this post was submitted on 30 Dec 2024
48 points (94.4% liked)

Selfhosted

49084 readers
1010 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
48
Experience with Yunohost (yunohost.org)
submitted 6 months ago by mr_pip@discuss.tchncs.de to c/selfhosted@lemmy.world
12 comments fedilink hide all child comments
 

I was wondering about the pros and cons about self hosting your services via Yunohost. I currently have all my services hosted in docker containers on a Debian homeserver. As I was planning on a fresh install, setting up an Ansible script to simplify backup & restoring and bake in a centralized user management system (currently I annoyingly have separate passwords for each service for my 5 users).

Now I was wondering if I could get some experience reports from Yunohost users. What are the problems you faced? Are you satisfied? Are there so many services you couldn't find that you rather went the selfhosted way and integrate Authelia or a similar service? Any ideas and feedback is welcome that can help make up my mind.

top 12 comments
sorted by: hot top controversial new old
[–] haverholm@kbin.earth 17 points 6 months ago

I tried Yunohost once, and everything worked as long as I stuck to the officially supported apps. The community forum was supportive within reason, and would respond with advice fairly quickly. When I reported an error with an unofficial app, however, I was instantly told off that I shouldn't expect any help.

Now, having used and admined my Linux desktop systems for a decade (without claiming to be an actual sysadmin), I nosed around the system a bit and to my eyes it seemed a right mess of app and user folders, permissions and containers. Surely, a combination of my limited understanding of server apps and a system that is made primarily for GUI use to make administration easier for beginners.

What I mean to say is, if you already run a set of working docker containers, you're probably more advanced than the intended Yunohost user. I was that half ounce more literate that I became frustrated with the GUI-centric setup, and imperial pounds too illiterate to actually muck around in the command line.

Look at it this way, Yunohost offers a fraction of the apps available on Docker, and not all of them are maintained. They do offer a graphic admin interface and out-of-the-box working setups (or did five years ago when I tried it).

[–] MangoPenguin@lemmy.blahaj.zone 7 points 6 months ago (1 children)

I tried it, but not knowing what was going on under the hood made me worried about how I would fix anything when it broke, and how timely updates to software would be. I also don't think it had any kind of central user management for the installed apps.

If you're already familiar with docker I would stick with that.

[–] hendrik@palaver.p3x.de 2 points 6 months ago* (last edited 6 months ago) (1 children)

It has user-management, though. YunoHost comes with LDAP, provides email addresses to all users, a permission system to allow what groups of users can acces which services... And they integrate that into the individual services. That is, if they have some LDAP plugin. A decent amount of services can't be tied into their user system. But it works flawless for chat, Nextcloud and the main contenders...

[–] MangoPenguin@lemmy.blahaj.zone 1 points 6 months ago (1 children)

Interesting, as I remember it didn't do integration with a lot of apps, so you end up with some that have auth and some that don't at all, and some that you have to manage auth internally.

[–] hendrik@palaver.p3x.de 2 points 6 months ago* (last edited 6 months ago)

That is correct. Most big apps have LDAP auth and YunoHost will have them integrated into their system. But lots of other apps don't have that, or it's complicated for other reasons... And you'll end up with those not integrated and seperate. They show you the level of integration somewhere.

[–] Ulrich@feddit.org 5 points 6 months ago (1 children)
  1. Unable to host apps without exposing them to the web
  2. Despite a simplified GUI, a lot of the system is still dependent on CLI
  3. they make you use subdomains and / as well. Like blog.website.com/blog
  4. Outdated apps (some much more than others)
  5. Poor/no support when something goes wrong
  6. An entire Debian generation behind (not sure if that one matters but it is weird)
  7. Can't run multiple of the same service

I've tried them all and it's overall the best but still has a whole lot of room for improvement

[–] jawsua@lemmy.one 1 points 6 months ago

I've run Yunohost for quite a while and a few of these are inaccurate

1). maybe, if you're putting it in a VPS. But there's also VPN, Tailscale, and I believe Headscale apps available 2). I've barely ever run the CLI, especially for Yunohost commands. Even for system and package updates, its not necessary. I do wish there was a built in terminal tho 3). eh, I mean sometimes but its per-app and its either-or. so typically I'll check the install page for subdomain and set that up. And remember, some of that is upstream constraints 4). yeah, that's the most annoying one, tbh. But the ones that are starred or maintained are typically very good, 5). I've had good times and bad on the forums, about par for FOSS. heard gokd things about the chat. And for maintained packaged, github issues are answered quickly IMHO 6). I mean, its 12 now and you want it stable. Update your sources.list if ya want 7). this is only true of some few apps, but almost always its listed in the install screen.

I kinda agree, but I've been very impressed with Cosmos Cloud. I ve got the full 400 package marketplace, and having all that on docker, auto-updates, and good user auth is nice.

I'm using it as a frontend/services and Yunohost as a backend/datacloud/DevOps since it seems to be more robust and reliable long-term. The user management, email, XMPP, and (mostly) transferrable auth is top notch, not to mention default hardening like fail2ban, GUI ssh port shift, LEcerts, etc. Just wish they'd add in a docker system like Cosmos, it'd really fix most of the problems, IMHO

[–] leraje@lemmy.blahaj.zone 3 points 6 months ago

If you stick to the apps that are indicated as being well supported it's good. The main reason I use it is because I'm part of a team that includes people not comfortable with the command line so having a web interface to manage a server means not everything falls on my shoulders.

[–] compostgoblin@slrpnk.net 2 points 6 months ago

I am a relatively new Yunohost user, and I’m a big fan. I’ve dabbled with Docker, but I’ve never been quite able to figure out how to make it work. Yunohost took the hard part away and made it pretty easy to set up.

That said, I don’t view it as a long term solution for me. I don’t like not really knowing entirely how it works, and I’ve had issues trying to configure the reverse proxy to connect it with a domain name. (I purchased one from Porkbun, which is apparently not supported.) Until I learn a little more, though, I like it.

[–] Geth@lemmy.dbzer0.com 2 points 6 months ago

I was in a similar situation as you, with an existing docker solution, looking for something easier to manage. Yunohost had this hype behind it that I couldn't resist. At first it did seem easier with the official apps, but as soon as I needed anything outside the set boundary the dream collapsed. The final nail for me was not being able to get smb working.

Good thing I had kept my docker setup safe so it was easy to revert to it. It's more of a pain, but it's also more versatile and capable so I have no better choice at the moment. Portainer helps a lot.

[–] ikidd@lemmy.world 2 points 6 months ago

If you have the knowledge to do what you're doing now, you have no need for Yunohost. It's janky at best and doesn't have much facility for advanced use. It wants you to do it their way only, which is fine if you're new at all this. Eventually, I think people just move on.

[–] irotsoma@lemmy.world 1 points 6 months ago

One of the primary requirements for my latest project moving a bunch of stuff to self hosted is that if it has a GUI that is going to be internet facing, it either has to support OIDC or it has to be something low risk enough that I feel comfortable setting it up without much security and just setting up a single basic auth login with traefik. A few apps I had trouble finding, but worked most of it out.