I’m considering a business plan for people getting in to self-hosting. Essentially I sell you a Mikrotik router and a refurbished tiny x86 server. The idea is that the router plugs in to your home internet and the server into the router. Between the two they get the server able to handle incoming requests so that you can host services on the box and address them from the broader Internet.
The hypothesis is that $150 of equipment to avoid dozens of hours of software configuration is a worthwhile trade for some customers. I realize some people want to learn particular technologies and this is a bad fit for them. I think there are people out there that want the benefit of self-hosting, and may find it worth it to buy “self-hosting in a box”.
What do you think? Would this be a useful product for some people?
How will you provide long term maintenance of their server for a one time payment of 150$?
How will you provide long term maintenance of their server for a one time payment of 150$?
My current thinking is the margin on the hardware would be intentionally low, essentially the cost of the hardware %+10 for configuring it a bit, installing NixOS, etc.
The business would survive on support and hosted services. Something like $20/month which gets you access to support to answer questions, help configure applications, troubleshoot issues, etc. Possibly rolling upgrades of your installed software on your behalf. Alerts on urgent security vulnerabilities. Could also handle tricky things like custom DNS (email servers, certificates) and off-site backups. I’m not totally sure what all would be included, but the goal is to make money while providing value, not build a garden or rent-seek.
$20 per month would be enough to discourage me. It’s another relatively costly computer-related subscription and I already feel like I’m losing a battle to keep those minimal. There would have to be some very clear benefits for that price.
There would have to be some very clear benefits for that price.
Agreed, it would need to be very clear, and additionally we’d need to plan that a certain percentage of customers would grow out of a basic support offering, either by becoming experts or by growing their install size and complexity.
$20 per month would be enough to discourage me. It’s another relatively costly computer-related subscription and I already feel like I’m losing a battle to keep those minimal.
Understandable. Is there a price you think would be reasonable? What would you want for that price?
So the problem with thin margins on the hardware side is what’s stopping a user from just installing their own OS once they figure out they can do the same thing you’re doing on the same hardware?
Nothing stops them, but that’d be fine. If they buy the hardware they should be able to do what they want with it.
Raspberry pi was able to do it with $35.
Raspberry Pi is not a server. That people use it as one does not mean it’s fit for purpose.
While true I feel like your comment misses the point. A raspberry pi is just a computer, not a magic solution box that’s kept maintained and updated by some guy. Their product isn’t a service, it’s just the device.
The fact that it’s an option that even remotely works is my point. They sell hardware. They don’t support software. The community does that. There is something to be gained from having a uniform platform for learning self hosting responsibly.
A Raspberry pi isn’t particularly great at any one thing. It’s greatest strength comes in bundling everything you need in a box at an affordable price. Once you know where your pain points are then you can build/design a system that overcomes those shortcomings.
Having a starter kit would be an easy way to get more people in the space. Would it cost $35 of course not. Level1Techs made their KVM to meet their own requirements and then the community benefits. To me, this project has that kind of energy. Or at least the potential for it.
I think this needs to exist, but as a community supported system, not as a commercial product.
Pick a set of open technologies - but not the best, lightest weight, just pick something open.
Come up with a security architecture that’s reasonably safe and only adds a moderate amount of extra annoyance, and build out a really generic “self-hosted web hosting and VM company-like thingy” system people can rally around.
Biggest threat to this, I think, is that this isn’t the 90s and early 2000s any longer, and for a big project like this, most of the oxygen has been sucked out already by free commercial offerings like Facebook. The technical family friend offering to self-host email or forums or chat no longer gets gratitude and love, they get “why not Facebook?”
So… small group effort, resistant to bad actors joining the project to kill it, producing a good design with reasonably safe security architecture, that people can install step by step, and have fun using while they build and learn it.
We already have that, the first problem is we have like a dozen of them, a few are even well supported. The second problem is that usually the technical knowledge required to set up the systems are still lower than the technical knowledge required to keep it running.
