from domx@lemmy.world to selfhosted@lemmy.world on 12 Nov 11:27
https://lemmy.world/post/38691788
Hi all, I’ve been noticing a pattern in self-hosting communities, and I’m curious if others see it too.
Whenever someone asks for a more beginner-friendly solution, something with a UI, automated setup, or fewer manual configs, there’s often a response like:
“If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting.”
Sometimes it feels like a portion of the community views complexity as a badge of honour. Don’t get me wrong, I love the technical side of self-hosting. I enjoy tinkering, breaking things, fixing them, learning along the way. That’s how most of us got into it.
But here’s the question: Is gatekeeping slowing down the adoption of self-hosting?
If we want more people to own their data, escape Big Tech, and embrace open-source alternatives, shouldn’t we welcome solutions that lower the entry barrier?
There’s room for everyone:
-
people who want full control and custom setups,
-
people who want semi-manual but guided,
-
and people who want it to work with minimal friction.
Just like not every Linux user compiles from source, but they’re still Linux users.
Where do you stand? Should self-hosting stay DIY-only or is there value in easier, more accessible ways to self-host?
My project focuses on building a tool that makes self-hosting more accessible without sacrificing data ownership, so I genuinely want your honest take before releasing it more widely.
#selfhosted
threaded - newest
Certain minimum knowledge is required if you don’t want to be low hanging fruit for criminal botnet operators who will use your system to launch attacks.
You can’t also beg/complain about tools “made for you” not existing - if they’re not already there, it may mean the problem can’t be reduced to appliance-user level.
If you’re building such a tool, why ask? Get uptake rate and user feedback data.
You’re right, a certain level of knowledge is essential for safe self-hosting.
The goal isn’t to remove that responsibility, but to lower the initial barrier so people can start learning in a safer, more guided way.
And yes, we’re currently in the testing and feedback phase, so conversations like this are valuable. I’m also interested in hearing broader perspectives from people involved in self-hosting, not just those testing the project.
I haven’t seen that type of response, at least not at any significant frequency, but let me speculate wildly while accepting your premise for the moment.
People in general are less mentally resilient than they were 6-10 years ago, what with The Everything And All That In The Everywhere At All Times. That might manifest in less patience and less willingness to indulge beginners. So I don’t think it’s a conscious thing meant to gatekeep anything, people just don’t have the capacities to explain things again and again in detail (especially when they think the answer is easily found using the search engine of your choice) and are more easily exasperated if things don’t go smoothly.
Again, this is all assuming your premise.
Yeah, I think you’re right, it’s often not intentional gatekeeping. Totally understandable, especially when people have seen the same beginner questions a hundred times before.
But that raises another question: if beginners can’t easily ask for help, where can they turn to safely learn the basics?
Does everyone really have to go through the same painful trial-and-error process alone? Of course, there’s a certain beauty in figuring things out the hard way, that’s how many of us learned, but it could be easier. Maybe there’s room for a solution, a tool or an approach that helps beginners understand what’s happening under the hood, while also taking some of the burden off advanced users who just want things to work smoothly or recover quickly when something goes wrong.
I think truenas and unraid are the only user friendly experience out of the box. Everything else needs a lot of configuring. I don’t think you can call system administration gate keeping
Adding GUI tools adds complexity
A part of it is concern.
System administration on a system you’re planning to use remotely over the internet must be done right. Not being sure what you’re doing is how we all learn, but you really should be sure before exposing yourself to the internet.
It’s not like experimenting with linux on a laptop. Self-hosting is usually about providing some sort of service for yourself, which if accessed by someone malicious, can be used to really hurt you.
Just wanna add here that it is not just hurt in terms of time, money or loss of data(those are a given). It could even land you in legal trouble that you can not explain your way out of in some extreme circumstances.
I’ve been in tech a long time and don’t allow WAN ingress into my network at all because I don’t have time to properly harden my self-hosted services. For absolute beginners, I wouldn’t recommend making anything public until they’re more experienced. Just running Jellyfin for you and your family on an old laptop is a perfect starter project.
I make it simple for myself - only WAN ingress into my network is openvpn protected by both username, password and client certificate files.
Same. No WAN ingress without VPN.
See, no big deal if somebody else comes into your system. You’ll be happier.
Exposing services to the internet is one thing. The other thing is that without really solid backup strategy you can just lose your files. Both concerns grow even bigger if you’re dealing with not just your own data but also your family’s or friends’. It’s a real responsibility.
I think it would be great if more people got into self-hosting but you really need to learn some stuff before jumping in. A single mistake can cost you a lot.
I don’t mind power users in general … but holy molly the militant foss and privacy advocates can be really annoying. Better not mention any proprietary software or you’ll get a dozens answers to a question no one asked.
