This blogpost was edited on 2024-08-14 to include the content of the Addendum. If you’re already read this post before and only want the additions, check above link instead.

---

2 weeks ago, Corindon, my Raspberry Pi 4B, which I’ve used for more than 4 years, died. To be more precise, it got Alzheimer and its SDRAM chip behaves inconsistently, which makes the boot impossible sometimes, and triggers random system crashes.

If you’re following me on Fedi, you might have read that I bought a replacement server (after lots of recommendations from y’all, thanks~), a ThinkCentre. All the services I’m hosting and using were migrated in a matter of minutes (as I’m the only user for most of them), and it gave me the inspiration for this blogpost.

Self-hosting, what and why

The idea of self-hosting is that, instead of relying on some external services that companies (or individuals, or associations…) provide, you may host them on your own hardware and fully control the software.

It doesn’t mean that you must throw every single app you use in the trashcan, and there are numerous cases where you might want to use both an external service and its self-hosted equivalent (for redundancy, safety, security…).

Here’s a short, non-exhaustive list of reasons why you may want to self-host services:

• There’s a custom change or setting on a service that the host doesn’t want or can’t change
  • Adding a new section with custom videos to your Youtube feed
  • Changing the data retention policy on your cloud service
• Data must be stored on hardware you have access to or control
  • EU regulations may apply to some services, but sometimes you may want some finer control
  • Storing sensitive data that shouldn’t be available on a “public” server (even with the right security)
  • A “personal” image board, to upload your spicy stuff on it~
• Self-hosting a service that is overcrowded and becoming too slow
  • Minecraft server
  • Teamspeak server
  • Invidious instance
• No public instance exists for the service, or it has a high subscription fee
  • Cloud solution providers often offer you a free and/or subscription-based “flagship” instance (Grafana, Nextcloud, Vaultwarden).
  • A small indie project may not have the resources to both develop and host the service.

These are some really basic cases, and there are more, of course.

What’s between self-hosting and relying on big companies?

Well, there is a middle ground, and that’s also one of the goals of this blogpost.

If you’re a tech enthusiast, or some kind of CS nerd, maybe you like hosting servers and services “just for fun” while you’re the only one to use them.

If you’re more of a boring “normal” (non-)person, you might be more looking for the actual application rather than the thrill of hosting said service, like if you were a company but without the consequences.

What I’m trying to say is that: Often, if someone is looking for a server, they tend to look for company solutions for their mind tranquility. They don’t want to bother with the boring (and difficult) task of managing both the hardware and software problems. They want someone who is far more competent to be able to fix their issue quickly, without having to worry about it.

If you are the kind of entity ready to learn how to manage these situations, learn from your errors, and get some new skills, self-hosting should be the solution for you!

If you’re more interested in the service than anything else, maybe sticking to these company services will be better for you.

… but what if you’re right between (or outside) of these two groups? What if you’d like to use a service without having to rely on a company, but with minimal to no worries about the hosting task itself?

Shared hosting: Trust others!

As I’ve said earlier, there are tons of individuals, collectives (associations, clubs, polycules…) which are hosting services freely (or not) and who are often more open to suggestions and changes than companies!

The best part is that if you’re the kind of (non)person looking for both using a service and learning about it, joining these kinds of collectives can be a great experience!

Later in this blogpost, I’ll try to quote a few I’ve already heard of, or used services of, but it’s even better when it’s someone you know directly~.

The most obvious part of hosting that people often don’t want to manage is the hardware and the storage. A compromise often accepted is to rely on some hosting companies (OVH, Hetzner…) to provide you with both, so that you can focus on the software part (even if sometimes they can also help you with that). Again, there are also collectives which provide you with hardware, so that you can handle the software… which leads me to the next topic…

(Off-topic) Different choices depending on your level of involvement in the process

Very often, the amount of money required to run a service is proportional^{citation needed} to the cost of maintenance, and the cost of running said service (electricity, bandwidth…).

If you want to pay nothing, you might find a solution, but it’ll often be really limited. If you’re a bit tight on money but can afford a few bucks each month for some services, it opens lots of doors.

Free, that’s all

Some service providers give access to said services for free, with various (or no) conditions. Apart from the bad actor threat, and the red flag you might get if you’re a bit aware of security risks, some people might just kindly offer access to their infrastructure for multiple reasons!

