So I've listened to @LateNightLinux Christmas special episode, where the hosts were asked "how to make the internet better?". I fully agree with the views presented there. Decentralization, federation, selfhosting are the ways to make the internet better, go back to the pre-capitalist times before monopolies. One thing that I feel was not mentioned is finding a way to tackle CGNAT and other obstacles in self hosting. 1/x
@LateNightLinux I self host a lot of stuff on my home server, but I am behind CGNAT, my ISP does not offer any means to have an external IP address and therefore I cannot open my services to the wider internet. I feel a simple FOSS tool that would allow exposing your local machines to the internet would be a massive change. Of course, barring in mind all the security concerns of doing so. Security would need to be of prime concern here.
@LateNightLinux I know you can have a VPS and tunnel stuff via it but hosting services from your local machine and at the same needing to pay for a VPS doesn't make too much sense.
@stfn@LateNightLinux I am lucky enough to have an ISP with public IPv4 support. Otherwise maybe something like https://headscale.net/ might work. You still need to punch through CGNAT so some central server is needed I assume and someone has to pay for it.
@mobiuscog@drizzy@LateNightLinux I don't know DynamicDNS, need to check that. As for ngrok, I know it only as this tool to quickly expose your app for maybe 15 minutes, I don't know if it would handle something like a mastodon instance 24/7
@stfn@drizzy@LateNightLinux personally I would never self-host anything with public interaction, as bandwidth/DDoS is a real problem and it preventing hacks is more effort than I care to worry about.
I've done it many years ago in 'simpler' times, and even then it turns into a job very quickly.
I know that doesn't answer the question, but bypassing cgnat is just the initial hurdle - active maintenance and management is much more work.
@mobiuscog@stfn@LateNightLinux I would guess DDoS is not really a problem for most self-hosting people. If you have a ton of small instances DDoSing any single one is less appealing. At least until someone paints a target on your back I suppose.
@drizzy@stfn@LateNightLinux anything on the public internet is technically a target for DDoS and/or hacking. You may not be a big target, but many attacks are just random/tests to see what is 'easy'.
For mastodon, I don't know how the federation happens, but I presume other servers will need to query yours, and so how much data would be a question along with frequency.
One last check is whether your ISP allows services to be run.
@mobiuscog@drizzy@LateNightLinux DDOSing is always a possible thing when you expose your services, then again I think my home relatively powerful server would handle a ddos attack better than a 5usd/m tiny linode/hetzner
@stfn@LateNightLinux fuck that, even regular NAT with public IPv4 makes selfhosting a mess. Internal routing when you want to have a service available both from LAN and the internet is a mess of reverse proxies and inefficient routing.
We need NAT-less IPv6 to make the internet better.
Aside from our Polish hole in the ground, adoption isn't half bad. Global is approaching 50% and places like France, Germany and India already see 70+%. US, Brazil and Japan floating ~50%.
@rail@LateNightLinux hmm, thanks. I need to learn a lot when it comes to ipv6, starting from the basics, like can I right now use ipv6 IP addresses in my LAN.
@rail@stfn@LateNightLinux local ISP gives IPv4 for a monthly price but you are not allowed to forward port 80 because they can't figure out remote management of their devices
Add comment