As much as I would like 1981 to only be two decades ago, I’m afraid it was four and a half decades ago.

A decade? Email has been around longer than the web. Roughly forty years.

If you have your own domain, you won’t ever have to migrate addresses, just possibly providers.

This really saddens me. Email is such a fundamentally good and open protocol. The only reason people don’t like it is because of big tech’s shenanigans.

I run an email service called Port87. I invite you to try it and see if it can convince you that email is actually a great technology, when detached from big tech slop. It’s got some really killer features that make it great for organization and preventing spam. You can also tell it that on certain addresses, it should completely ignore the strict auth requirements it usually has, so it will accept email from your own services without you having to set up all the extra bullshit that’s meant for stuff that matters more.

Use a https://port87.com/ mailing address. We don’t require your real name and there’s no IP ban, so you can access it from a VPN. It’s specifically not an anonymizing email service, but there’s nothing preventing you from using a pseudonym that isn’t tied to your real name.

Delete all the emails (both trash them and then delete them from your trash) after you get them.

VPN is good, but Reddit might ban you. Just try a different location through your VPN so you get a new IP address. Make sure you always do all of this in a private window in your browser.

Just know that running an email server is really hard and also requires your ISP to unblock outbound traffic on port 25.

Hardware

Anything with an x86 processor and some form of graphics (iGPU is totally fine). You can use a raspberry pi, but it will give you headaches. The more RAM the better, but 8gb is good enough for a few services. You definitely want an SSD.

Setup

You’ll need a domain and you’ll need to point the root domain at your public IP with an A record. Then you can set up subdomains for each service with a CNAME record to point to your root domain (use “@“ as the host name). So like “example.com” points to “123.123.123.123” with an A record, and “nextcloud.example.com” points to “@“ (“example.com”) with a CNAME record.

For your domains, I recommend Cloudflare. They’re relatively easy to set up, but more importantly, they don’t charge a markup on domains.

From your router, give your server a DHCP reservation to make sure it’s IP address doesn’t change, then forward ports 80 and 443 to your server.

Software

I prefer Kubuntu LTS, cause it’s super stable. When you’re installing, tell it to log you in automatically. Then once installed, in the power settings, turn off automatic sleep. You can leave on automatic lock, but it doesn’t really matter, since if someone has physical access to the machine, you’ve already lost.

Docker and Docker Compose for sure. When you set up a docker compose stack, put it in its own directory, to make life easier. So, you can have a directory “nextcloud”, with the docker-compose.yml for the Nextcloud stack (Nextcloud itself, Nextcloud again but running in cron mode, and MySQL/MariaDB).

NGINX Proxy Manager should be your first docker compose stack. Use “host” network mode, so it can talk to your services. Set up your SSL certificates with this, using the DNS option. Your certificate should have two domain entries, one wildcard and one for the root. So your entries would be like “*.example.com” and “example.com”. You can do that on the same cert. You’ll need an API key from your registrar that has access to your domain’s zone to get it working. On Cloudflare you can set that up in your profile. Just give it access to all zones, then jot down the secret key somewhere safe like a password manager. That key is what you’ll enter into NPM when setting up your cert.

Now you can set up some docker compose stacks with your services. Choose a port range for your services, like 8201, 8202, 8203, etc. Each service usually only needs one port mapped, the HTTP port. So use a port you haven’t used and forward it to the HTTP port (“8201:80”). Don’t forward any ports to your DB. Containers in the same stack can talk to each other without having ports forwarded. Use regular directories for your volume mounts, not Docker volumes (so like “./nextcloud:/path/to/nextcloud/data”).

Set up the subdomain for each service to point to its port in NPM. The address is just “127.0.0.1”, and the port is whatever you set it up as in the Docker Compose stack.

Start with Nextcloud using the “Nextcloud” docker hub image. It says it’s for advanced users, but I’ve been using it for years. It’s super easy.

All of the stuff from linuxserver.io is great, except Nextcloud, cause you can’t run Nextcloud Office with the built in server.

Next, try Immich. It’s awesome.

Then Jellyfin, Nephele WebDAV, Wordpress, Home Assistant.

Remote Access

Install Flatpak and Flathub, then the RustDesk flatpak to access your server remotely. Set it up as a startup program in KDE settings so it launches on boot. Install Flatseal to give RustDesk full permission so it doesn’t always need to ask the local user to approve the screen share. You might need to get an HDMI dummy plug to make it work without a monitor. They’re super cheap.

Oooorrr, you can access it with SSH, but that’s a little more dangerous if you don’t set it up correctly.

Notes

Don’t try Podman, it’s very difficult to get working, and simply won’t work with NPM. Use the official Docker installation method, where you set up their repositories in Kubuntu.

Every once in a while (at least monthly), go through your docker stacks and update them. Usually that’s just a “docker compose pull” and “docker compose up -d”, but sometimes it needs manual intervention, like with Nextcloud’s upgrade script, “occ”. For that you’ll use “docker compose exec -it …”.

Every once in a while, run “docker system prune -a --volumes” to clean up old stuff. (This is one reason why you don’t want to use docker volumes for your data, they would get scrubbed too unless they were running.)

You’ll probably want to set up some backup solution. Just note that a lot of the files you want to back up are owned by root, so userland backup tools probably won’t work.

Don’t try to host your own email. You can probably do it, but it’s astoundingly complicated and difficult to maintain. I know because I run an email service, https://port87.com/. Most ISPs make you jump through hoops to open up outbound traffic on port 25, the email port.

Most Importantly

Have fun!

There are lots of game servers you can run. I highly recommend Sonic Robo Blast 2 Kart. (Yes, that’s a terrible name, but it’s a very fun game.)

Oh, that’s what you mean. Ok, so every time I mention I have an iPhone because a. I value my privacy and b. I try not to support companies that actively harm the internet, someone says “but Android is open source”, as if merely having a few open source components means that Android is better in any way than any other OS.

In this instance, Google is not only making the internet worse, they’re doing it in a way that requires their own closed source libraries to even access a huge portion of the internet. This further makes any functional Android OS closed source.

The most ridiculous thing is that iOS is almost as open source as Android is. There are very few components of an Android based OS that are open source where the equivalent in iOS is not open source.

Also, hey, thanks for calling me an idiot. ;)

Android is open source in the same way that Minio is open source.

AnDrOiD iS oPeN sOuRcE

I thought solar systems were hatched from eggs. I didn’t know they were mammals. I guess the Milky Way makes more sense now.

If you don’t have off site backups then anything that destroys your entire site (fire, flood, earthquake) destroys all of your data.

Well, yeah. And a car can too.

Oh hey,

I
learned
a
new
trick.

I used to use Nextcloud and put files in there instead of Google Drive. That’s ok, but turns out, way more than I need. I use Nephele with the Owlfiles app now. It’s less resource intensive. Also, I can manage actual folders on my server. I have a simlink to my Jellyfin media folder and manage it from there.

Curse you, Team Rocket.

What an awesome society we live in. We were promised jetpacks, but we got “hey, you’re being spied on” pocket machine. (I mean, the pocket machine spies on you too, but that’s fine, cause that’s a corporation spying on you.)

At this point, you’d have to be crazy to be a business and use MS software.

How dare you steal our technology! We stole it first!