Mastodawn

UkeleleEric May 29

#onpremisesinfrastructure is vastly underrated. What are you going to do when #GoogleWorkspace or #Microsoft365 shut your account down because their AI decides to and you have no recourse. You can’t sue them because you’ve agreed to their terms of service. Oops? 🤷‍♂️

Also, what many don’t know is even if data is stored in the cloud, the customer is still responsible for backing up and archiving their data. The cloud company does some rudimentary disaster recovery but has specific indemnification against data loss. Marketing conveniently glosses over this. 😈

The #cloud cannot be trusted for small businesses. #Selfhosting is the way to go. It’s not hard at all and I am in the midst of writing a book for people with a minimal technical background to get started as easily as possible. Or even for them to have a technical friend help them out.

Green Roc Thoughts May 28

@housepanther Aye, I dont trust clouds.

@GreenRoc Yes, unless you’re as large as the cloud company and can threaten to sue them, there’s no reason to trust them.

Tomáš Znamenáček May 29

@housepanther @bert_hubert Agree completely except for the bit that says self-hosting is not hard at all. For many smaller organisations it’s very hard indeed, that’s why they go with Workspace or MS365. And it’s often not a question of reading a book or finding a friend to help you set things up. They are just FAR below the needed levels of digital maturity to run things themselves. (I work for a non-profit that’s trying to improve digital skills in the Czech public sector including NGOs.)

bert hubert 🇺🇦🇪🇺🇺🇦May 29

@zoul @housepanther tbh I had missed the rest of the post (beyond the click for more). Self-hosting right now is indeed not easy. But we can ask how that came to be. And if it could be solved, and I am sure it could be. Much like you can make your own coffee because we made that as easy as you'd want it to be, so you don't have to go to a coffee place.

Bruno Girin May 29

@bert_hubert @zoul @housepanther YunoHost is a step in the right direction. That said, I think we need multiple solutions:
- for individuals and non technical people
- for SMEs with no technical people on staff
- for SMEs with at least 1 technical person on staff

Some hosting providers could also play a role by offering off the shelf solutions for popular use cases.

At present, I feel there's a gap between VPS and full suite that does everything a la M365.

blathoud May 29

@brunogirin @bert_hubert @zoul @housepanther

Thanks for listing the use cases. They seem to cover a significant part of the target.

Two very different things are needed :
- Technical solutions that can be used by such populations
- A documentation that is understandable by them, and up-to-date.

For the first part, there are already systems that are quite "light" on arcane operations and have a manageable "learning curve".
On the second part, it's more complicated... Writing documentation for non- or not-very-technical readers is rather difficult as it requires to know which assumptions we rely on when we are more technically savvy.
And once the first document is out, it's pretty cumbersome to keep it up to date as the technical solution evolves.
I see a community based approach as being the most likely to be sustainable for a documentation effort. We would have a "forgejo" (or equivalent) repository with the docs and people could freely submit changes to keep up with updates and software evolutions.
This said, as the target is rather non-technical, there has to be also an accessible documentation on how to participate in the documentation effort :)

There could be documentation on how to self-host, but also how to use some basic tools in a secure and safe way.

@housepanther @bert_hubert @zoul

Respectfully disagree with OP here: running your own datacenters is prohibitively expensive for smaller companies. So is curating your own LAMP stacks or k8s distros

Everyone consumes a service from people good at the next layer down. So everyone is vulnerable to the movie plot “what if your service provider…” even if that provider is just renting you rack capacity or bare metal

Think everyone would be better off having a proper backup/restore plan to a second independent cloud account/region/provider

And know what it would really take to change providers.

The focus on other stuff: meeting customer needs & let the cloud providers worry about all the very difficult engineering common to everyone

Were I do agree is using cloud can’t be mindless. Setting up a genuinely resilient infrastructure is a lot harder than single cloud account, single az database server. And getting people to understand how much harder it is that than is really tough. Many want to believe it’s click-click deployed at global scale

John Ulrik May 29

@bert_hubert Coffee machine isn’t under constant attack by malicious state actors. (Hopefully. 😬) But, somewhat more seriously, I wonder when the EU and its members will take digital defence more seriously. Compared to the analog world, no one would consider or demand all persons, organisations, firms keep their own weapons, defences, private armies, and whatever it takes to defend themselves as the digital world forces us to do.

bert hubert 🇺🇦🇪🇺🇺🇦May 29

@ujay68 the coffee machine however is tightly regulated, and if it make espresso it has a compressor which could explode. Or set your house on fire. In https://standards.iteh.ai/catalog/standards/cen/11791797-de00-4187-b1bd-14c5f6d94342/en-13248-2002 we find stringent rules. For software we mostly just gave up...

John Ulrik May 29

@bert_hubert Maybe … make the internet as simple as coffee machines? 😅

bert hubert 🇺🇦🇪🇺🇺🇦May 29

@ujay68 put water in there under pressure and see how easy it is.

John Ulrik May 29

@bert_hubert I know, I know. Her “sister” (right beside, but not shown on this photo) is 64 years old and has had a couple of … mishaps in her life. (But far fewer cables.)

@zoul @bert_hubert Self-hosting isn't that hard. A good book explaining how just has yet to be written. 😸

By going with MS365 or Google Workspace, a lot of small businesses actually place a fair amount of trust in a mega-corporation that may or may not have its best interests in mind. My friends that ran a non-profit to help the homeless became a victim of the whims of MS365 and lost all of their data. Customer support reps basically told them to pound sand.

