Self-hosting
2026-04
Though participating in the network side of the internet was never common, it certainly feels as if owning a web server or even just having a homepage of ones own is rarer than ever these days. In applications like Facebook and LinkedIn, giant corporations have replaced this niche by automatically curating and analyzing any data whichy people (willingly?) share about themselves and provided volatile windows into persons' lives and correspondence. Personally I dislike this, as I truly enjoyed the naive and innocent, yet personal and purposeful air that the world wide web used to have.
Even so, personal homepages may be a tad too oldschool to market as a legitimate use case for a home server. Instead, let's talk about what conveniences and comforts I can provide on my own. This is only a personal list, but it enumerates what I run, why I run it, and tries to briefly discuss what kind of hardware and connection bandwidth are required for the upkeep of these operations. None of what is mention here is truly necessary, but as a hobbyist, it is fulfilling to be able to provide such functionality. More importantly, I would choose to buy some of this functionality if I couldn't arrange it myself, which is a minor economical benefit.
Network diagram
The general diagram of my home network can be seen below. This swiftly demolishes any security through obscurity, but the reach of this article is close to zero, so who cares. Feel free to try to exploit any information you find in this article, and if you do succeed, I'd appreciate if you told me how - despite years of effort, there is still much to learn.
The router, which in itself a capable linux computer, acts as a switch for two unmanaged switches located in the bottom and top floors, which then distribute the network to individual devices. The router and the NAS file server handle most of the hosting, with only the most resource-intensive services relegated to the movie room mediaPC, which has much more processing power. Only these three machines are permanently on, and consume approximately 50 watts of power combined.
The TVs are smart TVs of varying age (what TV isn't smart these days anyway?), but used solely as displays for the PCs. They are prevented from accessing the internet by the gateway. The machines running them are cheap, but powerful enough to allow for much more varied use cases than what the TVs themselves would be capable of.
If you wish to see buld instructions for the router and NAS server, see these earlier articles:
cm3588nas
r6srouter
Individual services
Apache
You're using this one right now. Apache acts my regular web server and a https reverse proxy. I know nginx is much more modern and has better performance, but I already have a good Apache config and can't be assed to switch.
for regular people, serving ones homepage is not resource-intensive and this kind of service could be run from a relatively modest connection. Bandwidth only becomes a problem if one ends up getting slashdotted (this might not be a common word anymore, but look it up) or if the user wants to serve high-bandwidth content such as photo galleries to a wide audience.
BtDamageResolver
I play wargames, and as the one I love the most is quite cumbersome, I made some software to help play it. The program speeds up gameplay about threefold (our estimate) by resolving turns without a need to throw dice or reference any tables. It is usable in the living room mediaPC and also runs on phones and tablets, so that multiple players can control their own forces simultaneously.
While this kind of functionality is not likely useful for a passerby, it is included here as a demonstration of how one can code a purpose-built tool for pretty much anything and put it up for everyone to use. BtDamageResolver is coded with ASP.NET Blazor and uses Redis and PostgreSql backends to store and share data. It is relatively resource-intensive, because I have focused on ease of upkeep first and performance last.
This service could be ran from a slow connection, but not particularly well, as it not optimized and transfers the whole game state to all users whenever any unit is updated.
DayAheadPrice
I looked around and couldn't find a electricity price site which would a) open instantly b) contain no ads c) show nothing extraneous and d) be easy to use with a phone. Therefore, I made my own.
DayAheadPrice is coded with ASP.NET Blazor and uses an in-memory cahce to show data directly lifted from ENTSOe transparency platform API. For usage, it accepts access parameters "vat" for value added tax (fraction, 0.255 is default) and "margin" for margin (cents, 0.49 is default), so one can set the graph to match their own contract.
Unlike BtDamageResolver, this application is very low-effort and was built in one evening before mature AI-assisted tooling. Nowadays an application of similar complexity could be built in minutes, which further exemplifies the possibility of using self-hosted tools for quality of life improvements. Performance-wise, this service could be ran from pretty much any connection and with any hardware, as it is incredibly lightweight and has no way of even touching the server after initially accessed. One page load is about 60 kilobytes.
