If I self host a Lemmy instance for just myself and maybe a few friends are there any risks?
Looking to maybe self host my own instance, I'm still learning about the fediverse. If a different instance that I federate with hosts something illegal are there risks to me? Is anything from other instances hosted on my server like a copy of it? Or would I only end up hosting things my users post? I'm paranoid and sorry if this is a silly question.
The Electronic Frontier Foundation wrote a pretty good blog post on the legality of the Fediverse, around the time Mastodon was getting popular. It probably applies to Lemmy too. It’s worth a read to familiarize yourself of what kind of legal things you’ll be getting yourself into. You’re on the right track; you can control you and your friends’ content, but you can’t control remote content that gets pushed to your server and that’s the part to worry the most.
One thing that stood out is to register yourself as a DMCA agent. It costs $6 or something. Having an agent on record gives instance admins certain protection.
Text is copied to your instance's database, but any images are hosted on the other instances and simply linked to. Worst case scenario, you get told to delete something that's illegal in the country in which you host the instance, you comply, and everything's peachy.
Edit: That being said, I'm currently hosting an instance for myself and a few friends, and it's been smooth-sailing. Just make sure to require email verification or admin approval for new sign-ups (or disable them entirely) if you don't want to be overrun with bots.
Yes I'd only be allowing people I know personally to create accounts. No other registration would be allowed. The last thing I'd want to be is another one of those bot filled instances that have been popping up.
If you're in the US, The Communications Decency Act Section 230 has a couple powers.
It removes liability to service providers for user generated content when active moderation is practiced, and
It removes liability to service providers for any moderation actions taken to to moderate to reasonable community standards.
Prior to CDA230, the jurisprudence centered around 2 different cases. In one, an actively moderated system had illegal content and didn't remove it in time, and in another case, a non-actively moderated system had illegal content and didn't remove it in time. At that time, the actively moderated system was held to be liable for the illegal content, whereas the non-actively moderated system was held not to be liable for not removing the illegal content.
One caveat to that would be the DMCA, where liability protection as a service provider I think is contingent on there being a DMCA process available so infringing content can be removed.
I don't know enough about how that all works with the fediverse, however.
I'm running it in the smallest VPS of vultr with 25GB of disk.
This instance only has 3 users, with me being the only active. It says it's been up for almost a month and I've only used 3GB.
Here are the docker volumes which have the actual data of your instance, and from inside the DB the biggest table is the one called activity which the devs said it's only sometimes used to validate the data, but could be truncated if needed (there's a schedule task which only keeps up to 6 months).
Also the thing to have in mind is to properly configure the logs of whichever installation guide you follow.
After that I've seen other admins say the next biggest is the media uploaded (from bigger instances).
The activity table is also used to deduplicate incoming federation data, so instead of truncating it, I'd suggest deleting rows after a certain amount of time.
For my personal instance, I set up a cron to delete entries older than 3 days, and my db is only ~500MB with a few weeks of content! I also haven't seen any duplicated posts or comments. Even with Lemmy's retries, 3 days seems to be long enough before dropping rows from that table.
Background in IT and server administration here. I however do not know much about the intricacies of the fediverse, but am interested in learning. Here's my two cents based on a background of LAMP stacks for web hosting.
The required space would likely scale and vary greatly depending on how much content is hosted locally. Assuming minimum space similar to a basic LAMP server it'd likely have starting space requirements of less than 1GB. If local content is primarily text/links to content hosted elsewhere it would take a lot to drastically change that space requirement. Image hosting can vary greatly depending on size, quality, and number of images. Video hosting is an absolute space hog even at fairly low resolutions by today's standards.
Bandwidth requirements would scale similar to storage requirements.
Other specs would also start very low if fediverse requirements are similar to a LAMP stack. Cores are typically more important than core speed in web server hosting as each request will try to use a separate core, but doesn't need much processing power to provide that request since the server isn't actually rendering anything.
Likewise, you shouldn't need much memory on a web host. Will scale with the number of scripts running on the host but I suspect that shouldn't be many unless you're also running moderation bots, but those should ideally be run on a different server instance.
That said, I'd also be curious to hear from other people that have experience with the fediverse though and other recommended specs to potentially host an instance.
If anyone has other questions I'm happy to try to help :)
Federation is implemented by copying the content from other servers to your database and file system, so if your users subscribe to something from a different server it will be copied to your server.
But it will be only served to your users, not to the public. Only the communities hosted on your instance will be served to the public.
It depends on the software. Some proxy all content from remote servers so you only connect to your home server (Mastodon). Others don't, instead they make clients load remote content themselves (Lemmy). If you use browser client you can see all the connections being made.
You can if someone else subscribed to it in the past. If nobody ever did, then that community is unknown to kbin and you won't find any data on it whether you're logged in or not.