Often, you’re using some software and/or hardware that is shared with other people. Abuses are a risk, and that’s why you’ll often have limited resources, and get warnings if you’re using too much, as it may impact performances for all other users.

Free, but consider donating!

Sometimes, they accept donations. For example, that’s what many associations and shared hosts do. Here, the goal is to make the service available for free, thanks to people who have accepted to spend a bit of money for it.

Note that I exclude from this category the “free trial” or “free for small usage” kind of subscription you may find with professional hosted services. These are often very limited, and here to attract you to higher paid tiers.

Here, there might be some small recognition (your nickname may be quoted somewhere, you might get a colored nickname on said service…), but you may not get any additional features from the donation.

“Premium” account, or the “free vs paid player war”

Often combined with free access to a service, hosts can provide a set of subscription tiers so that you may get additional perks, or resources.

Like in Free-to-play games, paid users are paying for both their own needs and those of free users, allowing the platform to survive. And like in these games, you shouldn’t be shamed by paid users for being a free player, or vice versa.

Benefits from joining our group include…

Sometimes, associations and groups offer you access to their infrastructure if you join them. As joining said group may involve a recurring subscription fee, you may be paying for the infrastructure indirectly.

Hosting from your home network

If you know what you’re doing, you might not need to read this section at all

Hosting services is a responsibility, and a risk. You may be untrusted with not only your own data, but also data from other people, whose life might depend on.

ALWAYS BACKUP DATA We can’t shout this enough, but backups are important, whether it’s your own, or people’s data you’re entrusted with!

Another important point is pretty well summed-up by this common saying:

When you’re connecting to the Internet, the Internet connects to you too.

Usually, you don’t really have to worry about it if you don’t touch your internet box configuration. When you host services, it means you’ll need a way to accept inbound connections, something you can’t normally do in default setups.

The really insecure and bad way of doing it is to open ports on your box and give your public IP address. This is a bad thing to do if you can do something else, because it significantly increases the risks of security breaches if you don’t know what you’re doing.

The other solution, safer, and usually easier, is to use what’s called a “reverse proxy” and a “VPN”:

• VPN stands for “Virtual Private Network”. It’s a set of software client/server which mimic a local network connection between your different devices. It can be used to allow connections from external servers into your house network without opening ports.
• A reverse proxy is a software server whose role is to expose indirectly internal services to the outside. It accepts requests from external users, and may forward these requests to internal services, sending back the response from these services as if it directly handled the request. Coupled with heavy hardening and security reinforcement, it acts as a barrier external users must access to before accessing your services.

With a VPN and a reverse proxy, you may expose services hosted in your local network to the public without giving your location or your home IP address (using a proxy). Think of it like if requests had to go through a blue Portal (from Portal), but only you know where the orange Portal is located, and people can’t see through it.

The drawback of this solution is that you need a server outside your network that will act as the proxy, on which you will install the reverse proxy and the VPN server. While free solutions exist (see previous sections), you may want to invest into a small VPS for this job.

Again, if you don’t want to handle this additional charge, you may want to rely on external services provided by peers, friends, associations…

About using a VPN rather than exposing your IP

Addendum inspired by feedback from @[email protected]:

Tbf, I think that exposing our home IP address when hosting web services is not as much of a problem as it seems, at least not to the average people Honestly, I don’t care at all, even I’m very careful about my personal data on the internet (not showing my face, blurring my fingerprints, not talking about some parts of my life, etc) Maybe the fact that the city returned by geo IP is totally wrong helps me to don’t care about it, but tbh most people don’t care about sharing where they live so anyway All this to say that the VPN advice should be put into perspective imo

---

I agree that protecting your IP address isn’t a magical solution, and you must take care of your other personal data. After all, a bad actor doesn’t need your IP address if you post a selfie with geolocation EXIF tags on…

It would be far easier ^{citation needed} for a bad actor to DDoS your services if they have your IP address, rather than with only your VPS’ public IP.

Using an encrypted VPN and a reverse proxy builds a protection layer around your network. This way, you make sure the only attack surface bad actors have is the one you chose. This is to be put in perspective because it also means, as when you open ports directly on your Internet Box, that you give an easy way to access your internal network if your security layer is insufficient and an even deeper access.

In the end, both solutions involve exposing services from your own network to the outside, it is a risk, and the two solutions have different threat models.

