Escaping $BIG_CORP's Grasp

About a month ago, my YouTube account was suspended without warning or justification. They told me I violated the TOS, but all I do on YouTube is watch videos. I sent in an appeal, and it was quickly turned down, again without reason. I know I’m not the first one to have something like this happen to them, and it’s well known that the only way to get through to the machine is by raising a stink on Twitter, but… I don’t have a Twitter account. I don’t plan on making one, so I logged into YouTube with a different Google account and forgot about it.

But what if next time, it’s not just YouTube? I, like a lot of people who do stuff on the internet, trust a small group of big companies with some really important tools and data. File storage, email, Git remotes, office software… pretty much all of it runs somewhere in the cloud, on networks owned by Google, Amazon, or Microsoft. There are a lot of blog posts out there about de-Googling and similar, and this one probably won’t be too unique, but I spent this weekend setting up a bunch of self-hosted alternatives and I think it’s worth summarizing what I’ve done, what I’ve gained, and what I’ve lost.

I’m running everything on a t3.small EC2 instance, with nginx as a reverse proxy. Right now it’s all kind of hacked together, but it’s a goal of mine to figure out some kind of automated provisioning so that if I need to migrate to a new server, I don’t need to jump all the same hurdles again.

Blog Comments

This is not new, but for pretty much as long as my blog has been a thing, I’ve been hosting my own instance of Commento. I considered Disqus, but I’m not a fan of its privacy policy, and also utterances, but I want my family to be able to comment on stuff without a GitHub account.

“Office” Software

I don’t really know what the category of these things is called, but it includes:

  • File storage (Google Drive)
  • Photos (Google Photos)
  • Calendar (Google Calendar)
  • Documents (Google Docs)
  • Notes (Google Keep)
  • Contacts (Google Contacts)

As you can see, literally all of these things have been held in my Google account up until now, and that’s really scary! I’ve migrated all of these to Nextcloud, and so far I’m quite impressed! For now, I’ve installed it with the Snap package, but it feels pretty janky so I’m planning to move it to Docker. I’ve hooked up the storage to S3, so it’s really cheap and I can do bulk file management with normal AWS tooling, and the desktop client makes it easy enough to keep everything available locally too (although I need to pick up a new hard drive to fit all this stuff). Auto-upload of phone camera photos works great, and there are lots of apps available to extend the default capabilities, although I haven’t installed many—I’m not really a power user of this kind of software.

While it all tends to work, the whole package is definitely not quite as streamlined as the Google suite. I’ve had some issues with the calendar not properly displaying my recurring events, and I find the desktop client sometimes has issues keeping files synced quickly. I’ll also miss the automatic labelling of my photos, although eventually I might get the face recognition app to work.

Git

Like pretty much everyone else out there, I host my code on GitHub. I think there’s value in the huge number of people that use it, and it’s genuinely a really good platform. So I don’t really want to move everything over to another service, but I do want to ensure that if my GitHub account is suspended, I won’t lose access to all of my own code at least. The obvious answer, then, is to set up my own Git server that mirrors all of my own repositories. There are a few options for this, the most well-known probably being GitLab, but I chose Gitea, which is far more lightweight. I also considered sourcehut, but setting it up was considerably more difficult than Gitea. There really isn’t much to say about the Gitea installation process, because it’s super easy and straightforward. I pasted a handful of shell commands, created a systemd service, and now I have a website not too unlike GitHub itself at git.cdg.dev. I haven’t actually set up the repo mirroring yet, except for one repository as a test (which is working fine), but that shouldn’t be hard at all.

Passwords

I’ve been using BitWarden for a few years now, and I have no complaints. I’ve always known that they had a self-hosting option, but I never really considered it until now. Thankfully, their installation is based on Docker Compose, which makes it super easy to manage. I’ll admit that it’s a bit scary to have my passwords’ availability depend on the uptime of a server that I manage, but for now we’re just going to hope for the best.

Email

For the last five years or so, my email account has been with Gmail. It works great! I was always tempted to try to host my own email server, but that turns out to be really complicated and IP reputation plays a big role. Because of how important it is to have reliable email service, I decided to compromise and stay with a hosted solution, but instead of sticking with Gmail, I moved to ProtonMail. I’m not a security expert, but its encryption seems great so far and it’s basically as easy to use as Gmail. As an added bonus, I hooked it up to my domain, so that my new primary email address is me@cdg.dev. I set up my old account to forward all of its mail to this new one, because I know it’ll be a long time before I stop receiving messages on Gmail. I don’t even want to try to guess the number of sites that I’ve used it as an OAuth2 provider for…

Another thing I did was set up a free SendGrid account for sending emails from my server, which replaces Gmail’s SMTP service for Commento, Nextcloud, Gitea, and BitWarden.

What Didn’t Change

There are some services that I’m okay with leaving as-is, and those are:

  • WhatsApp for messaging
  • Spotify for music
  • YouTube/Netflix for videos

The thing that all of these have in common is that I don’t really own anything on any of them. Losing 100GB of my memories in photos would suck, but there’s nothing personal on Netflix that I can’t get elsewhere or ask a friend for.

Summary

In short, here’s a list of the services I used to use and what I replaced them with:

  • Google Drive: Nextcloud Files
  • Google Photos: Nextcloud Photos
  • Google Calendar: Nextcloud Calendar
  • Google Docs: Nextcloud Text
  • Google Keep: Nextcloud Quick Notes
  • Google Contacts: Nextcloud Contacts
  • Gmail: ProtonMail + SendGrid
  • GitHub: GitHub + self-hosted Gitea for mirroring
  • Hosted Bitwarden: Self-hosted BitWarden

It feels nice to “own” my data, and I can rest easy knowing that barring some major disaster, my data is safe in my own hands. Of course, I do depend on AWS for a lot of the underlying infrastructure, but so does half the internet so I’m not too worried. All things considered, I’m paying somewhere between $15 and $20 per month for the server, storage, and email account (the only thing mentioned here that I don’t host myself). I could definitely make things cheaper, but I’m not sure that it’s worth the effort for me.

Time will tell if all this open source tech can keep up with the megacorps’ products! I, for one, have high hopes.