this post was submitted on 09 Jul 2025
1 points (100.0% liked)

technology

23869 readers
38 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 5 years ago
MODERATORS
 

I am trying to get a local org I am in set up with a domain and website just to have a place to point people for everything. We would like to keep it as cheap as possible. I figure we need the following:

-Domain name (going to use namecheap probably)

-VPS host (I haven't done this before, it looks like racknerd may be way to go?). I assume I will probably only need 1GB of memory as it will just be a static webserver but that may be too little, not 100% sure.

-Email host. This is one of two real reasons I want to own the domain, we have multiple uses for email but currently everything is under one gmail address and a lot gets lost in the clutter. A few people in our org would like to stick with gmail but I am open to other suggestions. Definitely do not want to deal with self hosting on this.

-Website builder. I plan to use an Ubuntu server with the LEMP stack on the VPS, should I just use Wordpress? I am definitely not experienced in website building so it's not realistic to do my own HTTP. My only concern is using Wordpress will result in a poorly optimized site that may strain my limited resources, but there are also a few people in our org that have experience with it so that would help.

While I have a decent amount of tech experience generally, these are mostly uncharted waters for me. I know this comes across as kind of half baked, but really I am just looking for general advice!

top 11 comments
sorted by: hot top controversial new old
[–] [email protected] 0 points 8 hours ago* (last edited 8 hours ago)

Pretty big fan of caddy for your actual web server / proxy. Nice clean and readable configs (far nicer than nginx or apache imo). Also it'll fetch your certificates automatically so you don't need to faff about with certbot. Seconding what hello_hello said about making a static site with hugo or similar. It'll be much faster and zero maintenance once you've made the site, but a bit more effort to develop. There's a good collection of themes if you're not interested in learning css+html, but it's not that hard either. Happy to point to some good resources.

1gb of ram is far more than you need for a static site. For wordpress it'll be probably "enough", but you can always allocate a swap file if it becomes a problem https://wiki.archlinux.org/title/Swap#Swap_file_creation

Feel free to dm me questions

[–] [email protected] 0 points 13 hours ago

I liked migadu.com as an email server, although it's very small and doesn't always get through the Google spam filter. It's in switzerland which is a very good jurisdiction about privacy laws.

[–] [email protected] 0 points 15 hours ago

For the website. If you just want to serve static content with no user input processing, you should use hugo, if blogging/newsletter is the most you'll realistically do. I'd advise this over WordPress since you won't have to worry about maintenance so much.

[–] [email protected] 0 points 17 hours ago* (last edited 17 hours ago)

porkbun is another domain name purchasing service you can look at. And cloud providers (like Alibaba Cloud) often have their own as well (of course you can't get any domain through any service).

There are ways to host a simple static website basically for free, without running a dedicated server or dealing with web server complexity, using a service like Codeberg Pages (https://docs.codeberg.org/codeberg-pages/using-custom-domain). It's somewhat technical. You have less control over it of course, but it's probably a lot less of a maintenance burden than Wordpress or any other software that requires its own server. Not much needed to secure it. Probably a lot of peace of mind compared to have a server running 24/7 that you have to basically be on-call for.

I wonder about email hosting too. I think any third party email hosting provider is probably a rip-off because they usually charge by the user (Alibaba Mail is $4 per user). So if you have two users that's going to cost twice as much as a single user, even if the second user doesn't get used much. Maybe worth it if you only need a couple email address. But if you end up growing then you'll have to pay a lot more.

[–] [email protected] 0 points 20 hours ago* (last edited 20 hours ago) (1 children)

VPS host (I haven't done this before, it looks like racknerd may be way to go?). I assume I will probably only need 1GB of memory as it will just be a static webserver but that may be too little, not 100% sure.

