I recently got my hands on a lightly used Raspberry Pi 5 and have been playing around with it and breaking things while trying to learn my way around self hosting. I have a a couple questions now that I’ve hit a bit of a road block in learning.

  1. Is it possible to set up lemmy for local host on a local network only? I’m not worried about federated data from other instances. At this point I just want to experiment and break things before I commit to buying a Top Level Domain name.

  2. How exactly does a TLD work? I’ve tried searching up how to redirect traffic from a TLD to my raspberry pi. Since I don’t know much about hosting or networking, I don’t know what to search up to find the answer I’m looking for.

  3. How do I protect myself while self hosting? I know the Lemmy documentation suggests using Let’s Encrypt, is that all I need to do in order to protect any private data being used?

My goal in the future is to have a local, text-only instance that may connect with a small number of whitelisted instances.

  • megaman
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    19 hours ago

    For a domain name:

    You go to something like NameCheap.org and buy a name (hackers4life.xyz or something cool like that). Then their web interface has a place for you to enter the IP address that you want associated with that name. Whenever someone then types “hackers4life.xyz” there will br a series of computers asking other computers “do you know the IP address for this?” until they do.

    If you have that Pi in your house, there are (at least) two steps for you then: (1) Getting your home IP address (2) Forwarding the port

    (1) Your router admin panel may have this, or else if you search the web for “what is my ip” there are sites that will tell you (basically, you connect to their webpage and they just print out the IP they are sending data back to). There are two concerns here, though.

    (a) Do you have a unique IP? There arent enough IPv4 addresses in the world for all the computers connecting to the internet. To get around this, ISPs will essentially group customers together under the same IP and then they figure out how to get the traffic to the right place. If you dont have a unique IP, you might be screwed (but i havent looked into dealing with that much).

    (b) If you have a unique IP, you still probably dont have a stable IP. Your ISP might reallocate all the addresses in their network every day/week/month/whenever. This is the case for me. Namecheap (or whatever other domain vendor) has a process for you to use a script to send them your IP address, and so you make a script to recheck it and send namecheap updates every hour or something like that.

    (2) Forwarding the port

    Some other machine on the web knows your IP (because it is associated with hackers4life.xyz) and so they try to connect. This comes down the wire from the street into the side of your house/apartment, into the modem, and into your router. If your router isnt expecting it (or prepared to do something with it), itll just ignore it. You want the router to instead send it to your Pi. To do this, you go to your router’s admin settings and forward the messages based on the port they are coming in on. The standard ports for HTTP and HTTPS are 80 and 443, and so you can forward those ports to the Pi. Making sure that then the Pi does the right things with those is outside the scope of me writing right now.