I’ve been struggling to wrap my head around a good security architecture for my mspencer.net replacement crap. Could I bug you for links?
I figured out a while ago to keep VM host management on a management VLAN, and I put each service VM on its own VLAN with heavy, service-specific firewalling and a private OS update repo mirror - but after hearing about ESXi jackpotting vulns and Broadcom shenanigans, I’ve gotten really disheartened. I’d love some safe defaults.
It sounds like you’re getting into the keeping it running phase.
First, going back to your previous comment, self-hosting email is difficult. It’s not hard for a small provider to end up blacklisted and you’re probably kind of just done at that point and it will feel very unfair. I get that it’s a fun set of technical challenges, but you couldn’t pay me enough to help someone self-host email.
Second, guessing, but it sounds like you may be trying to expose your services directly and doing a lot to make that work which goes against what most would recommend for hosting your own services. Big companies don’t expose their intranet like that, follow their example. Almost every guide or system is going to warn against that. If you’re going to host more than one thing, highly recommend focusing on minimizing entry points and looking into a VPN-like solution for accessing most if not all of your services. Still spend time on securing your intranet, but most of your risk is going to come from how hard it is for people to get past the front door (or doors).
Thank you for your reply, but to be clear, I’m not looking for individual details to be spelled out in comments. What you said is absolutely correct, thoughtful, and very helpful. But emotions are running a little high and I’m worried I’ll accidentally lash out at someone for helping. Apologies in advance.
But do you have any links? Beyond just the general subjects of security architecture, secure design, threat modeling, and attack surface identification, I’d love to see this hypothetical “generic VM and web application housing provider in a box” come with a reasonably secure default architecture. Not what you’re running, but how you’re running it.
Like, imagine decades in the future, internet historians uncover documentation and backups from a successful generic hosting company. They don’t necessarily care what their customers are hosting, their job is to make sure a breach in one customer’s stuff doesn’t impact any other customer. The documentation describes what policies and practices they used for networking, storage, compute, etc. They paid some expensive employees to come up with this and maintain it, it was their competitive advantage, so they guarded it jealously.
I’d want to see that, but (a) a public, community project and (b) now, while it’s still useful and relevant to emulate it in one’s own homelab.
If I can get some of that sweet, sweet dopamine from others liking the idea and wishing for my success, maybe I can build my own first version of it, publish my flawed version, and it can get feedback.
I think this needs to exist, but as a community supported system, not as a commercial product. … The technical family friend offering to self-host email or forums or chat no longer gets gratitude and love, they get “why not Facebook?”
I think this is a great point, it doesn’t help much to create a business that ends up with the same incentives and the same end-game as the existing systems.
So… small group effort, resistant to bad actors joining the project to kill it, producing a good design with reasonably safe security architecture, that people can install step by step, and have fun using while they build and learn it.
That is precisely what I’m looking to build. I don’t want to get rich, I want people without 10 years of industry experience to get some of the benefits we have all been able to build for ourselves.
I think a possibility is a series of open source anvil or nixos scripts that you can run on most hardware with minimal changes, in an extendable architecture of some kind to add or remove functionality and they perhaps get maintained by the community or some structure of the kind of Linux distributions.
This could enable people with minimal skills set up and maintain a reasonably useful but secure environment just by changing a few variables.
nixos scripts
What’s a nixos script?
Nixos is an os that’s defined by its config stored in .nix files. Everything is defined here all the software and configurations. Two people with the same script will have the exact same os.
Any changes you make that aren’t in the scripts won’t be present when you reboot.
You could maintain a very custom linux distribution (kinda) by just maintaining these config scripts.
So a user wouldn’t need to install all required software and dependencies. They could get a nixos and the self-host config and adjust some settings and have a working system straight after install.
