this post was submitted on 22 Oct 2023
102 points (73.8% liked)

Selfhosted

40324 readers
550 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

The future of selfhosted services is going to be... Android?

Wait, what?

Think about it. At some point everyone has had an old phone lying around. They are designed to be constantly connected, constantly on... and even have a battery and potentially still a SIM card to survive power outages.

We just need to make it easy to create APK packaged servers that can avoid battery-optimization kills and automatically configure an outbound tunnel like ngrok, zerotrust, etc...

The goal: hosting services like #nextcloud, #syncthing, #mastodon!? should be as easy as installing an APK and leaving an old phone connected to a spare charger / outlet.

It would be tempting to have an optimized ROM, but if self-hosting is meant to become more commonplace, installing an APK should be all that's needed. #Android can do SSH, VPN and other tunnels without the need for root, so there should be no problem in using tunnels to publicly expose a phone/server in a secure manner.

In regards to the suitability of home-grade broadband, I believe that it should not be a huge problem at least in Europe where home connections are most often unmetered: "At the end of June 2021, 70.2% of EU homes were passed by either FTTP or cable DOCSIS
3.1 networks, i.e. those technologies currently capable of supporting gigabit speeds."

Source: https://digital-strategy.ec.europa.eu/en/library/broadband-coverage-europe-2021

PS. syncthing actually already has an APK and is easy to use. Although I had to sort out some battery optimization stuff, it's a good example of what should become much more commonplace.

cc: @selfhosted
#selfhosted #selfhosting

top 50 comments
sorted by: hot top controversial new old
[–] RegalPotoo@lemmy.world 93 points 1 year ago (2 children)

Running web services on a device that hasn't seen a security patch in 3 years seems like a bad idea.

Also, unless you can mount a real hard drive, you are going to very quickly run into I/O bandwidth issues and flash longevity limits

[–] Wander@packmates.org 16 points 1 year ago (3 children)

@RegalPotoo Maybe I should have been more specific in the wording of my title.

No one planning on hosting public multi-user service that would see some serious traffic would probably benefit from hosting on a phone.

Someone who wants to simply run a single-user instance or their personal nextcloud? I think that's a real possibility.

[–] RegalPotoo@lemmy.world 10 points 1 year ago

It's a really cool idea, and the internet would probably be a better place if more people took ownership of their infrastructure rather than relying on ad-supported "free" services, and it's easy to criticise an approach that I've spent maybe 10 minutes actually thinking about - I've got my reservations, but if you can make it work it would be awesome

[–] knF@lemmy.world 5 points 1 year ago

It is possible nowadays: I'm hosting quite a few services on an 5 years old Android. Just with Termux, no root required. Of course connectef it's just to the internal network due to all the security concerns mentioned in the post.

To solve all the bandwidth/connection issues, I've bought a usbc-ethernet dongle that works like a charm.

To mitigate battery issues I've limited the charging to 85%.

I would never host Jellyfin there, but with webdav and Kodi I can get my media served easily to all my devices at home

[–] krash@lemmy.ml 4 points 1 year ago

The risk that @regalpotoo mentioned is still unmitigated though, single user instance or not. At worst, the personal data can be exfiltrated. At best, the server can be used as a part of a botnet. Even if the software (nextcloud) would be patched, that doesn't help against exploits on a OS level.

Granted, one could run services inside a vpn and have some kind of preventive / monitoring controls, but you're still need to implement some kind of defense in depth in order to protect it.

[–] otter@lemmy.ca 10 points 1 year ago (1 children)

I'd also be worried about battery issues

Don't want to find it having overheated / turned into a pufferfish

[–] chiisana@lemmy.chiisana.net 11 points 1 year ago

Future news headline: “The web server literally exploded under the DDOS attack.”

[–] southsamurai@sh.itjust.works 41 points 1 year ago (1 children)

I mean, android is fine I guess, but it's being pushed to be less and less able to be separated from Google. I think for a lot of people interested in self hosting, there's a low amount of interest in it because of that.

[–] Wander@packmates.org 5 points 1 year ago* (last edited 1 year ago)

@southsamurai Oh that's definitely a huge concern, but not just for self-hosting but for privacy in general.

But still, if the average joe wants to self-host something using an old phone is probably the easiest way to get them to try self-hosted alternatives and drop corporate / commercial services.

