this post was submitted on 12 Sep 2023
-5 points (41.9% liked)

Selfhosted

40723 readers
361 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

I gone through a lot of hosting service providers and unfortunetly cannot find a single one that can be used without running nonfree programs, all of them require loading bulky obfuscated JavaScript apps.

I know of Codeberg Pages for static sites for example, but it is not suitable for any business or professional use.

you are viewing a single comment's thread
view the rest of the comments
[–] Molecular0079@lemmy.world 8 points 1 year ago (2 children)

I am confused why you think it requires additional software. For example, I personally use DigitalOcean, and that allows you to spin up servers via their website. No extra software needed.

[–] Euphoma@lemmy.ml 7 points 1 year ago* (last edited 1 year ago) (1 children)

I think he's calling the website that is running non-free javascript as an additional piece of software based on his commment on "bulky obfuscated JavaScript apps."

[–] Molecular0079@lemmy.world 3 points 1 year ago (2 children)

So...he wants to email somebody to create a server for him? This seems highly impractical and unnecessary lol.

[–] cnx 2 points 1 year ago (1 children)

The separation is pedantic, but you can have dynamic websites without JS or with free ones. The argument is basically the server-side software only see the data you input, but client-side malware can extract information or do other nasty things you can't observe or prevent.

[–] Molecular0079@lemmy.world 4 points 1 year ago

I get what you mean, but OP's gonna have a hard time finding any website, much less a VPS provider, that doesn't have Javascript in it and for good reason. There's things like remote consoles and status dashboards that simply don't work without Javascript.

If its really a concern, you can run the Javascript in a separate browser instance, but I find that precaution to be completely unnecessary because if you don't trust your VPS provider, why would you trust that they won't do anything to your server or use your payment info for nefarious purposes? The Javascript is the least of OP's concerns IMHO.

[–] smileyhead@discuss.tchncs.de 1 points 1 year ago (1 children)

Or just via web browser that can show websites and does not run any random script that was send to it.

Something like that would be seen as huge deal when talking about mobile or desktop programs, but somehow when browsers do not show how many MB of additional software they downloaded to build a webpage (that in my opinion should already be build by the server) somehow we all assume there is no software.

[–] Molecular0079@lemmy.world 5 points 1 year ago

Something like that would be seen as huge deal when talking about mobile or desktop programs

That's because mobile and desktop programs have far more access to your system compared to Javascript programs that run in a permissioned sandbox. They are not the same thing.

that in my opinion should already be build by the server

Eh, that's debateable honestly. Sometimes pages built by dynamic Javascript have much a much better and fluid UI experience than server-side rendering, which require slow full-page reloads. To each their own though, there's benefits and disadvantages to both methods.

[–] smileyhead@discuss.tchncs.de -2 points 1 year ago (1 children)

When registering on DigitalOcean: "You need JavaScript to run this app".

Okey, so let's check this scripts: https://ui-cdn.digitalocean.com/registration-next/399776b27f10a89571b17850f82383af2841fa66/static/js/main.9e36ba61.js

Seems like an extra software to me.

[–] Molecular0079@lemmy.world 2 points 1 year ago (1 children)

You need Javascript to run things like remote consoles and metrics dashboards. I don't think its something you can really avoid tbh.

Why do you want to avoid Javascript so badly in this case? If its a matter of trust, a VPS provider can do far more damage by just using your payment information or messing with your server directly.

[–] smileyhead@discuss.tchncs.de 1 points 1 year ago

Web remote console or live metrics are understandable. But requiring scripts to register or show a header is something I try to avoid. And not because of security or privacy but out of principle of simplicity and healthy web ecosystem.