About me: My name is Solène Rapenne, pronouns she/her. I like learning and sharing knowledge. Hobbies: '(BSD OpenBSD Qubes OS Lisp cmdline gaming security QubesOS internet-stuff). I love percent and lambda characters. Qubes OS core team member, former OpenBSD developer solene@. No AI is involved in this blog.

Contact me: solene at dataswamp dot org or @solene@bsd.network (mastodon).

I'm a freelance OpenBSD, FreeBSD, Linux and Qubes OS consultant, this includes DevOps, DevSecOps, technical writing or documentation work. If you enjoy this blog, you can sponsor my open source work financially so I can write this blog and contribute to Free Software as my daily job.

How to host a local front-end for Reddit / YouTube / Twitter on NixOS

Written by Solène, on 02 September 2022.
Tags: #nixos #privacy

Comments on Fediverse/Mastodon

1. Introduction §

I'm not a consumer of proprietary social networks, but sometimes I have to access content hosted there, and in that case I prefer to use a front-end reimplementation of the service.

These front-ends are network services that acts as a proxy to the proprietary service, and offer a different interface (usually cleaner) and also remove tracking / ads.

In your web browser, you can use the extension Privacy Redirect to automatically be redirected to such front-ends. But even better, you can host them locally instead of using public instances that may be unresponsive, on NixOS it's super easy.

We are going to see how to deploy them on NixOS.

Privacy Redirect GitHub project page

libreddit GitHub project page: Reddit front-end

Invidious project website: YouTube front-end

nitter GitHub project page: Twitter front-end

2. Deployment §

As September 2022, libreddit, invidious and nitter have NixOS modules to manage them.

The following pieces of code can be used in your NixOS configuration file (/etc/nixos/configuration.nix as the default location) before running "nixos-rebuild" to use the newer configuration.

I focus on running the services locally and not expose them on the network, thus you will need a bit more configuration to add HTTPS and tune the performance if you need more users.

2.1. Libreddit §

We will use the container and run it with podman, a docker alternative. The service takes only a few megabytes to run.

The service is exposed on http://127.0.0.1:12344

  services.libreddit = {
      address = "127.0.0.1";
      port = 12344;
  };

2.2. Invidious §

This is using the NixOS module.

The service is exposed on http://127.0.0.1:12345

  services.invidious = {
      enable = true;
      nginx.enable = false;
      port = 12345;

      # if you want to disable recommended videos
      settings = {
        default_user_preferences = {
          "related_videos" = false;
        };
      };
  };

2.3. Nitter §

This is using the NixOS module.

The service is exposed on http://127.0.0.1:12346

  services.nitter = {
      enable = true;
      server.port = 12346;
      server.address = "127.0.0.1";
  };

3. Privacy redirect §

By default, the extension will pick a random public instance, you can configure it per service to use your local instance.

4. Conclusion §

I very enjoy these front-ends, they draw a lot less resources when browsing these websites. I prefer to run them locally for performance reasons.

If you run such instances on your local computer, this doesn't help with regard to privacy. If you care about privacy, you should use public instances, or host your own public instances so many different users are behind the same service and this makes profiling harder. But if you want to host such instance, you may need to tweak the performance, and add a reverse proxy and a valid TLS certificate.