[HN Gopher] Sovereign: Ansible playbooks to build and maintain y... ___________________________________________________________________ Sovereign: Ansible playbooks to build and maintain your own private cloud Author : c0restraint Score : 402 points Date : 2020-01-30 14:20 UTC (8 hours ago) (HTM) web link (github.com) (TXT) w3m dump (github.com) | jlkuester7 wrote: | This is a pretty cool setup! I have been tinkering in the self- | hosting world for awhile now and I would say my biggest piece of | advice is to learn Docker. (Not trying to shill for Docker here | or start a Docker vs. Ansible flame war.) In my personal | experience, Docker images (and docker-compose orchestrations) are | more pervasive than Ansible playbooks and when it comes to self- | hosting for personal use, hosting all my services in Docker has | made it much easier to deploy/maintain them. (Not speaking to | business use cases since in that situation you should really have | a deep familiarity with your tech stack and be able to roll-your- | own Ansible playbook/Dockerfiles.) | | Also, there are so many great FLOSS alternatives to Google Apps. | This repo contains some, but here are some of my favorites: | | * Drive/Calendar/Photos/Keep: - | https://nextcloud.com/ (I prefer this over OwnCloud) | | * Docs/Sheets/Slides - | https://www.onlyoffice.com/ | | * Mail - https://mailu.io/ (basically a Docker- | based deployment of Postfix/Dovecot/etc) | | * Hangouts - Server - https://matrix.org/ | - Client - https://about.riot.im/ - (I prefer | Matrix.org over Jabber/XMPP) | | * G+/Twitter - https://joinmastodon.org/ | movedx wrote: | > In my personal experience, Docker images (and docker-compose | orchestrations) are more pervasive than Ansible playbooks and | when it comes to self-hosting for personal use, hosting all my | services in Docker has made it much easier to deploy/maintain | them | | Are you building every container your self? I hope so: | https://blog.banyansecurity.io/blog/over-30-of-official-imag... | lxcfan wrote: | The two are not incompatible. You can deploy containers with | Ansible. | yjftsjthsd-h wrote: | Indeed:) Ansible will happily interface with pretty much | anything; consider that it officially supports Swarm (https:/ | /docs.ansible.com/ansible/latest/modules/docker_swarm...), | k8s (https://docs.ansible.com/ansible/latest/modules/k8s_modu | le.h...), and puppet (https://docs.ansible.com/ansible/latest | /modules/puppet_modul...) for example:) It makes _excellent_ | glue if used with other things, or a good tool all on its | own. Which is especially nice because it lets you try new | things without changing your overall setup too much; you can | deploy all your services with RPMs, and then move one thing | into docker, and still use ansible for everything:) | ggregoire wrote: | > Not trying to start a Docker vs. Ansible flame war | | Don't worry, they serve very different purposes. You already | probably know but Docker is for running applications in | isolation, while Ansible is for provisioning and configuring | hosts. For instance, you won't use Docker to harden sshd on | your hosts but Ansible. | eeZah7Ux wrote: | Yet they are both security disasters. | bwbmr wrote: | Are there any good resources (besides OP) for using Ansible | in a home-server environment? Especially in a mixed docker + | Ansible environment. | jefurii wrote: | After figuring out Ansible work I started using it to | manage several personal VPS machines and the various boxes | at home. I just used the Ansible docs, which are pretty | good. | chishaku wrote: | They definitely have overlap. People use Ansible for much | more than hardening sshd. | newscracker wrote: | > I would say my biggest piece of advice is to learn Docker. | (Not trying to shill for Docker here | | The first step to learning Docker by downloading it, | irritatingly, is that getting Docker Desktop on Mac or Windows | requires creating a Docker Hub account and signing in! There's | even a long issue thread about this on GitHub and the response | was totally irrelevant! Luckily for those who don't want to | jump through these hoops (through disposable addresses or | reusable shared logins) or provide an email address, there are | many people who have posted direct links to the different | downloads available. | CraigJPerry wrote: | I think you can use chocolatey to choco install it without | going to the docker site. | davestephens wrote: | No need for an Ansible vs. Docker argument when you can combine | them both! | | I run a similar project called Ansible-NAS - | https://github.com/davestephens/ansible-nas - which originally | came about because I fell out of love with FreeNAS, and felt I | could do a better job with Ubuntu, Ansible, and a bunch of | Docker images. | | Sovereign is awesome, I've been watching it for a while, but | I'm not keen on everything being installed directly onto the | system which is what I tried to solve with Ansible-NAS. | | </shameless_plug> | tvanantwerp wrote: | Are there any resources you recommend