what VPS offer fits best for a small friendica instance?
@Friendica Support
@Friendica Admins
@Friendica Developers
Hi there,
in the end I want to try to setup my first own hosted friendica VPS on a small setup:
1gig RAM/1 Core/25gig
The idea is kinda single user instance with a few forum pages.
The hosting provider has the following options:
- debian bullsey - vpn server
- debian bookworm - wireguard server
- debian bookworm - bookworm 2023-07-03
- debian bookworm - bookworm 2023-07-03 LEMP (nginx+php8.2+mariaDB10.5)
- debian bookworm - nextcloud
- ubuntu 22.04.01LTS
- CENTOS8.1 - 2020-05-03
- cleanVPS to upload own ISO
I'm used to debian/devuan on PC, so am obviously inclined to go for debian but have no idea what version would be the best choice.
In the first place the debian LEMP option looks like the way to go.
Latest experience with a new friendica installation seemed to be in need of PHP8.1 instead of PHP8.2.
Is it difficult to downgrade that?
Also, I'm kinda worried about security in general, even tho the data exposed will only be my own, so there is no responsibility with others.
Are there more security risks than on a shared hosting with let's say a standard phpBB forum page?
The idea would be to point the IP from my existing hosting provider to the VPS.
- Do we have some general "how to setup" for a VPS setting from scratch?
- Anyone interested in creating such a "how to" in a conversation with me here to have a refence or base to sum that up for the frindica wiki?
- Could it even be of interest to create a "friendica VPS-ISO installation" with the help of git.friendi.ca for example?
Raroun
•@…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
This a a pretty good tutorial from @Hank G ☑️ for ubuntu:
https://www.nequalsonelifestyle.com/2022/07/30/creating-friendica-server-ubuntu/
It also covers some security - which is great.
You can try Friendica on a 1C,1G,25GB setup but you will run in some shortages pretty fast.
utzer [Friendica]
•@Raroun @…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup @Hank G ☑️ @bitPickup mʕ•ﻌ•ʔm @TupambAdmin agree, probably 4 core, 8GB Ram and 100 GB Storage are better, you will run into problema after 2-3 years I guess.
You need to keep in mind that you need much storage for all the content from other Fediverse servers, so database will grow because of the content and also because of all the contacts that your server will discover over time.
Also you need to have free space, so much that the biggest table of the database can be created as a copy during updates and also during maintenace/optimization that MariaDB/Mysql needs.
So better get a bit bigger and always keep enough free space.
You can however start out with the small VPS and upgrade sooner.
…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
•@utzer [Friendica]
It's a matter of monetary resources.
I live of like 200 bucks a month, I guess that the limite for "poor" people on this planet as of now, so I really want and need the minimum limit.
General idea is to set post expiriation except own post's and starred posts by others to 30 days, and in any case "outsource" DB storage for pictures, videos and or other files.
@bitPickup mʕ•ﻌ•ʔm @Hank G ☑️ @Raroun @TupambAdmin
…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
•th! @Hank G ☑️
👍
learning question:
In general terms, to adapt this to a debian installation there would basically be the issue of apt-get install tools that don't come preinstalled with debian like they do in in ubuntu like:
snap and ufw
What other differences would there be in using debian directly?
@Raroun
@bitPickup mʕ•ﻌ•ʔm @TupambAdmin
utzer [Friendica]
•utzer [Friendica]
•…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
•@utzer [Friendica]
smallest VPS:
VPS #1
1GB RAM
1 CPU
25GB DISK
1TB TRANSFER(tx+rx)
your recomandation:
VPS #4
8GB RAM
4 CPU
160GB DISK
5TB TRANSFER(tx+rx)
btw, this is what they state about the debian options:
OpenVPN
For freedom fighters
The only VPN to be trusted is the one you have full control over.
The server and client certificates are automatically generated and the client file sent via email to the customer after. Runs on port 443, which is almost always accessible. All logging is sent to /dev/null and DNS queries are made on the same server.
Wireguard
... show moreAlso for freedom fighters
40-50% faster than OpenVPN.
Route all your traffic through an encrypted tunn
@utzer [Friendica]
smallest VPS:
VPS #1
1GB RAM
1 CPU
25GB DISK
1TB TRANSFER(tx+rx)
your recomandation:
VPS #4
8GB RAM
4 CPU
160GB DISK
5TB TRANSFER(tx+rx)
btw, this is what they state about the debian options:
OpenVPN
For freedom fighters
The only VPN to be trusted is the one you have full control over.