People who don’t pay for the software they use are some of the worst, most demanding, most opinionated and most ignorant users. Source: I use free software and avoid people who “hate systemd”.
“Militant foss” reads like the old saying “militant atheist”…
Maybe you aught to take your own advice and not mention this again, otherwise you’ll hear opinions that conflict with your own.
Yes, that was very much the comparison I was going for.
Also I’m already taking my own advice here and generally don’t go around lecturing people on things they didn’t asked for.
I suspect there are a number of people who self host at least in part because they’ve been burned by proprietary software and enshittification, so it’s not a surprise that there’s strong opposition to those solutions.
Hardly gatekeeping. It may well turn away complete noobs, but docker is the easy way for a lot of stuff ATM.
We’re talking (potentially) highly sensitive contents here for the most part. Yes, selfhosting has become easier than ever, but at the same time more people who basically lack the experience and/or patience to actually understand what they’re doing want to start selfhosting. And that simply doesn’t end well in an alarmingly high number of cases.
Yeah sure, of course there are tools that can make life easier. But have a look at the “big” self-hosting packages. A lot of them will need at least some manual configuration. Then there’s the “exposing a host to the open net” aspect, which can (and usually will) introduce a whole different level of attack surfaces.
So combine that with the ever-growing number of self-hosters, and of course you will notice more advice like that.
Yeah, self‑hosting without some basic knowledge can be risky, especially when handling sensitive data. At the same time, very strict warnings, even if well‑meaning, can be intimidating for newcomers.
Self hosting isn’t for everyone, of course, but for those genuinely interested, even if they don’t have years of technical experience, there could be a safer, guided first step. Something that helps people learn the basics while keeping their setup secure and giving them confidence to explore further.
Everyone’s wrong here. New users should try to look up some basics, and existing advanced users should tolerate beginner difficulties and not say anything if they can’t support and welcome the beginners. It would be perfectly acceptable to have a self hosted noobs community so advanced users are isolated from noobs if they want to be.
Frankly, this has been a longstanding barrier for me in adopting Linux and self hosting. Communities can be really unhelpful. It’s not like hobbyists are starting with reading an organised textbook. Knowledge is picked up piecemeal and sometimes there are glaring holes in beginner knowledge. For Linux adoption and self hosting, AI has helped me a hell of a lot. I wouldn’t be able to do any of this without AI. In my mind, this is a perfect use for AI. I can ask my dumb beginner questions without annoying AI, and it’s a very low risk situation for when AI gets things completely wrong and it doesnt really matter much. Also I find it amusing that I used the big tech company’s tools to move to platforms that deny big tech companies from exploiting my data, which is now safely local.
Isn’t this something Linus Media Group is focusing on by investing in HexOS…lower the barrier for entry. I see no sense in turning away people who are interested in privacy and security. Communities should really have a “gates open, come on in” attitude.
Eh, the issue with using AI with something like a self-hosted setup is that it lacks nuance and is most likely sourced from all the stack overflow answers without including, again, any context that might be involved.
This leads to situations where it “works,” but potentially in a way with glaring issues that you would otherwise get from this community.
That said, I understand that “advanced” users here can be uptight about things that they believe to be a foregone conclusion, which is where the whole “learning” aspect is what we all need: both learning to self-host “better” and learning to help others.
A lot of things I’ve done may well be very poor practice. But at least I’ve got this thing off the ground and am learning from there. If I couldn’t make a start then I wouldn’t go down this rabbit hole at all in the first place. Without trying, implementing, breaking and making mistakes…it’s not like I would have browsed Stack Overflow for months. I have no programming or PC qualifications. Self teaching ain’t easy. AI did a lot more heavy lifting initially. Now it mostly double checks my YAML draft and makes sense of error logs so I can be pointed in the right direct to know where to even start reading.
Fair enough! My own experience has so far been less helpful, due to it hallucinating config based on what I’m asking and if my use case is possible, which made me turn more to perusing docs and source code 🙃
Yeah, I totally get it. I’ve run into the same thing plenty of times. Experienced self hosting folks aren’t always the most helpful. AI can give beginners a hand, but you still need to know what you’re asking it to do and double check its answers, since it can make stuff up.
As for the advanced users not always being supportive…not sure that’s something you can change easily. But I do think there’s a lot of potential in a tool or resource that helps beginners step into self hosting safely, get the basics down, and have something solid to build on later.
You’re confusing a lack of handholding with gatekeeping.
First, you’re not entirely right. you can get a ton of self hosting done with things like Synology or Home assistant, and never see the complexity. You might get owned by a botnet, but it “works.”
Self hosting securely has a steep learning curve, there’s no way around that. What you’re asking for is for someone to write programs that’ll let you skip the learning curve.
