Is self-hosting becoming too gatekept by power users?

Submitted ⁨⁨15⁩ ⁨hours⁩ ago⁩ by ⁨domx@lemmy.world⁩ to ⁨selfhosted@lemmy.world⁩

Hi all, I’ve been noticing a pattern in self-hosting communities, and I’m curious if others see it too.

Whenever someone asks for a more beginner-friendly solution, something with a UI, automated setup, or fewer manual configs, there’s often a response like:

“If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting.”

Sometimes it feels like a portion of the community views complexity as a badge of honour. Don’t get me wrong, I love the technical side of self-hosting. I enjoy tinkering, breaking things, fixing them, learning along the way. That’s how most of us got into it.

But here’s the question: Is gatekeeping slowing down the adoption of self-hosting?

If we want more people to own their data, escape Big Tech, and embrace open-source alternatives, shouldn’t we welcome solutions that lower the entry barrier?

There’s room for everyone:

people who want full control and custom setups,
people who want semi-manual but guided,
and people who want it to work with minimal friction.

Just like not every Linux user compiles from source, but they’re still Linux users.

Where do you stand? Should self-hosting stay DIY-only or is there value in easier, more accessible ways to self-host?

My project focuses on building a tool that makes self-hosting more accessible without sacrificing data ownership, so I genuinely want your honest take before releasing it more widely.

source

Comments

Sort:hotnew top

moonpiedumplings@programming.dev ⁨10⁩ ⁨hours⁩ ago
Yeah. I’m seeing a lot a it in this thread tbh. People are stylizing themselves to be IT admins or cybersec people rather than just hobbyists. Of course, maybe they do do it professionally as well, but I’m seeing an assumption from some people in this thread that its dangerous to self host even if you don’t expose anything.

Tailscale in to you machine, and then be done with it, and otherwise only have access to

Now, about actually keeping the services secure, further than just having them on a private subnet and then not really worrying about them. To be explicit, this is referring to fully/partially exposed setups (like VPN access to a significant number of people).

There are two big problems IMO: Default credentials, and a lack of automatic updates.

Default credentials are pretty easy to handle. Docker compose yaml files will put the credentials right there. Just read them and change them. It should be noted that you still should be doing this, even if you are using gui based deployment

This is where docker has really held the community back, in my opinion. It lacks automatic updates. There do exist services like watchtower to automatically update containers, but things like databases or config file schema don’t get migrated to the next version, which means the next version can break things, and there is no guarantee between of stability between two versions.

This means that most users, after they use the docker-compose method recommended by software, are manually, every required to every so often, log in, and run docker compose pull and up to update. Sometimes they forget. Combine this with shodan/zoomeye (internet connected search engines), you will find plenty of people who forgot, becuase docker punches stuff through firewalls as well.

GUI’s don’t really make it easy to follow this promise, as well. Docker GUI’s are nice, but now you have users who don’t realize that Docker apps don’t update, but that they probably should be doing that. Same issue with Yunohost (which doesn’t use docker, which I just learned today. Interesting).

I really like Kubernetes because it lets me, do automatic upgrades (within limits), of services. But this comes at an extreme complexity cost. I have to deploy another software on top of Kubernetes to automatically upgrade the applications. And then another to automatically do some of the database migrations. And no GUI would really free me from this complexity, because you end up having to have such an understanding of the system, that requiring a pretty interface doesn’t really save you.

Another commenter said:

20 years ago we were doing what we could manually, and learning the hard way. The tools have improved and by now do most of the heavy lifting for us. And better tools will come along to make things even easier/better. That’s just the way it works.

And I agree with them, but I think things kinda stalled with Docker, as it’s limitations have created barriers to making things easier further. The tools that try to make things “easier” on top of docker, basically haven’t really done their job, because they haven’t offered auto updates, or reverse proxies, or abstracted away the knowledge required to write YAML files.

Share your project. Then you’ll hear my thoughts on it. Although without even looking at it, my opinion is that if you have based it on docker, and that you have decided to simply run docker-compose on YAML files under the hood, you’ve kinda already fucked up, because you haven’t actually abstracted away the knowledge needed to use Docker, you’ve just hidden it from the user. But I don’t know what you’re doing.

You service should have:

A lack of static default credentials. The best way is to autogenerate them.

Further afterthoughts:

Simple in implementation is not the same thing as simple in usage. Simple in implementation means easy to troubleshoot as well, as there will be less moving parts when something goes wrong.

I think operating tech isn’t really that hard, but I think there is a “fear” of technology, where whenever anyone sees a command line, or even just some prompt they haven’t seen before, they panic and throw a fit.
source
gravitywell@sh.itjust.works ⁨13⁩ ⁨hours⁩ ago
I dont find needing to knowing how to use the most common way of setting up servicss is gate keepy.

