Hi guys, I don’t know if this is the right place to ask for advice about this so if I’m in the wrong place kindly show me where should I go.
With that out of the way here is my back story, I’m Iranian and as many of you guys heard in the news there are mass uprising, protests and geopolitical conflict going on here. So naturally our theocratic dictatorship leaders here decide on a whim when the whole country can have internet access to outside world or not and when they cut it off there is no safe place for people to keep in touch when we need it the most. Mostly they want to keep people in dark unaware of what’s going on out there…
Here is what I thought, Can I deploy and run my own fediverse instance in this situation on VPS hosted inside the country? Me and a few of my trusted friends are the admins of a small local community of around 200 people give or take but this community can grow to 1000 roughly in future. I can be an example for my fellow countrymen here if I can others can too and many other local communities can be shaped like this inside the country… Which fediverse platform we should choose? Lemmy or piefed comes to my mind but I’m a total noob I have no background in programming. I can use LLMs for help Where should I start? Can you guys help me here. I’m a little lost all this is uncharted territory for me
If it was me, I would not run Lemmy/Piefed in your situation. These things are designed to be fully open and visible to anyone who want to look at them. Probably not your use case.
I’d rather look at something like a Matrix instance, where you can have encryption and secrecy built in. Also, you say that you’re a noob in these things. If you want to hide from the government, you really do need someone very experienced to help you with security, or else it won’t end well.
All the best!
Well said I was thinking about matrix too seems to be a lot safer. But it’s not the platform I was looking for. I really need something like Lemmy where people can make communities share their interests not just group chats
I know there are quite a few comments already, so I hope you read mine. Bro, be fucking careful. Really understand what you’re implementing. Tbh in a small community, I would use snikket or something like that. But under authoritarian tyranny, you need to be sure you and your users cannot be tracked.
There are also mesh systems that are worth looking into, if it’s possible to get access to the hardware for communication that is potentially harder for the government to track.
I second this!! Meshtastic would be great for the small group and functions without a gateway or central server!
I’m not sure of the details about the situation in Iran, but from my understanding, it seems that it would be much safer to set up a server outside the country that’s run by you and others inside the country. It’s fairly easy to set up virtual private servers, although you may need to arrange payment outside the country.
That would be much safer than hosting it with the physical infrastructure inside your borders. If you’re hosting the physical infrastructure, it makes it much easier to locate. If the server is not in Iran, then it may be difficult or impossible for the government to seize it and access the contents.
There are people on this site who are far more expert than I when it comes to network security. Follow their feedback and you may even find someone willing to partner with you to help set it up.
Depending on the legality and safety of doing so, you may also want to look into tech for avoiding censorship and oppresive regimes.
Things like TOR, running your own DNS server, etc.
Edit: I didn’t want to just leave this vague, so I looked up the Electronic Frontier Foundation’s Surveillance Self-Defense guide hoping for some better specifics, but unfortunately it looks like it’s mainly about making security plans, understanding your risk profile, using secure settings on your personal devices, using signal, using TOR, and selecting “the VPN that’s right for you”.
Like you really have a choice of “the VPN right for you” when they shut down things to only approved in/out IPs.
There might be useful info there, but it wasn’t quite what I was hoping to point you at, sorry.
Considering the risks involved with hosting something like this, I would probably start with research on how you could host this safely/anonymously. That would be my first priority. Can’t help people if they take you out.
Next step would be looking at piefed/Lemmy or whatever systems you’re thinking about hosting and identifying what features/logs/etc you would need to disable, modify, or set up to clear themselves automatically so that you wouldn’t have information worth going after in the first place.
There is no way to bypass this. They don’t just filter/censor the Internet. They shut the whole outside of the country access down period. Not even the data centers are exempt. Starlink setup is the only way to bypass this system and it is very illegal and hard to find here
Something to consider about the fediverse is the federation aspect of it; consider re framing your starting position.
Basically, if you make the project “you” hosting “this one” fediverse instance, that instance can be taken down, hacked, its moderation team gets bored, etc…
However if you making the project about “creating access to self-hosting” fediverse instances, well now you have something more robust that at least in a hypothetical scenario, could survive the internet being cut off from the outside, because at least instances within the network can still federate.
Something that is self-hosted which could support with this is codeberg. You could set up some repo’s to sync with the main lemmy/ piefed/ whatever you want, then you get your community to create several federated instances as automatic backups to one another.
Regardless, your personal and operational security should be your highest priority. But if you make the priority getting the tools out, instead of hosting one particular instance, thats much harder to stop.
Don’t want to go into specifics but I found a way to anonymously rent a VPS server here. This is also very illegal. The logs like you said are a big concern I need to figure that out for sure thanks good place to start
IMO its best to keep everything illegal to word of mouth you dont want to leave any traces. Hosting an online fedi platform would be putting up a beacon leading back to you with a paper trail of all people involved.
You absolutely can run Fediverse software yourself. That’s how the internet was created and we have you claw it back from big Tech.
