Wander ΘΔ 

The future of selfhosted services is going to be... Android?

Wait, what?

Think about it. At some point everyone has had an old phone lying around. They are designed to be constantly connected, constantly on... and even have a battery and potentially still a SIM card to survive power outages.

We just need to make it easy to create APK packaged servers that can avoid battery-optimization kills and automatically configure an outbound tunnel like ngrok, zerotrust, etc...

The goal: hosting services like #nextcloud, #syncthing, #mastodon!? should be as easy as installing an APK and leaving an old phone connected to a spare charger / outlet.

It would be tempting to have an optimized ROM, but if self-hosting is meant to become more commonplace, installing an APK should be all that's needed. #Android can do SSH, VPN and other tunnels without the need for root, so there should be no problem in using tunnels to publicly expose a phone/server in a secure manner.

In regards to the suitability of home-grade broadband, I believe that it should not be a huge problem at least in Europe where home connections are most often unmetered: "At the end of June 2021, 70.2% of EU homes were passed by either FTTP or cable DOCSIS
3.1 networks, i.e. those technologies currently capable of supporting gigabit speeds."

Source: https://digital-strategy.ec.europa.eu/en/library/broadband-coverage-europe-2021

PS. syncthing actually already has an APK and is easy to use. Although I had to sort out some battery optimization stuff, it's a good example of what should become much more commonplace.

cc: @selfhosted
#selfhosted #selfhosting

Broadband Coverage in Europe in 2021

The Broadband Coverage in Europe study is designed to monitor the progress of EU Member States towards their specific broadband coverage objectives – namely: ‘Universal Broadband Coverage with speeds at least 100Mbps, upgradable to gigabit speed, by 2025’ and ‘Gigabit connectivity for all by 2030’.

Shaping Europe’s digital future
Oct 22, 2023 at 8:11pmWeb
Show threadWander ΘΔ Oct 23, 2023

@selfhosted Update:

1. Just to clarify, the the whole point is that Android makes it easy for less tech oriented people to host small single user / family services.

It does not need to be perfect, have massive throughput or allow for massive amounts of read/write cycles.

If people can host their own media server like Jellyfin or note taking apps like Joplin instead of using commercial services by simply installing an APK on an old phone they can leave connected at home, that's already a big win.

2. Regarding device longevity, Android 13 apparently supports / will support full KVM emulation. Windows can be run if you have root while android based VMs are expected to be possible without the need for root. Since this type of virtualization allows VMs to run their own kernel, keeping the "server app" updated should allow the user to be protected even if the host OS is outdated as long as these server-app-VMs are trustworthy themselves.

Show threadsimpleOct 22, 2023
I’ve already heard of people using Termux to host services on their old phones. Seems to work well.
Show threadsouthsamuraiOct 22, 2023
I mean, android is fine I guess, but it’s being pushed to be less and less able to be separated from Google. I think for a lot of people interested in self hosting, there’s a low amount of interest in it because of that.
Show threadWander ΘΔ Oct 22, 2023

@southsamurai Oh that's definitely a huge concern, but not just for self-hosting but for privacy in general.

But still, if the average joe wants to self-host something using an old phone is probably the easiest way to get them to try self-hosted alternatives and drop corporate / commercial services.

Maybe not the 'average average joe' such as my parents, but anyone who is minimally curious enough to do stuff such as registering a domain, setting up a game server for friends and maybe has opened the CMD windows console once or twice in the past following a tutorial. That kind of demographic (IDK if it has a name) might be much more inclined to self-host if it was as easy as installing an APK and letting your phone one somewhere at home.

Overall as long as Android doesn't become straight out malicious spyware itself, the benefit of dropping commercial alternatives might very well be a net positive. In a worst-case scenario, any tunnel / vpn configuration necessary to expose a service to the internet could also add an automated step to blackhole requests to google's tracking servers.

Show threadThe HobbyistOct 22, 2023
I think there’s some truth to it. But I imagine it will be more AOSP than what android is with google services. AOSP is really a great operating system with very good security and built in features. And with neural engines and high bandwidth emmc, it is mostly just lacking a large amount of storage to make it all complete, but the latest SOCs are most probably powerful enough. Is there something like docker for android? :)
Show threadWander ΘΔ Oct 22, 2023

@TheHobbyist I replied to a similar post mentioning updates.

To be honest it does suck that Android is so fickle with updates and it sucks even more that flashing a rom is such a hard (and scary) task for the type of user that would benefit from this the most.

Maybe the environment running the actual server software is virtualized, like a VM or layer between the phone's OS and server software that can be updated without requiring flashing.

I think termux does this? Isn't termux virtualized / emulated in some way?

Show threadTCB13Oct 22, 2023

The future of selfhosted services might includes phones yes, Android most likely not.

Think about it,

Show threadTCB13Oct 22, 2023
People who downvote, care to explain? You clearly never tried to access the Internet / install modern software on a Windows XP computer :)
Show threadWanderOct 22, 2023
Am curious. Are you able to run a modern windows 10 virtual machine / virtualbox vm on XP?
Show threadWander ΘΔ Oct 22, 2023

@TCB13 I'm not an expert in the matter but I wonder how large the attack surface actually is for a web service that has a single port exposed via a tunnel which can even contribute to doing some security filtering.

