Set Up Your Own Easy Self-Hosting System with Yunohost

Overview

At the current time, all it takes to get started with Open Source I.T. is about $16-$21 per month… and a little love. This includes the small cost of an annual domain name subscription, as well as a server with sufficient processing power to support an abundance of productivity software, including video conferencing and document collaboration.

If you only want email and a website or some limited set of functionality described below, then you could set up Yunohost for as low as $7 per month (including a website, backups and a domain). And for those with spare computers laying around who are willing to play with their router a bit, you can still have all the goodies by offloading your more intensive remote/hosted computing to your home.

Yunohost is at the core of easy, do-it-yourself Open Source I.T. All of the other technologies described on this website presuppose a Yunohost setup. So this is where you want to start.

While setting up Yunohost is unfortunately not super easy for non-technical folks – once you’ve got it up and running, you’ll have access to an amazing ecosystem of open source software, automatically integrated with a single login (SSO) and user provisioning.

When you’re done following these instructions, you’ll be able to set up most of the following software with ease:

A Word About Email

Email can be a bit tricky and annoying, especially thanks to Google, Apple and the other big tech monopolists who have seen fit to suppress minorities (self-hosted email) in favor of “the greater good” (eradicate all forms of spam at all costs).

As a result, even if you set up your Yunohost email DNS properly (per the guide below) and score a 10/10 on mail-tester.com, your mail still may be rejected by contacts with Gmail addresses, because Google’s SPAM AI is impossible to predict, and favors corporate email relays (such as themselves) or companies like Mailchimp. Your mail may also be blocked by Apple addresses such as “icloud.com” and “mac.com”, which still uses primitive blacklisting services like Proofpoint.1

So, if you do need to send out a bunch of emails right away (such as for a marketing campaign) and can’t send a follow-up from your previous email address to “please unspam me”, then you may need to use a “mainstream” email server. Unfortunately, at this point, I’m not sure how to guarantee that your Yunohost email will be delivered with 100% certainty to all of contacts on the first go, but you should eventually get “blessed” by the email overlords after several days of emailing, being unspammed, etc.

If 99.9% certainty of immediate non-spam email delivery is a critical feature for you, I can try to investigate it further. Just cast your vote on the Open Source I.T. priorities poll.

Get a Domain Name

The root of your name/brand identity on the internet is your domain name. This carves out a space for you on the web and should represent you or your business – not Facebook or Google’s business.

Registering a domain name is cheap and easy. While you may not be able to find exactly what you want (because of all the sleazy domain hoarders out there), you should be able to find something suitable for around $10-$20 per year.

To start, all you have to do is create an account with a domain name registrar and buy a domain name. I like gandi.net – “No Bullshit since 1999”.

Get a Server (VPS)

Getting a domain name is like buying a piece of land to build a house on. Now you need the house.

This guide assumes a hosted server environment, such as a Digital Ocean Droplet, but there should be no limitations for how open source applications are hosted, aside from the required application memory, CPU and space requirements. In fact, Yunohost can even be served from an old computer in your garage! While I think that is very cool, it also presents some practical challenges which get into the evil-doings of the ISP monopolists (like Comcast), who can make this type of setup more difficult.

I’ve been happy using Digital Ocean to host my VPSs and , but there seem to be folks out there who have had some bad experiences, so other good alternatives are Linode and Vultr. Just keep in mind that some of articles on this website may have instructions that are specific to Digital Ocean.

If you’re not interested in email, chat, a website, and access to all the easy one-click installable open source software that the Yunohost marketplace has to offer, then Vultr may be a good option for you since they offer “one-click” installs for Nextcloud and Jitsi.

You can get a Digital Ocean VPS here: https://cloud.digitalocean.com/droplets, a Linode VPS here: https://www.linode.com/products/standard-linodes, or a Vultr VPS here: https://www.vultr.com/products/cloud-compute/#pricing

Select a “Debian 9” Linux distribution as the Operating System for your VPS

This specific Operating System is currently required to run Yunohost. A server with at least 2GB of memory is recommended if you are interested in online document collaboration (simultaneous editing with other users), at least 4GB and 2 CPUs if you’re doing video conferencing.2 Cost: $15-20/mo.