for learning to use | Docker specifically for self-hosted services in a home lab | setting? | jlkuester7 wrote: | IMHO the official Docker documentation is great! Their | "getting started" page is a good overview of the Docker | basics. https://docs.docker.com/get-started/ The CLI --help | is pretty useful too. I have also found Docker's in-depth | documentation to be very helpful when trying to figure out | the more complex features. | | I got started by just grabbing a $5 DigitalOcean droplet (can | get them with Docker pre-installed) and then played around | trying to setup a simple app. (I think it was RocketChat.) | https://rocket.chat/docs/installation/docker-containers/ | zzzeek wrote: | I run everything in containers and I spin up all the images / | containers from ansible scripts. Am I doing it wrong? I didn't | think these two tools were in conflict. | dcardoza wrote: | They do complement one another but docker has tooling that | solves similar problems. Does docker-compose | (https://docs.docker.com/compose/) fit your needs? | onei wrote: | I tend to run ansible to setup a VM, e.g. a few packages, | lock it down to my taste, and then have ansible run docker- | compose to deploy the application(s) of interest. | | You wouldn't use docker to manage the host networking | (which is where ansible comes in), but packaging whatever | is listening on ports as a container works really well for | me | dragonsh wrote: | Sovereign can be used as is to create linux container with LXD | without any changes. You can create container image and than | use it across your immutable infrastructure. | | Don't waste time in Docker, for this purpose use lxd containers | [1]. LXD containers are more secure than docker in general and | provide support for unprivileged containers for over 5 years. | You can use your ansible scripts to create and manage your | container images the way you manage bare metal or a VM. Indeed | the modern LXD can help you seamlessly manage VM or Linux | container [2], because when you need to directly access | underlying host hardware VM is still more secure than | container. Also with mount syscall interception in version 3.19 | of LXD [3], it is possible to mount NFS inside container in a | more secure way with unprivileged container running in user | namespace. | | Initially docker itself was built using lxc [4], but then | decided to re-invent the wheels to build its own libcontainer | without any significant advantage over lxc, just NIH. Obviously | given all the money which went into docker and than kubernetes | using it. Docker is more famous in spite of being inferior | because of the marketing money spend on it like Java (a | language which is famous because, sun spend over 500 million in | early years of its inception on marketing). Kubernetes is | famous and a valid tool for google level of problems for 90% of | startups LXD is a better fit. This is the same fight like old | times when inferior technology wins due to sheer marketing like | Blu-ray won but rendered not as useful, same is docker. | | [1] https://linuxcontainers.org/ | | [2] https://discuss.linuxcontainers.org/t/lxd-3-18-has-been- | rele... | | [3] https://discuss.linuxcontainers.org/t/lxd-3-19-has-been- | rele... | | [4] | https://vyomtech.com/2014/03/04/docker_and_linux_containers_... | mindslight wrote: | On the general topic of Ansible and personal infrastructure: | | Every time I attempt to use Ansible (or its kin) to manage my own | network, it feels overly obtuse and ultimately unhelpful. Its | gains seem to be rooted in configuring a large number of | _identical_ servers, and isn 't geared for a handful of hosts | with some commonalities and some differences. Writing playbooks | feels like a still-imperative wrapper around shell commands, just | in a bespoke and verbose YAML syntax. | | Instead I am using my own script that runs a tree of files | through a template engine, drops them on each host being | configured, and then runs triggers based on what has changed. | This seems utterly simplistic, lacks polish, eschews common | practices, etc. But the overall configuration seems | straightforwardly grokkable compared to the heavy tools. | asokoloski wrote: | I had a similar reaction, after trying out Ansible at my last | job. We ended up switching to fabric, which is all in Python. | It was mostly good but had some awkward warts, which it seems | that they've mostly addressed in fabric2. Anyway, it might be | worth a look, based on my understanding of your use case. | mindslight wrote: | Fabric seems more down to earth, but doesn't itself solve the | problem of actually defining the configuration of each host. | | Having said that, I am to the point where it would be really | nice if my ssh pushes ran in parallel, which is one of those | robust niceties you give up by going your own way. So I'll | have to revisit Fabric because it would be complementary - | thanks for the reminder! | JackRabbitSlim wrote: | You should check out Saltstack if you haven't already. It's | actually not far from what your doing now... | intrepidhero wrote: | Not a fan of ansible's yaml, but when I setup my personal sever | (1 websever) with ansible I though it was pretty cool I could | duplicate my entire setup in a VM for testing with one command. | Then it saved my butt when I got locked out of my VPS instance | cause I lost the key. Just spin up a new one and run ansible. I | was back online in less than 5 minutes. | | Not saying you couldn't do that with custom scripts, but I | found that when I tried writing my own admin scripts I was | solving problems that the ansible team has already solved. It's | a matter of what you want to spend time on IMO. | bcrosby95 wrote: | I never really saw Ansible as a heavy tool. But a place I | worked at in the past used cfengine, so my barometer for this | is probably a bit different. | mindslight wrote: | You had a point about error checking that I think is | pertinent to my not being in Ansible's niche. If a service | fails to start on a single host, it's because I'm already | tinkering with that configuration and hence will notice the | failure. Whereas with tens of highly similar hosts, you want | to find out about exceptions sooner. I'm actually getting to | this point with some common things (apt upgrade), hence | looking into Ansible again recently. | | Overall my goal is to write very few on-host configuration | scripts, and prefer overwriting files. For example, most | triggers are simply service restarts, which can also be | performed by a full reboot. | crmrc114 wrote: | Dumb question maybe... but why would you not just configure this | yourself on a single virt/host? Most of these services would take | less than a day to configure. So many questions on why this is a | good thing. | | Like, there are countless ways to configure your MTA and spam | filtering- if you are going to have to dig through this config.. | why not just roll your own? | | Can someone explain to me why you need ansimble for this? or am I | just being stupid and this is like an exercise to show what the | toolchain can do? | navaati wrote: | For my fellow HNers, this is "private cloud" in the meaning of | Owncloud, not of Openstack. | choward wrote: | I hear about Nextcloud a lot more than I hear about Owncloud. | Does anyone know why this project uses Owncloud instead of | Nextcloud? | gramakri wrote: | For some history: ownCloud is a very old stable product. 2-3 | years back it got forked into Nexcloud because the founder of | ownCloud had some disagreement about ownCloud's direction. | | Both the products are backed by companies and both are doing | quite well. I would say Nextcloud goes more and more into | expanding it's use case and thus makes it product more | extensible via plugins. This can be good or bad depending on | how you look at it. Plugins go unmaintained/incompatible over | time and are a constant source of pain when upgrading. | Wordpress gets away with this because it has a massive | community. | | ownCloud on the other hand has decided to double down on it's | roots of file sharing/syncing. I heard they rewrote their | stack from PHP to Go now and the frontend is now React. | Tepix wrote: | I think there's an open issue for the switch. Just need a | good pull request by a volunteer... | crashbunny wrote: | This project started before Nextcloud existed, I don't know | why it hasn't switched, though. | AdmiralAsshat wrote: | NextCloud was started as a fork of OwnCloud by a bunch of | OwnCloud devs that were unhappy with the direction the | product was taking. | | You can think of it in much the same way as OpenOffice vs | LibreOffice: devs fork to make a new product, the | "original" product stagnates and is mostly used for rent- | seeking. | | The downside of both is that, to my ears, both "OpenOffice" | and "OwnCloud" better signify to outsiders what the product | accomplishes, while "LibreOffice" and "NextCloud" really | don't, unless you're already familiar with the product or | product history. | nemoniac wrote: | Also Nextcloud puts a LOT more effort into publicity than | Owncloud. | [deleted] | judge2020 wrote: | Based on how long this project has existed, I suspect they | chose owncloud before nextcloud was forked and changing it | hasn't happened/some people don't want to change their | already working installations. | OJFord wrote: | Isn't this just duplicating effort that's probably already been | done, in many cases by the first-party maintainers, in | Dockerfiles? | | I don't mean to start 'Docker vs. Ansible', I just wonder why if | you wanted a quick way to setup a single-server 'own private | cloud' you wouldn't just go with what already exists, and list | the images you want in a docker-compose.yaml file? | | (Which would additionally set you up for 'scaling' if you had any | concern that you might be able to save some cash with a two or | three smaller servers than one big one by the time you'd | installed everything you want.) | thinkmassive wrote: | Not everyone wants Docker installed on