GitHub is littered with abandoned attempts at doing this. You bury your lede by mentioning “your project” at the end. It’s your project going to be another well intentioned attempt that’s eventually abandoned or causes more problems than it solves?
Basically means the user has to trust that project to do the right thing and be maintained to keep their setup secure.
That’s generally true for any end user software.
If it is then not enough people have heard of YUNOhost.
Some hobbies have minimal levels of skill/knowledge/equipment to properly do them, and I’d argue that self hosting is one of them. You can say people are hostile to beginners, but I might say people are trying to save them from themselves by not just telling them how to slap shit together so they can put it on the Internet and get owned by Internet Background Radiation in a short period of time.
My personal opinion is that beginners are too over confident in their skills or expect setting things up is like setting up an online account, and expect everything to be ready for them to install in their preferred method, and get upset when people tell them they need to upskill to be able to accomplish their goal.
An example of this is a conversation I had with someone online about some docker distributed app, and people were trying to get the person to use docker like the install doc says instead of trying to figure out how to just install it directly into the OS, because that’s the way they’re used to doing stuff and they were determined they weren’t going to change now despite the software author’s supported path not including direct install. If the person was willing to learn docker (which is not very difficult if you can follow a tutorial and use compose files), they’d be able to quickly accomplish what they want while also opening more doors for them in the future.
If you want to understand your setup (which is quite important, in my opinion), there is no way around the fact that you will have to spend some time reading about the services you use. Even if you GUI everything away, it will come a moment when something breaks and you stand there, knowing nothing and/or what to do/where to begin. Most people aren’t in for the “reading” part.
I would echo that, if you have read the manual and still can’t fix it then forums are the place. I see so many posts that start with “I’ve tried nothing and I’m all out of ideas”
Self hosting is a skill that needs learning, you can’t start at the top.
Learning to read manuals and how to find the bit you need is part of that skill.
I think much of the gatekeeping is over concern that if you mess up, you could unknowingly be allowing a sophisticated hacker to access all the data on your network, without any obvious signs. And maybe some people don’t want to field noob questions like “I clicked something and now the GUI gives a 😕 and doesn’t work anymore, what do I do?”.
There is a skill floor, I would say similarly that you wouldn’t be ready to install Linux yourself if you don’t get suspicious when a .iso download gives you a .exe file instead.
I think Yunohost is a decent solution for beginners that avoids as much of the nitty-gritty as possible. Louis Rossman has made a massive guide that’s about as close as an IKEA step-by-step as you can get with this stuff. We should be encouraging people to learn, but there is a sense of reticence to have people get too in over their heads due to cybersecurity reasons.
Edit: linked the guide
I think the bulk of users are running discarded junk and raspberry pis.
That was me, I built a ~$5k rig and now some of what I’m doing is just nonsense of a typical self hoster, so the point is somewhat valid, but even those like me mostly started out with discarded junk and raspberry pis.
Docker used to scare me until I tackled a project that required me to use it. Then I realized I learned it without knowing I’d learned it.
Developers have to eat. You can pay of do it yourself.
What sounds like gatekeeping is often a strongly worded emphasis on having the prerequisite knowledge to not just host your services, but do it in a way that is secure, resilient, and responsible. If you don’t know how to set up a network, set up a resilient storage, manage your backups, set up HTTPS and other encryption solutions, manage user authentication and privileges, and expose your services securely, you should not be self-hosting. You should be learning how to self-host responsibly. That applies to everything from Debian to Synology.
Friends don’t let friends expose their networks like Nintendo advises.
Yes, absolutely.
if you cannot run
docker compose upor understand the basics of what it’s doing, you should not be self hosting. Yes, Docker can be difficult to troubleshoot but you need to understand where your data is being stored and generally self hosting projects using Docker are easy to set up.Implying exposing your server to the Internet. Yes. 100%. If you do not know what you’re doing, you should not. This is dangerous to your machine and to your data.
This is a plain text file. You can open it with Notepad or your operating system’s equivalent. Editing a text file to enter some default parameters is a low bar and if you can’t edit a text file, you’re going to get caught up in some other part of self hosting
You made pretty much every point exactly how I was going to make it.
I will mention that even as a pretty experienced sysadmin, learning Docker, reverse proxies, and relevant config files took ages because there are treated as assumed knowledge.
Every YouTube video on Docker is 30 minutes shorter than they should be, and terminology for reverse proxies is really confusing if you’re not already familiar.
It’s great to say you shouldn’t use these if you’re not familiar, but these are also probably the most poorly taught subjects in computing right now from my experience.
Been using reserve proxies for some server setup. Still don’t understand how it really works
The very rough idea is this:
I have a server with multiple services and only one open port (not counting the SSL port) on my router.
