I used to self-host because I liked tinkering. I worked tech support for a municipal fiber network, I ran Arch, I enjoyed the control. The privacy stuff was a nice bonus but honestly it was mostly about having my own playground. That changed this week when I watched ICE murder a woman sitting in her car. Before you roll your eyes about this getting political - stay with me, because this is directly about the infrastructure we’re all running in our homelabs. Here’s what happened: A woman was reduced to a data point in a database - threat assessment score, deportation priority level, case number - and then she was killed. Not by some rogue actor, but by a system functioning exactly as designed. And that system? Built on infrastructure provided by the same tech companies most of us used to rely on before we started self-hosting. Every service you don’t self-host is a data point feeding the machine. Google knows your location history, your contacts, your communications. Microsoft has your documents and your calendar. Apple has your photos and your biometrics. And when the government comes knocking - and they are knocking, right now, today - these companies will hand it over. They have to. It’s baked into the infrastructure. Individual privacy is a losing game. You can’t opt-out of surveillance when participation in society requires using their platforms. But here’s what you can do: build parallel infrastructure that doesn’t feed their systems at all. When you run Nextcloud, you’re not just protecting your files from Google - you’re creating a node in a network they can’t access. When you run Vaultwarden, your passwords aren’t sitting in a database that can be subpoenaed. When you run Jellyfin, your viewing habits aren’t being sold to data brokers who sell to ICE. I watched my local municipal fiber network get acquired by TELUS. I watched a piece of community infrastructure get absorbed into the corporate extraction machine. That’s when I realized: we can’t rely on existing institutions to protect us. We have to build our own. This isn’t about being a prepper or going off-grid. This is about building infrastructure that operates on fundamentally different principles:
Communication that can’t be shut down: Matrix, Mastodon, email servers you control
File storage that can’t be subpoenaed: Nextcloud, Syncthing
Passwords that aren’t in corporate databases: Vaultwarden, KeePass
Media that doesn’t feed recommendation algorithms: Jellyfin, Navidrome
Code repositories not owned by Microsoft: Forgejo, Gitea
Every service you self-host is one less data point they have. But more importantly: every service you self-host is infrastructure that can be shared, that can support others, that makes the parallel network stronger. Where to start if you’re new:
Passwords first - Vaultwarden. This is your foundation. Files second - Nextcloud. Get your documents out of Google/Microsoft. Communication third - Matrix server, or join an existing instance you trust. Media fourth - Jellyfin for your music/movies, Navidrome for music.
If you’re already self-hosting:
Document your setup. Write guides. Make it easier for the next person. Run services for friends and family, not just yourself. Contribute to projects that build this infrastructure. Support municipal and community network alternatives.
The goal isn’t purity. You’re probably still going to use some corporate services. That’s fine. The goal is building enough parallel infrastructure that people have actual choices, and that there’s a network that can’t be dismantled by a single executive order. I’m working on consulting services to help small businesses and community organizations migrate to self-hosted alternatives. Not because I think it’ll be profitable, but because I’ve realized this is the actual material work of resistance in 2025. Infrastructure is how you fight infrastructure. We’re not just hobbyists anymore. Whether we wanted to be or not, we’re building the resistance network. Every Raspberry Pi running services, every old laptop turned into a home server, every person who learns to self-host and teaches someone else - that’s a node in a system they can’t control. They want us to be data points. Let’s refuse.
What are you running? What do you wish more people would self-host? What’s stopping people you know from taking this step?
EDIT: Appreciate the massive response here. To the folks in the comments debating whether I’m an AI: I’m flattered by the grammar check, but I’m just a guy in his moms basement with too much coffee and a background in municipal networking. If you think “rule of three” sentences are exclusive to LLMs, wait until you hear a tech support vet explain why your DNS is broken for the fourth time today.
More importantly, a few people asked about a “0 to 100” guide - or even just “0 to 50” for those who don’t want to become full time sysadmins. After reading the suggestions, I want to update my “Where to start” list. If you want the absolute fastest, most user-friendly path to getting your data off the cloud this weekend, do this:
The Core: Install CasaOS, or the newly released (to me) ZimaOS. It gives you a smartphone style dashboard for your server. It’s the single best tool I’ve found for bridging the technical gap. It’s appstore ecosystem is lovely to use and you can import docker compose files really easily.
The Photos: Use Immich. Syncthing is great for raw sync, but Immich is the first thing I’ve seen that actually feels like a near 1:1 replacement for Google Photos (AI tagging, map view, etc.) without the privacy nightmare.
The Connection: Use Tailscale. It’s a zero-config VPN that lets you access your stuff on the go without poking holes in your firewall.
I’m working on a Privacy Stack type repo that curates these one click style tools specifically to help people move fast. Infrastructure is only useful if people can actually use it. Stay safe out there.
