, but not delete it. That way you’d reduce the security risk of a breach, but keep the data. In this case, I’d shoot out a message about your plans for this via e-mail and any other regular contacts you had from them. (Be kind in those, as if anyone will see them, it will be the grieving family.)
Of course, if you do know their next of kin (or even who their heirs would be) – I imagine in a self-hosting scenario people typically know each other well enough –, you could reach out directly. Perhaps just call them on their phone, it’s likely someone from their family would pick up. (If the death has been recent, maybe wait a bit, and don’t forget to express your condolences before you bug people about cleaning up your server )
Happy to continue brainstorming about this, if it helps in any way.
P.S. I’m a lawyer, privacy is not my main specialisation (FOSS licensing & IP is), but I care about it quite a bit. Above are just some idle thoughts on that matter.
P.P.S. Oh, and of course, I am sorry to hear about one of your users passing away. I hope you’re handling this well.