I personally find it less dangerous to use a VPN+reverse proxy rather than opening ports on your box, especially if you don’t know what you’re doing. (That’s a personal opinion)

“What if I disabled my box’s firewall so that I could open my Minecraft servers to my friends? 🙂” - A 12-years-old, 5 minutes before disaster

Another interesting point when you’re using a VPN+reverse proxy setup, is that if you’re sharing an internet access with multiple (non)people, you don’t have issues with common ports being already taken.

One last setup you can have is to only use the reverse proxy part and open multiple ports of your box, one per service… but you really don’t want to do that, as it would require you to set up yourself the encryption between the reverse proxy and your box, which could mean two set of HTTPS certificates…

Sometimes you don’t even have a full IPv4 for yourself!

Quick note about IPv4 here (most of the blogpost should be applying to both IPv4 and IPv6):

Some ISPs (I know Free does that in France) no longer attribute a full static dedicated IPv4 address for each of their customers, but give them “shared” IPv4 instead. Here is a short post explaining the difference if you want, but Tl;Dr, they can “split” IPv4 (which is getting costly and rare) between several clients, each of them getting a subset of the ports, and using NAT to make it seamless. See here for how they use NAT to reuse IPv4 between clients.

If you get the port range which includes [0-1024], well, you won’t see the difference. If you get other port ranges, you can’t just use your public address and must use a reverse proxy.

Again, this is an IPv4 specific problem, which doesn’t matter anymore with IPv6, but sadly the former is still in use, and we don’t know how long we’ll still have to support it before it finally gets retired.

Quick remarks about encryption

In one setup (VPN+Reverse proxy), you can rely on your VPN’s encryption, so you don’t have to setup HTTPS between your home services and your reverse proxy. It means that the reverse proxy is the one making the certificate requests.

In the other setup (ports opened on your internet box), you must use HTTPS encryption, or rely on the encryption provided by the underlying services.

In all cases, do not ditch encryption.

The bus factor (more like the Isekai factor)

Addendum inspired by Brodokk feedback:

You didnt talk much about the bus factor in the end. While you don’t host a mail server you host a pwd manager and this can become problematic if you are the only to admin the servers or they are at home.

With an additional response:

[… If] you or the server have an “hardware” issue, what happen, what to do? Like when server need hard reboot or you just at the hospital and you need to do something with a server and you can’t fix the service you need (like an email to your assurance)

---

This is something that I didn’t mention, and I think it’s really important to add a section about this.

When you host your own website, your own services, when you take your online presence into your hands, you must also think about what would happen when you’re no longer here.

Murphy’s law corollary: When you get hit by a truck, your server will break.

Behind this morbid joke is a serious topic: What if the servers you administrate need some maintenance, but you’re no longer here to handle it?

This is less of a problem when you rely on some collectivized hosting, as long as other members have the required information to manage services while you’re away. It is more of a problem when you’re handling everything yourself.

First and foremost, you should have some documentation about your infrastructure. Here are some obvious information you should put in it:

• What computer/server handles what service?
• What is the network configuration?
• How can each service be turned on/off?
• If you’ve had some issues earlier with a given service, write the solution you’ve used, in case you (or someone else) stumbles across a similar issue.
• Put passwords in some password manager (in a KeePass, on a VaultWarden instance…)
• Make backups

This way, if someone who isn’t you has to work on your infrastructure, they’ll have all the required keys!

If you’re putting everything behind a VPN, you might want to add some trusted pairs inside your network, so that they don’t have to physically access your servers if it’s not needed.

And obviously, when the hardware is located in your house and software support can’t help you (e.g., a failing drive, a power loss, etc.), either your trusted friend has access to your home or you’ll have no other option than waiting to get out of the hospital to handle it yourself~.

You may want to think about “degraded states” too:

• Should I have an “emergency” page ready to be displayed if my website goes down? (for example, a custom HTTP 502 error page)
• Can some services be temporarily hosted on some alternative hardware/server? (for example, putting your static website on a temporary VPS)
• Can I redirect users to an alternative host providing the same services (other members of your collective, some public instance of the service…)?

Getting Thanos-snapped

What I mean is that if you choose to fully rely on services you have full control over, there will be multiple “Single point of failure”, like your domain name expiring, your certificates not renewing, your server crashing, your VPN being down… or even if your ISP infrastructure is down, or you have some power loss at home (which is much more likely to happen when you host your services at home).

