Sometimes it feels like a portion of the community views complexity as a badge of honour.

Its not this, it’s that there are very serious risks to self hosting (dataloss, hacks etc), and if they aren’t prepared for them, itll be catastrophic.

The gatekeeping isnt just for fun, there are actual risks and downsides.

As for prepackaging an appliance, we already have a model for how that plays out. There are millions of ISP provided routers and IoT things, and every other day there is a new breach involving them.

A couple points:

• Your website does not properly convey the technical context of Safebox. Docker is a complex platform, and asking someone to install it point blank on any OS, while also championing ease-of-access feels at odds here.
• There is a severe lack of documentation about the tool. Discord is not an appropriate means to find these documents if they exist. It is rarely okay as a support channel.
• I saw your post from a few days ago, but it was framed as a question about about gatekeeping specifically. The post also advertised Safebox. Given that the post no longer exists (but the comments sure do), I’m inclined to think you didn’t get quite the answer you were looking for.

I dove into self-hosting several years ago and ultimately I think I found the experience quite welcoming. I also don’t know that Safebox has a lot to offer over well-established alternatives these days like Unraid or TrueNAS, which have large user-bases and a depth of support articles to help admins better understand what they’re doing and how to do it. It’s true that not everyone would want to do this as a hobby. No one wants their services to break, or their data to be lost, and more tools that make it easier to prevent these scenarios are helpful. With that in mind, I am not left with a clear understanding of how Safebox is meant to provide safeguards here.

I used the word “admin” in the previous paragraph for good reason. Self-hosting makes you the administrator, and it means that you, the administrator, have the power to make mistakes. My recommendation is not to talk down to your users. Someone interested in self-hosting should be aware of the potential security implications of what they’re taking on, alongside the risk to their data and that breaking changes are something they can and will make along the way. If you really want to make self-hosting accessible, then the documentation for your tool needs to be accessible too.

Safebox runs on Linux, macOS, and Windows, supports both x86 and ARM64 (including Raspberry Pi, Banana Pi, and others), and handles domain/subdomain setup, Let’s Encrypt certificates, DNS configuration, reverse proxy (nginx), and also offers WireGuard-based remote access.

A user should be able to learn why these elements are important and how they work together. Talk about the limitations of running it on a raspberry pi vs a workstations or server. What’s a reverse proxy? Is WireGuard good? This doesn’t mean the average person needs to know how to configure detailed permissions or application configs, and if the goal is to provide a repository of pre-hardened Docker configs for use then that’s cool too, but there should never be a barrier to the information itself. Especially as it is relevant to the tool you’ve built.

I think that fundamentally, you’ve built a good tool that simplifies things someone who is already familiar with its components, and where it needs to improve is by expanding to help new users familiarize themselves. Education is as big a part of accessibility as the ease-of-setup.

there’s often a response like: “If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting.”

This is the part that I don’t like. Couple this with condescending labels like ‘normies’ et al, I can kind of understand why selfhosting is still something that only a small segment of the population engages in. I realize that people like to differentiate themselves from others. It doesn’t matter if you’re collecting stamps or you’re the tiddlywinks champion of the world, we like to draw a line between ‘us’ and ‘them’, which is a pretty poignant song by Pink Floyd btw.

As @[email protected] pointed out, there are very serious consequences to self hosting too. The first Linux server I stood up got taken over fairly quickly, and over night began attacking other servers. That’s serious shit and the owners of said servers don’t take it lightly, and rightfully so. The owners of the platform you may be hosting on don’t take it lightly either. So, yeah, there are some basics one needs to learn and implement before they can begin a successful, resilient, hardened, server, and it’s not a lot of point and click solutions. Again…shit’s complex. It’s why there are so many specialists in the field, but now you as the selfhoster have to wear all the admin hats.

The doors to selfhosting should swing wide for all, and I try to be as accommodating as I possibly can because I know how I struggle and have struggled with things from time to time.

Safebox looks pretty interesting. I’ve often thought, if I were a much younger man, I would’ve loved to produce a type of ‘server in a box’. But I am well past being a younger man, so I’ll leave that up to you young guns.

This is a cool project, I have quite a few questions! Are you planning an “app store” repo of supported software? Allowing us to add our own repos? Can i set up a reverse proxy/VPN tunneling using my own hardware, or is remote access only available through a Safebox subscription? If I can set it up is that manual, guided, or automatic? Why Docker instead of Podman?