Traffic comes into that one port straight to my server. That server has a reverse proxy installed with a directory of subdomains and associated ports.
It internally routes traffic coming in on my open port to the internal services on the server without having to expose them directly to the internet.
The big advantage is that because it all goes through my reverse proxy, I can add SSL certs to just that and now all of my subdomain services get the benefits of the SSL cert on the host.
I’m sure there are other uses for reverse proxies, but this is how they work in my setup.
I think you’ve missed the point OP is trying to communicate.
It’s not that these things aren’t relevant, highly important, and good caution/warning. It’s the gate that people are creating with these no depth explainers. “you need to understand” “if you don’t know” – then fail to provide direction to people who want to know, to learn these things, to figure out where to start; that’s the gate.
Yes.
Source: this thread
Agree. “Are you perhaps too angry?”, “The HELL I’m not! F*ck off !”, “alrighty then”…
uh, if you can’t figure those things out then you absolutely should not be self-hosting until you can. those are the basic first steps a self-hoster takes, and if you somehow get them wrong you can expose yourself to some serious bad actors out there that will definitely exploit your setup and steal whatever data they can.
you see it as gatekeeping, and it is, but everyone here recognizes that if you fuck this up, you will get pwned. this isn’t a hobby you can just jump into without learning anything first. there are real consequences to messing up, and depending on what data you have accessed by a malicious actor, it could have lasting damage on your life.
I dont find needing to knowing how to use the most common way of setting up servicss is gate keepy.
If you dont want to learn things then it probably is better to just pay someone else to handle the setup i dont think there is anything wrong with doing it that way either.
Self hosting is not just one thing. You are system adminstrator, network engineer, security specialist, service architect and many other things, specially if you expose anything to anyone outside your very private network. And to get anything even running on that complex mess requires some knowledge on a lot of things. Making them run securely with proper backups requires even more knowledge on things.
Sure, you can just throw some docker images on your old desktop and be happy, even forward ports from the public internet to your things if you like. But that exposes your stuff to quite a lot of dangers and if you just click buttons without any understanding you’ll soon be a part of a botnet or lose your data or lose money if someone decides to mess around with your home automation or something else.
I get what you’re saying, not all of us are very polite and answers can be pretty harsh, but more often than not the generic idea behind those answers is not trying to be an asshole or gatekeep anything. It’s just that there’s a skillset you need to build things safely and if it’s clear from the start that someone looking for answers is way over their head it’s better for everyone to get them take a step back and learn instead of trying to create a meaningful answer since there’s too many variables or it’d just take immense effort to write down comprehensive guide on what to do, why and how for everything from the ground up.
I know for a fact that in my area there’s a bunch of surveillance cameras, home automation stuff and even some farm equipment directly open to the public network just because someone just plugged things in without any idea on the whole picture. Sometimes the correct answer is ‘stop shooting yourself on the foot and learn the basics first, then come back’.
God yes, where I work I cover most of that.
There for self hosting is part of how I work, I need to know networking, how to administer Linux servers and even how to debug applications from logs.
It’s all skills that you need to learn, that’s not gate keeping it part of self hosting.
“Has anyone noticed that medical doctors gate-keep people doing open heart surgery?”
Why do you assume self-hosting is and can be trivial? It is NOT for everybody. You should have some base level of technical knowledge. You should expect to need to learn some things. It’s not a badge of honor, it’s experience.
Good luck with that. Don’t get your users pwned in the process. You’re now responsible for the security of people who think “opening a command line” is too difficult.
Self-hosting is trivial and everyone can do it.
Exposing services to the internet is not.
Just like everyone doing open heart surgery on dummies is fine, everyone self-hosting in their own network is fine. You can buy hardware right now that connects to power and wifi and you are self-hosting.
The users who are being talked about here probably don’t get that exposing your machine to the Internet carries risk. That’s the point.
There is literally a thread somewhere on my Lemmy I need to try and find just recently that shows this perfectly. Someone made a thread asking how they can self host their images for backup from their phone and naturally everyone pointed them to immich. And they immediately started complaining and bitching that they could not access it from outside their local network. Instead of asking how to fix that they were like what the hell is the point if I have to be on the same Wi-Fi this is stupid. And they basically did not want to engage with the people being like hey you need to either make a reverse proxy or open a port on your router. They should not be self hosting
Yep, that sounds like the poster child for this phenomenon.
So is open heart surgery. Unless you want it to end successfully.
I wouldn’t equate installing proxmox on an old pc to open heart surgery. It’s pretty basic stuff and you can follow guides on how to install services in a container or vm. People are interested in things like pihole, home assistant, arr stacks, nas, and better control over their network. It’s definitely not rocket surgery.
