Hi all, I’ve been noticing a pattern in self-hosting communities, and I’m curious if others see it too.
Whenever someone asks for a more beginner-friendly solution, something with a UI, automated setup, or fewer manual configs, there’s often a response like:
“If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting.”
Sometimes it feels like a portion of the community views complexity as a badge of honour. Don’t get me wrong, I love the technical side of self-hosting. I enjoy tinkering, breaking things, fixing them, learning along the way. That’s how most of us got into it.
But here’s the question: Is gatekeeping slowing down the adoption of self-hosting?
If we want more people to own their data, escape Big Tech, and embrace open-source alternatives, shouldn’t we welcome solutions that lower the entry barrier?
There’s room for everyone:
-
people who want full control and custom setups,
-
people who want semi-manual but guided,
-
and people who want it to work with minimal friction.
Just like not every Linux user compiles from source, but they’re still Linux users.
Where do you stand? Should self-hosting stay DIY-only or is there value in easier, more accessible ways to self-host?
My project focuses on building a tool that makes self-hosting more accessible without sacrificing data ownership, so I genuinely want your honest take before releasing it more widely.
You must log in or register to comment.
A part of it is concern.
System administration on a system you’re planning to use remotely over the internet must be done right. Not being sure what you’re doing is how we all learn, but you really should be sure before exposing yourself to the internet.
It’s not like experimenting with linux on a laptop. Self-hosting is usually about providing some sort of service for yourself, which if accessed by someone malicious, can be used to really hurt you.
Just wanna add here that it is not just hurt in terms of time, money or loss of data(those are a given). It could even land you in legal trouble that you can not explain your way out of in some extreme circumstances.
I’ve been in tech a long time and don’t allow WAN ingress into my network at all because I don’t have time to properly harden my self-hosted services. For absolute beginners, I wouldn’t recommend making anything public until they’re more experienced. Just running Jellyfin for you and your family on an old laptop is a perfect starter project.
Same. No WAN ingress without VPN.
I make it simple for myself - only WAN ingress into my network is openvpn protected by both username, password and client certificate files.
- Running software alone :(
- Running software with friends :)
See, no big deal if somebody else comes into your system. You’ll be happier.
Exposing services to the internet is one thing. The other thing is that without really solid backup strategy you can just lose your files. Both concerns grow even bigger if you’re dealing with not just your own data but also your family’s or friends’. It’s a real responsibility.
I think it would be great if more people got into self-hosting but you really need to learn some stuff before jumping in. A single mistake can cost you a lot.
If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting
Yes, absolutely.
Configure Docker
if you cannot run
docker compose upor understand the basics of what it’s doing, you should not be self hosting. Yes, Docker can be difficult to troubleshoot but you need to understand where your data is being stored and generally self hosting projects using Docker are easy to set up.reverse proxies
Implying exposing your server to the Internet. Yes. 100%. If you do not know what you’re doing, you should not. This is dangerous to your machine and to your data.
Yaml files
This is a plain text file. You can open it with Notepad or your operating system’s equivalent. Editing a text file to enter some default parameters is a low bar and if you can’t edit a text file, you’re going to get caught up in some other part of self hosting
You made pretty much every point exactly how I was going to make it.
I will mention that even as a pretty experienced sysadmin, learning Docker, reverse proxies, and relevant config files took ages because there are treated as assumed knowledge.
Every YouTube video on Docker is 30 minutes shorter than they should be, and terminology for reverse proxies is really confusing if you’re not already familiar.
It’s great to say you shouldn’t use these if you’re not familiar, but these are also probably the most poorly taught subjects in computing right now from my experience.
Been using reserve proxies for some server setup. Still don’t understand how it really works
The very rough idea is this:
I have a server with multiple services and only one open port (not counting the SSL port) on my router.
Traffic comes into that one port straight to my server. That server has a reverse proxy installed with a directory of subdomains and associated ports.
It internally routes traffic coming in on my open port to the internal services on the server without having to expose them directly to the internet.