their servers. It's not | a requirement with this playbook. | | Furthermore, if you do want to use containers, there are tools | like ansible-bender[1] that use Ansible to build container | images. | | [1] https://github.com/ansible-community/ansible-bender (edited | the link to point to the ansible-community repo) | OJFord wrote: | But I'd have thought if you care that Docker isn't installed | on your servers, you're probably not running this anyway? | | It seems to me that the target demographic is people that | just want the least effort minimal faff way of getting some | services up and running for personal non-production use. And | for that it was my suggestion that many of the services | probably already provide a Dockerfile upstream, so the | easiest thing to do would be to install docker-compose, list | the images, and `up`. | thinkmassive wrote: | This project has nothing to do with Docker, and there are | many reasons why someone would want to avoid running Docker | on a server (a separate issue from using containers). I'm | confused about why you think Docker is relevant to this set | of Ansible playbooks, and also why this would only be | suitable for "personal non-production use." | | The only requirement for a remote host to be managed by | Ansible is python, and even that can be installed by | Ansible itself using the `raw` module on an initial run | with nothing but ssh access. | | No need to gather a bunch of random Dockerfiles from | various places, tweak them to be compatible, and create a | docker-compose file from scratch... how is that "the | easiest thing" when this is a complete set of Ansible | playbooks where the work is already done? | OJFord wrote: | I meant easier than creating these Ansible playbooks from | scratch, when many if not all of the playbooks will do | the same required steps as have already been encoded in | Dockerfiles in many cases by the maintainer of the | upstream project (the one being deployed) itself. There | certainly could be value in collecting that in one place | still. | | The first line of the readme says it's for a 'personal | cloud'. | thinkmassive wrote: | The initial commit of this repo is from August 2013, a | few months before the first public beta release of | docker-compose. | LinuxBender wrote: | This looks useful. Is the fork more out of date than the | source it was forked from, or am I reading the dates wrong? | thinkmassive wrote: | Oh, good catch, I would use https://github.com/ansible- | community/ansible-bender | | I just copied the first link that showed up in a search, | which looks like it's the personal repo of the project | maintainer but is pretty far behind the upstream repo now. | _jal wrote: | Isn't docker just duplicating effort that's already been done | in LXC or jails? | OJFord wrote: | Are LXC and jails polularly used by maintainers of projects | like owncloud, readlater, and such that Sovereign installs? | | I explicitly said that I wasn't making it about Docker vs. | Ansible - I don't care - I just mean that Docker is very | often used by first party maintainers (and if not by someone | else) to package these services, so use what's there; if it | had happened to have been something else that took off in | that way, an Ansible playbook say, then that, but it's | Dockerfiles that are in that position. | slowhand09 wrote: | This is dated 2015. I hadn't heard of Docker in 2015. | OJFord wrote: | That's as may be, but it did exist, and was popular. | gramakri wrote: | For those in the market to run a private cloud, please try | https://cloudron.io . Our motivation is to make it simple to | selfhost apps . The main advantage is that we take care of | automatic updates across all the apps we package. Happy to answer | any questions. | | Disclaimer: I am the co-founder | jlgaddis wrote: | Is it really self-hosting if you're running it on someone's | cloud? | wpietri wrote: | Definitely. | | I mean, you could play an infinite regress game. Do you own | the hardware? Do you own the cage the hardware is in? Do you | own the building that the cage is in, and the land that the | building is on? And then we can go toward owning the power | company and the connections to anybody your servers talk to. | | But in practice, self-hosting is about control. If what | you're running it on is a commodity cloud instance that you | could get from a half-dozen providers, then any one cloud | provider has very little leverage over you. | Tepix wrote: | No. If you have dedicated hardware (rented or owned) and | full disk encryption you have decent control over your | data. On a virtual server you have no control and no | privacy. | gramakri wrote: | I think like many other terms like 'cloud', 'private', 'start | up' there is a lot of gray area :). It's up to you where you | draw the line. For me, self-hosting means running software in | a manner where I have control of the data/application code | and the server. With that definition, running software on | EC2/DO/Linode is self-hosting. When I self-host