this post was submitted on 02 Jul 2026
115 points (95.3% liked)
Selfhosted
60366 readers
604 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil.
-
No spam.
-
Posts are to be related to self-hosting.
-
Don't duplicate the full text of your blog or readme if you're providing a link.
-
Submission headline should match the article title.
-
No trolling.
-
Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Congratulations on the new domain name! Now what? Well, first you don't tell anyone here what it is. /s Since you are already with Cloudflare, why not go all out and set up Cloudflare Tunnels/Zero Trust? Once you install Cloudflare Tunnels/Zero Trust on the server, you no longer need to do all that port fiddling, NAT fiddling, none of that. If you decide to go the Cloudflare Tunnels/Zero Trust route, I have some set up notes you might find beneficial. I'd be more than happy to share them. It isn't that setting up Cloudflare Tunnels/Zero Trust is hard, but it was a bit touch and go for me, but I got there, and wrote that shit down. LOL
@pmk@piefed.ca has some great advice about documentation. DO IT! Write everything down during deploy. After a successful deploy, distill your notes and clean them up. Make them a part of your 3,2,1 backup scheme.
I just don't get this take of getting your own domain and seld-hosting, but run it all through cloudflare. Its sad.
some folks dont want to manage a server and instead just host a static site at something dot com and move on. being an eng for well over 25 years now, i really only care to expose what i self host at home to the public through wireguard and then “locally” hit my svcs. wireguard goes down? cool. fix when i get home.
I absolutely agree, to the point where I thought you were agreeing with a different post I made. This is the way!
There are lots of free or nearly free ways to host a static site with your domain, and basically walk away from it for years at a time just fine. I wouldn't use Cloudflare just on principal for just static site hosting, but its fine I guess. All the software forges host pages for free, and a bunch of smaller outfits like Neocities. Even a static site on a VPS is nearly zero maintenance. When was the last time there was a CVE for remote code execution that would effect a Linux VPS hosting only a static webpage via Caddy or Ngnix and key-based SSH? (I don't actually think there has been one).
Absolutely, I use a VPN for self hosted services I can't be bothered to secure properly and don't need exposed to all that mess. Wireguard is amazing. I used OpenVPN for years and it was such a pain in the ass mobile. I remember when it first came out, I set it up and made a SIP VoIP call with my phone. I could toggle between WiFi and cellular networks without the audio even glitching, let alone a call dropping. That was honestly like black magic back then.
Awww don't be sad bro.
I ain't your bro, pal. ;)
You're still my brother man no matter what.
That's a gatekeeper-ass take. It isnt sad in any way shape or form. What an elitist proclamation.
If you build your own infra internally and want a billion dollar industry to be your point of entry because you're not confident in hardening a vps or don't wanna pay for that on top of everything else (yet), so the fuck what?
🙄
Get bent. If cloudflare goes down again (for another whole handful of minutes, the horror!!) they are clearly ramping to make the jump to a VPS when the finances and/or cybersecurity chops feel ready and the needs arise. "Sad"? Please. Get off your high horse. You make the rest of self hosters look bad.
Sorry to have made you upset. I consider Cloudflare to be the "gatekeeper" here.
I have seen all the walkthroughs and it looks like the worst of both worlds -false sense of security and more complexity and weird non-transferrable knowledge than first glance. I suggest they use a VPN to connect to anything you can't secure easily, as there are lots of options, and far smaller attack surface than a Cloudflare "protected" (hint: its not protected from anything but the lazyest automated attacks) proxy.
Note: I understand moderate sized businesses using Cloudflare because DDOS attacks for ransom are a thing and a days outage can cost a lot of money. But its a protection racket and I don't blame victims.
I think you missed my point. You are mistaking your preferred architecture with moral superiority.
Cloudflare is not “gatekeeping” someone from self-hosting. It is an optional tool. A person choosing to use it because they are new, budget-conscious, or not ready to expose services directly is not sad, fake self-hosting, or somehow philosophically impure.
You can absolutely argue that Cloudflare has tradeoffs. That is fair. It adds dependency, abstraction, and vendor-specific knowledge. It is not magic security dust. No disagreement there.
But telling a beginner “this is sad” because they are using a mainstream protective layer while learning is exactly the kind of gatekeeping that makes self-hosting communities hostile to newcomers.
Also, “just use a VPN” is not a universal answer. VPNs are great for private admin access. They are not always the right solution when someone wants family members to access media or services without managing VPN clients, device support, troubleshooting, and onboarding. Different threat models, different usability needs.
The helpful response would have been: “Cloudflare can be useful, but understand what it does and does not protect you from. Don’t expose admin panels. Use MFA, strong auth, least privilege, good backups, updates, reverse proxy rules, and keep anything sensitive behind a VPN.”
That is useful advice.
“This is sad” is just self-hosting purity signaling.
I have tagged you as "selfhosting gatekeeper" for future reference.
I mean, there's a difference between not gatekeeping when talking about cloudflare and completely waving Cloudflare's banner on your front lawn.
So yeah, I wouldn't have phrased it the way original comment was phrased, but holy cow, bro... Cloudflare is far from perfect and the people that will have existential problems with Cloudflare are very likely to be self-hosters.
I'm not out here to Stan for cloudflare. It's just a totally valid tool for the job, there are valid reasons to use it, and as we agree, it's not productive to tell a newcomer that their choice of meeting their needs is "sad"
In fact, it's an unwelcoming thing to say. If we want folks to stop using cloud services, we can't shame the valid paths to get there.
There's nothing wrong with wanting to keep corporations out of your stuff. Everything ran by them is constantly enshittifying. It's their nature to do so. What happens when cloudflare rugpulls you?
There's plenty wrong with shaming people en route to that path for not being 100% there.
That is all I said.
They didn't shame anyone, they said they didn't understand their reasoning for doing it.
They literally led by throwing shame unto OP.
That's how they opened their response.
It is not sad. Suggesting it is sad is a "gatekeeper-ass thing" to say.
Saying something is sad isn't shaming it. It's saying it makes you sad. Which can be caused by whatever depending on the purpose. You wouldn't say someone expressing that at a funeral was shaming the deceased would you?
I think your life is sad.
Let me know how you took that.
Welcoming? Adversarial?
Well, I'd say you're right, but I don't know how you could have enough information about me to make such a determination just from this short conversation.
Right. And nor does Jason have enough info on OP.
So it comes across, as I said, as a "gatekeeper-ass" thing to say in the context of OPs journey to self hosting.
Where they are is in no way "sad". Except if you're being an adversarial gatekeeper dick about purity.