The big advantage is that because it all goes through my reverse proxy, I can add SSL certs to just that and now all of my subdomain services get the benefits of the SSL cert on the host.
I’m sure there are other uses for reverse proxies, but this is how they work in my setup.
I think you’ve missed the point OP is trying to communicate. It’s not that these things aren’t relevant, highly important, and good caution/warning. It’s the gate that people are creating with these no depth explainers. “you need to understand” “if you don’t know” – then fail to provide direction to people who want to know, to learn these things, to figure out where to start; that’s the gate.
Certain minimum knowledge is required if you don’t want to be low hanging fruit for criminal botnet operators who will use your system to launch attacks.
You can’t also beg/complain about tools “made for you” not existing - if they’re not already there, it may mean the problem can’t be reduced to appliance-user level.
If you’re building such a tool, why ask? Get uptake rate and user feedback data.
You’re right, a certain level of knowledge is essential for safe self-hosting.
The goal isn’t to remove that responsibility, but to lower the initial barrier so people can start learning in a safer, more guided way.
And yes, we’re currently in the testing and feedback phase, so conversations like this are valuable. I’m also interested in hearing broader perspectives from people involved in self-hosting, not just those testing the project.
You’re confusing a lack of handholding with gatekeeping.
beginner friendly solution, something with a UI, fewer manual configs…
First, you’re not entirely right. you can get a ton of self hosting done with things like Synology or Home assistant, and never see the complexity. You might get owned by a botnet, but it “works.”
Self hosting securely has a steep learning curve, there’s no way around that. What you’re asking for is for someone to write programs that’ll let you skip the learning curve.
GitHub is littered with abandoned attempts at doing this. You bury your lede by mentioning “your project” at the end. It’s your project going to be another well intentioned attempt that’s eventually abandoned or causes more problems than it solves?
You bury your lede by mentioning “your project” at the end.
Basically means the user has to trust that project to do the right thing and be maintained to keep their setup secure.
That’s generally true for any end user software.
“Has anyone noticed that medical doctors gate-keep people doing open heart surgery?”
Why do you assume self-hosting is and can be trivial? It is NOT for everybody. You should have some base level of technical knowledge. You should expect to need to learn some things. It’s not a badge of honor, it’s experience.
My project focuses on building a tool that makes self-hosting more accessible without sacrificing data ownership
Good luck with that. Don’t get your users pwned in the process. You’re now responsible for the security of people who think “opening a command line” is too difficult.
Self-hosting is trivial and everyone can do it.
Exposing services to the internet is not.
Just like everyone doing open heart surgery on dummies is fine, everyone self-hosting in their own network is fine. You can buy hardware right now that connects to power and wifi and you are self-hosting.
The users who are being talked about here probably don’t get that exposing your machine to the Internet carries risk. That’s the point.
There is literally a thread somewhere on my Lemmy I need to try and find just recently that shows this perfectly. Someone made a thread asking how they can self host their images for backup from their phone and naturally everyone pointed them to immich. And they immediately started complaining and bitching that they could not access it from outside their local network. Instead of asking how to fix that they were like what the hell is the point if I have to be on the same Wi-Fi this is stupid. And they basically did not want to engage with the people being like hey you need to either make a reverse proxy or open a port on your router. They should not be self hosting
Yep, that sounds like the poster child for this phenomenon.
Self-hosting is trivial and everyone can do it.
So is open heart surgery. Unless you want it to end successfully.
I wouldn’t equate installing proxmox on an old pc to open heart surgery. It’s pretty basic stuff and you can follow guides on how to install services in a container or vm. People are interested in things like pihole, home assistant, arr stacks, nas, and better control over their network. It’s definitely not rocket surgery.
I do not agree
Yes, it sometimes can be difficult and frustrating, but so long as someone, anyone, is willing to try and learn and fail and retry, they can get my help
Have you forgotten that you too started at 0?
Have you forgotten that you too started at 0?