I do not agree
Yes, it sometimes can be difficult and frustrating, but so long as someone, anyone, is willing to try and learn and fail and retry, they can get my help
Have you forgotten that you too started at 0?
Not at all. In fact I remember the day my server was hacked because I’d left a service running that had a vulnerability in it. I remember changing passwords, calling my bank to ensure there had been no fraudulent charges, etc. I remember “war driving” to find vulnerable WiFi networks. I remember changing default passwords on a service setup by a client of mine.
As I said - it’s not gate-keeping it’s experience.
Teaching is “gate-keeping” apparently. You can’t tell somebody that they need to learn something! You just need to give them a link to a url and say “run this thing as root and your stuff will work - totally not a scam tho”.
Was this server on an internal network?
Using wireguard to VPN into your home network is mostly trivial (using tailscale to do so is actually trivial, for my usage of the word, but introduces an untrusted company into the mix), opening your local network to the outernet is not, expect pain.
I’ve experienced gatekeeping issues long before I got into self-hosting specifically. Years ago I wanted to learn C++ for Arduino and I was constantly talked down for asking questions.
“Why don’t you just do …” in response to a question feels very rude as a newcomer because it feels like I am being talked down to for not knowing what others already know. Even when I made an effort to show I was making an effort to learn on my own, I was still belittled.
I’m all for hearing different ways of approaching my issue but from the replies, it often feels like other people insist there is only one true specific way to handle an issue.
When I first got into self-hosting, people kept pushing Cloudflare on me. When I expressed concern over a large centralized corporation having that much control and how they might have service issues, I was mocked really hard. Half a year later and there was a significant outage and suddenly there’s all this talk about how centralized the internet is and how that is bad.
After that I took it upon myself to find alternative ways to protect myself without Cloudflare’s services but every step of the way has been an isolating experience. Every step of the way has been full of people saying that my efforts are pointless and that the bots will win anyways so I shouldn’t bother.
I decided to try to secure myself through multiple layers of obscurity and every question in that direction has been full of people saying that obscurity is not security, the bots will find you anyways!
I’ve stopped myself from asking too many questions now. I still keep learning in my direction. I feel like I’ve managed to find multiple solutions that both obscure and protect myself. I’ve constantly check my logs for months now and the bot is less than I expected in places I expect them to be and completely zero in other places I thought there would be some activity.
I want to share what I have learned and my experiences but I know I will receive backlash for deviating from the norm.
I’ve spent a lot of my self-hosting efforts trying to find ways to protect myself with minimal use of third party services, documenting as much as I could only feel afraid to share what I have learned.
This comment may not be about learning self-hosting as a beginner specifically but the vibe has been pretty damn consistent throughout me learning C++, self-hosting, linux and shell scripting. All things I enjoy but all so full of people ready to talk down to someone who wants to learn.
If I were trying to point a non tech user into setting up a local lab I would probably advise them to get a machine with Proxmox running and then use images from www.turnkeylinux.org and start off with www.turnkeylinux.org/mediaserver as a new instance.
> Joined 3 hours ago
> first post is concern trolling
Being encouraged to learn about the basics isn’t gatekeeping, it’s just sound technical advice. Self hosting can be great, but when you shift critical services/infrastructure and something goes south you expose yourself to some serious harm (think self-hosting your password management), or perhaps leave yourself open and vulnerable to threats you don’t understand.
Having access to easier/friendlier tools is great, but using them without fundamental understanding is risky.
I think the gatekeeping part isn’t the warning or cautionary advice being given, It’s the failure to point, and give direction to, the relevant thing(s), the skill sets, the place to start in order to understand the complexities.
Like the hart-surgeon analogy given elsewhere in the comments; it’s not just the dire warning of ‘you can kill someone’ - it’s the humanity to say, well if you want to learn how to do this, you’re going to have to start by having an understanding of basic biology, organic chemistry, human anatomy, etc, and to learn about those things go here…
Expecting every post to come with a little handholding tutorial isn’t reasonable either. For the surgeon example it doesn’t take a surgeon to give the warning, but that same non-surgeon isn’t necessarily in a position to guide anyone either.
Docker, copy-paste yaml definitions and shit are the automated/user-friendly solution. There are projects that provide things that you want, they are either proprietary or cloud-based, or paid.
Yes. In theory.
But in practise, this is the one great unsolved mystery of Linux.
And maybe self hosting has a similar one.
I expose homeasssistant via nginx. I run snort and I can assure you I am constantly getting hits. I haven’t tuned it much, so I’m sure there’s false positives in there but I’m equally sure there’s false negatives.