For some people, this is ideal, as it means they can instantly erase nearly entirely their online presence (except for archive services like Google Cache or the Wayback Machine). For others, it can be a huge issue.

Try to have at least one way of getting contacted that doesn’t rely on your own services. It can be an obscure mail address you rarely check, a forgotten Fedi account, an XMPP account, anything!

Don’t forget to update!

Updates are important, especially to maintain a secure and stable environment.

It may be hard sometimes (ALWAYS KEEP BACKUPS UP-TO-DATE, ALWAYS BACKUP BEFORE UPGRADING), but it is a necessary task.

Don’t let a service exposed to the open internet (or even worse, with external users relying on it) rot on an old version, waiting for it to be broken and destroyed by a malicious actor.

If you’re not ready to handle the updates of your server, consider joining a group of people so you can share the task, or consider closing your services.

There are lots of Mastodon (and its forks) still running outdated versions, which are vulnerable to numerous flaws. By either negligence or lack of time, the admins are making the users vulnerable, unable to do anything else than migrate elsewhere, and the instance should simply shut down instead of becoming a potential attack vector against other instances (bot spam waves, DDoS…).

What should I be hosting?

So, you’ve decided that you want to detach from the big tech company and move to the amazing world of small indie web! Cool!.. But what for? And how?

This part of the post aims at giving you some ideas of things you may want to host yourself, or use shared hosting for. There will be concrete examples, but in the end, you should be making the decision.

Hardware ressources

If you have a spare server, a small computer, or even a Raspberry Pi, you may consider offering some computing power!

A few examples involve:

• A science project! Here are some famous examples:
  • Seti@Home was a science project where people could install a client on their computer which would use its computing capabilities when it wasn’t in use. Scientists could split the work required for their project into small tasks, and each computer could fetch a task, run it, and send back the result.
    • ScienceUnited seems to be a direct successor of SETI, which stopped distributing tasks some years ago.
  • Foldit works on the same principle, except that they gamified it.
• Include your computer in a Kubernetes cluster:
  • Your local hackerlab may use computing power from your computer to run CI/CD jobs on!
• Perhaps an ArchiveTeam Warrior? I don’t know /gen

Storage

Do you have unused disk space? You might also provide it:

• Allow your friends to make remote backups
  • This is really important, backup your important data! Having a remote copy of them, with sufficient security, would allow you to restore the data even if all your local copies were destroyed (like if your house caught fire…)
• Host a cloud / some object storage
  • You may try a NextCloud instance, for example! It can require a bit of background knowledge, but other simpler solutions also exist!
  • Even with low computing power (for example with a Raspberry Pi), you might provide your storage for some MinIO/Nextcloud instance!
• Become a mirror for some free software repositories!
  • For example, you can become a mirror for your favorite Linux distribution (Debian, Arch…)

Your own website / digital garden!

Maybe I’ll make a dedicated blogpost later about this, but in the meantime, you’ll find plenty of posts about this on the huge list of other websites I link.

You don’t have to rely on services like Neocities or Nekoweb to host your website, you can do it on your own hardware! Depending on the complexity of your website (whether it’s a static content digital garden, a CMS-powered website, or a huge multi-services platform), it may run on a smartphone or an Arduino, or require some heavier hosting, but often a small computer is more than enough for this.

Docker

Joke aside, docker is a container system that allows developers of various applications to provide a simple, easy-to-use [pre-recorded laughter] and plug-and-play way of using them.

Basically, you need a given service, the developers provide a docker, you simply run docker run THEAPP, it pulls all dependencies, and finally runs the app automagically!

If you plan to self-host services, you will hear about this a lot, and you might want to learn how to use it.

Some people will defend the fact that it is a bad solution, and they have both good and bad arguments to defend this opinion, but I will not cover this debate here.