First you should figure out what you want to run. For a few folks and basic microblogging, GoToSocial is super easy to set up, but it’s limited.
Bonfire is an amazing fediverse app and it’s getting better everyday. They’re trying to make it a platform for communities and it’s very extensible.
Emissary is also amazing platform for fediverse stuff and then there’s HTML and CSS editor to really build what you want from there. Like bonfire, but you have to really create the site you want.
If you want reddit style, I like piefed over Lemmy.
Forums with fediverse? Nodebb.
Pictures only? Pixelfed
Live streams? Owncast
Hosting videos? Peertube
And it all interconnects. So you could run Bonfire, and follow someone on Peertube and comment and like from Bonfire.
It’s overwhelming. Id suggest write down what you’re wanting and then look at each project and see what fits.
I run my own bonfire at btfree.social and a public peertube at tubefree.org.
Happy to help however I can. I’ve done some install videos and going to do more soon.
I’d like to add to this, you might want to look into building your own guerilla infrastructure. Especially for said community. It will add some expense but also security and autonomy. Ali express is selling halow modules which can service kilometer links at a few megabytes under the right conditions. Not blazing, but usable and private. A mesh saturated with such modules could be fairly usable. Be careful on public networks.
Good point this would be a great upgrade I will look into it.
Thanks, we need a platform somekind of a forum where we can have different communities/topics but all the content be visible in one home feed for the members of communities and crucially good moderation capabilities for the admins assigned to communities. The content is going to be both text-based and media like videos pictures etc. Currently we are on a telegram super group but that doesn’t cut it and can be lost. Is piefed or Lemmy a good fit for this? I have been here since 2023 and I think it would be. One other issue is privacy the identity of the members should be protected at all costs.
Lemmy does allow anonymous signups, but everything is unencrypted in the database, so if the server was seized all messages, posts and DMs would be available.
And they can find everyone when they seize the server? Are the IPs logged too?
Even if you manage to keep your VPS clean as a whistle of offending logs, your VPS host can log all incoming IP addresses.
I think this is a great idea but very difficult to safely implement.
You could probably route the logs to /dev/null but IDK if the IPs also get stored in the DB
Not within Lemmy to my knowledge, but you would have to be careful when setting it up.
You’d be putting your life on the line, so a suggestion if you go through with this idea:
Have someone you can entrust the site to that wouldn’t be targeted by the regime (at least immediately, maybe a foreigner?) in case you go MIA, or someone “suicides” you.
Also, hosting an anti-dictatorship platform fully within the borders the dictatorship controls means it could easily hunt down those hosting it. They wouldn’t need to pick leaves one by one if they chop the whole tree down, in an analogy. From what I follow of news about Iran, its regime appears to be more immediately an enemy of the US, Israel, Lebanon and Russia, and the EU governments appear to be shifting to be openly against it, so maybe worth looking for VPS providers aligned with those countries, I’d think.
Also, people often use Telegram, but internet being cut makes it somewhat unreliable. Alternatively, what P2P or other portable relay technologies are there, so that even if the origin of the network disappears or internet is cut, it keeps floating around? I can only think of amateur radio broadcast, similar to how Poles did in the Iron Curtain time, but similarly to there back then, you’d need to be on the run after each short broadcast, so you’re not easily found.
Buddy…
You want to host an anti-Iranian regime website, from inside Iran?
Like, do you honestly not understand how easy it would be to trace back to you?
Do you realize in any country hosting an instance makes you responsible for what’s posted?
That’s not even getting into how you couldn’t post outside links if there’s a filter, or how
ifwhen the regime IDs you and arrests you, they have all the DMs and IMs of everyone who signed up for itYou want a secure messaging service, what you’re talking about is an insanely uninformed and dangerous plan.
Do not do what you’re talking about doing.
A good idea would be a p2p system such as briar, which would be extremely hard to block as it syncs over tor, local WiFi, Bluetooth, and removable drives. As it is fully encrypted and has no servers to take over it would be very hard for the government to intercept messages.
Maybe I don’t get what you’re asking.
If you created your own instance, running it on your own, and the Iranian government shut off your internet, YOU could still access the instance, since you’re on the same Lan inside your house…but how would other people access it if you don’t have internet?
My fault I didn’t explain it. They don’t cut the internet inside the country (look at it as somekind of a intranet network inside a country wide network) which they control it. they cut the access to outside world so access to any service not hosted locally inside the country is instantly lost
good start! but when internet gets turned off, anything using tcp/ip stops. look for coop cloud, Reticulum, LoRa radios if you can get them. you can build your OWN local area internet to communicate with your friends.
Can’t you just create a community on an existing Lemmy/PieFed instance? Sounds safer and easier
What about when they cut off the internet access to outside the country. That’s the whole point
If they are happy to cut off the internet, surely they are happy to come after you directly as well. Your placing a very large target on your back.
Yes you’re right if my community gets big enough for them to notice. They gonna come after me too. I accepted the risk