Never heard of this ISP, but 1GB will be plenty for a static website, or a rather light-weight web application like WordPress. Most VPS hosts allow you to upgrade your machine in-place, by adding additional memory, disk space, or CPUs (to a degree. At some point you will be forced to transition to a dedicated server, or to spread things like storage to a more specialized object storage host)

Email host. This is one of two real reasons I want to own the domain, we have multiple uses for email but currently everything is under one gmail address and a lot gets lost in the clutter. A few people in our org would like to stick with gmail but I am open to other suggestions. Definitely do not want to deal with self hosting on this.

Probably the right choice. I do self-host email, and with things like Mail-In-A-Box it is not awful to set-up, but it requires its own VPS (so you're paying anyway) and the IP ranges of VPS providers tend to rank poorly in heuristic counter-spam systems (because people's neglected / amateur shit routinely gets hacked and turned into spam bots).

If using email for organizing, custody and jurisdiction of the email server should be an important consideration. Anything is better than Google, but there are still shortcomings of hosting email on a VPS or a dedicated service (like, they could still receive a subpoena or search warrant without your knowledge, though they are less likely to be directly collaborating in dragnet surveillance or various classified "counter-terrorism" programs like Google or Microsoft).

Website builder. I plan to use an Ubuntu server with the LEMP stack on the VPS, should I just use Wordpress? I am definitely not experienced in website building so it's not realistic to do my own HTTP. My only concern is using Wordpress will result in a poorly optimized site that may strain my limited resources, but there are also a few people in our org that have experience with it so that would help.

WordPress is okay, but it has a iffy reputation. It is a very popular web application, and is a popular target for exploits as a result. A lot of people set it up and never think about it again for months/years. Like any piece of web-facing software, you need to keep on top of updates and make sure it is not misconfigured. I have not hosted WordPress in a long time, but if you read the HTTP access logs on any VPS you will see dozens of bots probing and attempting to exploit WordPress installations (along with other popular web applications).

You can configure something like fail2ban to mitigate this noise somewhat. Along those lines, you also should exclusively use key-based SSH access. Disable password authentication completely and have fail2ban throw all the bots into the oubliette.

[–] [email protected] 0 points 20 hours ago (2 children)

This is great info, thanks! I deal a decent amount with regular server security so was already planning to do SSH access only.

We're pretty much only using email for contact with people outside the org so not super concerned about opsec on that front, but I agree with you that I would like to move off Google. Institutional inertia can be a motherfucker though so who knows. I'm also looking into self hosting an encrypted messaging app since we still just use WhatsApp but that seems like it's own whole project haha.

[–] [email protected] 0 points 14 hours ago

Whatsapp can be replaced by Signal at the very least. If you're in a whatsapp chat and somebody decides to use the report feature, your keys get sent to Facebook and the entire chat is decrypted.

Whatsapp also is a bigger vector for scammers and spammers while those have been extremely rare for me on Signal (like once or twice in a few years).

[–] [email protected] 0 points 20 hours ago (1 children)

A few years ago I'd recommend an un-federated Matrix server, but I'm not sure what that platform will look like in a few years. It lives and dies by New Vector LTD. At this point, I'd take a good look at XMPP with the OMEMO extension (a forward secrecy "ratchet" algorithm similar to those used in Matrix and Signal).

Something like this could likely live in the headroom of a small webserver, though there are benefits to compartmentalization as well. If you use your DNS wisely, you could give something like this its own sub-domain, and eventually move it to its own server at some point in the future.

[–] [email protected] 0 points 14 hours ago

+1 for XMPP, hosting an XMPP server is far less intensive than a matrix one and has the same security benefits with OMEMO (if a device's keys get compromised, previous messages can't be decrypted).

Matrix has some iffy history with its zionist past from an Israeli company it also collects tons of metadata and is more complicated to set up.

[–] [email protected] 0 points 21 hours ago (1 children)

Hosting an email server is a pain in the ass and the easiest solution is to make it someone else's problem.

[–] [email protected] 0 points 20 hours ago

When I first started my current job we had an on premises mail server. I have never been happier than the day we threw that thing in the trash.