The server and client certificates are automatically generated and the client file sent via email to the customer after. Runs on port 443, which is almost always accessible. All logging is sent to /dev/null and DNS queries are made on the same server.
Wireguard
Also for freedom fighters
40-50% faster than OpenVPN.
Route all your traffic through an encrypted tunnel, perfect for bypassing internet controlled by a fascist government.
LEMP
Ready to use webserver
LEMP stands for Linux, nginx (pronounced Engine x), MySQL, and PHP. It comes preconfigured with an optimized PHP setup which can run, depending on the size of the server, load heavy sites. It is also good as a content delivery server for example advertisement banners, videos, or even a fileserver for files to download.
Nextcloud Server
Ready to use Nextcloud
Run your own cloud service.
Nextcloud, the next generation open source Enterprise File Sync and Share software, the server is optimized for high usage with Let's Encrypt https certificate.
@bitPickup mʕ•ﻌ•ʔm @Hank G ☑️ @Raroun @TupambAdmin
utzer [Friendica]
•@…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup @bitPickup mʕ•ﻌ•ʔm @Hank G ☑️ @Raroun @TupambAdmin I meant the price, but nevermind.
Check if Uberspace is something for you, be sure about the latency because it is in Germany.
Website:
https://uberspace.de/en/
Manua
... show more@…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup @bitPickup mʕ•ﻌ•ʔm @Hank G ☑️ @Raroun @TupambAdmin I meant the price, but nevermind.
Check if Uberspace is something for you, be sure about the latency because it is in Germany.
Website:
https://uberspace.de/en/
Manual for Friendica.
https://lab.uberspace.de/guide_friendica/
Uberspace gives you full access on CLI as a user, no root required and your advantage is, that you need much less knowledge as the system is already all setup and safe, you do not have access to the basic setup and need not sorry about safety, updates and such. Backups also included and no need to worry about.
If you take the VPS stated by you, I guess the LEMP one is what you want.
Nginx works for Friendica, but you need to pay attention because it differs from Apache in some configuration.
Also make sure to take backups when it runs, so when you mess up you can restore. 😉
…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
•@utzer [Friendica]
> I meant the price, but nevermind.
Upss, sry I forgot to add the price, it didn't fit in the cpoy/paste: Option 1 -> 1Gig RAm 5 usd, option 4 -> 8GB ram 40 usd (per month)
@bitPickup mʕ•ﻌ•ʔm @Hank G ☑️ @Raroun @TupambAdmin
…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
•@utzer [Friendica]
btw
Just looked into uberspace, don't have the means to pay their service from where I am. Even tho I don't like the energy waste of btc, I can use the few satoshis I have left from like a decade ago to pay the VPS I'm looking for.
@bitPickup mʕ•ﻌ•ʔm @Hank G ☑️ @Raroun @TupambAdmin
utzer [Friendica]
•Raroun
•You probably don´t need the ufw stuff if you set up public key authorization.
I also don´t use snap 😀
Raroun
•If you want, i can provide you a proper vps without any cost for one year (so you have time to try out) but it is ubuntu 😀
…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
•@Raroun
How is that?
@bitPickup mʕ•ﻌ•ʔm @TupambAdmin
Raroun
•Well, i´m working in a big data center - if someone is intrested in friendica and don´t have much money, i mostly provide a server for one year.
For no costs.
To be fair - most people give up after 1-2 months -.-
But anyway. i can provide you a server for one year for no money.
After 12 Months the server will get deletet automatically. Also - i have no access to that server. Best i can do ist reset the root password or recover from a backup. Timeframe for backups are 10 days.
Raroun
•Actually it would be a 4 Core CPU, 8 GB Ram with 300GB NVME Disk - unlimited traffic.
Nanook
•Raroun
•I use that machine exclussively for friendica.
Andy H3
•What precisely are you running on this machine that it'd need such much resources?
Nanook
•Andy H3
•Nanook
•Raroun
•Im running my Friendica Instance on a D´dedicated Server - Amd Ryzen 9 Pro 3900, 12 Cores, 24 Threads with 960 GB NVMe and 128 GB RAM.
SOMETIMES - when contact discovery is running, even that machine has a good amount of load.
…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
•@Raroun @Andy H3
One of the things I always was wondering about and definitely think would be something positive for people how'd like to start with friendica is some basic standard setup examples and costs to "work with".