A viable alternative is Guix, which uses Scheme for its scripts and could also use the Hurd kernel instead of Linux, but works the same.
deleted by creator
If it came bundled around a bunch of DIY guides explaining the hows and the whys, it’d be far more appealling
Interesting, so if you got hardware and it came with guides, what kind of guides would you want? I would assume something layered. At the top is just “I want to install these 5 apps and use them, I don’t care how it works” and in the middle is “I’m ready to SSH into the router and create some VLANs for fun” at the bottom is something like “I want to flash my own firmware with appropriate certificates for secure boot and my own root chain of trust on the server hardware”.
deleted by creator
Hard agree. In fact, I think there’s a market for JUST the guides. It’s true that there’s a TON of guides out there already, from old blogs to YouTube, but the issue is: all of them start or end with: “your use case might differ, so perhaps this solution isn’t for you.” Or “make sure this setup is compatible with your specific hardware”
For example: I want to set up some sort of backup/cloud storage type system. Well there’s about 1400 ways to accomplish that. I can easily just grab one and go, but I’ll always wonder- should I have done this a different way? Would my life be easier/more secure if I chose a different set up?
So offering hardware that is compatible with whatever “stack” of services included would be a huge plus. Sorta like getting a raspberry pi and following a specific raspberry pi tutorial- you know the issues you get aren’t gonna be due to incompatibility.
I think it really boils down to the scale of one’s home lab- are you just tinkering to get some skills and make something cool? Or are you hoping to do something much much bigger? Different software solutions fit those extremes differently.
Sorry, got off rambling there. I guess I’ve been down the home lab hardware/software wormhole for too long these last few weeks.
Sorry, got off rambling there. I guess I’ve been down the home lab hardware/software wormhole for too long these last few weeks.
Not at all, I found your comment insightful. What you’re describing to me sounds more like a business of consulting with people rather than getting access to a knowledge base. One of the things I’m curious to learn is if there is a body of people out there that give up with self-hosting because they don’t want to learn everything, but just want to create something that works, and our resource are optimized for training professionals.
I’ve thought more on this yesterday, and I think my issue is-
I don’t want something that ‘just works’, I want to BUILD something that ‘just works’
The distinction is that I don’t want to buy premade solutions. I want to make them. Not because of the customizability, but because the fun is in the building. Think Lego- hundreds of people build the exact same product in the end, but why are they sold in pieces? Just assemble the damn things and sell them complete (with markup). You think more people wanna buy that?? I’d bet against it.
Hi, I’m your customer base.
I’m a complete novice, no network or coding experience, but not afraid of computers either. I’m pretty worried about messing up something serious due to lack of knowledge.
In the end, I didn’t choose Synology or the like due to:
-
lack of robust community support. I’ve noodled around with Linux for years and learned that community support is essential.
-
price. I’d pay 10% or 50% more for a good pre-configured system, but not 3-4x more (which is just the general feeling I get from Synology)
-
lack of configurability. I’m still not sure what I would like to do (and be able). I know I want to replace some storage services, replace some streaming services, control my smart home, maaaaybe access my files remotely, and probably some other stuff. I may want to have email or a website in the future, but that’s not on my radar right now.
If there were some plug-and-play hardware/software solution that was still affordable and open, it would be a good choice for me.
-
No. People who want the benefit of self housing without worrying about hardware will rent a vps or something simpler. The hard part of hardware isn’t the purchase, it’s the maintenance.
Also, why the separate router?
I agree with this. Self-hosting requires the user to understand their network, their software, how it all interacts.
If you provide a hardware product and call it a solution, people are going to expect a turn-key solution like a plug-and-play router.
You’re going to end up supporting a bunch of newbies who, by no fault of their own, can’t tell you an error code in the console let alone whatever UI you give them.
I think a better solution would be a course that walks newbies through self hosting.
People who want the benefit of self housing without worrying about hardware will rent a vps or something simpler.
That’s certainly an option. I think of dedicated hardware as working for several different people, some of which care a great deal about not using a VPS provider because they don’t trust them with their data, or don’t trust them to be around for a long time, or don’t trust them not to raise the prices.
