Hi, I wanted to host a personal Lemmy instance online (for just myself, I don’t think I can take the upkeep for other users - please let me know if this is not possible) and wanted to understand how to “attach” a CDN service to it.
The idea behind doing this is that I’m in the US but I’m looking to host a server in Europe. I am looking into Cloudflare’s free CDN service, but it would be great if someone could point me towards how I can configure this setup to speed up the loading time for my Lemmy instance (which is going to be far away from me, geographically).
I would also like to know about your setups and how you have hosted Lemmy.
Thanks!
Quick question: why? Why not choose to host a server in the US, near it’s “costumer base”?
If you’re doing it for the exercise, fine (though I think you’ll find that cloud flare is pretty hands-off and you basically just click a few buttons).
If you’re genuinely looking to improve cross-planet load times, I regret to inform you that a personal Lemmy instance is very much not a good target for this. A CDN works by hosting whatever parts of your site you can nearer to the people who will request them. For a huge company like discord, this means that when you upload an image to a server, they will sum up all users likely to load that image soon, find where they are and send a copy of that image nearby, saving on intercontinental traffic. They get to do this because they have many users, and they control the CDN (because they built it).
You on the other hand, are going to ask cloud flare nicely to do all of this for you. Since you aren’t paying, cloud flare is going to try to do this automatically and without cooperation from your software. This means that cloud flare will basically only try to cache parts of Lemmy that are static, so really only the page layout and that’s about it. Ultimately, the Lemmy website for your instance might load a little bit faster, but posts can’t be predicted and so those will have to go cross-continental on a cache miss.
The other advantage this affords is that anyone interested in taking down your instance will have to take it up with cloud flare. If the way they’re trying is brute force, they will fail where they would have succeeded against just your server. If their way of doing it is through legal threats, they might have better luck (though cloud flare tries to remove itself from a position where they have to police what their service can be used for, my opinion is that it is a matter of time before they are forced to).
Thank you for the wonderful comment!
The only reason I’m looking to host in Europe is because of the prices: this server will not allow for sign-ups (i.e. it will only be for me). I will likely only need 1GB of RAM and very little CPU power to get this to work. The prices in Europe for low-cost VPSes are better than in the US. I don’t actually care about which country/continent I’m hosting it in, this decision was purely financial.
I have a question: I believe I can set Lemmy to auto-sync content from communities I’m interested in (I can set the frequency for the auto-sync) - would it be possible for Cloudflare to cache the content if it is already in the database of my Lemmy instance? I know that CDNs can only really cache static content but I do not know enough about CDNs/Cloud Networking in general to be able to figure out just what it would be able to cache.
Thank you, yes I had the protections offered by Cloudflare in mind when I asked this question. I do not plan to do anything illegal so I hope I’ll be fine.
Could you also tell me why Cloudflare asks me to change the authoritative nameservers on my registrar’s page to their nameservers? I think my networking is getting a bit rusty, I really can’t figure it out.
One more thing; is there a difference in configuring a Cloudflare CDN vs a Cloudflare reverse-proxy for a VPS instance? I see people in c/homelab talk about this but I never really delved into it, but if I could access my network remotely using this it would a great bonus.
Thanks!
Adding to the hetzner comment: I think AWS has free very crappy servers. If you’re a student, the Github Student Pack has free digitalocen credits.
In theory, cloud flare could pre-cache content before you request it. Unfortunately, that would require significant effort from Lemmy to let cloud flare know that there is new content, and then it would be up to cloud flare to decide to cache it for 1 client. Both these things aren’t happening.
CF needs to dynamically control where requests for your server end up, and for that they need to be the authoritative DNS for it.
Cloud flare indeed acts as a reverse proxy (because that’s how CDNs work), but unlike a self-hosted reverse proxy, theirs will be on their servers, so will not have much more more access to your network than yourself outside of it. I think they have some sort of offering to actually give your more access, but A) idk if that’s free and B) that requires an always-on computer in your local network, at which point why not just host your Lemmy instance on it?
Another option for very cheap VM, storage, bandwidth: Oracle Free Forever
https://www.oracle.com/cloud/free/
Wasn’t aware of that since I both have my own server and happen to despise oracle but good for people who need cheap compute!
Thank you for your comment!
I am opting for the very low cost providers like Racknerd and CloudServer (see: $1 VPS offerings) - which host most of their servers outside the US.
Thank you for the explanation, I would like to know more about the “effort” from Lemmy’s side to let Cloudflare cache content before it is requested.
Could you explain this point a bit more? Why would Cloudflare need to control DNS for my domain? How is this linked to them proxying my traffic? I’ve been trying to understand this for a bit now - how does having CF’s own nameservers let CF proxy my traffic?
I was also considering hosting Lemmy in my own network, but I can’t seem to find any guides on which ports to forward - if I could just find a decent guide on the networking required to host Lemmy I might even do it on-prem.
Thanks a bunch!
basically, lemmy would need to have a way tobe able to tell where (geographically) content will be consumed. for your case it’s easier since you’re the only client and presumably you don’t move much, but for larger instance not only is this a ful time job in large internet companies, but lemmy isn’t programmed to know where you live, for privacy. on top of that, cloudflare tries automatically to cache the appropriate content, but as a general-purpose company they have no interst in actually allowing you to tell them what to cache and how to cache it. discord gets to do it because they own both the app and the CDN, you own neither.
they need to be your DNS servers because they need requests to your website to contact them, and they’ll do the routing themselves. for example, assume the caching problems we talked about are magically resolved. if a client makes a dns request and gets your ip, it will hit you ip and completely bypass cloudflare. in theory, you could change your dns records to point to cloudflare’s server instead, but that means you need to do that every time their ip chnages and for every region, it’s just not efficient. so instead they get to be the authority, and they decide exactly what servers are hit and when, and from where. this is why when using cloudflare, you are protected from DDoS attacks, since only cloudlfare knows your IP. that said, i have been hosting various things for years from my residential IP and have never had a problem (though i am cheating by having more up/down than most of the world has down/up, so any one attacker is just bottlenecking themselves).
Using Cloudflare nameservers helps to proxy your traffic because if proxying is enabled (“orange cloud”) those servers aren’t handing out your IP address to people who request your domain, they’re handing out addresses belonging to Cloudflare machines near the visitor instead. They have machines in data centers all around the world, and they would like the traffic to end up in the data center closest to where it’s needed.
Doing that means they can do stuff like reduce cross-region network traffic: for instance, if your VPS is in Europe but a bunch of visitors from the US suddenly request a certain image on your site (because you’ve just posted to a popular community, perhaps), they only need to have that image data cross the Atlantic once before they can serve it up many times in the US. Besides saving bandwidth that also allows it to be served faster to most visitors, because most requests for it are effectively served from a local data center instead of from one on another continent. They’ll also continue to be able to serve your image even when your VPS is down for whatever reason, as long as it’s already in cache.
(Most of that is probably oversimplified and but hopefully that clarifies it a bit)
Hetzner (a popular European host) now has US locations and their pricing is really good. Look for hetzner.com - which is in English instead of hetzner.de, their native German site.