this post was submitted on 08 Nov 2023
35 points (87.2% liked)

Selfhosted

39435 readers
5 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 1 year ago (1 children)
[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

It is becoming an important threat to you. Managing servers, applications and data is very complex, and the problem is that you cannot do it on your own: how do you know that the server application where you store your family photos has a secure code? it was never audited.

How do they fix this? Do they audit and approve all source code? Do they submit security patches to the apps they have in their repo?

In fact, the recent LastPass leak happened because a LastPass employee had a Plex server that wasn’t updated to the last version and was missing an important security patch!

How do they fix this? Auto updates? Those are going to bite you in the ass extremely hard at some point.

Things like this are completely untrue:

Additionally, because every new self-hosted applications re-implement crucial systems such as authentication from scratch everytime, the large majority of them are very succeptible to being hacked without too much trouble. This is very bad because not only Docker containers are not isolated, but they also run as root by default, which means it can easily be used to offer access to your entire server or even infrastructure.

Most tools currently used to self-host not specifically designed to be secure for your scenario. Entreprise tools such as Traefik, NGinx, etc... Are designed for different use-cases that assume that the code you are running behind them is trustworthy. But who knows what server apps you might be running? On top of that, a lot of reverse-proxies and security tools lock important security features behind 3 to 4 figures business subscriptions that are not realistic for selfhosting.

Scaremongering and lies.

[–] [email protected] 2 points 1 year ago (2 children)

The more important question here is: What are you fighting against here? Like you say that you feel like some snakeoil salesman trying to convince you of something.

But it's FOSS. You can just install it and you're good to go. You don't have to buy any license to get the super duper security features they promise or something.

It's a webui for a homeserver that makes it easier to install docker containers and provides you with some pre-configured security measures and that's it.

As others said, this is clearly made for people who don't want to dig into the whole selfhosting thing too deep but want to have their own data and privacy. And that project accomplishes excatly that.

The "features" they promote are the same "features" everyone has who takes their selfhosted environment serious but automate it. This does things the way the majority of this community does it and gives the power of self host to non-tech-savvy ppl.

Stop being so hateful just because you find their way of promoting their features to be "snakeoilsalesman-y"

[–] [email protected] 2 points 1 year ago

Strongly agree. These guys are just so typical in the Linux community. Embarrassing themselves ranting against a project designed to lower the barrier for entry. "If you can't code your own kernel why are you even trying to set up a Plex server" vibes

[–] [email protected] 0 points 1 year ago* (last edited 1 year ago)

wow you are getting in quite a nonsensical defensive mood here. I gave my opinion on it and warmaster asked for clarification. If you want to use it go ahead I just pointed out the red flags. If you think it is hateful that people read the readme of your favorite project you really need to grow up. A readme is not the place for absurd 'promotion' like it's a product sold on TV.

Also it's not FOSS but a selfmade variation on Apache 2. Check the reddit link, even the author claims it is not FOSS.