If you dont want to learn things then it probably is better to just pay someone else to handle the setup i dont think there is anything wrong with doing it that way either.

source
comeonitsnotlike@feddit.nu ⁨14⁩ ⁨hours⁩ ago
If you want to understand your setup (which is quite important, in my opinion), there is no way around the fact that you will have to spend some time reading about the services you use. Even if you GUI everything away, it will come a moment when something breaks and you stand there, knowing nothing and/or what to do/where to begin. Most people aren’t in for the “reading” part.

source
lka1988@lemmy.dbzer0.com ⁨11⁩ ⁨hours⁩ ago
Self-hosting doesn’t always mean exposing things to the internet. It just means you have a PC capable of running software/services that can be accessed over your network. Whether or not you choose to expose that to the internet is up to you.

source
thelocalhostinger@lemmy.world ⁨7⁩ ⁨hours⁩ ago
I tried to get my head around this too and wrote this a while ago: lemmy.world/post/34986579 – I called it localhosting, and it’s about some ideas that could bring more people into the boat.

I haven’t made much progress unfortunately, but I do believe that selfhosting needs to become more accessible for non techies. It’s a pity how many great open-source selfhostable alternatives are out there, and how little people can actually install and maintain them. This gap is wild to me.

source
nesc@lemmy.cafe ⁨13⁩ ⁨hours⁩ ago
Docker, copy-paste yaml definitions and shit are the automated/user-friendly solution. There are projects that provide things that you want, they are either proprietary or cloud-based, or paid.

source
libre_warrior@lemmy.ml ⁨11⁩ ⁨hours⁩ ago
Its called superuser chauvinism.

source
eleijeep@piefed.social ⁨13⁩ ⁨hours⁩ ago
> Joined 3 hours ago
> first post is concern trolling

source
EncryptKeeper@lemmy.world ⁨10⁩ ⁨hours⁩ ago
Yes and it’s so funny to me as somebody that works in datacenter and cloud infrastructure for public apps for a living. All the gatekeeping is done by hobbyists without the faintest clue, but all the confidence in the world.

Be safe, ask questions, and fuck what the haters think.

source
oeuf@slrpnk.net ⁨15⁩ ⁨hours⁩ ago
If it is then not enough people have heard of YUNOhost.

source
iSeth@lemmy.ml ⁨15⁩ ⁨hours⁩ ago
Hardly gatekeeping. It may well turn away complete noobs, but docker is the easy way for a lot of stuff ATM.

source
Fedegenerate@lemmynsfw.com ⁨8⁩ ⁨hours⁩ ago
There should be both. Minimal config + gui options for people just getting into the hobby or just want the thing. And a more open option for people who hit the limits of the first or sang to do interesting shit.

I go back and forth on my server. During summer I wish it was all Docker YAMLs so I can press “update” in Dockge and I can enjoy the weather.

But I also do non-typical things. Users have a rPi in their house that captures requests and routes them through Tailscale to my server for remote access without a VPS or opening ports.

I’m not too technical so I often struggle setting things up, and documentation can be less than helpful at times, sometimes I really wished there was a gui, but it’s doable.

source
majster@lemmy.zip ⁨11⁩ ⁨hours⁩ ago
I think its rather expectation management. At some point you are going to see a wall of errors in command line. Even local hosting without exposing to internet will for typical user mean configuring routers because each wifi router creates NAT-ed subnet by default. Installation might be trivial but accessing your basement server from living room might not be.

source
IsoKiero@sopuli.xyz ⁨13⁩ ⁨hours⁩ ago
Self hosting is not just one thing. You are system adminstrator, network engineer, security specialist, service architect and many other things, specially if you expose anything to anyone outside your very private network. And to get anything even running on that complex mess requires some knowledge on a lot of things. Making them run securely with proper backups requires even more knowledge on things.

Sure, you can just throw some docker images on your old desktop and be happy, even forward ports from the public internet to your things if you like. But that exposes your stuff to quite a lot of dangers and if you just click buttons without any understanding you’ll soon be a part of a botnet or lose your data or lose money if someone decides to mess around with your home automation or something else.

I get what you’re saying, not all of us are very polite and answers can be pretty harsh, but more often than not the generic idea behind those answers is not trying to be an asshole or gatekeep anything. It’s just that there’s a skillset you need to build things safely and if it’s clear from the start that someone looking for answers is way over their head it’s better for everyone to get them take a step back and learn instead of trying to create a meaningful answer since there’s too many variables or it’d just take immense effort to write down comprehensive guide on what to do, why and how for everything from the ground up.

I know for a fact that in my area there’s a bunch of surveillance cameras, home automation stuff and even some farm equipment directly open to the public network just because someone just plugged things in without any idea on the whole picture. Sometimes the correct answer is ‘stop shooting yourself on the foot and learn the basics first, then come back’.

source
CompactFlax@discuss.tchncs.de ⁨12⁩ ⁨hours⁩ ago
I expose homeasssistant via nginx. I run snort and I can assure you I am constantly getting hits. I haven’t tuned it much, so I’m sure there’s false positives in there but I’m equally sure there’s false negatives.

If you can’t figure out how to set up docker, set up a reverse proxy, check and configure TLS, you definitely aren’t ready for self hosting. It’s a highly technical exercise and one bad move will make your Internet connection part of a botnet. (Arguably, you don’t even need to be self hosting for that, but there’s no point in making it easy).