JupyterLab
After using MATLAB for around ten years, it's incredibly difficult to adjust to using anything less powerful. Fortunately, JupyterLab is a free implementation of a Mathematica-style UI for NumPy, which is basically the most modern and widely used scientific computing framework today.
Even though this might sound like I need this for presumptuously fancy math, the main use case for interfaces like this is that it is simply much faster to write out a calculations as-is compared to unstacking them in such a way that one could punch them into regular calculator apps. To make usage as easy as possible for myself, I have bound Win+C to bring up this page on both my personal and work computers, so that I have instant access to a good calculator.
This service is password protected, because despite being jailed to a container, it houses an unbound programming environment which would allow a malicious party to do pretty much anything on my machine (including using my electricity bill to mine Bitcoin).
Matrix
NOTE: I do not actually run this service personally - I am just using it. It is included here because it is part of the self-hosted ecosystem I'm using.
Current messaging infratructure is fragmented, with different programs used by different people in different contexts. Personally I encounter the following regularly:
- Discord
- IRC
- Microsoft Teams
- Signal
- Slack
- Telegram
The mere thought of having to install half a dozen messaging apps to my phone feels miserable. As a solution-oriented person, I assumed there has to be a fix, and there sure is. Matrix is a federalized instant messenger where people host their own servers and take control of their own data, but with the added benefit of the ecosystem being ripe with tools to bridge communication between Matrix and other messaging apps. People from Hacklab JKL pointed me in the right direction and my brother ended up setting the system up on his own server.
For integrations, personally I am currently using bridges for Signal, Telegram and Whatsapp, so that instead of having all of those apps on my phone, I'm only using one. Work messaging unfortunately is still separate, since I am not willing (or allowed) to bridge it to my own services.
In addition to just convenience, hosting your own data is also appealing from a privacy point of view, because some of these services (most prominently Discord) do not even bother to make any promises about the secrecy of ones data. It is almost guaranteed that every line you write on any commercial service (or bridge into one, to be fair) will be used to construct some kind of a advertising profile about you (or something much worse, if you live under a less democratic regime). Deep down I understand no-one truly cares and you're welcome to tell me that one shouldn't have anything to hide, but secrecy of correspondence is where I personally draw the line. If indirect civil disobedience through owning ones own messaging infrastructure is the way to combat this, so be it.
This service is password protected, because it requires us to manually create accounts for people to use, and because it contains personal data and correspondence.
This service could also be ran from a slow connection, but once larger images and video clips end up getting shared, A wider upload pipe is needed. Modern messenger usage patterns consume a large amount of bandwidth.
MPD and myMPD
MPD, or "Music Player Daemon", is an ancient Linux program used to play any kind of audio. It is modular, loved by open source enthusiasts and has dozens of different frontends ranging from perfectly ordinary music players to textmode UIs and CLI interfaces. This specific instance accesses my own music library and instad of speakers, plays the music into a FLAC stream, which I can listen to anywhere. Assisted by myMPD, which is a web-based frontend, I can then also access the UI anywhere. These services combine to form a personal, free-of-charge Spotify, but without ads or AI slop (and, to be fair, only the music present in my personal library, which is not much).
This service is password protected, because it contains copyrighted material.
This service could be ran from a slow connection, as serving a single audio stream is not particularly costly.
Mumble
Mumble is a VOIP client similar to Roger Wilco, TeamSpeak and Ventrilo that can be used to talk to other people over the network in real time. For younger people, it must seem quite silly to run something which provides a tiny fraction of the functionality Discord has, but in addition to the satisfaction of doing things oneself, some dude's Mumble has the benefit of not being a part of a global information gathering network. It is also open source, so it can be ran by anyone, unlike most of its competitors.