using these | servers, I know what the server is running and where the data | resides. | | Also, I think there are other similar popular terms. For | those who run in their own premises, the term is on-premise. | For those running it home, usually they call it home | lab/NAS/home server. Self-hosting to me encompasses all this. | | Also, self-hosting doesn't necessarily mean just open source. | There are some amazing closed apps out there that you can | self-host - emby, confluence, teamspeak to name a few. | | Two of my favorite spots - https://github.com/awesome- | selfhosted/awesome-selfhosted and | https://www.reddit.com/r/selfhosted/ | ocdtrekkie wrote: | I think it's also important to highlight that perfect is | the enemy of good. I moved from Google services (A) to an | open source platform... that I was paying them to host on | Google Cloud (B). Sure, it's still at Google, but the | ability for Google to mine data from it is significantly | reduced. Of course, later, I moved to hosting it in-house | (C), where I have direct physical control. | | It's likely if my choices were A or C, I'd have never left | A. But that B option eased the transition for me, and made | it possible for me to get to the point I felt like the | investment was worth it to create a fully on-premise | solution. | | There's a part D to this too, actually: I'm still using a | service to manage the DNS and TLS for it. Eventually I | should be able to move away from that too. But without the | intermediate step, it'd be too prohibitive and frustrating | to have moved to step C. | gramakri wrote: | Great point about D. I self-host at home (it's a | thinkcenter m600) but it depends on external services. I | use DO DNS and Let's Encrypt TLS, backup to S3. Not to | mention I rely on comcast for internet and public IP! | solarkraft wrote: | Interesting stack. From a first glance it seems to be a bunch | of self-made Dockerfiles with an extra manifest. I like the | idea, but wouldn't want anything proprietary for this | relatively simple task. | | I suppose this product isn't for me anyway, since eventually | (not that long ago) I just bit the bullet and learned the | basics of Docker and docker-compose. It's not that hard, costs | nothing and is pretty rewarding, imo. | zapt02 wrote: | For anyone looking for a free alternative to this, check out: | https://caprover.com/ | | It has many of the same apps as Cloudron and is completely | free. And you can of course host your own Dockerfiles on top of | it. | | I think the pricing for Cloudron is way off. I'm not going to | spend 5 dollars per month for a DigitalOcean droplet and then | 30 dollars per month to host a few open-source apps on that | Droplet. Especially since CapRover does 99% of this for free. | jophde wrote: | I currently just let my desktop run constantly. It runs Windows | in a KMS for games and sleeping breaks it so I never even | suspend. It only seems to use about $10/month in power. I have | been considering using DDNS through my router and Cloudflare and | trying to create a iOS/Android app that will automatically upload | my photos to the my DDNS for storage on my desktop. It feels a | little crazy but the idea of syncing my photos to my own machine | with no middle man is comforting. | | DDNS seems like it's a local too good to be true for solving the | dynamic IP problem. I'd prefer to have a static IP for my gigabit | Internet but sadly Webpass doesn't allow it. Does anyone have | experience doing something like this? | Annatar wrote: | Quit this damn nonsense with Ansible or whatever garbage fashion | fad is in vogue these days and finally learn how to make OS | packages so you can do configuration management with normal shell | scripting inside of them, because that's what it's for. The | amount of incompetence and insanity from incompetence has gone | too far. Damn it, this is exactly why IT sucks so bad!!! | skube wrote: | Not sure why you are being downvoted. There are way too many | people posing as engineers out there inventing all sorts of | stupid shit. If you can't deploy the software you write you | shouldn't be writing software - period. | ex_amazon_sde wrote: | HN has decided that running arbitrary commands on your | production systems is OK. | | And that doing packaging, staging with CI/CD and immutable | infrastructure is unnecessary. | | FAANG companies clearly disagree. | davestephens wrote: | Maybe you've never worked with someone that sucked at shell | scripting, or packaging. | | Ansible is awesome for enabling people to do reasonably | complicated things in a consistent manner, at scale, without | having to write all of the boilerplate code to be able to do | so. | | This is forgetting the fact that Ansible is reasonably | opinionated, which is great for lowering the barrier to entry | and helping devs/admins to be productive quickly. | | When I just need to Get Shit Done, Ansible is awesome. | wtf1234 wrote: | > lowering the barrier to entry | | That's the opposite of a good thing. | | > When I