The hard part of hardware isn’t the purchase, it’s the maintenance.
I’m inclined to agree, but I’ve been doing hardware for a long time as a hobbyist and I sometimes forget how far I’ve come. It sounds like you might be somewhat like me in that regard. I’m often surprised when people see assembling system parts and flashing an OS as a complex, inscrutable task.
What do you see as the hard part of maintenance? Scheduling time to do it? Unexpected errors or failures?
What’s the value-add over just buying a SFF PC?
I assume “SFF PC” means “Small form-factor personal computer”.
The value add is not having to make a large number of technical decisions. IPv4 vs v6, which firewall rules to use, port-forwarding vs DMZ, flavor of Linux, partition scheme, filesystem type, application packaging system, and on and on. For many people they don’t care about these decisions, they want “to put something on the Internet” and do it safely. While safety isn’t a binary, and engineering is full of tradeoffs, an experienced practitioner can answer many of these questions reflexively and come out with good enough answers for some customers.
In the end the customer should be able to dig in and change whatever they want. But I want to see if flipping the decision dependency around will help. IE, start with stuff that works, then change things, rather than start with parts and make all the decisions before anything works.
Probably not much for people on a self hosting community, but those that want to get away from subscriptions and steal your data as a service cloud providers that might need some reassurance that they’ll have a working system.
The idea is that the router plugs in to your home internet and the server into the router. Between the two they get the server able to handle incoming requests so that you can host services on the box and address them from the broader Internet.
Why would I need a separate router for that? I’d need to configure the main router anyway.
Which problem(s) are you trying to solve? The networking issue of firewalls and port forwarding? The admin tasks of installing and configuring applications? The task nobody does of maintaining software and keeping it up-to-date?
Which problem(s) are you trying to solve? The networking issue of firewalls and port forwarding?
Within the scope of this question, yes. Also properly configuring IPv6, though that’s just to achieve the same things that port forwarding enables.
The admin tasks of installing and configuring applications?
That’s also on my list, but I was trying to keep the question focused. Do you think the answer makes a difference? In other words, if it was just networking would it be not worth it, but networking and application management would make it worth it?
I don’t think the networking part is part that needs solving. Modern AP/routers are pretty easy to configure and setup securely. Dunno - I’m definitely not in the target audience for what you’re doing though.
Oooohhhhh boy. Another one of these 🤣
It’s not like a package thing you can sell if you’re not supporting it. Then you’re just selling hardware at an inflated price. It’s not even self-hosting at that point. Why wouldn’t you just pay a regular company for a product?
Good point, I should have mentioned the plan is to sell support.
Then I’m not sure what the product you’re selling is though. Tech Support? That’s going to be a hard sell.
what’s your plan on teaching these people to maintain their selfhosted instances? Are you selling support? I mean you could script pulling and recreating containers, but without eyeballs on it, that stuff will die eventually.
If I wanted that I would just buy Synology/QNAP/Zima, etc.
Market to tax funded institutions. If you can market “self hosted” as cheaper and easier than mother solutions you’ll have guaranteed clients for a long time.
That’s an interesting idea I hadn’t thought much about. I’ve been more focused on individuals than organizations. Do you have experience with tax-funded institutions? I assumed they generally have strict procurement rules and long support contracts with large established players by policy.
Their procurement policy is basically “has it been recommended? Is anyone else using it? Is it cheap?”
I work in public sector.
It would make more sense to sell a management service
If we did, would you be comfortable giving the company a root SSH login to manage your system, or would you prefer a more limited method of access?
Neither honestly. However, I am also not really the unskilled user trying to self host
Okay, fair enough, any thoughts on what a good ‘management service’ might look like?
Ansible honestly. You can use Ansible to report on facts. Outside of that you Aldo could use Telegraf+influxdb+grafana
Only if it didn’t have an insane markup for being pre-built.
The tech savvy will just buy a Raspberry Pi and install yunohost on it.