Dude like even 6 months ago Id read your post and would think alright man c’mon…
But now you are 100% right it’s getting tough and people will only realize when it’s too late. Imagine a far right government with palantir in Europe. That’s pretty much where we are heading and I try my best to get any of my data away from this sphere of influence
It’s not often I hear meet others on the same page, but I too see self-hosting as a form of resistance against corporate control and surveillance capitalism. Rather than trying to bring self-hosting to individuals, I’ve steered my efforts towards affecting technological change in groups and organizations instead. While this narrows the pool of those who can set up sovereign infrastructure, it gets more people using the open-source alternatives as part of their collaborative work.
To support that, I’m building out such an IT reference architecture for nonprofits, activist groups, and communities. The networking model is such that services can be hosted on cheap hardware and accessed through Wireguard tunnels managed by Netbird (and experimenting with Pangolin now). This keeps the servers under positive control of the data owners and uses only one or two VPS instances to handle proxying and accesses. Now, every organization’s requirements are different, but this baseline is meant to be a flexible proof-of-concept that can be adapted to their unique threat model. For example, an org can opt for just using a cloud-hosted service for certain components if the self-hosting burden is too great and their threat model determines it to acceptable.
The docs are here at https://sts.libretechnica.org/ and the source for the docs and all the Ansible playbooks are at https://gitlab.com/libretechnica/SovereignTechStack/. I invite anyone to contribute, analyze, pick-apart, improve this model. In fact, I’m specifically seeking thoughts on whether this reference model can adequately address the risks and threats that self-hosters face.
This is the first time I’m sharing this publicly; I was inspired by this post to finally spread awareness of the project and get more like-minded people involved.
P.S. @h333d Sorry about the people who think your post is gen-AI. I used to proofread stuff all day long before the advent of LLMs, so I quickly recognize artificial text and yours reads nothing like it. I appreciate the time you took to write your post and it was a refreshing read.
It’s not just media that doesn’t feed recommendation algorithms - I actually like recommendation algorithms (Jellyseerr does a pretty great job with this), it’s more about having control over my media and it not being taken away randomly. So many times an older show I would want to watch would no longer be “available” so I’d have to download it anyway, with no option of paying to watch for it.
Communication that can’t be shut down: Matrix, Mastodon, email servers you control
Uh, those can all be shut down. You may control the server but you don’t control the datacenter the email server lives in, unless you’re hosting out of your house, which is a bad idea. You also don’t control the pipes to and from these servers. There have been many plans over the years requiring that ISPs ban users who are accused of copyright infringement. And, even if you don’t infringe copyrights, we all know about how the DMCA can be weaponized against people who have done nothing wrong.
File storage that can’t be subpoenaed: Nextcloud, Syncthing
Sorry, your own file storage can be subpoenaed, you just don’t have a lawyer on call to help you through the process. If you think “haha, I’ll just delete the data”, you can be in much worse trouble. AFAIK in some cases the judge / jury are allowed to assume that evidence that you deleted was incriminating.
I self-host things and think it’s a good idea. But, don’t go overboard with how good it is. It’s still vulnerable to government and corporate actions. in many cases you’re more vulnerable because you’re on your own, you probably don’t have a lawyer on retainer, etc.
I am not your lawyer and this is not legal advice for you or anyone who reads this.
Nextcloud encrypts data e2e, so your point there is misguided and not really relevant. You can’t be compelled to provide a password/decryption key as long as it doesn’t exist as physical evidence. This is why lawyers advise clients to use a PIN instead of face ID or fingerprints; biometrics, like all physical evidence, can be subpoenad.
Self hosting services like matrix or email is a bad idea if you don’t really understand what you’re doing, like many other things. If you keep you stuff updated and are intelligent in how you structure your network there’s not really anymore risk here than paying someone else to host it. If you keep you stack simple and follow best practices, code and configurations written by industry experts do most of the heavy lifting.
This is why lawyers advise clients to use a PIN instead of face ID or fingerprints
That’s because cops don’t need a warrant if you use a face or fingerprints, but they do if you use a PIN. What you’re talking about is for protection against casual, warrantless searches.
What I’m talking about is a subpoena where you’re required to present evidence. The fact that it’s encrypted is irrelevant. If the data is subject to a subpoena it doesn’t matter if you store it encrypted or unencrypted, you’re still required to present it to the court.
If you keep you stuff updated
Keeping stuff updated is a chore, and it can take hours out of your week, often when you don’t expect it or don’t have time. When that’s someone’s full time job and they’re updating it for hundreds, thousands or millions or people, there’s a better chance they do it right, and a much better chance that they do it in a timely fashion.
I am not your lawyer and this is not legal advice for you or anyone who reads this.