Like to say:
To be simply able to grasp an idea about if friendica is suitable for someone in terms of costs and management this kind of information is kinda basic.
Otherwise we will always have lot's of people who start quite enthusiastically but abandon the idea after a few weeks or month.
How
... show more@Raroun @Andy H3
One of the things I always was wondering about and definitely think would be something positive for people how'd like to start with friendica is some basic standard setup examples and costs to "work with".
Like to say:
To be simply able to grasp an idea about if friendica is suitable for someone in terms of costs and management this kind of information is kinda basic.
Otherwise we will always have lot's of people who start quite enthusiastically but abandon the idea after a few weeks or month.
How to set it up as of now is already a big deterrent for many people. Considering what WP achieved with it's "one click installation" for hosting providers and what it means for the use of that platform I guess you get what I mean.
I know, it means a lot of man power and dedication of people with a particular mindset to achieve some (I don't know) docker, SNAP or ISO image to create some super easy friendica installation for VPS but thats what would be needed to be accessible for more people.
As of now friendica is kinda niche restricted for hackers and/but the internet really needs something like it to become independent again in my humble opinion.
@Nanook @bitPickup mʕ•ﻌ•ʔm @TupambAdmin
Matthew Exon
•I guess I'll comment just as a data point, I have a digital ocean droplet with 2GB of RAM and a database that is stable at 30GB after 6 years of continual use. But it was quite a roller-coaster setting up garbage collection aggressively enough to keep the database stable. That server runs all my stuff too, email, XMPP, several other websites. I seem to be paying 30 USD per month, half of that storage. I'm the only user.
I've run test instances on Raspberry Pi Zeros with no trouble. I don't think the website runs very happily that way, but if you use an app then latency probably doesn't even matter.
Nanook
•Matthew Exon
•Nanook
•@Matthew Exon @bitPickup mʕ•ﻌ•ʔm @Andy H3 @…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup @Raroun @TupambAdmin Tell me about it, and the older I get the faster it flies.
Time doesn't fly like an arrow, it flies like a laser beam towards obliteration.
Felix B. Ohmann
•Nanook
•Please consider our services:
https://www.eskimo.com/services/virtual-private-servers/
We also operate a shared web server that may be more appropriate for your needs in that it is quite robust with a 10-core 20-thread I9-10900K clocked at 5Ghz, (it is actually variable but Linux is set to performance mode so it spends the majority of that time at 5Ghz and cooling is adequate to support that), 256GB of RAM, and all disk including the root partition, is RAIDed. The root partition and most non-long term storage is SSD. There is both a mariadb and a postgresql server available, and many languages.
We also offer shell accounts on a variety of Linux distributions with the ability to get a full remote desktops with a variety of desktops like mate, gnome, kde, and others.
We operate free fediverse serves, which include https://friendica.eskimo.com/,
... show morePlease consider our services:
https://www.eskimo.com/services/virtual-private-servers/
We also operate a shared web server that may be more appropriate for your needs in that it is quite robust with a 10-core 20-thread I9-10900K clocked at 5Ghz, (it is actually variable but Linux is set to performance mode so it spends the majority of that time at 5Ghz and cooling is adequate to support that), 256GB of RAM, and all disk including the root partition, is RAIDed. The root partition and most non-long term storage is SSD. There is both a mariadb and a postgresql server available, and many languages.
We also offer shell accounts on a variety of Linux distributions with the ability to get a full remote desktops with a variety of desktops like mate, gnome, kde, and others.
We operate free fediverse serves, which include https://friendica.eskimo.com/, https://hubzilla.eskimo.com/, https://mastodon.eskimo.com/ (all message sites), and https://yacy.eskimo.com/ (a federated search engine) and https://nextcloude.eskimo.com/ (a free cloud service).
https://www.eskimo.com/services/
Operating these free services costs money so we much appreciate it when you help support us by using some of our Paid Services.
Nanook
•spontaneously unloaded them or so it seemed. When I tried to load them it said
invalid arguments. Thing is I have no arguments just the default. I was using
a 6.1.57 kernel. I tried installing the 6.2.x driver that is shipped with Ubuntu
22.04, that loaded and ran, not ideally tuned but the device drivers worked in it.