Maybe not the 'average average joe' such as my parents, but anyone who is minimally curious enough to do stuff such as registering a domain, setting up a game server for friends and maybe has opened the CMD windows console once or twice in the past following a tutorial. That kind of demographic (IDK if it has a name) might be much more inclined to self-host if it was as easy as installing an APK and letting your phone one somewhere at home.

Overall as long as Android doesn't become straight out malicious spyware itself, the benefit of dropping commercial alternatives might very well be a net positive. In a worst-case scenario, any tunnel / vpn configuration necessary to expose a service to the internet could also add an automated step to blackhole requests to google's tracking servers.

[–] MigratingtoLemmy@lemmy.world 27 points 1 year ago (1 children)

Upvoted, but I feel horrified by the notion. I'd much rather have a headless server

[–] Wander@packmates.org 12 points 1 year ago (1 children)

@MigratingtoLemmy use a hammer to break the screen, control via adb :vlpn_happy_blep:

[–] Omniraptor@lemm.ee 4 points 1 year ago (1 children)

Wait are you messaging from mastodon?? Is that why the emoji won't render

[–] Wander@packmates.org 4 points 1 year ago* (last edited 1 year ago) (1 children)

@Omniraptor ah yes! Probably that's why.
Actually the whole original post was sent via Mastodon.

I tend to write posts that I share to my Mastodon followers and then at the end I mention a Lemmy community if I believe the community would also find it interesting.

[–] Omniraptor@lemm.ee 4 points 1 year ago* (last edited 1 year ago) (2 children)

That is so cool I didn't realize lemmy and mastodon were different views into the same database, assumed they were different services with no overlap except some underlying tech (I don't know much about fediverse structure). But how does that work with like, character limits? Iirc lemmy can have much longer comments

load more comments (2 replies)
[–] onlinepersona@programming.dev 21 points 1 year ago (2 children)

IMO, more like Linux. Android for such old devices is unmaintained, but if you're able to run Linux on it you'll still be able to apply kernel updates and security updates for software will continue to exist. Many things are opensource too and you should be able to recompile them on the android device to make it run.

load more comments (2 replies)
[–] Moonrise2473@feddit.it 18 points 1 year ago

Big problem: updates for something that is directly exposed to internet

Some low end devices will stop getting security updates 6 months after launch because the OEM launches a new model every two weeks and obviously doesn't have resources to dedicate to it

In some cases, even high end devices don't get updates and are discontinued internally shortly after launch, for example the Xiaomi mix 3 5g

Yes, root and custom ROMs could solve the problem, but not as easy as regular Linux where you just use a package manager to update. First issue is needing to wipe after updates and you have to reinstall and reconfigure everything

[–] awooo@pawb.social 17 points 1 year ago

Hmm I think my main concern would be lack of kernel/firmware updates, running something like postmarketOS could partly solve that and still be nearly as easy to set up (just unlock and flash a prebuilt image)

But firmware is still almost entirely dependent on the vendor, since it's all signed and unpatchable.

Next issue would be lack of connectivity on a lot of phones, which have gone backwards and include USB 2.0 now. WiFi is an option, but less stable, I personally decided to just go 100Mbps and suffer.

As for the battery, it would help a lot if phones were designed to boot without one and they were removable, it all worked well for about half a year until I found out I had a spicy pillow and had to replace it with direct power to the board, which made the whole setup much less elegant and required soldering.

It all comes down to how devices are designed in the end. If someone took the time to make a computer instead of just a phone, and included features that make it useful past its initial life that aren't that popular (display output, microsd, headphone jack), mainlined all the drivers and maintained firmware, that would be a different story.

But that's not a very profitable model, because it's all about reducing waste and thus selling less. A lot needs to change.

[–] benjohn@todon.nl 17 points 1 year ago (2 children)

@Wander @selfhosted this whole “We are walking about with entirely reasonable servers in our pockets for reasonable scales - why doesn’t it feel like that?” thing is in my brain quite a bit.

[–] Wander@packmates.org 11 points 1 year ago

@benjohn @selfhosted 6-8 GB of RAM with powerful CPU and GPU that was designed to run games and can in some cases run small AI models is nothing to scoff at imho.

[–] benjohn@todon.nl 7 points 1 year ago

@Wander @selfhosted I have conversations with peers where they talk about “servers” and “computers” as if they figure them as quite distinct things.

[–] bjoern_tantau@swg-empire.de 17 points 1 year ago (3 children)

I feel like Android is adding some new power saving "feature" with every version to kill all the useful stuff I want to keep running in the background.