My friends basically needed to start over from scratch. I bought them a used OptiPlex 7060 Mid Tower with 32GB of RAM and i7 6-core processor, threw in a 24TB HD, installed Alma Linux, Nextcloud, and got them started on a fully self-hosted setup. They have automated nightly backups via Backblaze.

Jonty Wareing May 29

@housepanther @zoul @bert_hubert Setting something up initially is rarely hard. Maintaining it is. Fixing it when your friend who helped set it up is busy / away and you're non-technical is an actual nightmare.

If your friends can't recover this system entirely from backups without any assistance, they have a ticking bomb.

And let's not even talk about email deliverability.

@jonty @zoul @bert_hubert That's why I am in the planning stages of writing a book to teach people how to do this because applied knowledge is power. 😉

Jonty Wareing May 29

@housepanther @zoul @bert_hubert The problem is that books date quickly. Unless you have a living document it won't be usable in two years.

@jonty @zoul @bert_hubert I do see your point.

@jonty
I am paying for such a book to be created, without mail support, but with Galera replicas for Mysql and DRBD on Debian, and icinga2 to monitor all that. I tried in vain to pay to get that integrated in YuNoHost packages.

Boosts apreciated towards a #YuNoHost wizard to package the result.
@housepanther @zoul @bert_hubert

Jonty Wareing May 29

@housepanther @zoul @bert_hubert Fundamentally none of the self-hosting platforms are nearly mature enough to be operated by Joe Average, and they don't have enough funding to improve the situation substantially.

Saying that nextcloud/etc are comparable to gdocs/o365 is silly if you've actually used both of them in anything more than trivial cases.

I don't like this situation either and have serious issues because of it, but it's not a simple switch. I wish it was.

@jonty @zoul @bert_hubert Email deliverability is not as difficult as it may seem. I've not encountered this problem. When DMARC, DKIM, and SPF have been done properly, I've had self-hosted email gone to the inbox of Outlook, Yahoo, and Gmail.

Jonty Wareing May 29

@housepanther @zoul @bert_hubert That is what everyone says until they operate a system like this when it *does* go wrong, and then you realise how absolutely screwed you are.

Yours: Someone who has done this many, many times

@jonty @zoul @bert_hubert I have set up a system and purposely caused a disaster and had it recovered and restored in 2 hours. That's not bad.

Jonty Wareing May 29

@housepanther @zoul @bert_hubert Sorry, I was specifically talking about email - If your email server ends up on an RBL due to overzealous people hitting the spam report button, or you happen to be assigned an IP address that used to be on a blacklist, you are seriously screwed.

I've had this happen for personal servers, I've had it happen for massive mail operations, every time is a nightmare. I stopped running my own email server after over a decade because of an incident like this.

@jonty @zoul @bert_hubert I guess I am fortunate that my IP has not been on an RBL. Or perhaps should I say lucky? 😹

Jonty Wareing May 29

@housepanther @zoul @bert_hubert It's honestly just luck, yes! Fingers crossed for you.

The whole situation is awful and I hate it - it shouldn't be this hard, but unless something changes drastically email is a broken protocol that we all rely on.

@jonty @zoul @bert_hubert The protocol itself isn't necessarily the problem. The underlying systems work. It's just what's been grafted on top that sucks. It's also the big guys having unfair control.

Jonty Wareing May 29

@housepanther @zoul @bert_hubert The protocol was never designed to handle bad actors - everything grafted to it afterwards is an attempt to make it harder for them to operate, but all it does is raise the bar and you just get more technically capable bad actors.

Fundamentally spam is an unfixable problem in any federated system where anyone can contact anyone else cheaply without a preexisting relationship.

@housepanther Email is still pretty complicated to set up, and is the only part of my business that’s not self hosted. Will you have a guide for this?

Recovered Expert May 30

@codecat Setting up the software isn‘t the complex aspect of running your own mail server. The stuff that you need to do on top of that is where you’ll find that complexity. Especially the dance that the big folks (Google, Microsoft) make you do to not having them flag or drop your mail as „SPAM“. There‘s a book about all that you need to know to „Run Your Own Mail Server“: https://mwl.io/nonfiction/tools#ryoms
Author is on Mastodon: @mwl
// @housepanther

Sysadmin Tools – Michael W Lucas

Paul in de Emiraten May 29

@housepanther I proudly state that I have managed to keep two rather big companies away from the cloud by simply calculating that their own on premise equipment was cheaper and literally more “ in their hands” should problems occur.

Apart from the politics, the costs of the cloud are generally underestimated, the costs of on premise equipment are generally overestimated because: you can see it. I mean it literally. You can see the equipment.

@Paul_Harts Good work! You would think that the financial wizards would have seen this. Unfortunately, many of the C-suite people get swayed by "shiny object syndrome." That's what the #cloud is to them. Or even worse, they go to this or that cloud service because their golfing buddies did it.

There is a lot to be said simply for maintaining control of your systems. With a good disaster recovery plan in place, you can be back in production as fast (if not faster) than your cloud provider.

happyborg May 30

@housepanther
Also ICYMI, and easier way is coming:

https://fosstodon.org/@happyborg/114591391196408041

happyborg (@happyborg@fosstodon.org)

Self hosting is no longer necessary. The #AutonomiDweb is here. Websites and web apps can be published and updated with a single command that costs pennies, and they remain accessible forever without ongoing fees, pinning or anything else. #SelfHosting -> #p2p = true #Autonomi

Fosstodon

@housepanther
Can you provide links for "the customer is still responsible for backing up and archiving their data. The cloud company does some rudimentary disaster recovery but has specific indemnification against data loss" ? I'll show it to my employer.
@ska