“Has anyone noticed that medical doctors gate-keep people doing open heart surgery?”

Why do you assume self-hosting is and can be trivial? It is NOT for everybody. You should have some base level of technical knowledge. You should expect to need to learn some things. It’s not a badge of honor, it’s experience.

My project focuses on building a tool that makes self-hosting more accessible without sacrificing data ownership

Good luck with that. Don’t get your users pwned in the process. You’re now responsible for the security of people who think “opening a command line” is too difficult.

I don’t.

Sounds like you bookmarked the whole flippin’ Internet.

Oh for sure - containers are fantastic. Even if you’re just using them as glorified chroot jails they provide a ton of benefit.

Containers run on “bare metal” in exactly the same way other processes on your system do. You can even see them in your process list FFS. They’re just running in different cgroup’s that limit access to resources.

Yes, I’ll die on this hill.

“I run an immutable distro, BTW”

Proxmox or Docker?

It’s not mutually exclusive? I have a 3-node proxmox config on which I have 3 VMs running as kubenetes nodes to which I deploy containers. I also have some VMs setup for things which either don’t work well as containers or which I simply don’t want as containers (e.g. a couple Windows VMs for doing Windows things). Also home assistant runs in a VM since it was just easier to do USB passthrough this way.

I understand that running things in a VM provides better security than running them in a container.

Not sure what you mean by this - containers are typically easier to secure as they’re minimalist. But I doubt anyone is using VMs because they think they’re more secure.

No - you shouldn’t be putting bash <(curl ...) into a post and telling people to run it at all. It’s bad and shouldn’t be normalized in any way. Take. It. Down.

Please do not normalize running scripts directly from websites.

After opening things up more on Plebbit/Seedit, we got hit pretty hard with spam and some NSFW content. It got out of hand fast and honestly, its worse than we expected.

It’s a p2p decentralized social network. I’m honestly surprised you got anything that’s not kiddie porn and drug spam.

Seedit is a serverless, adminless, decentralized reddit alternative. Seedit is a client (interface) for the Plebbit protocol, which is a decentralized social network where anyone can create and fully own unstoppable communities.

In the plebbit protocol, a seedit community is called a subplebbit. To run a subplebbit, you can choose between two options:

First, they take the dinglebop, and they smooth it out with a bunch of schleem. The schleem is then repurposed for later batches. They take the dinglebop and they push it through the grumbo, where the fleeb is rubbed against it. It’s important that the fleeb is rubbed, because the fleeb has all of the fleeb juice. Then a schlami shows up, and he rubs it and spits on it. They cut the fleeb. There’s several hizzards in the way. The blamfs rub against the chumbles. And the ploobis and grumbo are shaved away. That leaves you with a regular old plumbus.

I started my selfhosted journey with a synology nas. But the nas was crap, so I ended using it only as storage and backup solution, providing NFS shares.

So, as a NAS then.

Yeah - k8s has a bit of a steep learning curve. I recentlyish make the conversion from “a bunch of docker-compose files” to microk8s myself. So here are some thoughts for you (in no particular order).

I would avoid helm like the plague. Everybody is going to recommend it to you but it just puts a wrapper on a wrapper and is MUCH more complicated than what you’re going to need because you’re not spinning up hundreds of similar-but-different services. Making things into templates adds a ton of complexity and overhead. It’s something for a vendor to do, not a home-gamer. And you’re going to need to understand the basics before you can create helm charts anyway.

The actual yml files you need are actually relatively simple compared to a helm chart that needs to be parameterized and support a bazillion features.

So yes - you’re going to create a handful of yml files and kubectl apply -f them. But - you can do that with Ansible if you want, or you can combine them into a single yml (separate sections with ----).

What I do is - for each service I create a directory. In it I have name_deployment.yml, name_service.yml, name_ingress.ymlandname_pvc.yml`. I just apply them when I change them, which isn’t frequent. Each application I deploy generally has its own namespace for all its resources. I’ll combine deployments into a NS if they’re closely related (e.g. prometheus and grafana are in the same NS).

Do yourself a favor and install kubens which lets you easily see and change your namespace globally. Gawd I hate having to type out my namespace for everything. 99% of the time when you can’t find a thing with kubectl get you’re not looking in the right namespace.

You’re going to need to sort out your storage situation. I use NFS for long-term storage for my pods and have microk8s configured to automatically create space on my NFS server when pods request a PV (persistent volume). You can also use local directories but that won’t cluster.

There are two basic types of “ingress” load balancing. “ClusterIp” means the cluster controller will act like a hostname-based router for HTTP. You can point your DNS entries at that server and it will route to your pods on their internal IP address based on the DNS name of the request. It’s easy to use and works very well - but it only works for HTTP traffic. The other is to use LoadBalancerIp that will give your pods an IP address on the network that you can connect to directly. The former only works for HTTP, the latter will let you use any ports (e.g. ssh for a forgejo instance).

Peers can connect to your subplebbit using any plebbit client, such as Plebchan or Seedit. They only need the subplebbit’s address, which is not stored in any central database, as plebbit is a pure peer-to-peer protocol.

Do I need a new plumbus or will my existing one work?

Uncompressed flac? That’s a shit ton of music…

That very much depends on what you want it to do (what is “everything”) and how many users you have.

I understand you make a point about gender

No, you don’t.

First - I’d like you to reconsider you use of “grandma” as a stand-in for “somebody who is technically illiterate”. Maybe ask yourself why “grandpa” is not the go-to here and whether you may be perpetuating an ugly stereotype.

Second - I actually included handbrake in my list as an easier alternative to use.

Yeah, I could see that.

I’m genuinely confused about the use cases you all seem to have. When are you sitting in a field on your phone trying desperately to convert a .avi to a .mkv?

For desktops you just need to have ffmpeg or handbrake or ImageMagick installed - there’s nothing to “maintain”. Image conversion is as simple as convert test.jpg test.png.