Last stupid thing I remember was when it removed my CalDAV synchronisation because I haven't been "using" the CalDAV app for some months.

Not to mention all the times it decides to kill something you want to use because it thinks the RAM would be more needed elsewhere. Honestly my 128 MB RAM Nokia N900 could run more apps at the same time than my 4 GB RAM Fairphone.

[–] Buddahriffic@lemmy.world 10 points 1 year ago

Yeah, android is a lot like Windows in that they make choices that might benefit users who don't know what's going on but interrupts or harms things power users are doing. They are just better at not being as annoying with it and don't beg people to use their default programs.

[–] trolololol@lemmy.world 6 points 1 year ago

You're right, that's a feature if you're a regular phone user and a bug if you want it as a server.

Also, even if the application is still running you can have the os almost fully shutdown even if it's charging. Again, it's a behavior tuned for a typical user.

[–] TeaEarlGrayHot@lemmy.ca 5 points 1 year ago

Thanks for the monthly reminder to open DavX5 🤣

[–] MonkCanatella@sh.itjust.works 15 points 1 year ago (6 children)

Pretty cool concept actually. upcycling old tech does seem to be a selfhosting hobby. I see a lot of criticism that I think doesn't really see the value proposition. You should be able to root the device and install a new OS. I wonder how limited the bandwidth would be though, and whether it'd be worth the cost to get adapters, if they exist, to allow more throughput. I do like the concept though.

load more comments (6 replies)
[–] PieMePlenty@lemmy.world 15 points 1 year ago

Android? No. It's not made for it. You are using a hammer to paint a wall.

Phones? With a different Linux based distro? I can see it happening. For a small niche at least.

[–] Appoxo@lemmy.dbzer0.com 14 points 1 year ago (1 children)

Who provides the software and firmware updates for my antique Samsung S4 and Galaxy young?
I hope you will give me some firmware for the old snapdragon.
Don't forget the loads of Exynos CPUs and loads of GPUs from different vendors.

load more comments (1 replies)

The future? No. A useful niche? Sure.

I run 4 mail servers, 2 game servers, 3 directory/auth servers, a firewall/router, a NAS, a security system server, a media server, a monitoring server, and a couple others. Android ain’t gonna cut it.

[–] TCB13@lemmy.world 12 points 1 year ago* (last edited 1 year ago) (6 children)

The future of selfhosted services might includes phones yes, Android most likely not.

Think about it, those phones might work right now but in 10 years their Android versions will not support anything, they wont even have root certificate updates breaking SSL, the kernel will be missing support for whatever people need and whatnot. Maybe the phones won't even boot because some key will expire somewhere... let alone security vulnerabilities.

People selfhost on 10-year old hardware right now, but they do install modern Linux distros that are well supported and up to date. I believe the most likely scenario is that at some point the "security" of most of that hardware will be broken and you'll be able to run some version of AOSP for older hardware and/or a generic Linux.

But that might not ever happen, those phones are built like hell and we've another category of hardware with similar characteristics that was never repurposed for anything after a decade - routers. It's common to see older routers that are now too slow when it comes to wifi or even CPU and although they're way more open and primitive than modern smartphones when it comes to software we usually can't even repurpose them as dumb switches with alternative / open software. OpenWRT and DD-WRT might work in some case but those are exceptions and usually those models were already supported by those firmwares. For instance there are enough Thomson / Technicolor TG784n ISP provided routers to create a second moon and the effort to break their security and create a usual firmware is so much that nobody did it. It's just easier to pay 30€ for a cheap router/switch and move on.

load more comments (6 replies)
[–] Wander@packmates.org 9 points 1 year ago* (last edited 1 year ago) (2 children)

@selfhosted Update:

  1. Just to clarify, the the whole point is that Android makes it easy for less tech oriented people to host small single user / family services.

It does not need to be perfect, have massive throughput or allow for massive amounts of read/write cycles.

If people can host their own media server like Jellyfin or note taking apps like Joplin instead of using commercial services by simply installing an APK on an old phone they can leave connected at home, that's already a big win.

  1. Regarding device longevity, Android 13 apparently supports / will support full KVM emulation. Windows can be run if you have root while android based VMs are expected to be possible without the need for root. Since this type of virtualization allows VMs to run their own kernel, keeping the "server app" updated should allow the user to be protected even if the host OS is outdated as long as these server-app-VMs are trustworthy themselves.
load more comments (1 replies)
[–] bustrpoindextr@lemmy.world 8 points 1 year ago (1 children)

Just use raspberry pis and Linux. You'll have better support.