Useful everyday applications

Here is a list of unordered list of services I use (and that you might find useful):

• FreshRSS is a feed aggregator. You can use it to fetch news from other websites, newspapers, or anything that has an RSS/Atom feed.
  • Again, I might make a blogpost about it later, but check other personal blogs & websites, and you’ll see that RSS is far from dead
  • Some newspapers might not provide their RSS feed directly, it may be hidden, but most of the time they provide one.
• Vaultwarden (a rewrite in Rust of Bitwarden), a password manager.
  • This allows you to access your passwords directly from a single website, protected by your master password.
  • It is basically like using a KeePass but available from anywhere
• Funkwhale, a music streaming app similar to Spotify. You can upload your own albums to it and play music using the website or their phone app.
  • If you plan to upload music you own but didn’t create, don’t forget to restrict visibility so that only you can access to it!
  • It isn’t a full replacement to Spotify as it doesn’t have all the fancy algorithmic recommendations, nor the vast library of titles available for paying users.
  • Consider buying music from artists you like (for example on Bandcamp) to get a large collection of titles~.
• Your own software forge, like Forgejo. It is a git server with a lot of additional features users of GitHub/GitLab/Codeberg surely know about
  • You can also add some CI pipeline handlers, depending on the forge you chose.
  • We (our polycule and I) prefer using Forgejo (which is a hard-fork of Gitea) notably used for Codeberg. It is lighter than GitLab, and plans to add federation (which Gitea decided to abandon), allowing people across Forgejo instances to exchange Issues, Merge Requests and probably allowing to connect on other instances.
• Invidious, an alternative frontend for Youtube with an integrated ad blocker. It limits the interactions with Google to a minimum.
  • Beware that all data (such as subscriptions) is linked to the instance you use, and won’t be available on other instances.
  • I wouldn’t recommend allowing public access, due to the bandwidth limitations and legal concerns. I recommend hosting it in your local network, perhaps with access for close friends, but not exposed publicly.
  • As Google has declared a war on Ad-blockers, you might need to update your instance frequently so that it remains usable.
  • If you’re using extensions like SponsorBlock, you may need to add your instance IP/domain name to the list of websites to scan for, so that it also works on it.
• SearxNG is an internet metasearch engine. It aggregates results from multiple search engines privately, without tracking.
  • As for Invidious, I wouldn’t recommend allowing public access to your instance
  • You may enable or disable each source search engine at will. For example, you may disable Bing or Google search for your instance or your account.

Communication services / Social media

Apart from the usual TeamSpeak/Mumble services, and far from the centralized solutions like Telegram or Discord, some other communication apps exist, and you may host them on your own hardware:

• XMPP is the spiritual successor of IRC with some huge improvements (like rich text, and encryption support), which Google attempted to kill using the usual strategy.
  • Keep in mind that XMPP isn’t an ideal encrypted instant-messaging app, see this blogpost by Soatok for more information.
• Matrix, another decentralized messaging protocol, is more similar to Discord/Telegram.
  • Again, see this blogpost from Soatok for reasons why Matrix isn’t an ideal encrypted instant-messaging app.

Regarding social media, the Fediverse is a great solution. However, I wouldn’t recommend self-hosting it if you have no prior experience in self-hosting, as Mastodon (similar to Twitter) and similar microbloging apps tend to be quite complex to set up and maintain, even for single-user instances. But feel free to join an instance with people you know or who would teach you how to manage an instance!

Monitoring

Once you have a few services running on your network, you might want some services to monitor them, and ensure they are running smoothly. I don’t recommend running them if you don’t already have at least 3 or 4 services (with at least 1 available from the outside).

• Prometheus is a metrics collection server as well as a collection of metrics exporter. It relies on an open standard for sending metrics.
  • Other solutions like InfluxDB + Telegraf are more modern and use the same standard, but I recommend what I’m currently using 😄.
  • Lots of exporters (what feeds metrics to Prometheus) exist, for nearly any type of application (databases, web servers, specific applications like Nextcloud or Fail2Ban).
• Grafana is a data visualizer, allowing you to set up dashboards and present metrics as graphics.
  • It works along with Prometheus/Telegraf to display metrics
  • There are lots of pre-made dashboards available for free on their website, but you can create your own dashboards if you want.
• Uptime-Kuma is a dynamic status page. It pokes your different services to check if they are up or down and displays this in a nice and simple way
  • Basically, this is what you may use as a status page once you have public services, so people may check if the services they use are down (maintenance or unexpected error).

