Hi, I wanted to host a personal Lemmy instance online (for just myself, I don’t think I can take the upkeep for other users - please let me know if this is not possible) and wanted to understand how to “attach” a CDN service to it.
The idea behind doing this is that I’m in the US but I’m looking to host a server in Europe. I am looking into Cloudflare’s free CDN service, but it would be great if someone could point me towards how I can configure this setup to speed up the loading time for my Lemmy instance (which is going to be far away from me, geographically).
I would also like to know about your setups and how you have hosted Lemmy.
Thanks!
Quick question: why? Why not choose to host a server in the US, near it’s “costumer base”?
If you’re doing it for the exercise, fine (though I think you’ll find that cloud flare is pretty hands-off and you basically just click a few buttons).
If you’re genuinely looking to improve cross-planet load times, I regret to inform you that a personal Lemmy instance is very much not a good target for this. A CDN works by hosting whatever parts of your site you can nearer to the people who will request them. For a huge company like discord, this means that when you upload an image to a server, they will sum up all users likely to load that image soon, find where they are and send a copy of that image nearby, saving on intercontinental traffic. They get to do this because they have many users, and they control the CDN (because they built it).
You on the other hand, are going to ask cloud flare nicely to do all of this for you. Since you aren’t paying, cloud flare is going to try to do this automatically and without cooperation from your software. This means that cloud flare will basically only try to cache parts of Lemmy that are static, so really only the page layout and that’s about it. Ultimately, the Lemmy website for your instance might load a little bit faster, but posts can’t be predicted and so those will have to go cross-continental on a cache miss.
The other advantage this affords is that anyone interested in taking down your instance will have to take it up with cloud flare. If the way they’re trying is brute force, they will fail where they would have succeeded against just your server. If their way of doing it is through legal threats, they might have better luck (though cloud flare tries to remove itself from a position where they have to police what their service can be used for, my opinion is that it is a matter of time before they are forced to).
Thank you for the wonderful comment!
The only reason I’m looking to host in Europe is because of the prices: this server will not allow for sign-ups (i.e. it will only be for me). I will likely only need 1GB of RAM and very little CPU power to get this to work. The prices in Europe for low-cost VPSes are better than in the US. I don’t actually care about which country/continent I’m hosting it in, this decision was purely financial.
I have a question: I believe I can set Lemmy to auto-sync content from communities I’m interested in (I can set the frequency for the auto-sync) - would it be possible for Cloudflare to cache the content if it is already in the database of my Lemmy instance? I know that CDNs can only really cache static content but I do not know enough about CDNs/Cloud Networking in general to be able to figure out just what it would be able to cache.
Thank you, yes I had the protections offered by Cloudflare in mind when I asked this question. I do not plan to do anything illegal so I hope I’ll be fine.
Could you also tell me why Cloudflare asks me to change the authoritative nameservers on my registrar’s page to their nameservers? I think my networking is getting a bit rusty, I really can’t figure it out.
One more thing; is there a difference in configuring a Cloudflare CDN vs a Cloudflare reverse-proxy for a VPS instance? I see people in c/homelab talk about this but I never really delved into it, but if I could access my network remotely using this it would a great bonus.
Thanks!
Adding to the hetzner comment: I think AWS has free very crappy servers. If you’re a student, the Github Student Pack has free digitalocen credits.
In theory, cloud flare could pre-cache content before you request it. Unfortunately, that would require significant effort from Lemmy to let cloud flare know that there is new content, and then it would be up to cloud flare to decide to cache it for 1 client. Both these things aren’t happening.
CF needs to dynamically control where requests for your server end up, and for that they need to be the authoritative DNS for it.
Cloud flare indeed acts as a reverse proxy (because that’s how CDNs work), but unlike a self-hosted reverse proxy, theirs will be on their servers, so will not have much more more access to your network than yourself outside of it. I think they have some sort of offering to actually give your more access, but A) idk if that’s free and B) that requires an always-on computer in your local network, at which point why not just host your Lemmy instance on it?
Thank you for your comment!
I am opting for the very low cost providers like Racknerd and CloudServer (see: $1 VPS offerings) - which host most of their servers outside the US.
Thank you for the explanation, I would like to know more about the “effort” from Lemmy’s side to let Cloudflare cache content before it is requested.
CF needs to dynamically control where requests for your server end up, and for that they need to be the authoritative DNS for it.
Could you explain this point a bit more? Why would Cloudflare need to control DNS for my domain? How is this linked to them proxying my traffic? I’ve been trying to understand this for a bit now - how does having CF’s own nameservers let CF proxy my traffic?