just need to Get Shit Done, Ansible is awesome. | | "just" is the keyword. "just" instead of caring about long | term maintainability and security | djsumdog wrote: | I wrote something similar that's custom for my personal | infrastructure: | | https://github.com/sumdog/bee2 | | There are some blog posts in the README that go into how I built | a lot of it. A lot of it is specialized for me though. I have a | ton of rspec/tests but I don't have a real config schema or | entirely useful error messages. I might add some in the future. | | Looking at the list in this, I'd advice against | nextCloud(ownCloud). I recently setup their official Docker | containers and the web piece works alright, but their F-droid app | continually crashes and I had to uninstall it and the nextcloud- | client in Gentoo's package manager segfaults at home and refused | to build at work. | | I've read other stories of data loss with nextcloud. It might be | better now but my initial experiences made me use syncthing. | Syncthing does use relays if you're behind a NAT, but if you have | openvpn setup, you can also force it to use a direct IP address | as well. | | If you're thinking if self hosting and have the time, I'd suggest | building it yourself; borrowing (and properly | accrediting/licensing) other open source projects, their ansible | scripts and containers and such. You learn a whole lot about why | this tooling is so complex. | cs702 wrote: | Does anyone here on HN have experience _using_ Sovereign in a | team setting? I have a few questions: | | * _Mobile contact and calendar syncing_ : How well and reliably | does it work? | | * _Calendar group features_ : how well do they work? | | * _Setup and maintenance_ : how much hassle is involved? | ses1984 wrote: | Doing that stuff is hard. | | Sovereign doesn't solve all your operational problems. | | I think it's suitable for personal use. I wouldn't run it in a | production setting without thoroughly understanding all parts | of the stack. | | I would say it's good for personal use or to demonstrate what | ansible is capable of. | fak3r wrote: | I've used this project off and on for years, and it's always | worked perfectly. I'd have an infosec conference to go to, I'd | setup a host with wireguard, give my friends the cert, we'd all | tunnel out though that, then tear it down after the con. Total | cost a few dollars (most are $5/month) | TheFiend7 wrote: | This looks super cool. | | Though somewhat offtopic, this line absolutely cracked me up. | | >A VPS (or bare-metal server if you wanna ball hard). | | I can appreciate a sense of humor. | Tepix wrote: | Wow, didn't expect to see Sovereign at the top of HN today! I'm | one of the project contributors. | | If this project piques your interest, please consider | contributing! We could really need more helping hands. | | Ansible is easy to learn and most (not all!) problems due to new | versions are easy to fix. | | Also, if you only want to use a fraction of what Sovereign has to | offer to reduce your server's attack surface, that's easy! Just | follow the instructions. | dguido wrote: | There are so many servers and apps being installed by Sovereign | that I'm certain few would be able to keep it secure | (https://github.com/sovereign/sovereign/wiki/Software-used- | by...). The big win for the cloud is that you're paying a | fraction of the cost for access to a, typically, enormous | security and operations team. If you want to build software like | this that allows people to self-host, you need to scale down what | you deploy to what a single person can reasonably manage. This | isn't it. | | Fun todo: Install this somewhere, nmap it for open ports, then | ask "How many of these services had a remotely exploitable CVE in | the last year?" "If one of these services had one tomorrow, would | I know to patch it and take action faster than someone would | takeover my box?" I don't see any containment mechanisms on any | of these services beyond what's included by default so a | compromise of one service likely leads to total compromise of the | entire box. | | I had to think about this a lot with AlgoVPN | (https://github.com/trailofbits/algo), and we built a system with | no out-of-the-box remote administration, strong isolation between | services with AppArmor, CPU accounting, and privilege reductions, | and limited third party dependencies and software. You can't | count on a full-time, expert system administrator. | PaulRobinson wrote: | fail2ban and rkhunter are in the kit, and that offsets some of | the issues: you get some assurance and protection right there | out of the box. | | You can also comment out the bits you don't want from | https://github.com/sovereign/sovereign/blob/master/site.yml | before you run the top level playbook. | wpietri wrote: | This touches on a problem I've been thinking about a lot. AWS, | etc, have solved the problem of hardware operation. | Containerization is doing the same for OS operation. I think | the next thing is _app_ operation. | | For