I hope you’re not anybody’s lawyer, with your lack of knowledge of the law. Did you graduate from Dunning-Kruger law school?
deleted by creator
k
Just FYI unless you self-host headscale, tailscale is centralised and not private. They claim it is end to end encrypted but their proprietary centralised control server distributes the keys, so they could very easily MITM you.
Tailscale is good tech and good crypto, but Applied cryptography cannot solve a security problem. It can only convert a security problem into a key-management problem, and tailscale does not do decentralised key management.
Along with headscale, I have also hosted Pangolin instance. Multi network setup with docker
I was just thinking this week, that those who self host (and more importantly, those who program the code we self host), are at the front line of the modern digital resistance: in the sense that the world is burning due to the greed of the tech bros that run our daily lives. Convienience for the masses is what gives them power over us, and any one who rejects their systems is helping to fight back.
Voting with your wallet helps, so not giving them your money is the first step. Then managing and keeping your own data private is the next one.
You’re right. We’ve been traded convenience for our autonomy for way too long, and it’s created this massive power imbalance where a few tech bros basically own the digital roads we walk on. Voting with your wallet is a huge first step, but like you said, the real work starts when we actually take responsibility for our own data.
That’s exactly why I’m moving toward helping local businesses and groups build out their own nodes. It’s one thing to stop paying for a subscription, but it’s another thing entirely to stand up your own infrastructure that doesn’t report back to a corporate mother-ship. Every person who rejects the “default” and builds a private alternative is a small win for the rest of us, it’s about making the corporate extraction model fail by simply making it unnecessary.
In a fascistic enough world where this would matter, people who abstain from the system are automatically flagged to be shot too, just fyi. You gotta also fill the normie services with conformist content to not become a detected anomaly if you really want to do it properly.
This is the “Gray Man” strategy. If you have zero digital footprint in 2026, that absence of data becomes a data point itself. Anomalies get investigated.
I think we need to separate Camouflage from Logistics.
I’m not suggesting you delete your digital existence and live in a Faraday cage. By all means, keep the normie accounts. Post the cat photos on Instagram. Keep a Gmail address for the spam. Feed the algorithm just enough “conformist” content to look boring. That is your camouflage.
But Resistance Infrastructure isn’t about hiding, it’s about capability.
It’s about ensuring that when the “system” decides to de-platform your community group, or lock your bank account, or shut off the internet in your region during a protest, you still have a way to function.
To the folks in the comments debating whether I’m an AI: I’m flattered by the grammar check
This is the world we live in. If you can actually string words together into grammatically correct sentences, then you are AI. It matters not whether you are or you aren’t. Like the witch hunts of Salem, all that is necessary is the accusation. I personally don’t care if you used AI, the message resonates. Don’t let 'em give you shit about your pony tail.
It is freeing really. I used to proof read my comments, then paste in google search to check for easy to catch typos. When AI arrived, I was even putting my text through them so they are more “common tongue” and not my personal shorthands.
Now I just post it.
It’s a tool. A tool that needs some heavy regulation, but a tool nonetheless
100%
I do find it funny that I offer so many friends and family access to these services, and they generally just take the accounts and never use them.
Because you, and everyone, is in a huge bubble.
Normal people don’t give a shit where stuff is hosted, or if it’s hosted at all. The vast majority of people couldn’t care less what happens to their catpics if their phone gets crushed and they don’t want to use a separate messaging platform just to talk to you.
The things you think are important absolutely don’t matter to them. Most people don’t give a single second of thought to where their documents should live, and will just download it again on a second device instead of synchronizing anything.
It’s really nice that these things exist, but why would someone do anything with them if they literally don’t have a purpose for it?
This! I’d say that the best we can do is educate. Over the last 20 years people got taught to be lazy and go with the herd. They don’t want to change, all their stuff is already “in the cloud” and “I don’t have time to go tinker with that nerd stuff, I need something that works”.
“Why learn a new messaging app if everyone is using WhatsApp already”
– some of my friends and acquaintances 2025
Exactly, I’m glad more people are seeing it this way.
The goal of capital is to gain power and leverage, they don’t really care about some numbers.
It’s the dream of all tech companies to become a monopoly, they even say it with a straight face. They want as much control as possible? Why? So they can use the leverage for even more.
The beautiful/horrifying part is, the system weeds out any company that does not do this. The only way is for the end users to push back.
How can I learn more about this stuff because I think like a lot of people I’m not that tech savvy
Just start. Even the most tech savvy of us started not knowing any of this. More importantly do what you’re interested in and that benefits you. You don’t have to have some grand implementation. Start simple and the rest follows.
I feel the same way, and honestly, I’m happy to see others do too.