More niche services but worth mentionning

• Szurubooru, an Image Board.
  • Being a dragon comes with hoarding issues, and I hoard images. Using an Image board allows me to access my hoard from anywhere, and properly sort/tag it, without having to rely on some public instance
• uMap, a project allowing you to use OpenStreetMap’s custom maps (a competitor to Google Maps), with custom markers, and integrate them into your own projects and websites
  • You can use this for example to list interesting places to visit, or of the tastiest restaurants in your local town~
• KitchenOwl is a self-hosted grocery app, including a recipe planner, and a balance manager between members
  • We use it here only for the balance manager to replace Tricount.
• Cryptpad, an encrypted collaborative office suite. Think of it like an Etherpad or a Google Doc, but with shared access, encryption, and the ability for multiple clients to edit it at the same time
• PrivateBin, an equivalent to Pastebin, but encrypted and without accounts
  • The idea is to have an encrypted paste of text available only with a given link, and where the host can’t have access to said data
  • To quote their website: “As a server administrator you don’t have to worry if your users post content that is considered illegal in your country. You have plausible deniability of any of the pastes content. If requested or enforced, you can delete any paste from your system.”
• Syncthing is a decentralized file synchronization solution. Basically, you register your devices together, and it allows you to synchronize a folder between them using direct connections, or relays.
  • If you already have a Nextcloud, or it may be useless to use Syncthing at the same time.
  • I personally find it useful to use Syncthing to synchronize non-vital files between my phone and my various computers. I don’t use the relay feature, though.
• Bookstack is a self-hosted information host in the form of “books”. You can create pages and edit them using Markdown or the WYSIWYG editor.
  • This is like having a collection of mdBooks, but which you can edit directly.

Other ideas

I highly recommend checking the Awesome SelfHosted website, which holds a huge collection of self-hosted services you may deploy in your network!

And again, if you have suggestions, don’t hesitate to give them!

Mail services

I didn’t mention emails, because of the complexity of the ecosystem. There are “ready-to-use” docker images, but it still requires a lot of configuration. Moreover, big IT companies tend to block (for anti-spam reasons, obviously) unknown domain names, even after said domains have done all the proper work to identify themselves as legitimate servers.

---

Addendum inspired by Brodokk:

I do host my own mail server and i still don’t find it complicated with mailcow since you just need to the configuration, even so it would have took me some years to fully understand what i was doing and still not perfect. And yes I am the only user so I don’t trigger the anti spam system really. But as soon as you have more than 3 users i guess the systems start to get mad for no valid reason. But in the end i do think it’s a bas idea for mail and password management, even on a dedicated server at ovh, for example. Can be hard to talk with your bank or the company if you can’t pay and they shutdown both of them. But this is maybe me being to scared to face the situation… Because phone exist…

---

I quickly mentioned hosting your own mail service in the blogpost, but told that it was hard to configure and often ended up being useless, as big companies tend to block custom mail servers. Let’s qualify this opinion.

Installing a mail server, especially using a fully-featured Docker image or some helper tools, can be easier than before. Furthermore, you have fewer risks^{citation needed} to get blacklisted if you’re the only user on it, as Spam can only come from you.

I have contradictory reports about this, as my flatmates already had issues with their mail servers being blocked by Google or Outlook.

However, it is true that relying on a custom mail service, without any backup plan (a standard Big Tech ™️ address) can be dangerous, especially regarding administration. Like in the previous section, if your infrastructure is down, you can’t access your emails anymore. It would be pretty problematic to miss important bank information because of this…

So yeah, another argument against hosting your mail server if you’re not ready to handle the consequences~ 😰

Do you have ideas of shared-hosting groups to join?

You may be interested in joining your local queer trans polycu-

ahem, sorry.

There are lots of associations and cooperatives you may join, but there are a few that I know of. A quick mention to Deuxfleurs because I know a few people in the association.

You may read this as a “call for proposition”, don’t hesitate to tell me if you’d like to feature your association/group/cooperative/… here.

Closing words

When I started hosting my own apps, it was because I wanted to learn more about system administration and networking configuration. My dear 🦊 helped me a lot to learn about both of these, and nowadays, I host a dozen services, sometimes for myself, sometimes for my polycule, sometimes for the open world (like this website)! It started with a personal Nextcloud instance, which is still running (updated, obviously), and I didn’t stop after this.

Setting up my first service was terrifying, as I was constantly swarmed by warnings from people who didn’t protect their services enough, and ended up with several problems, including potential legal repercussions… Nowadays, I’m still really cautious, but now I have more knowledge, more experience, and people I can rely on and ask for help from.

This is an experience, this can be funny, and it’s definitely better when you’re doing it with other people! Don’t hesitate to join groups, associations, collectives, hacker clubs…

Proof-reading of the original post by xenua, thanks!