some things, I'm happy to use SaaS providers, where they | are responsible for the whole stack. For others, I'm happy to | use apps, where they just provide the code, and I provide the | platform. But for a number of things, I want something in | between: I provide storage and compute, they provide code and | operations. | | Bitwarden for me is a good example. They're a password manager | who provides their backend as a docker container anybody can | run. I like that, as I don't really want them to have my data, | and if they go out of business, I don't want to be cut off from | my passwords. But I won't run the backend myself, because I | don't have the time and expertise necessary to make sure it | stays secure. | | Another good example is photo hosting. I would rather keep all | my photos on space I control. But I also need modern, | maintained software for syncing, serving, and controlling | access to photos and related data. I'm happy to pay somebody to | make and maintain that software, but not nearly as happy if | that means that at any point they might shut down and take my | data with them. | | I suspect we're headed toward a future where people like | Synology and Digital Ocean sell storage+compute, and then other | companies sell and maintain user-selected software that runs on | those environments. Basically, some sort of app store for | servers. But I'd love to see this happen in an open, | nonproprietary way, as the drawbacks of Apple's and Google's | app stores have become pretty clear. | omnimus wrote: | Maybe something like this https://remotestorage.io/ becomes | popular. I would love to make apps that use user owned | universal storage/server. | yjftsjthsd-h wrote: | Sandstorm was a really nice solution to this, but it required | each app to be integrated with it, which I personally think | is what killed it. (Which sucked, because for what it | supported it was the best option available) | ocdtrekkie wrote: | Please don't past-tense Sandstorm! The community is still | working on it. Albeit a little slower. ;) | wpietri wrote: | Ah, interesting! Just reading the home page wearing my | developer hat makes this stand out: "Each document, chat | room, mail box, notebook, blog, or anything else you create | is a "grain" in Sandstorm. Sandstorm containerizes each one | in its own secure sandbox from which it cannot talk to the | world without express permission." | | The notion that every document is its own independent unit | sounds pretty menacing to me. Could be fine for some | things, but getting things running there is sounding like a | fair bit of work to me, and very limited. | | And then this part is especially bad: "[maybe someday] You | won't have to deal with payments | Eventually, we hope to | make Sansdtorm implement in-app purchases and deposit the | proceeds directly to your bank account" | | Right there a lot of incentive to integrate has leaked out. | "Please build for our platform in exchange for no money" is | not quite the worst offer I've had, but it's definitely not | appealing. Looking through the Wayback machine, I see | | But the part that really concerns me is that they seem to | think that server apps can run like mobile apps. To me one | of the most powerful things about SaaS products is that the | aggregated use information drives both product and | operational improvements and allows rapid response to bugs | and issues. So as a developer choosing between this and a | SaaS approach, this feels like having one foot in a bucket | to me. | | For example, I recently outsourced my mail hosting to | Fastmail precisely because I want experts to run things. | Would I be happier if the data were stored somewhere I | control? Definitely. But not if that means the experts | aren't paying attention anymore. | ocdtrekkie wrote: | Sandstorm's design is a little bit menacing! And it does | require a fair bit of work sometimes to fit web apps not | built for Sandstorm into Sandstorm's model. (The holy | grail here is apps built for Sandstorm, but the platform | needs to be bigger before more developers do that.) | Usually packaging for Sandstorm largely entails locking | an app into a single-document model, and stripping out | authentication (since Sandstorm handles it). | | But the end goal is pretty well worth it: Any grain is | incredibly secure by default, and for the most part, app | vulnerabilities are irrelevant. A grain where only you | have access doesn't need any sort of authentication or | security in the app at all. And since each document is | it's own sandbox, sharing a document with someone doesn't | give them a way in to exploit access to your other | documents as might happen with a vulnerability in a more | traditional design. | | The business model story for selling Sandstorm apps isn't | super great right now, you probably could have a | licensing model that requested network access through the | Powerbox to check the license or something, but in many | cases, there's already a wide variety of great open | source apps