We are running this way because our old router (a Ubiquiti Edgerouter 3, crapped
out (the third one to do so) and it was getting ready to be replaced with a Dream
Machine Pro, but the software on the DRM Pro is just shit and would not do some
things we needed to do, for example, it would not route without also performing NAT, changing the originating address to addresses interface, it would not use a real subnet, it used something it called virtual subnets which ate up six addresses out of every class C. I did not feel like readdressing a bunch of machines; so I configured a Linux box... show more
spontaneously unloaded them or so it seemed. When I tried to load them it said
invalid arguments. Thing is I have no arguments just the default. I was using
a 6.1.57 kernel. I tried installing the 6.2.x driver that is shipped with Ubuntu
22.04, that loaded and ran, not ideally tuned but the device drivers worked in it.
We are running this way because our old router (a Ubiquiti Edgerouter 3, crapped
out (the third one to do so) and it was getting ready to be replaced with a Dream
Machine Pro, but the software on the DRM Pro is just shit and would not do some
things we needed to do, for example, it would not route without also performing NAT, changing the originating address to addresses interface, it would not use a real subnet, it used something it called virtual subnets which ate up six addresses out of every class C. I did not feel like readdressing a bunch of machines; so I configured a Linux box to work as a router in the meantime while we obtain a suitable replacement. I purchased a Juniper ACX1100 to replace it but I have to learn the Junipers command syntax and general operation before I can place it into service.
…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
•update on this specific request of mine:
In the end I managed to get my hands on a ubuntu 22.04.02LTS.
I used the refereed tutorial by @Hank G ☑️ to set it up:
https://www.nequalsonelifestyle.com/2022/07/30/creating-friendica-server-ubuntu/
Now it's a ubuntu 22.04.03LTS
I just ran thru the instructions and executed them and apparently everything worked fine and friendica 2023.05 (stable) is awaiting installation.
The difference in my case is that the idea is to move a (new) friendica instance (2023.05) I created in a BETA testing by a hoster that abandoned his intent to offer hosting for friendica to this new hosting.
The difference in the installation process as described by HankG as of now was that I couldn't setup completely the certbot part as the actual domain (t
... show moreupdate on this specific request of mine:
In the end I managed to get my hands on a ubuntu 22.04.02LTS.
I used the refereed tutorial by @Hank G ☑️ to set it up:
https://www.nequalsonelifestyle.com/2022/07/30/creating-friendica-server-ubuntu/
Now it's a ubuntu 22.04.03LTS
I just ran thru the instructions and executed them and apparently everything worked fine and friendica 2023.05 (stable) is awaiting installation.
The difference in my case is that the idea is to move a (new) friendica instance (2023.05) I created in a BETA testing by a hoster that abandoned his intent to offer hosting for friendica to this new hosting.
The difference in the installation process as described by HankG as of now was that I couldn't setup completely the certbot part as the actual domain (tupambae.org) is running right now with that other hosting provider.
letsencrypt wrote:
I just did the whole installation process being simply connected with the IP over SSH.
I skipped the part:
The part:
sudo nano /etc/apache2/sites-available/000-default-le-ssl.conf
created an empty file as the certbot instalation wasn't completed fully.
I created that file using the example given in the tutorial, adding the domain name that will be used.
What I wonder now:
How do I upload the DB I will have to grab from the old provider and upload to the new setup?
How do I change the password for the DB?
Is there a way to also change the name of the existing DB?
My access is over SSH with puTTy created public/private keys, no password.
Can I create sFTP access with for example filezilla and if so how?
Nanook
•Raroun
•@…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
You can export your DB - depending on the old provider you do a full export (with mysql tables) or only a "friendica db backup".
If you only have a friendica DB backup you have to create a new mysql user and a new password.
if you have a full backup, you can change the password of your db user - which is your db-password 😀
sFTP should work out of the box with any Application that supports private key authorization - like scp or FileZilla.
…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
•@Raroun
I decided to publish a new post just describing and summing up the whole installation process:
friendica VPS setup on ubuntu 22.04 LTS
based on @Hank G ☑️'s tutorial adding my experience/observations and the particular differences I ran into.
I will try to address the DB export/import details and eventually other issues over there so this post over here is more about the general VPS decision and particular size experience as it already became because of the existing comments.
👍
@Raroun
I decided to publish a new post just describing and summing up the whole installation process:
friendica VPS setup on ubuntu 22.04 LTS
based on @Hank G ☑️'s tutorial adding my experience/observations and the particular differences I ran into.
I will try to address the DB export/import details and eventually other issues over there so this post over here is more about the general VPS decision and particular size experience as it already became because of the existing comments.
👍
…ᘛ⁐̤ᕐᐷ jesuisatire bitPickup
2023-10-17 13:04:10