If you can’t figure out how to set up docker, set up a reverse proxy, check and configure TLS, you definitely aren’t ready for self hosting. It’s a highly technical exercise and one bad move will make your Internet connection part of a botnet. (Arguably, you don’t even need to be self hosting for that, but there’s no point in making it easy).
I believe it’s never been easier to set up a home server. I set up Tailscale in between sips of coffee one day and my mind (as an almost-grizzled sysadmin) was blown. My non technical family members can set up a VPN in 10 minutes. It’s a terrible security practice, but there’s pipe-to-bash scripts everywhere now that get things set up and running in minutes. You want Homeassistant container on proxmox? Burn the proxmox image to a usb, boot and install, then run this command. Boom. Homeassistant in a container. Let’s do pihole - another script and we’re done.
It’s ludicrously easy to get going compared to even 10 years ago.
Yes, when you want to change a setting, or configure it for local use, it’s more complicated. But that’s the way it’s always been, and that’s how I learn - follow the cookbook, and then realize you need to change this piece, which requires understanding that piece, and there you go.
I don’t see this phenomenon. Maybe people suggest those things to use because frankly, they’re a very fundamental part of the self-hosting landscape, and you’re see it as “you must use these”. Use whatever the hell you want and pay the price for doing it the hard way, by all means. But saying people are gatekeeping isn’t the way I see this community.
This made me look up freedom box.
Self hosting is a great opportunity to learn about some popular technologies and even acquire a few sysadmin skills. Required knowledge of a self-hosted solutions tech stack is not gatekeeping any more than required knowledge of tools and building materials is gatekeeping when it comes to renovating your bathroom. In either scenario, if you don’t know what you’re doing, it’s going to be a much more difficult job.
That said, you should not be exposing any of your services to the public if you don’t know what you’re doing. That’s a quick way to a bad time.
Every response I read here seems to get it. Yeah, you shouldn’t do risky things without understanding them first. By all means play around with self hosting without knowing anything at first, but do not expose your machine to the Internet without fully understanding the implications and do not complain that self hosting is hard. If you think it is, you just need a bit more education. It’s already incredibly easy these days.
There are tools for that, no?
You can install NAS software that turns self hosting stuff into one click installs.
I’ve been following this community for a while now and have not yet found the courage to selfhost anything.
I find the answers generally either assume a lot of knowledge, or throw out a single solution provider (synology, nextcloud, yunohost). Neither of these approaches helps me advance the big picture overview that I’m lacking, or a way of evaluating what the best setup is for me. I’ve started drafting an overview document for myself with the vague idea of asking for feedback here but I’m not sure such a request would be welcome.
So, yes, I would be interested in a solution that makes self-hosting more accessible.
Honestly the best thing to do is just start trying things and don’t only rely on your own stuff until you have a good understanding.
Just get an old computer and install an os you want to learn, worst case you break it and reinstall.
I suggest proxmox since you can lean on community scripts and can backup and restore any containers pretty easily if needed.
But as with anything don’t go in expecting to be perfect, just get started, break some eggs and learn from mistakes. You will learn what you like about it, what you would change and you can burn it all down and start again if you want as well.
The best thing to do is just start with whatever you already have. An old gaming rig, laptop or Raspberry Pi, doesn’t matter. Each will present some technical obstacle that you need to overcome (for example keeping the laptop going when the lid is closed). That’s part of learning.
Self-hosting is a hobby where we gradually learn more. Experimentation is just as important as reading the docs.
As an aside, be careful running your laptop with the lid closed. Some need to be open for proper cooling.
Find the skills gaps that you have; find the thing that interests you about it; and dig into that fundamental piece, don’t understand what the fundamentals might be, go check out .edu, or certification outlines with the vocabulary/knowledge you do have so you can build from the concepts (and benefit from their already determined progressions) , so you can developed additional vocabulary and knowledge of the discipline.
Gate-keeping is a strong word… It also implies that people on the other side of the gate learned something to get there.
20 years ago we were doing what we could manually, and learning the hard way. The tools have improved and by now do most of the heavy lifting for us. And better tools will come along to make things even easier/better. That’s just the way it works.
Compare self-hosting to doing your own mechanic work on a vehicle: there are a lot of tasks that most ppl would benefit from learning the diy way to do it, but there are dangers to car repair that will never go away, like proper car support with jacks, securing wheels correctly, etc.
It would be neglectful for the community to say nothing and send ppl off to get pwned.
Its called superuser chauvinism.
If you’re hosting stuff visible to the wider world and you don’t really know what you’re doing you might have a bad time. But also just going for it is how you learn.
I’m self hosting to learn. I’ve been hacked before and I lost stuff and then I refined my technique and started over again. Nothing I do is “mission critical”, so I now have the mindset that it will fail, I will lose data and time and I will get hacked. Honestly, it’s helped me to be better at home and at my workplace to have this mindset. Always plan for failure (and keep backups).