The application / server component can actually be updated since it's just an APK. And someone else in this thread actually linked to whole linux distros that can be installed and run without root. In theory even if the underlying OS is insecure, more secure OSes can be installed on top, or risk can be severely limited by only exposing a single port.

Basically, while flashing a new ROM would be ideal, I think there's likely a way in which a sandboxed and possibly even updated environment with updated TLS cyphers, CA stores, etc... can be run in a secure manner on top of a stock Android ROM.

Furthermore, developers packaging their apps into APKs could run security checks and by the time it says "your OS is insecure" you're already on your third phone and can host stuff on your second. I mean... Android phones are in their prime for two/three years at most in my experience :P

Show threadahoyboyhoyOct 22, 2023
@Wander @selfhosted I have old Pixel phones with LineageOS installed, but I haven't found a good way to prevent battery inflation. I'd love a way to limit charge to 50% or to bypass the battery altogether.
Show threadWander ΘΔ Oct 22, 2023

@ahoyboyhoy @selfhosted How old is the phone and what version of the OS are you using? I was under the impression that modern phones bypass the battery when connected to the charger and having full charge.

Regarding limiting the charge, I believe there's some software calibration you can do which would allow you to set it to 50%. I'm no expert in battery or repairs at all, so someone else might have a better idea.

Show threadahoyboyhoyOct 23, 2023
@Wander @selfhosted I have a Pixel 3 and 5. Where might I find out if the charge controller functions as you say?
Show threadAMSOct 22, 2023
@Wander @selfhosted I in fact already use android for syncthing.
Show threadWander ΘΔ Oct 22, 2023
@AMS @selfhosted yes, hopefully we'll see an explosion in self-hostable alternatives that can be installed as easily as syncthing.
Show threadahoyboyhoyOct 22, 2023
@Wander @selfhosted also, don't forget that it's easy enough to run Linux on Android: https://f-droid.org/en/packages/tech.ula/
UserLAnd | F-Droid - Free and Open Source Android App Repository

Easiest way to run GNU/Linux Distros on Android - no root required

Show threadWander ΘΔ Oct 22, 2023

@ahoyboyhoy @selfhosted Nice. I remember trying it out once. Actually I might use that to follow my own advice and self-host at home once I retire my current phone.

True, I haven't had the need because I know how to run stuff on a server, but for personal files it's probably better to host things at home.

Show threadHerz++Oct 22, 2023

@Wander @selfhosted This sort of setup is very attractive IMO because of the low power usage. Android phones use much less power than old PCs.

The main con I see is not having ethernet (maybe there's some sort of MicroUSB/USB-C to ethernet adapter, but I didn't look into it yet). That, and there being only one port.

Show threadMarcus GrantOct 22, 2023
@herzenschein @Wander @selfhosted with a cluster, even in WiFi you could mitigate some of those problems, but for home use clusters is potentially asking too much
Show threadTheHolmOct 22, 2023
Ethernet is not a problem. Plug USB-to-Ethernet adapter to your phone ( there are some requirements to both) , and you will be surprised.
Show threadonlinepersonaOct 22, 2023
IMO, more like Linux. Android for such old devices is unmaintained, but if you’re able to run Linux on it you’ll still be able to apply kernel updates and security updates for software will continue to exist. Many things are opensource too and you should be able to recompile them on the android device to make it run.
Show threadBearOfaTimeOct 22, 2023
Seems like this is a great use-case for an RPi. At least for single/few user setups
Show threadAbidanYreOct 23, 2023
PostMarketOS or UBPorts are basically that, but have limited functionality and few hardware options.
Show threadAppoxoOct 22, 2023
Who provides the software and firmware updates for my antique Samsung S4 and Galaxy young?
I hope you will give me some firmware for the old snapdragon.
Don’t forget the loads of Exynos CPUs and loads of GPUs from different vendors.
Show threadAbidanYreOct 23, 2023

Who provides the software and firmware updates

That’s the fun part. Nobody does.

Show threadDecronymOct 22, 2023

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

Fewer Letters More Letters RPi Raspberry Pi brand of SBC SBC Single-Board Computer SSL Secure Sockets Layer, for transparent encryption

[Thread #231 for this sub, first seen 22nd Oct 2023, 22:25] [FAQ] [Full list] [Contact] [Source code]

Decronym

Show threaddugite-codeOct 23, 2023
@Wander @selfhosted Unlikely, the biggest issue android devices have is hardware support due to the ARM CPU architecture. It's just not as useful as old x86 hardware, you're stuck with old outdated and vulnerable firmware. My opinion is that one of the selling points of ARM hardware for device vendors is it's relative impossibility to get open source driver support. You may see some use of Apple M1 and M2 simply because it's a smaller FOSS support target, but android devices vary too much.
Show threadMonkCanatellaOct 23, 2023
Pretty cool concept actually. upcycling old tech does seem to be a selfhosting hobby. I see a lot of criticism that I think doesn’t really see the value proposition. You should be able to root the device and install a new OS. I wonder how limited the bandwidth would be though, and whether it’d be worth the cost to get adapters, if they exist, to allow more throughput. I do like the concept though.
Show threadMoonrise2473Oct 23, 2023