I’m almost done my exit from google, just the actual email left. Calendar, map data, photos, everything in drive is gone to my private infrastructure.
What are you doing for health data and stats?
I know this is not one size fits all, but I switched to a Seiko watch like a year ago and I’ve been so much happier. I can weigh myself on my scale, take my blood pressure with a $40 Braun device from the pharmacy, and everything else I can intuit: I know for a fact when I’m not walking enough, when I feel bloated and over-salted, when I haven’t slept long enough, when I get winded going up stairs, etc.; I don’t need to quantify and graph it out to know I need to do better and what it will require of me.
Again I’m not saying health stats aren’t or shouldn’t be important for you, but I do think the Web 2.0 / smart-everything era got us all so hooked on the constant feed of data points from all aspects of our lives that we came to feel things were required that really aren’t.
If you’re diabetic, or have a heart condition, or the in and only way you will ever exercise is if you can gamify it or whatever, then of course, try to find a health tracking solution that minimizes the sale of your data to brokers or whatever (if that is even possible). But for many average people who’ve just gotten used to health tracking, I gotta say, take a walk on the wild side and try going without.
I can’t put a price or a good enough description on how much happier I am to have one less thing sending me notifications and pulling my poor, abused attention all throughout the day…one less entire category of stats to keep up with, micro-manage, get anxious over. I’ve still got my Apple Watch if I ever absolutely need it but so far I haven’t needed it at all. I do not miss health data.
Ah, well that’s one I don’t have any data on.
I’m slowly making the switch over to self hosting most things. This is a good post.
I hate to point this out, but it’s 2026.
Everything else is great though.
TLDR: Protesting or resisting privately inside your house does not lead to social change and is not the most rational way of protecting yourself if you feel threatened by your government.
Self-hosting is not “resistance”: at most, it’s prepping for nerds, with computers instead of guns.
Self-hosting is not even a rational/efficient way of making a statement. If that’s what you want, it’s far more efficient to follow the established tradition of declaring you are moving to Canada and not following up with actual actions.
Don’t get me wrong: I can relate to the nerdy way of coping with the ugliness around us (I say “us”, but thankfully I don’t live in the US), but - the way I see it - it’s that your society that needs change, and self hosting won’t help with that.
Frankly, the shit you US people are putting up with is unreal.
It has always been (
US police forces kill far more people than the overall homicide rate in Europe - read that again and pause a second to think about itthis isn’t true - see comments below), and it’s just getting worse.If you feel threatened you can essentially respond by fighting, fleeing, or cowering.
If you wanna FIGHT (this is what “resistance” is about), try to use whatever power you have and apply your energies to bring actual change. If you don’t feel comfortable acting outdoors, this could include lending your nerd skills to protesters or (nonviolent) resistance groups. Heck, even being a keyboard warrior is more useful to changing society than being a hobbyist sysadmin.
If you wanna FLEE, just leave the country. Honestly, there are better places to live than the US, and (if you have or plan to have any) better places to raise your children.
If you wanna COWER, then be a prepper or a self-hoster or whatever, but be aware that, while misrepresenting your reaction as “resistance” may make you feel more heroic than you are, spreading the misrepresentation can also lead others to cower instead of fighting. Is that what you want?
Preparation is part of fighting.
Pretty sure the Iranian protesters would benefit from private infra now that the internet is shut down.
Getting graphite OS phones can let you do all sorts of neat things like duress pins etc.
The average person is forming their activist plans on WhatsApp and Discord, and that’s going to be a problem. I remember all those kids in Hong Kong getting scooped up because the government was reading their texts and hacking their phones.
Don’t downplay what you can contribute.
This brand of argument is basically ‘If you can’t do everything perfectly, then it is pointless to do anything especially the thing that you’re suggesting.’
You see this person in every thread on every topic where people discuss things that they can contribute their expertise to. Their message is ‘it is hopeless, your plan won’t work, give up what you’re doing, you don’t stand a chance’.
Honestly, and forgive the langue, but fuck those people. You know what your strengths are and what you’re capable of, not some faceless bot pushing violent political rhetoric who is, by its own admissions, not in the US.
If you don’t want to participate in the tech landscape as it exists today, there is absolutely nothing wrong about avoiding it entirely and building something else. Companies will not be so complacent about their position in the market if they know there’s a completely Free alternative that does everything that they charge a subscription for.
The people who are doing self-hosting today are exactly like the early adopters of the smartphone or any other technology. There’s always people trying new things and sometimes they succeed.
People who are using privacy focused approaches to personal technology, like self-hosting, are beta testing the ability to use cheap, mass produced hardware and open source software to build a product ecosystem that meets their needs. That progress is enjoyed by anybody in the future who decides they also want to leave the walled gardens of Tech Giantopia.