Not at all. In fact I remember the day my server was hacked because I’d left a service running that had a vulnerability in it. I remember changing passwords, calling my bank to ensure there had been no fraudulent charges, etc. I remember “war driving” to find vulnerable WiFi networks. I remember changing default passwords on a service setup by a client of mine.
As I said - it’s not gate-keeping it’s experience.
Yes, it sometimes can be difficult and frustrating, but so long as someone, anyone, is willing to try and learn and fail and retry, they can get my help
Teaching is “gate-keeping” apparently. You can’t tell somebody that they need to learn something! You just need to give them a link to a url and say “run this thing as root and your stuff will work - totally not a scam tho”.
Not at all. In fact I remember the day my server was hacked because I’d left a service running that had a vulnerability in it.
Was this server on an internal network?
Using wireguard to VPN into your home network is mostly trivial (using tailscale to do so is actually trivial, for my usage of the word, but introduces an untrusted company into the mix), opening your local network to the outernet is not, expect pain.
What sounds like gatekeeping is often a strongly worded emphasis on having the prerequisite knowledge to not just host your services, but do it in a way that is secure, resilient, and responsible. If you don’t know how to set up a network, set up a resilient storage, manage your backups, set up HTTPS and other encryption solutions, manage user authentication and privileges, and expose your services securely, you should not be self-hosting. You should be learning how to self-host responsibly. That applies to everything from Debian to Synology.
Friends don’t let friends expose their networks like Nintendo advises.
If you’re hosting stuff visible to the wider world and you don’t really know what you’re doing you might have a bad time. But also just going for it is how you learn.
I’m self hosting to learn. I’ve been hacked before and I lost stuff and then I refined my technique and started over again. Nothing I do is “mission critical”, so I now have the mindset that it will fail, I will lose data and time and I will get hacked. Honestly, it’s helped me to be better at home and at my workplace to have this mindset. Always plan for failure (and keep backups).
This post seems like rage-bait or engagement-bait, especially given OP’s account is less than a day old.
I don’t inherently agree. Gatekeeping often is a magnified issue for novice users. Perhaps they came over with the latest reddit exodus, saw recommendations for self hosting on the new platform, got pushback and created an account to complain. I appreciate the concern, but I don’t think it’s valid to assume because the account is new, it must be a troll.
It’s a LLM. Look at their comments, very formulaic.
I think truenas and unraid are the only user friendly experience out of the box. Everything else needs a lot of configuring. I don’t think you can call system administration gate keeping
Some hobbies have minimal levels of skill/knowledge/equipment to properly do them, and I’d argue that self hosting is one of them. You can say people are hostile to beginners, but I might say people are trying to save them from themselves by not just telling them how to slap shit together so they can put it on the Internet and get owned by Internet Background Radiation in a short period of time.
My personal opinion is that beginners are too over confident in their skills or expect setting things up is like setting up an online account, and expect everything to be ready for them to install in their preferred method, and get upset when people tell them they need to upskill to be able to accomplish their goal.
An example of this is a conversation I had with someone online about some docker distributed app, and people were trying to get the person to use docker like the install doc says instead of trying to figure out how to just install it directly into the OS, because that’s the way they’re used to doing stuff and they were determined they weren’t going to change now despite the software author’s supported path not including direct install. If the person was willing to learn docker (which is not very difficult if you can follow a tutorial and use compose files), they’d be able to quickly accomplish what they want while also opening more doors for them in the future.
“If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting.”
If this is an example of gatekeeping, I think you are misjudging.
Whenever self-hosting there’s a very real risk of exposing your private data to the internet. Potentially a lot more private data than you’d otherwise expose via cloud providers. This risk necessitates a basic understanding of some of the importand bits and how to operate them securely. If not for that, then anything would go.
Understanding docker, reverse proxy, and YAML which is used to configure those is part of probably the simplest way to get to secure self-hosting. I’d add a self-hosted VPN to access local resources. I’m not aware of a magic UI solution that does it all and securely. Docker compose files are very accessible. A couple of those followed by
docker compose up -dand you have a basic env up and running.Generally the lack of knowledge in X or Y doesn’t mean there’s necessarily an easier path than learning X and Y and that you’re being gatekept by being told you have to learn X and Y. Some things are harder than others. Buying Apple Cloud and setting it up is easier than self-hosting Nextcloud. I don’t think that should be the case, but today it is as far as I’m aware.
