My experience is that runtipi turned docker into an app store. The technical barriers to entry have never been lower. There are so many helpful voices out there that I’ve never really had to ask anyone a unique question because someone else has typically asked whatever I need to know and been answered.

I do think there are very reasonable arguments to be made that when you are opening a server containing your personal data, to outside access, you probably should be cautioned about your technical limitations. Even if it’s not pleasant to hear.

I honestly don’t think it’s a great idea for most people (myself included) to casually dabble in server administration. There’s a pretty big margin for error. Unfortunately it’s the only private solution for the time being. I don’t trust anyone else.

Nah, I don’t think its being gatekept. I got into self hosting earlier this year, so I have pretty fresh eyes as a new novice.

This community here has been an incredible resource for learning and asking questions, and people here are generally very helpful and kind.

“If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting.”

• No, and I don’t see this perspective pushed. You do have to eventually learn how to do these things though if you want to be able to selfhost in most capacities.

Is telling people they have to learn traffic laws before driving gatekeeping driving now?

I tried to get my head around this too and wrote this a while ago: https://lemmy.world/post/34986579 – I called it localhosting, and it’s about some ideas that could bring more people into the boat.

I haven’t made much progress unfortunately, but I do believe that selfhosting needs to become more accessible for non techies. It’s a pity how many great open-source selfhostable alternatives are out there, and how little people can actually install and maintain them. This gap is wild to me.

Absolutely agree. I have been thinking of starting a selfhost guide that takes you through the different ways to selfhost and the basic concepts of it, but gave up because I’m a shit writer and my experiences are mostly docker, k8s and Terraform/OpenTofu.

This post seems like rage-bait or engagement-bait, especially given OP’s account is less than a day old.

I agree with a lot of the folks here. I don’t think it’s gate-kept. It’s just part of self hosting. I have a YouTube channel dedicated to teaching people about self josting, open source, and how to get it all running. There are great projects out there that provide incredibly powerful UIs, TrueNAS, OpenMediaVault, Unraid, Proxmox, NextCloud, HomeAssistant, NetBird, Pangolin, NGinX Proxy Manager, Portainer, and so many more. All designed to make self hosting easier and safer. I know 8 or 10 other creators who also do self hosting and how to’s. It does require learning, time, and dedication. As does anything worth while.

Check out Yunohost. In my experience it is way easier to setup and manage than docker. I’ve been using it for years and it continues to improve and add more supported software.

There should be both. Minimal config + gui options for people just getting into the hobby, or just want the thing. And a more open option for people who hit the limits of the first, or to do interesting shit, or to repeatably build a thing.

I go back and forth on my server. During summer I wish it was all Docker YAMLs so I can press “update” in Dockge and then enjoy the weather.

But, I also do non-typical things. Users have a rPi in their house that captures requests and routes them through Tailscale to my server for remote access without a VPS or opening ports.

I’m not too technical so I often struggle setting things up, and documentation can be less than helpful at times, sometimes I really wished there was a gui or wizard, but it’s doable.

Is this a troll post?

If you’re hosting stuff visible to the wider world and you don’t really know what you’re doing you might have a bad time. But also just going for it is how you learn.

“If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting.”

If this is an example of gatekeeping, I think you are misjudging.

Whenever self-hosting there’s a very real risk of exposing your private data to the internet. Potentially a lot more private data than you’d otherwise expose via cloud providers. This risk necessitates a basic understanding of some of the importand bits and how to operate them securely. If not for that, then anything would go.

Understanding docker, reverse proxy, and YAML which is used to configure those is part of probably the simplest way to get to secure self-hosting. I’d add a self-hosted VPN to access local resources. I’m not aware of a magic UI solution that does it all and securely. Docker compose files are very accessible. A couple of those followed by docker compose up -d and you have a basic env up and running.

Generally the lack of knowledge in X or Y doesn’t mean there’s necessarily an easier path than learning X and Y and that you’re being gatekept by being told you have to learn X and Y. Some things are harder than others. Buying Apple Cloud and setting it up is easier than self-hosting Nextcloud. I don’t think that should be the case, but today it is as far as I’m aware.

Yeah. I’m seeing a lot a it in this thread tbh. People are stylizing themselves to be IT admins or cybersec people rather than just hobbyists. Of course, maybe they do do it professionally as well, but I’m seeing an assumption from some people in this thread that its dangerous to self host even if you don’t expose anything, or they are assuming that self hosting implies exposing stuff to the internet.

Tailscale in to you machine, and then be done with it, and otherwise only have access to it via local network or VPN.

Now, about actually keeping the services secure, further than just having them on a private subnet and then not really worrying about them. To be explicit, this is referring to fully/partially exposed setups (like VPN access to a significant number of people).

There are two big problems IMO: Default credentials, and a lack of automatic updates.

Default credentials are pretty easy to handle. Docker compose yaml files will put the credentials right there. Just read them and change them. It should be noted that you still should be doing this, even if you are using gui based deployment

This is where docker has really held the community back, in my opinion. It lacks automatic updates. There do exist services like watchtower to automatically update containers, but things like databases or config file schema don’t get migrated to the next version, which means the next version can break things, and there is no guarantee between of stability between two versions.