I was also considering hosting Lemmy in my own network, but I can’t seem to find any guides on which ports to forward - if I could just find a decent guide on the networking required to host Lemmy I might even do it on-prem.
Thanks a bunch!
Another option for very cheap VM, storage, bandwidth: Oracle Free Forever
Wasn’t aware of that since I both have my own server and happen to despise oracle but good for people who need cheap compute!
Hetzner (a popular European host) now has US locations and their pricing is really good. Look for hetzner.com - which is in English instead of hetzner.de, their native German site.
Buy your domain with cloudflare, or transfer it over to them. Then just set up dns to point to you server and make sure the proxy switch is on. Pretty sure that’s all you need to do at the free tier
Hi, can I purchase my domain elsewhere? The other commenter mentioned something about changing nameservers, how would the process you describe be different from just changing nameservers (if I have a domain name from a different provider)?
It’s basically the same. Like they said, you just follow the intructions on cloudflare to change the name servers on your registrar and then you’re good
Thank you for your comment. I’m going through the cloudflare docs, and I have a question: why do we need to change our nameservers to Cloudflare’s? I know this might sound like a noob networking question but I just can’t seem to figure it out. Thanks!
No problem! You change the name servers on your registrar to cloudflare’s so that when traffic goes to your.domain, cloudflare is the one that processes the dns request.
If you kept the name servers of your registrar then the traffic would just be processed by the registrar, cloudflare wouldn’t even see the traffic.
Basically the name server defines your domain’s current dns provider.
Hope that makes sense
Ah, this is what I’m confused about. I get that traffic would need to flow through Cloudflare’s network, but why would Cloudflare require me to change my nameserver for that? How about a CNAME alias instead? What are the technical limitations for which Cloudflare asks this of me? I just want to understand the working behind them asking me to change my nameservers.
Thanks!
When you make a dns request, it goes to the nameservers first to see which server is has the dns config. A CNAME record is in the dns config
I’m sorry, what I don’t understand is how does changing my nameservers to cloudflare’s nameservers help propagating my traffic through their CDN infrastructure?
Setting your nameservers is simply a requirement for Cloudflare. While they theoretically could work via CNAME – they don’t. On the other hand, their DNS is really nice and is free.
When you use their DNS, for each DNS record, you have the option to proxy traffic through Cloudflare. The proxy is what enables their CDN (and many other features such as forwarding, rewriting URLs, DDoS protection, automatic HTTPS certificates, and so on). It’s a simple on/off switch for each DNS record if you don’t want to proxy a particular host.
Thank you, that would mean that technically there is no need for cloudflare to ask one to change their default nameservers to cloudflare’s nameservers - it’s just that they want to run their analytics on the data transmitted in exchange for free services. I understand now. I believe some of the paid plans allow for one to use CNAMEs, which makes sense.
Thanks, now I understand. I will need to read more on the networking tech behind a Cloudflare based reverse-proxy setup (and maybe even set up my own through another VPS box someday). I’ll go through the docs, thanks again!
Just sign up for cloud flare, you will change your name servers after you set it up, but they walk you through that.
Hi, could you explain the concept behind having to change my nameservers? Thanks
Currently your web address has a domain that is forwarded to your lemmy instance. After setting up cloudlflare, you wil have to switch it to cloudflare’s nameservers. They will cdn/host/protect files and part of your site will come from there to users, and the rest will come from your server.
Thanks for your comment! Could you tell me why Cloudflare would need for me to use their nameservers to protect my site and proxy traffic through their infrastructure to my instance? I’m very curious about the technical reason for them to ask us to do so
Well if the nameservers went just to your instance, they couldn’t provide anything. That address only goes to that machine. To use the cloudflare service, traffic goes there first, then to your instance. Think of a nameserver as an adress. If the content is at your house, then going straight to your house is what you’re doing now. There’s no wat for cloudflare to get in the middle.
Thank you. I’m trying to understand how exactly is using CF’s nameservers letting Cloudflare intercept traffic from around the world to my instance?
When you type a TLD into the internet, a nameserver tells where that address is. Right now it’s going to your instance, to work, cloudlfare needs to be the address. Cloudflare isnt something you install on your server, it’s a nother server.
If Cloudflare just needed the address, they could query the domain name I would provide them during the setup process (which they do, in order to set up the CDN). Why their DNS servers instead of my own?
My apologies, I think I’m missing a crucial point here which is why I’m asking the same question multiple times. Thanks so much for your help!