Hi everyone, I posted about my Safebox project earlier, but now I’d like to hear your thoughts on something a bit broader. I’ve been noticing a pattern in self-hosting communities, and I’m curious if others see it too.
Whenever someone asks for a more beginner-friendly solution, something with a UI, automated setup, or fewer manual configs, there’s often a response like: “If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting.”
Sometimes it feels like a portion of the community views complexity as a badge of honour. Don’t get me wrong, I love the technical side of self-hosting. I enjoy tinkering, breaking things, fixing them, learning along the way. That’s how most of us got into it.
But if we want more people to own their data, escape Big Tech, and embrace open-source alternatives, shouldn’t we welcome solutions that lower the entry barrier?
There’s room for:
- people who want full control and custom setups
- people who want semi-manual but guided
- people who want it to work with minimal friction
Just like not every Linux user compiles from source, but they’re still Linux users.
Where do you stand? Should self-hosting stay DIY only or is there value in easier, more accessible ways to self-host?
Safebox aims to make self-hosting more approachable without sacrificing data ownership, so I genuinely want your honest take before releasing it more widely.
Some technical highlights of the project, for those interested:
Safebox runs on Linux, macOS, and Windows, supports both x86 and ARM64 (including Raspberry Pi, Banana Pi, and others), and handles domain/subdomain setup, Let’s Encrypt certificates, DNS configuration, reverse proxy (nginx), and also offers WireGuard-based remote access.
The project is currently in beta, and we’d really appreciate feedback from anyone interested in testing it, whether it’s about usability, stability, features, design, or honestly anything at all. You can find all the info about beta testing on our Discord channel.
If you’d like to try it out, check the Github repo: https://github.com/safeboxnetwork/framework-scheduler
Website: https://safebox.network/
Discord: https://discord.gg/aBP8bz6N8J
Thanks in advance to anyone who gives it a look or shares their thoughts.
A couple points:
I dove into self-hosting several years ago and ultimately I think I found the experience quite welcoming. I also don’t know that Safebox has a lot to offer over well-established alternatives these days like Unraid or TrueNAS, which have large user-bases and a depth of support articles to help admins better understand what they’re doing and how to do it. It’s true that not everyone would want to do this as a hobby. No one wants their services to break, or their data to be lost, and more tools that make it easier to prevent these scenarios are helpful. With that in mind, I am not left with a clear understanding of how Safebox is meant to provide safeguards here.
I used the word “admin” in the previous paragraph for good reason. Self-hosting makes you the administrator, and it means that you, the administrator, have the power to make mistakes. My recommendation is not to talk down to your users. Someone interested in self-hosting should be aware of the potential security implications of what they’re taking on, alongside the risk to their data and that breaking changes are something they can and will make along the way. If you really want to make self-hosting accessible, then the documentation for your tool needs to be accessible too.
A user should be able to learn why these elements are important and how they work together. Talk about the limitations of running it on a raspberry pi vs a workstations or server. What’s a reverse proxy? Is WireGuard good? This doesn’t mean the average person needs to know how to configure detailed permissions or application configs, and if the goal is to provide a repository of pre-hardened Docker configs for use then that’s cool too, but there should never be a barrier to the information itself. Especially as it is relevant to the tool you’ve built.
I think that fundamentally, you’ve built a good tool that simplifies things someone who is already familiar with its components, and where it needs to improve is by expanding to help new users familiarize themselves. Education is as big a part of accessibility as the ease-of-setup.
Thanks your detailed feedback, I’ll try to go through all your points.
When we said Docker, we meant the desktop version, basically so anyone can try Safebox on their own desktop and check out the early product. We also added an auto docker install for server setups a few days ago.
You’re right about the docs, they’re still in the works, and proper documentation will be released soon.
That other post you mentioned got a bit too heated, so the mods took it down. Definitely wasn’t our intention to stir up tension, and it wasn’t about not liking the answer or linking it to the product. Right now we’re mainly looking for early feedback and for people curious enough to help test things out.
Thanks for explaining your point of view and your suggestions. It means a lot for us in this early state, and looking forward of any future feedback of your about the actual product.
As a non-coder interested in self hosting and somewhat aware of cybersecurity, this is the most relevant take for me.
An application that facilitates safe self-hosting of many different service is great, however for it to be actually safe and useful it must either be a cybersecurity service keeping up with the pace of threats (which is essentially the corporate closed source model) or from the ground up be an educational platform as much as an application. Documentation needs to not only be comprehensive, but also self-explanitory to a non-technical audience. It is not enough to state that a setting or feature exists, it must also be made clear why it should be used and what the consequences of different configurations are.
This approach is almost never done effectively by FOSS projects unfortunately. Fortunately I think we are at the point where it is completely feasible for this type of educational approach to be fully replicable and adaptable from a creative commons source to the specific content structure of the application user manual using LLMs (local ones). The big question is, what is the trusted commons source of this information? I suppose there are MIT and other top university courses published for open use online that could serve as the source material, but it seems like there is likely a better formatted “IT User Guide Wiki” and “Cybersecurity Risk and Exploit Alert List” with frequent updates out there that I’m not aware of, perhaps the annals of various cybersecurity and IT associations?
Anyway I’m aware this is basically calling for another big FOSS project to build a modular documentation generator, but man would it help a lot of these projects be viable for a wider audience and build a more literate public.
We created Safebox mainly to make self-hosting easier, and proper, complete documentation is definitely something we want to provide, it’s already in the works. We also thought a lot of people might learn from it, but the scope is huge, so we’re still figuring out the right balance.
Should we cover the basic concepts too? How deep should we go? Introducing the software itself is the easy part, explaining all the related concepts in a clear, non-technical way is the real challenge.
Our goal isn’t to turn Safebox into a full-on cybersecurity course, but we do want users to understand what’s happening and why certain features matter, so they don’t feel lost.
As for the sources you mentioned, I have to admit I’m not entirely sure either. During my university studies I only touched on cybersecurity partially, mostly around the risks users face and how they respond. Yes, there definitely needs to be some basic guidance on security, what the main risks are and how to keep yourself safe. Honestly, I think this could work even better as a community project, where different people can contribute their own approaches and share experiences on how they protect their setups and what has worked for them.