I believe it’s never been easier to set up a home server. I set up Tailscale in between sips of coffee one day and my mind (as an almost-grizzled sysadmin) was blown. My non technical family members can set up a VPN in 10 minutes. It’s a terrible security practice, but there’s pipe-to-bash scripts everywhere now that get things set up and running in minutes. You want Homeassistant container on proxmox? Burn the proxmox image to a usb, boot and install, then run this command. Boom. Homeassistant in a container. Let’s do pihole - another script and we’re done.

It’s ludicrously easy to get going compared to even 10 years ago.

Yes, when you want to change a setting, or configure it for local use, it’s more complicated. But that’s the way it’s always been, and that’s how I learn - follow the cookbook, and then realize you need to change this piece, which requires understanding that piece, and there you go.

source
confusedpuppy@lemmy.dbzer0.com ⁨13⁩ ⁨hours⁩ ago
I’ve experienced gatekeeping issues long before I got into self-hosting specifically. Years ago I wanted to learn C++ for Arduino and I was constantly talked down for asking questions.

“Why don’t you just do …” in response to a question feels very rude as a newcomer because it feels like I am being talked down to for not knowing what others already know. Even when I made an effort to show I was making an effort to learn on my own, I was still belittled.

I’m all for hearing different ways of approaching my issue but from the replies, it often feels like other people insist there is only one true specific way to handle an issue.

When I first got into self-hosting, people kept pushing Cloudflare on me. When I expressed concern over a large centralized corporation having that much control and how they might have service issues, I was mocked really hard. Half a year later and there was a significant outage and suddenly there’s all this talk about how centralized the internet is and how that is bad.

After that I took it upon myself to find alternative ways to protect myself without Cloudflare’s services but every step of the way has been an isolating experience. Every step of the way has been full of people saying that my efforts are pointless and that the bots will win anyways so I shouldn’t bother.

I decided to try to secure myself through multiple layers of obscurity and every question in that direction has been full of people saying that obscurity is not security, the bots will find you anyways!

I’ve stopped myself from asking too many questions now. I still keep learning in my direction. I feel like I’ve managed to find multiple solutions that both obscure and protect myself. I’ve constantly check my logs for months now and the bot is less than I expected in places I expect them to be and completely zero in other places I thought there would be some activity.

I want to share what I have learned and my experiences but I know I will receive backlash for deviating from the norm.

I’ve spent a lot of my self-hosting efforts trying to find ways to protect myself with minimal use of third party services, documenting as much as I could only feel afraid to share what I have learned.

This comment may not be about learning self-hosting as a beginner specifically but the vibe has been pretty damn consistent throughout me learning C++, self-hosting, linux and shell scripting. All things I enjoy but all so full of people ready to talk down to someone who wants to learn.

source
6nk06@sh.itjust.works ⁨14⁩ ⁨hours⁩ ago

a portion of the community views complexity as a badge of honour

Developers have to eat. You can pay of do it yourself.

source
foggy@lemmy.world ⁨14⁩ ⁨hours⁩ ago
I think the bulk of users are running discarded junk and raspberry pis.

That was me, I built a ~$5k rig and now some of what I’m doing is just nonsense of a typical self hoster, so the point is somewhat valid, but even those like me mostly started out with discarded junk and raspberry pis.

source
HubertManne@piefed.social ⁨12⁩ ⁨hours⁩ ago
This made me look up freedom box.

source
etchinghillside@reddthat.com ⁨13⁩ ⁨hours⁩ ago
If I were trying to point a non tech user into setting up a local lab I would probably advise them to get a machine with Proxmox running and then use images from www.turnkeylinux.org and start off with www.turnkeylinux.org/mediaserver as a new instance.

source
dogs0n@sh.itjust.works ⁨12⁩ ⁨hours⁩ ago
There are tools for that, no?

You can install NAS software that turns self hosting stuff into one click installs.

source
TrickDacy@lemmy.world ⁨12⁩ ⁨hours⁩ ago
Every response I read here seems to get it. Yeah, you shouldn’t do risky things without understanding them first. By all means play around with self hosting without knowing anything at first, but do not expose your machine to the Internet without fully understanding the implications and do not complain that self hosting is hard. If you think it is, you just need a bit more education. It’s already incredibly easy these days.

source
ikidd@lemmy.world ⁨12⁩ ⁨hours⁩ ago
I don’t see this phenomenon. Maybe people suggest those things to use because frankly, they’re a very fundamental part of the self-hosting landscape, and you’re see it as “you must use these”. Use whatever the hell you want and pay the price for doing it the hard way, by all means. But saying people are gatekeeping isn’t the way I see this community.

source
Zwuzelmaus@feddit.org ⁨12⁩ ⁨hours⁩ ago

Just like not every Linux user compiles from source, but they’re still Linux users.

Yes. In theory.

But in practise, this is the one great unsolved mystery of Linux.

And maybe self hosting has a similar one.

source