Hi, I wanted to host a personal Lemmy instance online (for just myself, I don’t think I can take the upkeep for other users - please let me know if this is not possible) and wanted to understand how to “attach” a CDN service to it.

The idea behind doing this is that I’m in the US but I’m looking to host a server in Europe. I am looking into Cloudflare’s free CDN service, but it would be great if someone could point me towards how I can configure this setup to speed up the loading time for my Lemmy instance (which is going to be far away from me, geographically).

I would also like to know about your setups and how you have hosted Lemmy.

Thanks!

  • themoonisacheese@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    1 year ago

    Quick question: why? Why not choose to host a server in the US, near it’s “costumer base”?

    If you’re doing it for the exercise, fine (though I think you’ll find that cloud flare is pretty hands-off and you basically just click a few buttons).

    If you’re genuinely looking to improve cross-planet load times, I regret to inform you that a personal Lemmy instance is very much not a good target for this. A CDN works by hosting whatever parts of your site you can nearer to the people who will request them. For a huge company like discord, this means that when you upload an image to a server, they will sum up all users likely to load that image soon, find where they are and send a copy of that image nearby, saving on intercontinental traffic. They get to do this because they have many users, and they control the CDN (because they built it).

    You on the other hand, are going to ask cloud flare nicely to do all of this for you. Since you aren’t paying, cloud flare is going to try to do this automatically and without cooperation from your software. This means that cloud flare will basically only try to cache parts of Lemmy that are static, so really only the page layout and that’s about it. Ultimately, the Lemmy website for your instance might load a little bit faster, but posts can’t be predicted and so those will have to go cross-continental on a cache miss.

    The other advantage this affords is that anyone interested in taking down your instance will have to take it up with cloud flare. If the way they’re trying is brute force, they will fail where they would have succeeded against just your server. If their way of doing it is through legal threats, they might have better luck (though cloud flare tries to remove itself from a position where they have to police what their service can be used for, my opinion is that it is a matter of time before they are forced to).

    • MigratingtoLemmy@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Thank you for the wonderful comment!

      The only reason I’m looking to host in Europe is because of the prices: this server will not allow for sign-ups (i.e. it will only be for me). I will likely only need 1GB of RAM and very little CPU power to get this to work. The prices in Europe for low-cost VPSes are better than in the US. I don’t actually care about which country/continent I’m hosting it in, this decision was purely financial.

      I have a question: I believe I can set Lemmy to auto-sync content from communities I’m interested in (I can set the frequency for the auto-sync) - would it be possible for Cloudflare to cache the content if it is already in the database of my Lemmy instance? I know that CDNs can only really cache static content but I do not know enough about CDNs/Cloud Networking in general to be able to figure out just what it would be able to cache.

      Thank you, yes I had the protections offered by Cloudflare in mind when I asked this question. I do not plan to do anything illegal so I hope I’ll be fine.

      Could you also tell me why Cloudflare asks me to change the authoritative nameservers on my registrar’s page to their nameservers? I think my networking is getting a bit rusty, I really can’t figure it out.

      One more thing; is there a difference in configuring a Cloudflare CDN vs a Cloudflare reverse-proxy for a VPS instance? I see people in c/homelab talk about this but I never really delved into it, but if I could access my network remotely using this it would a great bonus.

      Thanks!

      • themoonisacheese@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Adding to the hetzner comment: I think AWS has free very crappy servers. If you’re a student, the Github Student Pack has free digitalocen credits.

        In theory, cloud flare could pre-cache content before you request it. Unfortunately, that would require significant effort from Lemmy to let cloud flare know that there is new content, and then it would be up to cloud flare to decide to cache it for 1 client. Both these things aren’t happening.

        CF needs to dynamically control where requests for your server end up, and for that they need to be the authoritative DNS for it.

        Cloud flare indeed acts as a reverse proxy (because that’s how CDNs work), but unlike a self-hosted reverse proxy, theirs will be on their servers, so will not have much more more access to your network than yourself outside of it. I think they have some sort of offering to actually give your more access, but A) idk if that’s free and B) that requires an always-on computer in your local network, at which point why not just host your Lemmy instance on it?

        • MigratingtoLemmy@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Thank you for your comment!

          I am opting for the very low cost providers like Racknerd and CloudServer (see: $1 VPS offerings) - which host most of their servers outside the US.

          Thank you for the explanation, I would like to know more about the “effort” from Lemmy’s side to let Cloudflare cache content before it is requested.

          CF needs to dynamically control where requests for your server end up, and for that they need to be the authoritative DNS for it.

          Could you explain this point a bit more? Why would Cloudflare need to control DNS for my domain? How is this linked to them proxying my traffic? I’ve been trying to understand this for a bit now - how does having CF’s own nameservers let CF proxy my traffic?

          I was also considering hosting Lemmy in my own network, but I can’t seem to find any guides on which ports to forward - if I could just find a decent guide on the networking required to host Lemmy I might even do it on-prem.

          Thanks a bunch!

          • Perhyte@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Using Cloudflare nameservers helps to proxy your traffic because if proxying is enabled (“orange cloud”) those servers aren’t handing out your IP address to people who request your domain, they’re handing out addresses belonging to Cloudflare machines near the visitor instead. They have machines in data centers all around the world, and they would like the traffic to end up in the data center closest to where it’s needed.

            Doing that means they can do stuff like reduce cross-region network traffic: for instance, if your VPS is in Europe but a bunch of visitors from the US suddenly request a certain image on your site (because you’ve just posted to a popular community, perhaps), they only need to have that image data cross the Atlantic once before they can serve it up many times in the US. Besides saving bandwidth that also allows it to be served faster to most visitors, because most requests for it are effectively served from a local data center instead of from one on another continent. They’ll also continue to be able to serve your image even when your VPS is down for whatever reason, as long as it’s already in cache.

            Theoretically they could probably do all of that using CNAME records instead, I don’t know why they don’t. Maybe there’s some technical reason or maybe they just prefer this slightly simpler setup. I suppose it would add an extra DNS roundtrip, but that wouldn’t really be noticeable to most users.

            (Most of that is probably oversimplified and but hopefully that clarifies it a bit)