Big problem: updates for something that is directly exposed to internet

Some low end devices will stop getting security updates 6 months after launch because the OEM launches a new model every two weeks and obviously doesn’t have resources to dedicate to it

In some cases, even high end devices don’t get updates and are discontinued internally shortly after launch, for example the Xiaomi mix 3 5g

Yes, root and custom ROMs could solve the problem, but not as easy as regular Linux where you just use a package manager to update. First issue is needing to wipe after updates and you have to reinstall and reconfigure everything

Show threadOrionOct 23, 2023

Hmm I think my main concern would be lack of kernel/firmware updates, running something like postmarketOS could partly solve that and still be nearly as easy to set up (just unlock and flash a prebuilt image)

But firmware is still almost entirely dependent on the vendor, since it’s all signed and unpatchable.

Next issue would be lack of connectivity on a lot of phones, which have gone backwards and include USB 2.0 now. WiFi is an option, but less stable, I personally decided to just go 100Mbps and suffer.

As for the battery, it would help a lot if phones were designed to boot without one and they were removable, it all worked well for about half a year until I found out I had a spicy pillow and had to replace it with direct power to the board, which made the whole setup much less elegant and required soldering.

It all comes down to how devices are designed in the end. If someone took the time to make a computer instead of just a phone, and included features that make it useful past its initial life that aren’t that popular (display output, microsd, headphone jack), mainlined all the drivers and maintained firmware, that would be a different story.

But that’s not a very profitable model, because it’s all about reducing waste and thus selling less. A lot needs to change.

Show threadSocial Justice Warrior🦍Oct 23, 2023

@Wander Great idea!

I also think we need to change our analogies away from the client-server model to the guest-cloud-host model instead. This way we make cloud hosting much more intuitive to understand and create the expectation of accessibility with the hoster.

An android doesnt have a lot of area for stuff and tools, so it would encourage lightweight solutions. I think that is exactly the direction we need to move in!

https://freeradical.zone/@vegafjord/111280840906476879

#unchaining #grounding #SmallWeb

𐑝𐑧𐑜𐑭 𐑓𐑘𐑹𐑛 :esperanto: (@[email protected])

#grounding The guest-cloud-host analogy is a way to understand the relationship on the intercloud. A cloud is owned by the host, and has an area containing tools and stuff. It may allow guests to visit. The host may let the cloud be open to guests. In this case, the guest can ring the doorbell, and the host may decide from there to let them in. The host may let the guest explore the cloud. They can find stuff and let them use or borrow their tools. #foss #unchaining #libre #SmallWeb

Free Radical
Show threadandreluis034Oct 23, 2023
The latest pixel devices (since 6 I think?) already provide accees to a /dev/kvm device, so maybe you could even run a normal Ubuntu server VM on your phone for hosting these services.
Show threadhexagonwinOct 23, 2023
10 years ago I ran a Debian chroot inside my Android after rooting and that still works, no need to run a KVM (mostly).
Show threadLeszek KarlikOct 23, 2023

@Wander @selfhosted

Hosting syncthing or nextcloud is one thing, hosting a wordpress blog or mastodon is another, since a post "going viral" would pretty much overload the smartphone. 🙂

Show threadBearOfaTimeOct 23, 2023

I’d be more inclined to say Raspberry Pi. Low power, small, scalable.

I’m currently designing a sync/backup/mesh network device for family/friends. Something they can simply plugin, and I can manage remotely.

Show threadBenjohnOct 23, 2023
@Wander @selfhosted this whole “We are walking about with entirely reasonable servers in our pockets for reasonable scales - why doesn’t it feel like that?” thing is in my brain quite a bit.
Show threadBenjohnOct 23, 2023
@Wander @selfhosted I have conversations with peers where they talk about “servers” and “computers” as if they figure them as quite distinct things.
Show threadWander ΘΔ Oct 23, 2023
@benjohn @selfhosted 6-8 GB of RAM with powerful CPU and GPU that was designed to run games and can in some cases run small AI models is nothing to scoff at imho.
Show threadBjörnOct 23, 2023

I feel like Android is adding some new power saving “feature” with every version to kill all the useful stuff I want to keep running in the background.

Last stupid thing I remember was when it removed my CalDAV synchronisation because I haven’t been “using” the CalDAV app for some months.

Not to mention all the times it decides to kill something you want to use because it thinks the RAM would be more needed elsewhere. Honestly my 128 MB RAM Nokia N900 could run more apps at the same time than my 4 GB RAM Fairphone.

Show threadTeaEarlGrayHotOct 23, 2023
Thanks for the monthly reminder to open DavX5 🤣
Show threadEskueroOct 23, 2023

It has an UPS builtin 😇

Jokes aside I used to run a few python bots inside termux on my very old S3 Mini a few years ago. It did the job at least.

Show threadmonkDec 10
Forget old phones and just run all of that on current phones. Federation is better than centralisation, but true P2P trumps it.