The future of selfhosted services is going to be… Android?
Wait, what?
Think about it. At some point everyone has had an old phone lying around. They are designed to be constantly connected, constantly on… and even have a battery and potentially still a SIM card to survive power outages.
We just need to make it easy to create APK packaged servers that can avoid battery-optimization kills and automatically configure an outbound tunnel like ngrok, zerotrust, etc…
The goal: hosting services like #nextcloud, #syncthing, #mastodon!? should be as easy as installing an APK and leaving an old phone connected to a spare charger / outlet.
It would be tempting to have an optimized ROM, but if self-hosting is meant to become more commonplace, installing an APK should be all that’s needed. #Android can do SSH, VPN and other tunnels without the need for root, so there should be no problem in using tunnels to publicly expose a phone/server in a secure manner.
In regards to the suitability of home-grade broadband, I believe that it should not be a huge problem at least in Europe where home connections are most often unmetered: “At the end of June 2021, 70.2% of EU homes were passed by either FTTP or cable DOCSIS
3.1 networks, i.e. those technologies currently capable of supporting gigabit speeds.”
Source: https://digital-strategy.ec.europa.eu/en/library/broadband-coverage-europe-2021
PS. syncthing actually already has an APK and is easy to use. Although I had to sort out some battery optimization stuff, it’s a good example of what should become much more commonplace.
Running web services on a device that hasn’t seen a security patch in 3 years seems like a bad idea.
Also, unless you can mount a real hard drive, you are going to very quickly run into I/O bandwidth issues and flash longevity limits
@RegalPotoo Maybe I should have been more specific in the wording of my title.
No one planning on hosting public multi-user service that would see some serious traffic would probably benefit from hosting on a phone.
Someone who wants to simply run a single-user instance or their personal nextcloud? I think that’s a real possibility.
It is possible nowadays: I’m hosting quite a few services on an 5 years old Android. Just with Termux, no root required. Of course connectef it’s just to the internal network due to all the security concerns mentioned in the post.
To solve all the bandwidth/connection issues, I’ve bought a usbc-ethernet dongle that works like a charm.
To mitigate battery issues I’ve limited the charging to 85%.
I would never host Jellyfin there, but with webdav and Kodi I can get my media served easily to all my devices at home
The risk that @regalpotoo mentioned is still unmitigated though, single user instance or not. At worst, the personal data can be exfiltrated. At best, the server can be used as a part of a botnet. Even if the software (nextcloud) would be patched, that doesn’t help against exploits on a OS level.
Granted, one could run services inside a vpn and have some kind of preventive / monitoring controls, but you’re still need to implement some kind of defense in depth in order to protect it.
I’d also be worried about battery issues
Don’t want to find it having overheated / turned into a pufferfish
Future news headline: “The web server literally exploded under the DDOS attack.”