this post was submitted on 07 Apr 2025
430 points (98.9% liked)

Selfhosted

46685 readers
2104 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 181 points 1 month ago (4 children)

Relevant to !selfhosted because one of the projects getting funding cut is Let's Encrypt.

[–] [email protected] 4 points 1 month ago

Every day just gets worse doesn't it.

[–] [email protected] 81 points 1 month ago

It’s okay, Let’s Encrypt only provides SSL certs for… 63.7% of the market?

Okay okay, that is a lot. But what does a CA need funding for anyway? It doesn’t take much bandwidth to send out new certs.

The only thing that could be expensive is if they had to rapidly invalidate thousands of certs to protect the security of the entire internet.

But haha, that’s a pretty outlandish scenario that would never happen.

[–] [email protected] 140 points 1 month ago (2 children)

Let's Encrypt has done so much for encouraging the spread of HTTPS and good certificate practices. If they went away, I honestly think a good chunk of the internet would start breaking after ~6 months.

[–] [email protected] 13 points 1 month ago* (last edited 1 month ago)

At least there's some competitors now, which could be used as drop-in replacements if Let's Encrypt were to disappear.

I suspect the vast majority of certificate authorities will implement the ACME protocol eventually, since the industry as a whole is moving towards certificates with shorter expiry times, meaning that automation will essentially be mandatory unless you like manually updating certs every 90-180 days.

[–] [email protected] 54 points 1 month ago (1 children)

Less HTTPS = easier government & advertiser data collection

[–] [email protected] 26 points 1 month ago (4 children)

I’m pretty sure browsers don’t even load http sites anymore.

[–] [email protected] 1 points 1 month ago

They load. I have to specify http:// to get it to work though.

[–] [email protected] 15 points 1 month ago (2 children)

HTTP works fine in Firefox unless you set it to HTTPS only. Even then, you only have to click off a warning to open an HTTP site.

[–] [email protected] 2 points 1 month ago* (last edited 1 month ago)

But if you try to load a local resource as localhost in Firefox...

For the sake of completeness:

Firefox contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit.

More info: https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp

Insecure, but fast fix, if you don't want to install a local webserver:

about:config
security.fileuri.strict_origin_policy
change to false

[–] [email protected] 47 points 1 month ago (1 children)

When I spin up a new self hosted service it's easier to add caddy to the stack than to convince Firefox to load http.

[–] [email protected] 15 points 1 month ago

Tailscale is also ridiculously easy to use for this purpose. The serve and Funnel features make secure self hosting really easy from your tailnet (one can easily provision certificates for nodes using Let's Encrypt from the CLI: https://tailscale.com/blog/reintroducing-serve-funnel

[–] [email protected] 1 points 1 month ago

I’m sure google will fix that in chrome, like killing adblocker functionality.

[–] [email protected] 26 points 1 month ago (1 children)

I'm gonna have to donate then.

[–] [email protected] 17 points 1 month ago (2 children)

Same. I've been thinking about who to donate to this year, and it looks like they're making the cut. I'll probably also throw some money at my Lemmy instance and a handful of projects I use, including Tor, because apparently they got caught in the dragnet too.

[–] [email protected] 2 points 1 month ago

Well donating is good it's not going to replace the government funding.

[–] [email protected] 2 points 1 month ago (1 children)

Which other projects caught your attention? I was going to donate to Graphene, EFF and some TOR operators

[–] [email protected] 6 points 1 month ago (2 children)

Far more than I can reasonably support:

  • self hosted things I use - caddy, the document foundation, Jellyfin, Forgejo, etc
  • Android apps - F-Droid, NewPipe, Signal, RethinkDNS, etc
  • desktop apps - flatpak, For, Godot, etc
  • infrastructure stuff - let's encrypt, openssh, Linux distros (mine doesn't accept donations unfortunately), etc

But the short list for now is:

  • Let's Encrypt
  • Signal
  • F-Droid

And I'll probably run a Tor relay or something as well.

[–] [email protected] 2 points 1 month ago

If only there was a decentralised tracker which would track project funding and give us metrics like which project is dangerously close to shutting down

[–] [email protected] 2 points 1 month ago

Man, ReThink is such a lifesaver. It's so good people at Graphene recommend it. I might give Qubes some bucks too, they are awesome