Self-hosting doesn’t always mean exposing things to the internet. It just means you have a PC capable of running software/services that can be accessed over your network. Whether or not you choose to expose that to the internet is up to you.
If this is an example of gatekeeping, I think you are misjudging.
Whenever self-hosting there’s a very real risk of exposing your private data to the internet. Potentially a lot more private data than you’d otherwise expose via cloud providers. This risk necessitates a basic understanding of some of the importand bits and how to operate them securely. If not for that, then anything would go.
Understanding docker, reverse proxy, and YAML which is used to configure those is part of probably the simplest way to get to secure self-hosting. I’d add a self-hosted VPN to access local resources. I’m not aware of a magic UI solution that does it all and securely. Docker compose files are very accessible. A couple of those followed by
docker compose up -dand you have a basic env up and running.Generally the lack of knowledge in X or Y doesn’t mean there’s necessarily an easier path than learning X and Y and that you’re being gatekept by being told you have to learn X and Y. Some things are harder than others. Buying Apple Cloud and setting it up is easier than self-hosting Nextcloud. I don’t think that should be the case, but today it is as far as I’m aware.
Self hosting doesn’t inherently mean your stuff is publicly accessible, though.
Yes, but self-hosting does whatever the HOWTO, YouTube vid or AI slop the user follows tells them to do. If the user doesn’t know the basics, how could they know what an instruction for activating UPnP does or opening a NAT port does and why that might expose their data? Laymen don’t even understand what making theie stuff publicly accessible means. It might simply mean “Yay I can access my stuff on the go.” 😄
If on the other had the user learns the basics, they can tell when a doc instructs them to do something dangerous and they can do something about it to avoid disaster.
I think its rather expectation management. At some point you are going to see a wall of errors in command line. Even local hosting without exposing to internet will for typical user mean configuring routers because each wifi router creates NAT-ed subnet by default. Installation might be trivial but accessing your basement server from living room might not be.
Yeah. I’m seeing a lot a it in this thread tbh. People are stylizing themselves to be IT admins or cybersec people rather than just hobbyists. Of course, maybe they do do it professionally as well, but I’m seeing an assumption from some people in this thread that its dangerous to self host even if you don’t expose anything, or they are assuming that self hosting implies exposing stuff to the internet.
Tailscale in to you machine, and then be done with it, and otherwise only have access to it via local network or VPN.
Now, about actually keeping the services secure, further than just having them on a private subnet and then not really worrying about them. To be explicit, this is referring to fully/partially exposed setups (like VPN access to a significant number of people).
There are two big problems IMO: Default credentials, and a lack of automatic updates.
Default credentials are pretty easy to handle. Docker compose yaml files will put the credentials right there. Just read them and change them. It should be noted that you still should be doing this, even if you are using gui based deployment
This is where docker has really held the community back, in my opinion. It lacks automatic updates. There do exist services like watchtower to automatically update containers, but things like databases or config file schema don’t get migrated to the next version, which means the next version can break things, and there is no guarantee between of stability between two versions.
This means that most users, after they use the
docker-composemethod recommended by software, are manually, every required to every so often, log in, and run docker compose pull and up to update. Sometimes they forget. Combine this with shodan/zoomeye (internet connected search engines), you will find plenty of people who forgot, becuase docker punches stuff through firewalls as well.GUI’s don’t really make it easy to follow this promise, as well. Docker GUI’s are nice, but now you have users who don’t realize that Docker apps don’t update, but that they probably should be doing that. Same issue with Yunohost (which doesn’t use docker, which I just learned today. Interesting).
I really like Kubernetes because it lets me, do automatic upgrades (within limits), of services. But this comes at an extreme complexity cost. I have to deploy another software on top of Kubernetes to automatically upgrade the applications. And then another to automatically do some of the database migrations. And no GUI would really free me from this complexity, because you end up having to have such an understanding of the system, that requiring a pretty interface doesn’t really save you.
Another commenter said:
And I agree with them, but I think things kinda stalled with Docker, as it’s limitations have created barriers to making things easier further. The tools that try to make things “easier” on top of docker, basically haven’t really done their job, because they haven’t offered auto updates, or reverse proxies, or abstracted away the knowledge required to write YAML files.
Share your project. Then you’ll hear my thoughts on it. Although without even looking at it, my opinion is that if you have based it on docker, and that you have decided to simply run docker-compose on YAML files under the hood, you’ve kinda already fucked up, because you haven’t actually abstracted away the knowledge needed to use Docker, you’ve just hidden it from the user. But I don’t know what you’re doing.
