Hello, I don’t have much experience in self-hosting, I’m buying a ProtonVPN subscription and would like to port forward. I have like no experience in self-hosting but a good amount in Linux. I’m planning on using Proxmox VE with a YunoHost VM. I already have a domain name from Njalla. I’m setting up a website for my computer store. I want it to have listings and payment options so they can check out there. I want my customer data to be secure. I don’t want it to have any JavaScript or nasty trackers. I want it to be FOSS. Any help is highly appreciated!

  • Nougat@fedia.io
    link
    fedilink
    arrow-up
    12
    ·
    7 months ago

    If you are accepting payments, you absolutely want to offload that to a third party payment processor, so that you don’t have to go through the hassle of doing PCI compliance.

  • smileyhead@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    8
    ·
    7 months ago

    I have created a couple of small stores and being FOSS lover myself I can give some advice.

    First, your options are WooCommerce or PrestaShop and alike. Don’t fall into being idealist and JS-free now, because there is no software suite on the market that is going to give you that. Except payment provider, it can be done, but you would need to write e-commerce software from scratch yourself and I guess this is not in your capacity. Both of them have no trackers, just choose a lightweight theme because some third-party themes include fonts or scripts from Google-alike because of lazyness. You can use build-in ones and modify them. PrestaShop themes are much easier to modify, because those are Twig templates instead of full PHP scripts. WooCommerce is GPL so plugins must be free software too, but many of them are from shitty devs who provide only obfuscated scripts, so you must check each plugin by yourself. PrestaShop plugins are more often proprietary, but you need much less of them, as almost everything internal is out-of-the-box. With Presta you need payment provider plugin and basically that’s it, while on Woo every single thing like different tax for a region would require a web of plugins.

    After some time with both my scheme is: WooCommerce if you have a blog-style website and just want to sell something as a bonus. PrestaShop if you start a real small or big businesses and selling is the primary goal.

    As for VPN, what can I say other than this is not sustainable. You are literally selling stuff with your name so there is no privacy or freedom benefit with additional routing. Just get an ISP offering a public IP (not beind a NAT) and open a firewall port. Or if you cannot do that, rent a VPS. I don’t see a point in anonymity here, pure clearnet is more than enough for shopping for physical thighs.

    And I say this as a quite hard level FOSS person. My machines are all on Linux, being able to connect Yggdrasil, I2P, Tor at once, with seedbox running 24/7 and tracker blockers everywhere.
    In commerce, there is no point to fight here, just use the popular thing and not make it worse than vanilla, that’s it.

  • impure9435@kbin.run
    link
    fedilink
    arrow-up
    5
    ·
    7 months ago

    Definitely use some sort of cloud server, I’d stay away from your VPN + port forwarding idea, it will only cause you issues. I heard good things about WooCommerce, it’s FOSS. You can’t get around JavaScript, it’s impossible to build a functioning online store without some kind of JS. WooCommerce doesn’t include trackers though, just the bare-minimum JavaScript that is required for the site to work.

    • SirQuackTheDuck@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      7 months ago

      You can’t get around JavaScript, it’s impossible to build a functioning online store without some kind of JS.

      Well, sure you can. It will just be a pain to use for your users, especially when validation comes into play.

      But a simple list with an “add to chart” button really won’t need any javascript.

      • impure9435@kbin.run
        link
        fedilink
        arrow-up
        1
        ·
        7 months ago

        How would you integrate with a payment processor? Handling payments yourself means that you would have to comply with the PCI standard and get audits in regular intervals, which are insanely expensive and only make sense if you actually run a large business which makes money from card transactions.

        • SirQuackTheDuck@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          7 months ago

          You don’t have to be PCI compliant for stuff like bank transfers or other forms of payment. Credit cards aren’t the default payment method everywhere.

          Maybe it’s pay on pickup, or just a simple mail with sepa wire transfer instructions.

          Also, the PSP can still use JS but your site still doesn’t need to have it. Services like Mollie and Stripe offer checkout environments they host, meaning you still don’t have to use JS on your site.

          • impure9435@kbin.run
            link
            fedilink
            arrow-up
            1
            ·
            7 months ago

            Having a Stripe integration literally means having JavaScript on your site. Sure, it doesn’t come from your website directly, but it’s still loaded and executed when someone visits the site and tries to pay. TL;DR: Of course it’s possible. Everything is possible. Having some FOSS JavaScript from WooCommerce isn’t that bad though, and you’ll likely need nonfree JS for payments anyway.

  • TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    7 months ago

    Wordpress + Woocomerce. There are a few themes that use less or no JavaScript, but you shouldn’t bother with that, JS is useful and can reduce the amount of page loads (traffic) and make the experience better.

  • Decronym@lemmy.decronym.xyzB
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    7 months ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    IP Internet Protocol
    NAT Network Address Translation
    VPN Virtual Private Network
    VPS Virtual Private Server (opposed to shared hosting)

    [Thread #708 for this sub, first seen 24th Apr 2024, 02:15] [FAQ] [Full list] [Contact] [Source code]

  • atzanteol@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    Be sure to familiarize yourself with PCI DSS compliance and how it does or does not apply to you and your payment gateway.