Set up your server’s authentication

It is highly recommended that you choose the SSH key method for authentication rather than password authentication.

Unfortunately, at the moment, getting set up with Open Source I.T. requires you to get a little more intimate with your computer than you may be used to, if you’re a non-technical person. The biggest initial hurdle is probably the difference between telling your computer what to do by clicking buttons, versus telling it what to do by typing. The first step is to secure your server with “keys” called SSH keys. Digital Ocean has documentation to help you with this as you are setting up your VPS.

Set up reverse DNS

If you are setting up a VPS with Digital Ocean, make sure you name your Droplet the same as your domain. This will automatically set up reverse DNS, which is important for making sure the email from your new mail server doesn’t go to spam. If you are using a different hosting service, be sure to look into how to set up reverse DNS for that service.

Configure backups

Make sure your hosting service provides backups and that these are enabled. Pricing and options may vary depending on the VPS service you are using. Digital Ocean’s backup service is only a weekly backup, which may not be sufficient if you’re doing a lot of daily data entry. Unfortunately, daily backups (snapshots) will increase your VPS cost, and I don’t think they’re completely necessary if you’re e.g. doing a lot of data entry (such as website content). You could temporarily create more frequent snapshots if it’s a short term thing, or you could create scheduled backups of your databases which wouldn’t carry any additional cost if you’ve already set up File Sync and Remote Storage/Backup. (Let me know if this is a need of yours and I’ll work on a guide for it.) If you have a lot of files and data you want to upload to your server, you’ll also need extra block storage and a separate backup system (described in the article linked above).

Associate your domain with your server

Most domain registrars will also provide DNS management. Just find the DNS records for your domain and make sure there is an address record (called an “A” record) that associates your domain name with the IP address of your VPS. While you’re there, you can also add “A” records for nextcloud.yourdomain.tld and collabora.yourdomain.tld, if you’re interested in remote file management, contacts, calendar, tasks and more with Nextcloud.3

Set up Yunohost

Just follow this guide for getting started with Yunohost on Digital Ocean. Following the instructions may be uncomfortable for non-technical people – but don’t be afraid! There may be some terms you are unfamiliar with, but the directions should be clear and explicit. If they are not, let me know! This is one of the main purposes of opensourceit.org – to fill in the gaps and help regular folks take advantage of Open Source I.T. A few things to note as you are going through the guide:

  • In the Debian 9 setup section, choose a username that is not one you want to log into your apps with as a regular user. You should use the Yunohost user management interface for creating regular users so they are properly set up in the system with mailboxes, single sign-on, etc. You can also skip the firewall section, as Yunohost will be managing that for you, as well.
  • If you are configuring your Yunohost DNS with gandi.net, here are some additional steps and clarifications for the Digital Ocean instructions:
    • Delete all the records created for you automatically by Gandi.
    • The part where you need to specify “Target” should be yourdomain.tld. for the SRV records (don’t forget the period at the end!), and @ for the CNAME records.
    • The SPF TXT record should be copy and pasted from the complete DNS configuration specified in your Yunohost administration panel, and the “letsencrypt.org” (with quotes) should be added to the “hostname” section when creating the CAA record.
  • When the Digital Ocean setup gets to “Step 4 – Installing Applications”, I recommend skipping the “Rainloop” installation. While you can run most of the software you need on the web, email and calendaring is something I recommend you run on your desktop. You not only may want to have your email and calendar available when you are off-line, but also the current best-of-class software in the open source community for email, calendar and contacts is a non-web app: Thunderbird.

Enable SSL (TLS) for your domains

Just navigate to the “Domains” section of your Yunohost administration interface and click the “SSL certificate” button for each domain.

  1. Blacklisting services like Proofpoint should send you a mail with a link to unblock your address, but I’ve heard of them not responding or de-listing even after submitting requests.
  2. While you might get away with only 2GB for video conferencing, if you are doing anything else that causes high memory usage you may find that some the services running for video conferencing will require manual restarts.
  3. The Nextcloud and Collabora apps have to be installed as subdomains in order for Collabora document collaboration to work on a Yunohost installation of Nextcloud.

Leave a Reply

Your email address will not be published. Required fields are marked *