Hi everyone, I started to document my setup in case it could be useful for others: 14 years of self-hosting - ben@localhost
I tried to present how I manage Yunohost vs other services and how I deal with failures, especially how to keep email running when facing long downtime.
Let me know what you think!
I also have a script to do my Yunohost deployment in an unprivileged LXC container including network and firewall configuration that I am in the process of documenting.
Excellent blog article.
It’s slightly condensed for newbies, I got confused at some point. Some things could have their own article.
Other thing, the page display is not adapted to mobile view. I had to zoom in to be able to read it.
I made an article for beginners in French
L’auto hébergement, un aperçu avec yunohost
Thanks for the great feedback. Indeed I did not write it with newbies in mind. My idea was to share my experience for people already familiar with Linux administration but not self-hosting yet. Yours is great to kickstart newbies and maybe after some months of experience they’ll find mine useful - who knows ?
Still, I’ll be interested to know which areas should be more detailed in your opinion.
Finally, I’ve been using this old theme from pre-mobile web era, but you nudged me to update it to be more mobile-friendly
@benou this was an interesting article and cool to hear the experience from someone who has been self-hosting for a significant amount of time!
In your article, you mentioned you use yunohost for email, but also you use an external service for sending emails (gandi). If you have time to share, I would be curious how you configure yunohost to use an external service for sending?
I just started using yunohost, and self-hosting my email with it, and I’m curious to see if I get reliable email delivery, and how I could make it more reliable if not.
Yunohost fully support relay setup and the procedure is documented here: Configure SMTP relay | Yunohost Documentation
So it is actually pretty easy - note the step 2 though: you’ll have to configure SPF / DKIM correcly for this to work. In my case Gandi has documentation for that.
The reliability issues I encountered mainly are:
- being denied because my IP is a residential IP: ISP declare the IP used for their users and this is used by quite a few servers to outright block you. This was the case of eg. Orange last I checked
- GMail dumb spam classifier: it looks like using a residential IP makes your emails go the spam folder of your recipients almost 100% of the time - which is actually worst than being denied in my opinion because you have no idea why nobody answer (hint: nobody looks at the spam folder)
Obviously, most of it stems from using a residential IP - if you use a hosting service (eg. OVH) your mileage may vary.
Anyway, best of luck
@Benout thanks for this, very helpful!
I’m currently hosting my yunohost on a digital ocean droplet, with the plan to possibly migrate it to a home-server someday when I have a more stable home-situation.
On the digital ocean droplet, I’m already seeing that some of my emails are ending up in people’s spam folders, so I’m going to try out setting up an SMTP relay and see if that improves the situation. Anyway, thanks again.
Thanks for sharing your setup and experience.
I have long given up on self hosting email… I just use Tutanota and Protonmail.
It’s sad that self hosting email is such an unreliable mess because of Big Tech.
Yeah it used to be much simpler… That said using Gandi as a relay (or any other reliable relay for that matter) is a nice middle-ground in my opinion: it just works, but I still control email receptions and my email are centralized on my server.
And I have to say using Yunohost helped me a lot, because trying to keep up with all the additional email security layers (DKIM, …) is a pain too.
@benou I’m now also looking into running yunohost in an unprivileged LXC. is your script online somewhere?
I pushed a version here: yunohost script · GitHub
It should work but there might be some bugs here and there as I did not had time to polish it.
The version I use is slightly different, eg. I have 2 disks so smartmontools monitors both and my Yunohost LXC container is not NAT-ed by the host but directly routed instead, but apart from that this is mostly it.
The script is self-contained, with support for provisioning, start and stop the container, and also supports backups.
I avoid integrating with system tools for eg. firewalls or starting container at boot because at small scale they usually bring more complexity than benefits.
@benou this is very cool. A lot here and a lot to learn from.
I think I want to try to get a simplest working LXC version running before trying this out but I bet I will come back to this.
I imagine it would be cool if someone extended this to make a general tool to spawn yunohost instances in LXC. Similar to ynh-dev tool, but for “production” instead of development.