To set up completely anonymously, you need nothing pointing back to you, so I’d recommend:
- Anonymous VPS: pay with Monero/crypto, use anonymous email for registration, and is in privacy-friendly jurisdiction
- Recommended VPS’s: Njalla, 1984 Hosting, FlokiNET
- Anonymous Domain: use registrar that accepts crypto and offers WHOIS privacy
- Most private are Njalla or IncogNET with Monero payment while accessed via Tor
- Only connect to your server via Tor when administering
As long as you pay via Monero and ALWAYS connect to admin via Tor, that’s about as private as you can get. No need to run PeerTube through VPN or Tor.
Could your country take it down? Potentially yes. They’ll have to identify the hosting provider and pressure them legally, and depending on their level of jurisdiction and level of international cooperation, your VPS could get taken down.
To minimize this, host in a jurisdiction known for ignoring takedown requests (Iceland, Romania, Switzerland are often cited) and/or host in a jurisdiction with strong free speech protections and weak cooperation with your country.
However, that will get costly, probably $200/m or more just for VPS hosting, and as you’re considering VPN or Tor, I think you’re wanting to host the server from home to save on cost. Here’s an alternative that’s solid for practical privacy and cost-effectiveness (and is what many small hosters actually do), but it’s not bulletproof. State-level actors will be able to identify you with some elbow-grease.
You still need to get a VPS anonymously, but on it you’ll be hosting essentially a reverse proxy/gateway VPN tunnel to your home server. It’ll be about $10/m.
I’d recommend WireGuard on both VPS and home server and connect to each other. Then install Nginx or CaddyV2 on VPS as reverse proxy. Point your domain towards your VPS, then your VPS will forward all requests through a tunnel to your home.
Your home server should only connect outbound to your VPS (no open ports at home).
This will protect against:
- casual visitors seeing your home IP address
- content takedowns (easily change VPS)
- your ISP from knowing what you’re hosting
However, this will not protect against:
- state-level adversaries who can pressure VPS provider
- anyone analyzing traffic can connect the VPS to your home
- legal compulsion forcing VPS to monitor tunnel destination
Once any of these happens, not only will your content be removed, but it’s led straight to you, unlike the first method where only your content will be taken down, assuming you had solid OPSEC and you didn’t make any mistake (one mistake and you’re unmasked, like logging in without Tor, or reusing identities, etc).