A while ago, I realized how pervasive big tech spyware was. It's everywhere. In search engines, word processors, even the OSes themselves. Upon this realization, I decided to try to get away from that spyware, and researched how to do that. This is when I came upon self-hosting. There are certain open-source programs that allow you to do the same thing the big tech services allow you to do, but you host them yourself, so you control them. There was just a slight problem: I had no servers.

This is when I learned about "the cloud" and how you could rent servers from companies and then use those to host your software. I tried it, but realized I was just hosting my own services on big tech servers, so it wasn't helping. I'd been wanting a raspberry pi cluster for a while at that point, but never had the motivation to get one, so I waited until my birthday, collected the money gifted to me by my relatives, and bought 4 raspberry pi 4s with just 1GB of RAM, as well as all the equipment to run them (an 8-port network switch, power cables, etc.). Since then, my cluster has grown. Little by little, I've collected money and bought new parts. Now, I have 8 raspberry pi 4s (four 1GB, four 2GB), a Pine H64, a RockPro64, and my old 2012 Mac Mini running Debian. I also have an old 2011 MacBook that I've revived and patched to run the newest macOS which I will use to compile and test apps for iOS and macOS, as well as a Radxa Rock5 Model B with 16GB RAM on the way that I will be adding as well.

Originally, whenever I wanted to run a new service, I'd just kind of find a server and stick it on there, then manually configure everything and hope I remember where it's running. Now, I have a Nomad cluster with Consul and Traefik handling everything automatically for me. If I want to run a new service, I just make a Nomad config for it, and Nomad finds a free server with enough resources, downloads it, configures it, runs it, and then publishes it to Consul, from where Traefik automatically picks it up, sets up routing rules, acquires a TLS certificate, and exposes the service. Everything happens automatically. If a server goes down, Nomad will run the services that were running there on a different server and Traefik will reconfigure itself to match.

This is what my setup looks like:

At the top is my Mac Mini, a WiFi antenna for Home Assistant, and a RockPro64, on the shelf under that, there are 8 raspberry pis, under that is a network switch and a Pine H64 running the reverse proxy, and under that is a UPS that lasts over an hour in the event of power loss. On the right is my 3D printer, which is connected to one of the Pi 4s for OctoPrint.

This has been very useful for me. Not only does it mean I own my data AND my services, it also means outages don't affect me and my services are always very fast and reliable. I've had numerous times where Github was down and most people couldn't do any work, except me because I have my own Gitea instance, for example. I think anyone with the expertise, time, and resources to do this should do it.

I've been using Arch on all my daily driver devices for years now. One of the main reasons for this is the AUR. It's very convenient for installing all kinds of software, since it can build a full, native package from a simple build script written in bash. I personally have packages on the AUR and use it daily.

Anyway, I've thought many times of such a simple and easy solution being missing from other distros, but have never had the experience and motivation to create it. Recently, I used goreleaser to automatically build and release my project, ITD, for several distros at the same time. While doing so, I had an idea, so I went to check what goreleaser uses to build packages, and it turns out they have a separate library for this purpose: nfpm. This was the only thing missing for me to be able to build an AUR-like system.

I did notice one issue. It didn't support Arch Linux packages, so I created a PR adding support for them. The PR is completely working and it has been reviewed and approved. So, I started working on my idea, and so far, it's going really well. I've already been able to build and install multiple packages using my program on my Arch system and inside a Fedora and Debian docker container. I just uploaded my program now that I've finished implementing the basic features and testing them. I hope it ends up being useful.

Link to the repo with my new program: https://gitea.arsenm.dev/Arsen6331/lure

The README is very small right now, I'm working on making a better one.

Now that I have started this community off with a non-technical post, I will share my own, personal solution to digital privacy. This post will be more technical.

I self-host every service I possibly can from a cluster of servers (mostly low-power ARM SBCs) that are in my room. Until recently, I was just manually throwing services onto servers and then manually configuring everything. As I've mentioned before in a GenZedong General Discussion Thread, I am now using an orchestrator called Nomad as well as a service discovery solution called Consul.

This allows me to submit a single configuration file, and my servers all automatically configure themselves to perform whatever task I wanted them to. I've placed all my configuration files along with relatively detailed READMEs about them into this repository if anyone wants to take a look at them: https://gitea.arsenm.dev/Arsen6331/nomad.

Due to using SBCs, I am able to do all of this with a power consumption of just 50W.

Here is a list of things I host and what they're meant to replace:

• Matrix Dendrite: Discord
• Nextcloud: Google Drive
• OnlyOffice: Google Docs
• Home Assistant: HomeKit/SmartThings/
• Gitea: Github/Gitlab
• Minio: Amazon S3 (storage and download for files)
• LMS: Spotify
• SearXNG: Google Search (Note: I used to use my own metasearch engine but switched to SearXNG a couple days ago because mine kept getting ratelimited)

There are more but they're not really alternatives to anything, I'll list them here:

• Authelia: Provides authentication and 2fa for services that don't provide their own mechanism. Can also work similarly to "Sign in with Google" buttons via OAuth2 and OIDC.
• Traefik: Reverse proxy that provides access to all the rest
• Homer: Provides a dashboard for all my services. My instance can be found at: https://dashboard.arsenm.dev

Since most people don't have the resources or knowledge to host their own servers, this post will provide recommendations for increasing digital privacy without self-hosting. If anyone can think of something to add, please comment and I will edit the post.

Alternatives to big tech services

This section will list alternatives to common big tech software that steals your data.

• Discord: Matrix; Easy to use clients: Nheko, Element
• Github: Codeberg
• Twitter: Mastodon
• YouTube: LBRY; Easy to use clients: LBRY Desktop, Odysee
• Google Search: SearX/SearXNG; List of public instances: https://searx.space/
• Windows: Any Linux distribution. Seriously, don't use Windows. Linux isn't as hard as people say it is. My parents and grandparents use it.
• Google Chrome: Firefox. Do not use Chrome, it is one of the worst things that exists for privacy. Chromium (the open-source version of Chrome) is a little better but I still wouldn't use it.

Suggestions for privacy-respecting hardware

• Smartphone: PinePhone/PinePhone Pro
• Smartwatch: PineTime (definitely not biased at all)
• Laptop: Pinebook Pro, System76, Purism

Suggestions for privacy-respecting software

• TOR: Encrypts your traffic in three layers, then routes across a randomized network of nodes, providing very high security and privacy, and making it near impossible to track your activities.
• Mullvad VPN: VPN that allows you to make an account without providing any details, and pay in cash or crypto (or just with a card) to ensure your identity cannot be found out since it's not even known by Mullvad.
• LibreWolf: Browser focused on privacy and security. May break some sites, especially streaming sites like Netflix, Hulu, etc. Broken sites can be fixed by changing settings at the expense of some privacy if required.