This service could technically be ran from a modest connection, but because Mumble is realtime and works best with zero packet loss and latencies in the tens of milliseconds, all other congesting traffic affects it negatively. Historically I have not had much success in running any VOIP services on slower consumer connections. Until recently, I ran this application on a rented VPS box, but have now moved it to my home server.
NOTE: At this point, our mumble server has been active for approximately twenty years, and it has always been open for anyone to visit. This means that it has stratums upon stratums of history, being filled to the brim with inside jokes of questionable taste and other patholocically immature content. Visit at your own risk.
Omada controller
Typically when building a mesh wifi network where, access points sit on top of an existing LAN, a separate controller device handles the switching of clients to whichever access point is closest or provides the best signal. Alternatively, mesh networks may just act as extenders of a specific existing wifi network without an ethernet backhaul at all, in which case the devices often negotiate the switching of clients themselves.
At least Fritz, Ubiquiti and TP-Link provide these controllers as applications on the routers that they sell, and Ubiquiti and TP-Link also provide them simply as software one can run on their own machine, which avoids having to buy extra stuff. TP-Link specifically has embraced open-source, which has allowed the community to build a docker container for their ecosystem. This, in turn, provides a trivial one-click solution for running the controller on home servers.
Omada is not directly related to selfhosting. The software itself runs on a toaster and does not communicate with the internet, but it is included for completeness and because I had to do a considerable amount of research to find out what to buy. I hope someone finds this information useful when modernizing their own home network.
Resteamer / MediaMTX
Sometimes you want to show your friends some of your gameplay, set up a video conferencing meeting or or hold a movie night remotely. Unlike other services on this list, almost each and every person living in the modern world meets some of these use cases, either through Google Meet/Teams/Zoom at work or through dedicated or semi-dedicated streaming services such as Discord, Twitch and Youtube.
My own primary use for this technology is to stream pen&paper roleplaying games and wargames from my living room, so that game nights can be held remotely and friends in other cities can participate.
Using free services for this is not particularly cumbersome, but they have major disadvantages. All of them except Youtube require a fee to stream high-definition content, and all of the more popular conferencing applications are more or less subscription-based or time-limited for free use. Moreover, the ones best suited for sharing high-definition media are open for the whole world and anybody can view the stream even if it is targeted to a limited group (though stumbling into the stream by accident is unlikely). The services also have share restrictions intended to handle content age restrictions and protect copyright holder interests, which indirectly ensures that any material being sent ends up being combed through algorithmically. Consecuently, these services fail the secrecy of correspondence criteria which I am adamant about.
With a personal streaming/meeting infrastructure, an application is run on the server and I can point an outgoing stream at my local server instead of something like the Twitch API. The server then caches the stream and remuxes it if necessary. Users are given a path to access a specific stream, and optionally an encryption key if the intention is that passerbys cannot read the stream even if they are aware of the multiplexer server and the correct path.
This service is password protected, because it contains personal correspondence.
This service could not be ran from a slow connection.
Samba / SSH / File Server
As with streaming, practically the whole of humanity uses this feature one way or another. DropBox, Google Drive and Microsoft OneDrive are file serving systems where you can upload your stuff for remote access and to share them with your friends or workmates.
The commercial systems hold little difference to the self-hosted version, with the exception that that I don't pay anything for mine and have unlimited storage for any practical purposes. I also use mine to store the upstream copy of my (further encrypted) password manager data, which is a common use case for the commercial services.
This service is password protected, because it contains personal data.
File serving requires a beefy connection unless the amount of data accessed is tiny. With commercial options, the experience is often asymmetric, as uploading files takes forever but they then become quick to access.
Terminal / Shell server
Related to the above. Sometimes you want your files to be available from anywhere, and sometimes you want your whole computer to be available from anywhere. This naturally offers limitless possibilities, but most of my clients are old men who just use it to access other services which requite permanent online presence, such as IRC.
Required base bandwith is minor, but of course this is completely dependent on what one actually wants to do.