Check out my comment here: https://lemmy.one/comment/325139
The relevant parts for you are:
- The default configuration for Lemmy does log IP addresses through nginx's access log.
- The default configuration doesn't rotate or prune the logs; they are maintained indefinitely.
- The default configuration doesn't encrypt the logs (file-level encryption) or disk (block-level encryption.)
The requests and IPs are therefore vulnerable to:
- The server admin can check the logs (who can SSH into the server itself, not just an admin on Lemmy)
- The hosting provider can check the logs (the file is not encrypted and they own the disk they're stored on)
- A government can subpoena the server admin or the hosting provider for these logs.
A Lemmy instance that is concerned about its user's privacy should either disable access logging, or log to RAM, and ideally encrypt it too.
However, this raises the issue that you don't know what software the server is actually running. The above analysis is based on looking at the default configuration of the open source code. But if they were to change the logging to be more secure, you would need to trust them when they say that's actually the code they are running.
Have you considered using a VPN like Mullvad or even Tor? Lemmy doesn't have the same issues with blocking VPNs as reddit does. (Although some fediverse instances, such as Kbin, use Cloudflare, which does its best to block VPNs/Tor.)
Let me know if you have any other questions.