I’m looking into setting up Mastodon instance for myself on a very minimal cloud server. To save resources on that box, I’d like to run the web interface on my own server at home, and only have the Mastodon backend running on the VPS. Is it possible to completely get rid of the web interface and only access the instance through the API? What’s the best way to achieve this? Does anyone have experience with this, or do you know any useful resources?

  • Greg Clarke@lemmy.ca
    link
    fedilink
    English
    arrow-up
    7
    ·
    edit-2
    2 months ago

    I have a hybrid hosting approach. I’m running the web workers, reddis, and postgres on a vps and then running the background workers on a server in my basement. I use Tailscale to connect them

      • Greg Clarke@lemmy.ca
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 months ago

        There are tutorials for setting up Mastodon, docker, and Tailscale. Do you have any specific questions?

        • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.comOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          2 months ago

          There are tutorials for setting up Mastodon, docker, and Tailscale

          I understand Docker and know how to set up a Mastodon instance, but how do I run the web frontend separately from the backend?

          And why would I even need Tailscale? Is there something I’m missing here?

          And why didn’t you run everything from your home server?

          I don’t have a static IP at home, and even if I had one, I don’t want to expose it to the internet.

          • Greg Clarke@lemmy.ca
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            2 months ago

            I don’t have a static IP at home

            Host on your home server with a Cloudflare tunnel. Cloudflare has a free tier that would suit your needs. It doesn’t rely on static IP addresses, deals with all of the ssh certs, and won’t expose your home IP address from incoming requests.

            I don’t want to expose it to the internet

            The backend workers make requests to other servers which would expose the IP address of those requests. You could use a VPN for the backend workers to protect those requests. But it’s this really a concern? What risk vector are you protecting yourself from? Don’t rely on security by obscurity. And even if a bad actor did get your IP address, you could just reboot your home router and get a new one.

            I think you’re over engineering a solution for unlikely risk vectors.

            And why would I even need Tailscale?

            If you were using a hybrid approach you would need a solid networking solution between your VPS and home server. Tailscale makes that easy. The shared resources like reddis, postgres, S3 hosting, etc can all be on servers running Tailscale and will appear as local servers. You can solve this with your own VPN but Tailscale is solid and deals with non static IP addresses.

            Tl;Dr, host at home, use Cloudflare, and don’t worry about using a VPS (unless you need a high level of up time and have flaky Internet or power at home).