You can create communities only on your own instance. For you that would be this link.

Do you get any error messages?

They do it since quite some time now, right?

but I’d like to give Nginx Proxy Manager a try, it seems easier to manage stuff not in docker.

NPM is pretty agnostic. If it receives a request for a specific address and port combination it just forwards the traffic to another specific address and port combination. This can be a docker container, but also can be a physical machine or any random URL.

It also has Let’s Encrypt included (but that should be a no-brainer).

I run my website as static site from within a Docker container, I wonder how I would get the information about the other containers into that site.

Do you directly serve that site from the host or do you run the script and write something in a volume the site has read access to or bind a file?

Do you guys have any suggestions?

Because I don’t like software getting in my way I just cobbled together some HTML and CSS and call it a day.

Usually you just see LibreOffice and nothing else, so it’s fine, I guess. Not a web-based editor, but usable.

Ah, I see. Not as native web application, though.

They’re using Alpine Linux, install X and Openbox and Xvnc and serve KasmVNC via Nginx and connect via KasmVNC to that X instance. LibreOffice is started in fullscreen and looks like a slightly blurry web application.

But in reality it is just a regular desktop installation with some extra things.

@fikran@lemm.ee, maybe this is a solution? I wouldn’t recommend it because it’s not really a web-based document editor.

So, LibreOffice can be used over the Internet in a web browser?

Exactly. With directly using certbot handling all and everything fully automatically I ran my old setup with a free dyndns subdomain for quite some time without any issues.

Since Let’s encrypt nowadays is basically implemented in every reverse proxy: certificates are an absolute no-brainer.

If someone manages to buy and configure a domain to serve selfhosted content, this person will also be able to either set up certbot or use the built-in functionality of their reverse proxy.

It’s 2025. Not having “real certificates” is something admins intentionally do. Since there is Let’s Encrypt available, all other solutions for non-paid certificates are obsolete.

There – of course – won’t be a singular official source stating “Hey guys, we’re open core now”. You need to put this together bit-by-bit.

Here are some links for research

• Official statement on the takeover
• Gitea Enterprise/Gitea Cloud hiding features behind a cloud solution and a paywall which makes Gitea itself open-core
• Open Letter to the new Gitea owners with a summary and a reply, signed by a lot of Gitea devs and FOSS scene people.
• As @gratux@lemmy.blahaj.zone mentioned: A fork under the name Forgejo was done due to new Gitea owners did not care much about the concerns. (Started as asoft-fork but with 10.0 it became a hard fork.)
• Gitea owners made it mandaroy to remove copyright headers and set the corporation as copyright holder. Here, here, and here

It falls under self hosted, at least. If it is still truly open source is highly debatable.

Never heard of 99% in that list.

Also, Gitea should not be there. It is a corporate -owned open core project that was hostilely taken away from the community.

Smith & Wesson

Authentication with NPM is pretty straightforward. You basically just configure an ACL, add your users, and configure the proxy host to use that ACL.

I found this video explaining it: https://youtu.be/0CSvMUJEXIw?t=62

NPM unfortunately has a long-term bug since 2020, that needs you to add a specific configuration when setting up the ACL as shown in the video.

At the point where he is on the “Access” tab with all the allow and deny entries, you need to add an allow entry with 0.0.0.0/0 as IP address.

Other than that, the setup shown in the video works in the most recent version.

How do you handle SSL certs and internet access in your setup?

I have NPM running as “gateway” between my LAN and the Internet and let handle it all of my vertificates using the built-in Let’s Encrypt features. None of my hosted applications know anything about certificates in their Docker containers.

As for your questions:

1. You can and should – it makes managing the applications much easier. You should use some containerization. Subdomains and correct routing will be done by the reverse proxy. You basically tell the proxy “when a request for foo.example.com comes in, forward it to myserver.local, port 12345” where 12345 is the port the container communicates over.
2. 100% depends on your use case. I purchased a domain because I host stuff for external access, too. I just have my setup to report it’s external IP address to my domain provider. It basically is some dynamic DNS service but with a “real domain”. If you plan to just host for yourself and your friends, some generic subdomain from a dynamic DNS service would do the trick. (Using NPMs Let’s Encrypt configuration will work with that, too.)
3. You can’t. Every georestricting can be circumvented. If you want to restrict access, use HTTP basic auth. You can set that up using NPM, too. So users authenticate against NPM and only when it was successful,m the routing to the actual content will be done.
4. You might want to look into Cloudflare Tunnel to hide your real IP address and protect against DDoS attacks.
5. No 🙂

What is this scam and why is it still here?

I think the reason is stupid and it is contrary to what I expect from dockerized applications.

docker ps or Portainer as a nice web-UI wrapper around the Docker commands are the two main use cases with Docker I have have on a regular basis.

No, thank you. I am not going to maintain fifty containers and fifty + X volumes for just a handful of applications and will alway prefer self-contained applications over applications that spread over multiple containers for no real reason.

See it in a broader scope. If I’d only host Lemmy with is multiple mandatory things, I couldn’t care less, but I already have some other applications that I run via Docker. Fortunately I was able to keep the footprint small, no multiple containers or volumes for one application, but as said: those exist. And they would clutter the setup and make it harder to maintain an manage.

I also stand by my point that it is counter-intuitive to have multiple containers and volumes for just one single application.