This means that most users, after they use the docker-compose method recommended by software, are manually, every required to every so often, log in, and run docker compose pull and up to update. Sometimes they forget. Combine this with shodan/zoomeye (internet connected search engines), you will find plenty of people who forgot, becuase docker punches stuff through firewalls as well.

GUI’s don’t really make it easy to follow this promise, as well. Docker GUI’s are nice, but now you have users who don’t realize that Docker apps don’t update, but that they probably should be doing that. Same issue with Yunohost (which doesn’t use docker, which I just learned today. Interesting).

I really like Kubernetes because it lets me, do automatic upgrades (within limits), of services. But this comes at an extreme complexity cost. I have to deploy another software on top of Kubernetes to automatically upgrade the applications. And then another to automatically do some of the database migrations. And no GUI would really free me from this complexity, because you end up having to have such an understanding of the system, that requiring a pretty interface doesn’t really save you.

Another commenter said:

20 years ago we were doing what we could manually, and learning the hard way. The tools have improved and by now do most of the heavy lifting for us. And better tools will come along to make things even easier/better. That’s just the way it works.

And I agree with them, but I think things kinda stalled with Docker, as it’s limitations have created barriers to making things easier further. The tools that try to make things “easier” on top of docker, basically haven’t really done their job, because they haven’t offered auto updates, or reverse proxies, or abstracted away the knowledge required to write YAML files.

Share your project. Then you’ll hear my thoughts on it. Although without even looking at it, my opinion is that if you have based it on docker, and that you have decided to simply run docker-compose on YAML files under the hood, you’ve kinda already fucked up, because you haven’t actually abstracted away the knowledge needed to use Docker, you’ve just hidden it from the user. But I don’t know what you’re doing.

You service should have:

• A lack of static default credentials. The best way is to autogenerate them.
  • You can also force users to set their own, but this is less secure than machine generated imo
• Auto updates: I don’t think docker-compose is going to be enough.

Further afterthoughts:

Simple in implementation is not the same thing as simple in usage. Simple in implementation means easy to troubleshoot as well, as there will be less moving parts when something goes wrong.

I think operating tech isn’t really that hard, but I think there is a “fear” of technology, where whenever anyone sees a command line, or even just some prompt they haven’t seen before, they panic and throw a fit.

EDIT and a few thoughts:

adding further thoughts to my second afterthought, I can provide an example: I installed an adblocker for my mom (ublock origin). It blocked a link shortening site. My mom panicked, calling me over, even though the option to temporarily unblock the site was right there, clear as day.

I think that GUI projects overestimate the skill of normal users, while underestimating the skill of those who actually use them. I know people who use a GUI for stuff like this because it’s “easier”, but when something under the hood breaks, they are able to go in and fix it in 5 minutes, whereas an actual beginner could spend a two weeks on it with no progress.

I think a good option is to abstract away configuration with something akin to nix-gui. It’s important to note that this doesn’t actually make things less “complex” or “easier” for users. All the configs, and dials they will have to learn and understand are still there. But for some reason, whenever people see “code” they panic and run away. But when it’s a textbox in a form or a switch they will happily figure everything out. And then when you eventually hit them with the “HAHA you’ve actually been using this tool that you would have otherwise ran away from all along”, they will be chill because they recognize all the dials to be the same, just presented in a different format.

Another afterthought: If you are hosting something for multiple users, you should make sure their passwords are secure somehow. Either generate and give them passwords/passphrases, or something like Authentik and single sign on where you can enforce strong passwords. Don’t let your users just set any password they want.

If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting

Yes, absolutely.

Configure Docker

if you cannot run docker compose up or understand the basics of what it’s doing, you should not be self hosting. Yes, Docker can be difficult to troubleshoot but you need to understand where your data is being stored and generally self hosting projects using Docker are easy to set up.

reverse proxies

Implying exposing your server to the Internet. Yes. 100%. If you do not know what you’re doing, you should not. This is dangerous to your machine and to your data.

Yaml files

This is a plain text file. You can open it with Notepad or your operating system’s equivalent. Editing a text file to enter some default parameters is a low bar and if you can’t edit a text file, you’re going to get caught up in some other part of self hosting

“Has anyone noticed that medical doctors gate-keep people doing open heart surgery?”

Why do you assume self-hosting is and can be trivial? It is NOT for everybody. You should have some base level of technical knowledge. You should expect to need to learn some things. It’s not a badge of honor, it’s experience.

My project focuses on building a tool that makes self-hosting more accessible without sacrificing data ownership

Good luck with that. Don’t get your users pwned in the process. You’re now responsible for the security of people who think “opening a command line” is too difficult.

Yes and it’s so funny to me as somebody that works in datacenter and cloud infrastructure for public apps for a living. All the gatekeeping is done by hobbyists without the faintest clue but all the confidence in the world, or click ops internal IT sysadmins grossly overestimating their self worth.

Be safe, ask questions, and fuck what the haters think.