[–] AbidanYre@lemmy.world 11 points 1 year ago (21 children)

Then ditch the raspberry pi and get an sff PC that has an x86 processor in it.

load more comments (21 replies)
[–] NeoNachtwaechter@lemmy.world 7 points 1 year ago* (last edited 1 year ago)

You absolutely want to remove the batteries. Otherwise they would die of old age pretty soon and then it creates danger of fire. Either a new battery for your 'server' every 5 years, or some tinkering solution, maybe supercapacitors.

Then you need an OS with long term support/maintenance. Not stock Android, because it evolves away from old hardware too fast. Maybe something like Lineage.

One problem remains: I have serious doubts about the network interface, if it can handle high throughput or many connections, like a webserver for several users, or even torrenting. A NAS for 1 person seems very possible, though.

[–] eskuero@lemmy.fromshado.ws 7 points 1 year ago

It has an UPS builtin 😇

Jokes aside I used to run a few python bots inside termux on my very old S3 Mini a few years ago. It did the job at least.

[–] andreluis034@lm.put.tf 6 points 1 year ago (1 children)

The latest pixel devices (since 6 I think?) already provide accees to a /dev/kvm device, so maybe you could even run a normal Ubuntu server VM on your phone for hosting these services.

load more comments (1 replies)
[–] ahoyboyhoy@fosstodon.org 6 points 1 year ago (1 children)

@Wander @selfhosted also, don't forget that it's easy enough to run Linux on Android: https://f-droid.org/en/packages/tech.ula/

load more comments (1 replies)
[–] ahoyboyhoy@fosstodon.org 5 points 1 year ago (3 children)

@Wander @selfhosted I have old Pixel phones with LineageOS installed, but I haven't found a good way to prevent battery inflation. I'd love a way to limit charge to 50% or to bypass the battery altogether.

load more comments (3 replies)
[–] BearOfaTime@lemm.ee 5 points 1 year ago* (last edited 1 year ago)

I'd be more inclined to say Raspberry Pi. Low power, small, scalable.

And if you want Android, there's a Lineage build for BananaPi. https://wiki.lineageos.org/devices/#banana-pi

I'm currently designing a sync/backup/mesh network device for family/friends. Something they can simply plugin, and I can manage remotely.

[–] simple@lemm.ee 5 points 1 year ago (9 children)

I've already heard of people using Termux to host services on their old phones. Seems to work well.

load more comments (9 replies)
[–] herzenschein@furry.engineer 4 points 1 year ago* (last edited 1 year ago) (2 children)

@Wander @selfhosted This sort of setup is very attractive IMO because of the low power usage. Android phones use much less power than old PCs.

The main con I see is not having ethernet (maybe there's some sort of MicroUSB/USB-C to ethernet adapter, but I didn't look into it yet). That, and there being only one port.

load more comments (2 replies)
[–] muzzle@freeradical.zone 4 points 1 year ago

@Wander @selfhosted Sounds like a great way to kill you phone's battery. But maybe if you created an ad-hoc stack... Have you ever heard of @veilidnetwork ?

[–] Decronym@lemmy.decronym.xyz 4 points 1 year ago* (last edited 1 year ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
NAS Network-Attached Storage
PCIe Peripheral Component Interconnect Express
Plex Brand of media server package
RPi Raspberry Pi brand of SBC
SBC Single-Board Computer
SSD Solid State Drive mass storage
SSL Secure Sockets Layer, for transparent encryption

6 acronyms in this thread; the most compressed thread commented on today has 5 acronyms.

[Thread #231 for this sub, first seen 22nd Oct 2023, 22:25] [FAQ] [Full list] [Contact] [Source code]

[–] TheHobbyist@lemmy.zip 3 points 1 year ago* (last edited 1 year ago)

I think there's some truth to it. But I imagine it will be more AOSP than what android is with google services. AOSP is really a great operating system with very good security and built in features. And with neural engines and high bandwidth emmc, it is mostly just lacking a large amount of storage to make it all complete, but the latest SOCs are most probably powerful enough. Is there something like docker for android? :)

Edit: I do recognize what someone else said, which is that one big challenge would be software updates. We are not that limited by hardware when we consider servers, they can easily run for years with regular software updates.

load more comments
view more: next ›