Self hosting doesn’t inherently mean your stuff is publicly accessible, though.
Yes, but self-hosting does whatever the HOWTO, YouTube vid or AI slop the user follows tells them to do. If the user doesn’t know the basics, how could they know what an instruction for activating UPnP does or opening a NAT port does and why that might expose their data? Laymen don’t even understand what making theie stuff publicly accessible means. It might simply mean “Yay I can access my stuff on the go.” 😄
If on the other had the user learns the basics, they can tell when a doc instructs them to do something dangerous and they can do something about it to avoid disaster.
I think much of the gatekeeping is over concern that if you mess up, you could unknowingly be allowing a sophisticated hacker to access all the data on your network, without any obvious signs. And maybe some people don’t want to field noob questions like “I clicked something and now the GUI gives a 😕 and doesn’t work anymore, what do I do?”.
There is a skill floor, I would say similarly that you wouldn’t be ready to install Linux yourself if you don’t get suspicious when a .iso download gives you a .exe file instead.
I think Yunohost is a decent solution for beginners that avoids as much of the nitty-gritty as possible. Louis Rossman has made a massive guide that’s about as close as an IKEA step-by-step as you can get with this stuff. We should be encouraging people to learn, but there is a sense of reticence to have people get too in over their heads due to cybersecurity reasons.
Edit: linked the guide
Gate-keeping is a strong word… It also implies that people on the other side of the gate learned something to get there.
20 years ago we were doing what we could manually, and learning the hard way. The tools have improved and by now do most of the heavy lifting for us. And better tools will come along to make things even easier/better. That’s just the way it works.
Compare self-hosting to doing your own mechanic work on a vehicle: there are a lot of tasks that most ppl would benefit from learning the diy way to do it, but there are dangers to car repair that will never go away, like proper car support with jacks, securing wheels correctly, etc.
It would be neglectful for the community to say nothing and send ppl off to get pwned.
self-hosting
and people who want it to work with minimal friction.
We’re talking (potentially) highly sensitive contents here for the most part. Yes, selfhosting has become easier than ever, but at the same time more people who basically lack the experience and/or patience to actually understand what they’re doing want to start selfhosting. And that simply doesn’t end well in an alarmingly high number of cases.
Yeah sure, of course there are tools that can make life easier. But have a look at the “big” self-hosting packages. A lot of them will need at least some manual configuration. Then there’s the “exposing a host to the open net” aspect, which can (and usually will) introduce a whole different level of attack surfaces.
So combine that with the ever-growing number of self-hosters, and of course you will notice more advice like that.
Yeah, self‑hosting without some basic knowledge can be risky, especially when handling sensitive data. At the same time, very strict warnings, even if well‑meaning, can be intimidating for newcomers.
Self hosting isn’t for everyone, of course, but for those genuinely interested, even if they don’t have years of technical experience, there could be a safer, guided first step. Something that helps people learn the basics while keeping their setup secure and giving them confidence to explore further.
I don’t mind power users in general … but holy molly the militant foss and privacy advocates can be really annoying. Better not mention any proprietary software or you’ll get a dozens answers to a question no one asked.
People who don’t pay for the software they use are some of the worst, most demanding, most opinionated and most ignorant users. Source: I use free software and avoid people who “hate systemd”.
I suspect there are a number of people who self host at least in part because they’ve been burned by proprietary software and enshittification, so it’s not a surprise that there’s strong opposition to those solutions.
“Militant foss” reads like the old saying “militant atheist”…
Maybe you aught to take your own advice and not mention this again, otherwise you’ll hear opinions that conflict with your own.
“Militant foss” reads like the old saying “militant atheist”…
Yes, that was very much the comparison I was going for.
Also I’m already taking my own advice here and generally don’t go around lecturing people on things they didn’t asked for.