that are free and just frustrating to host | and manage without a platform like Sandstorm (or | Cloudron). (EDIT: Now that I think about it, Sandstorm | used to have a paid license key/feature key system that | made no callbacks, I think the licensing info was | encrypted asymmetrically.) | | As for your support of SaaS data collection, I just can't | really agree with you: People who want to give data to a | developer can choose to do so, but I think it's ethically | wrong to collect data without permission. (Sandstorm | servers do have the ability to opt in to provide basic | app usage data back to Sandstorm's development team.) | | I love FastMail, and have been an enthusiastic customer | since 2016. :) | newscracker wrote: | > Fun todo: Install this somewhere, nmap it for open ports, | then ask "How many of these services had a remotely exploitable | CVE in the last year?" "If one of these services had one | tomorrow, would I know to patch it and take action faster than | someone would takeover my box?" I don't see any containment | mechanisms on any of these services beyond what's included by | default so a compromise of one service likely leads to total | compromise of the entire box. | | This is the same concern I have with self-hosting anything with | sensitive personal information on it. Without continuous | monitoring, alerts and periodic review of audit trails, it's | anybody's guess what's going on with all the self-hosters' | data. With larger companies that provide a SaaS solution, | there's a little more hope that someone is looking at this | seriously all the time. | Tepix wrote: | You're not expected to use and install all of the services | offered by Sovereign, just as you're not expected to install | all packages of your Linus distribution. I guess we need to | make this more explicit in the documentation. Just pick | services you plan to use during the installation phase as | outlined in the instructions. | Domenic_S wrote: | The documentation instructs you to pick the services you plan | NOT to use: | | > _Don't want one or more of the above services? Comment out | the relevant role in site.yml._ | slovette wrote: | Is there a benefit to doing this over something like Cloudron(1)? | | I see this being for people that just want things to work without | much of the effort to make it so. If that's the case, a simple | web UI that treats all the little solutions as "apps" in a way | makes sense. Not plugging here, just curious to the practical | everyday differences. | | 1. https://cloudron.io | ocdtrekkie wrote: | Cloudron.io seems pretty nice, speaking as someone who | uses/works on a different platform (Sandstorm.io). Cloudron is | going to cost you money if you want the benefits of automatic | updates and the like, which is a downside for some (I think | paying for good products/services is worthwhile), but I | absolutely think making management of a ton of apps simple like | a phone is the key to self-hosted online services. One of the | biggest features of a good self-hosting platform should be | unified authentication and identity, so you aren't managing | your account on a dozen different apps. | | I've always been impressed by Cloudron's well-maintained app | library and constant march of major feature improvements to the | platform. | rlander wrote: | Just wanted to mention that Sandstorm is awesome. For some | reason, despite being around for years, I only found out | about it recently. I really think that it should be way more | popular than it currently is. Lots of apps are outdated, so | I'm planning on investing some personal time to contribute to | it. | ocdtrekkie wrote: | By all means, hit us up on the mailing list or in IRC if | you have any questions or need any help! | choward wrote: | One of the most important things when managing data is not losing | it. Does this have a solution for doing backups built in or do | you come up with your own solution like using something your web | host provides? | tzumby wrote: | I haven't used this myself but it looks like it uses nightly | encrypted backups using Tarsnap | nemoniac wrote: | Did you miss the bit about tarsnap? | choward wrote: | Apparently I did. Oops. | say_it_as_it_is wrote: | Could anyone describe what this means without the marketing | cloud-speak bullshit? | Ohn0 wrote: | It's using ansible to setup and configure a bunch of open | source applications for common "cloud" apps like email, files, | rss, etc. | jj11837 wrote: | Seriously, this technology isn't new. | slowhand09 wrote: | True, but its new to some people. Probably 1/3 of the | articles posted on HN are several years old, but still new to | some people. | apetresc wrote: | It's abundantly clear in the README. Every single component is | spelled out. Did you only read the title or something? | ainiriand wrote: | You really have a very good username. | say_it_as_it_is wrote: | living up to it as best I can ___________________________________________________________________ (page generated 2020-01-30 23:00 UTC)