A practical setup for running a public Redlib server

Redlib is a privacy-friendly way to browse Reddit without using Reddit’s official website. The public Redlib service runs on dedicated hardware in Victoria, Australia, using a 1000/400 NBN internet connection. A Fedora Server hosts the service, and runs the Redlib stack.

The origin server does not expose public ports; outside traffic reaches it through . Traefik routes web requests to the right internal service, and Anubis sits in front of Redlib to reduce abuse and . The setup also includes external ing, a public status page, and a maintenance page for planned downtime.

OpenWrt SQM/CAKE is used to prioritize the that runs community services. The Redlib build is a fork with updated Rust dependencies, packaged in a custom Alpine-based container image, and the container is hardened by running as non-root, using a read-only filesystem, blocking , and dropping all Linux capabilities.

Key points

  • The Redlib service is public, but the origin server has no exposed ports.
  • runs the service inside a Fedora Server .
  • , Traefik, and Anubis are used for access, routing, and abuse protection.
  • A public status page and maintenance page are prepared for reliability and planned downtime.
  • The container is hardened with non-root execution, a read-only filesystem, no , and dropped Linux capabilities.
Read original