Joachim Breitner's Homepage

For a little more than two decades, I have been running one or two dedicated servers for a fair number of services. At some time or the other, it was hosting

• A web server for my personal website
• A web server for various private and professional webpages for friends and family
• An email server with IMAP, SMTP, Spam filtering, for me and family
• A mailing list server for various free software project
• A DNS server
• A Half-Life and Counter Strike server, with a statistics web page
• The web page for my Counter Strike clan, running on a custom Perl-and-Mysql based CMS
• The web page for my high school class, running on the same system (this was before everyone used, or had used, Facebook, and even supported tagging people on images…)
• A Docbook-and-SVN-based documentation management system that my brother and I built and even sold to a few customers.
• A custom SVN-, Perl and Template-Toolkit based static site generating CMS, before that was cool, also with one or two actual customers.
• A SVN- and later Git based site for collaborative editing of math and computer science lecture notes; back then there was no Overleaf
• A Jabber server
• The backend for an online adaption of the board game “Sim Serim” which got the author to gift me the real thing
• An SVN server
• A darcs server
• A git server
• A tool to track darcs patches that were submitted by mailing lists
• A blog aggregator (a “planet”) for friends, and one for Ghana’s Free Software community
• An Owncloud instance for family
• Virtual machines maintained by friends, to share resources more cheaply
• A OpenVPN and later tinc based VPN for my machines
• Jobs that RSS feeds to IMAP (using feed2imap and later feed2imap-go)
• Jobs that send email greetings to a friend of mine that I have collected from his wedding guests, and are now delivered at decreasing rate over the next decades.
• Online questionnaires to gather data for a genealogy project
• Jobs that send an email with a daily summary of family events from that date.
• A Django app to organize a larger family gathering
• Multiple Mediawiki instances
• A freenet node and a tor node
• Code that demonstrated the Cross-site authentication attack
• … and probably more stuff that I don’t remember anymore

It’s not you, it’s me

Running this kind of service on my own was great fun and a huge learning experience, and in some cases at that time the only way to have a certain feature. But in recent years my interests shifted a bit, more into Programming Languages Theory (and practice) than Devops, and I was no longer paying attention as much as these services require. This gave me a bad conscience, especially in terms of security updates.

Especially running your own email server, while still possible, isn’t fire-and-forget: One has to stay on top of spam protection measures, both on the receiving end (spamassassin etc.) as well as when sending email (DKIM, configuring mailing lists to rewrite sender etc.)

Also some family members were commercially relying on these servers and services working, which was no longer tenable.

Weaning off

Therefore, more than a year ago, I decided to wind this down. Turns out that getting rid of responsibilities takes at least as long as taking them on, especially if your “customers” are content and a move to something else is but an annoyance. But last weekend I was finally able to turn the machines, called quimby and fry, off.

Many of the services above were already no longer active when I started the weaning off (Jabber, Freenet, Tor). So what happened to the rest?

• For emails, we all moved to https://mailbox.org. Happy to pay for such a crucial service.
• For the mailing lists, especially for the Tip-Toi-Hacking project , https://jpberlin.de/ has decent enough rates that I don’t feel bad for paying for it.
• Managing DNS is made super easy by dnscontrol; I’m using Hetzner’s DNS servers, but thanks to that tool that does not matter a lot
• For those websites that are static enough, Github pages is nice. This includes the lecture notes site.
• For those websites that need a little bit of server-side logic, e.g. for complex redirects and normalization procedures, or access control, but no state, I found that netlify introduced their Edge functions feature just in time. This was crucial for my main website.
• I got rid of the backend of the two-player game Sum Serum completely, by using WebRTC. In terms of hosting, it is now just a boring static website, which is the best kind of website.
• I converted all SVN and Darcs repositories to git, and pushed them to GitHub.
• Although I was mildly proud to have kept the websites of my high school class and Counter Strike clan live and functional for many years after anyone stopped caring about them, I decided it is silly to keep doing that. I briefly thought about entombing that running system in a locked down virtual machine or so, but in the end simply used wget to create a static mirror of them, which is now hosted on netlify (using Edge Functions to restrict public access to a few pages).

In the end, I was not able to get rid of all services, so there is still a server running for me (smaller now, and virtual):

• My photo album, https://bilder.joachim-breitner.de/, which is a bit too big for something like netlify.
• Some dumb static webspace used by a family member’s business for internal reasons, which likewise is a bit too large for something like netlify or github actions, and not as critical as other sites.
• The feed2imap jobs
• For one Mediawiki instanced used for a genealogy project of a relative of mine I could not find a suitable hosted alternative. However, it is HTTP-AUTH-password-protected, so I am a bit less worried about staying on top of security updates for this PHP-drive site.
• Also, I am still running the daily email job from the genealogy project, but now through nullmailer and Amazon SNS, to worry a bit less about the intricacies of modern email.

Debian → Nix

I took this opportunity to set up a new server for the residual services. I have been using Debian since 2001 and was a Debian Developer from 2003 to 2022, and it is a great operating system and a great project.

But after learning about Nix at DFINITY, and using NixOS on my laptop for almost two years, managing a system in a non-declarative way simply feels … wrong. Similar to programming in a non-functional programming language.

Hence I have shut down my Debian-based systems (two virtual machines called quimby and fry and the surrounding Dom0 freddy – my machines are named after Simpsons side kicks and (sometimes) Futurama characters), and am using the NixOS-based aarch64 host richard (because of the [“Nix” in the name]) instead.