---
Ever since it was first launched, I've hosted Rob's Gemini Capsule on a local machine from my home Internet connection. Yesterday, almost two and a half years later, I decided to move the capsule to AWS.
It was a tough decision, primarily because of my stance on digital autonomy. I believe in the right to establish one's own presence in cyberspace however one wishes, including entirely on one's own terms. I've exercised that right for years by insisting on a static IP address for my home Internet connection and hosting my own services from there. However, at our new house, we have to subscribe to a business Internet plan to get a static IP and CPE bridging in our ISP's infrastructure for opening ports. That increased our monthly Internet by $50, and since I only host a Gemini capsule right now, I was essentially paying $50 a month just for Gemini hosting. I was willing to pay the extra cost for future flexibility, but in recent weeks we've entered a period of tight finances, and it became necessary to migrate the capsule in order to save money.
Fortunately, I'm familiar with AWS, and setting up a new environment for my capsule was pretty simple. I deployed an EC2 instance running Amazon Linux, a derivative of CentOS, with t2.micro sizing. t2.micro instances fall under Amazon's free tier and provide 1 vCPU and 1 GB RAM: more than enough to run a simple Gemini capsule. The instance came with a VPC and a security group; all I had to do was open up traffic on port 1965 in the security group, provision an elastic IP to have a static IP address, and associate the elastic IP with the instance. After changing DNS name servers and migrating my host configuration to Route 53, I was ready to go. My total downtime was probably less than 30 minutes, and cutover could have been instantaneous if I knew all the steps to do ahead of time.
Losing a static IP address for our home network caused another problem. I have a NAS with a few dozen terabytes of storage, and when I'm out and about, I often connect to the drive to transfer files to and from my devices. With CPE bridging no longer configured, I can't directly access any devices behind my gateway, even with a DDNS service like NoIP.
The solution I found was a technology I've looked at before but never properly deployed: Yggdrasil. Yggdrasil is an overlay IPv6 network with IP addresses tied to cryptographic keys, implemented as a software router that can tunnel over other networks. All I had to do was deploy an Yggdrasil node on the EC2 instance running my capsule, then configure Yggdrasil on my other devices to route to it. Instantly, I could SSH into any of my devices as if I was on the same network.
I'll eventually write guides on how to do both of these things: how to set up a Gemini capsule on AWS, and how to set up Yggdrasil. I'm happy surprised at how versatile both of these tools are, and I think others in Gemini would get some use out of them.
---
[Last updated: 2023-08-19]