You service should have:
Further afterthoughts:
Simple in implementation is not the same thing as simple in usage. Simple in implementation means easy to troubleshoot as well, as there will be less moving parts when something goes wrong.
I think operating tech isn’t really that hard, but I think there is a “fear” of technology, where whenever anyone sees a command line, or even just some prompt they haven’t seen before, they panic and throw a fit.
EDIT and a few thoughts:
adding further thoughts to my second afterthought, I can provide an example: I installed an adblocker for my mom (ublock origin). It blocked a link shortening site. My mom panicked, calling me over, even though the option to temporarily unblock the site was r
Yes and it’s so funny to me as somebody that works in datacenter and cloud infrastructure for public apps for a living. All the gatekeeping is done by hobbyists without the faintest clue but all the confidence in the world, or click ops internal IT sysadmins grossly overestimating their self worth.
Be safe, ask questions, and fuck what the haters think.
Is this a troll post?
<img alt="" src="https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fmedia1.tenor.com%2Fm%2F--6LynDlRSUAAAAC%2Futurama-noway.gif">
This post seems like rage-bait or engagement-bait, especially given OP’s account is less than a day old.
I don’t inherently agree. Gatekeeping often is a magnified issue for novice users. Perhaps they came over with the latest reddit exodus, saw recommendations for self hosting on the new platform, got pushback and created an account to complain. I appreciate the concern, but I don’t think it’s valid to assume because the account is new, it must be a troll.
It’s a LLM. Look at their comments, very formulaic.
lemmy.world/u/domx?page=1&sort=New&view=Comments
Check out Yunohost. In my experience it is way easier to setup and manage than docker. I’ve been using it for years and it continues to improve and add more supported software.
I’ve had a quick first look at Yunohost and it seems very memory intensive. What are you hosting and how much RAM do you have installed?
There should be both. Minimal config + gui options for people just getting into the hobby, or just want the thing. And a more open option for people who hit the limits of the first, or to do interesting shit, or to repeatably build a thing.
I go back and forth on my server. During summer I wish it was all Docker YAMLs so I can press “update” in Dockge and then enjoy the weather.
But, I also do non-typical things. Users have a rPi in their house that captures requests and routes them through Tailscale to my server for remote access without a VPS or opening ports.
I’m not too technical so I often struggle setting things up, and documentation can be less than helpful at times, sometimes I really wished there was a gui or wizard, but it’s doable.
I agree with a lot of the folks here. I don’t think it’s gate-kept. It’s just part of self hosting. I have a YouTube channel dedicated to teaching people about self josting, open source, and how to get it all running. There are great projects out there that provide incredibly powerful UIs, TrueNAS, OpenMediaVault, Unraid, Proxmox, NextCloud, HomeAssistant, NetBird, Pangolin, NGinX Proxy Manager, Portainer, and so many more. All designed to make self hosting easier and safer. I know 8 or 10 other creators who also do self hosting and how to’s. It does require learning, time, and dedication. As does anything worth while.
Absolutely agree. I have been thinking of starting a selfhost guide that takes you through the different ways to selfhost and the basic concepts of it, but gave up because I’m a shit writer and my experiences are mostly docker, k8s and Terraform/OpenTofu.
I tried to get my head around this too and wrote this a while ago: lemmy.world/post/34986579 – I called it localhosting, and it’s about some ideas that could bring more people into the boat.
I haven’t made much progress unfortunately, but I do believe that selfhosting needs to become more accessible for non techies. It’s a pity how many great open-source selfhostable alternatives are out there, and how little people can actually install and maintain them. This gap is wild to me.
Nah, I don’t think its being gatekept. I got into self hosting earlier this year, so I have pretty fresh eyes as a new novice.
This community here has been an incredible resource for learning and asking questions, and people here are generally very helpful and kind.
"If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting."
Is telling people they have to learn traffic laws before driving gatekeeping driving now?
My experience is that runtipi turned docker into an app store. The technical barriers to entry have never been lower. There are so many helpful voices out there that I’ve never really had to ask anyone a unique question because someone else has typically asked whatever I need to know and been answered.
I do think there are very reasonable arguments to be made that when you are opening a server containing your personal data, to outside access, you probably should be cautioned about your technical limitations. Even if it’s not pleasant to hear.
I honestly don’t think it’s a great idea for most people (myself included) to casually dabble in server administration. There’s a pretty big margin for error. Unfortunately it’s the only private solution for the time being. I don’t trust anyone else.
Depends on the community. I’ve met some very helpful noob-friendly developers who recognize you’re a noob and will use simpler terms to guide you through the process, and passive aggressive assholes that’ll ignore your messages the very second they figure out you’re a noob. Even though they were literally just talking to you seconds before.