1
00:00:00,000 --> 00:00:04,920
Welcome back to The Deep Dive, the show where we grab that huge stack of technical

2
00:00:04,920 --> 00:00:05,280
docs

3
00:00:05,280 --> 00:00:09,080
and just boil it all down for you, best.

4
00:00:09,080 --> 00:00:13,080
Today we are popping the hood on self-hosting, specifically we're going to tackle

5
00:00:13,080 --> 00:00:13,920
the communication

6
00:00:13,920 --> 00:00:15,560
platform called Stote.

7
00:00:15,560 --> 00:00:17,840
And we are really going to connect the dots.

8
00:00:17,840 --> 00:00:20,840
Our mission today is, I think, pretty simple.

9
00:00:20,840 --> 00:00:22,880
We want to build a roadmap for a beginner.

10
00:00:22,880 --> 00:00:27,850
The official instructions for deploying Stote, which is a full stack chat platform,

11
00:00:27,850 --> 00:00:28,680
can look,

12
00:00:28,680 --> 00:00:31,040
well, they can look pretty intimidating.

13
00:00:31,040 --> 00:00:32,320
Like a foreign language.

14
00:00:32,320 --> 00:00:33,320
Exactly.

15
00:00:33,320 --> 00:00:38,560
So we're going to distill the critical how and, maybe more importantly, the why of

16
00:00:38,560 --> 00:00:39,160
running

17
00:00:39,160 --> 00:00:45,120
this thing on your own server using that massive complexity shield we call Docker.

18
00:00:45,120 --> 00:00:48,800
Self-hosting is really the path to digital independence, but that journey, it

19
00:00:48,800 --> 00:00:49,400
always starts

20
00:00:49,400 --> 00:00:50,440
with a lot of setup.

21
00:00:50,440 --> 00:00:53,080
We're going to show you not just which button to press, but what's actually

22
00:00:53,080 --> 00:00:53,720
happening when

23
00:00:53,720 --> 00:00:54,720
you press it.

24
00:00:54,720 --> 00:00:57,890
And we'll focus on the security side because that's where people usually get tripped

25
00:00:57,890 --> 00:00:58,200
up.

26
00:00:58,200 --> 00:01:02,120
Before we jump in though, this deep dive is brought to you by Safe Server.

27
00:01:02,120 --> 00:01:06,000
Safe Server handles software hosting and supports digital transformation.

28
00:01:06,000 --> 00:01:09,880
They give you that solid foundation you need for a project like this one.

29
00:01:09,880 --> 00:01:14,200
To learn more about how they can help you out, just head over to www.safeserver.de.

30
00:01:14,200 --> 00:01:17,120
Again, that's www.safeserver.de.

31
00:01:17,120 --> 00:01:21,400
Okay, let's unpack this right away.

32
00:01:21,400 --> 00:01:24,680
When a beginner hears self-hosting, they're probably thinking of, I don't know, one

33
00:01:24,680 --> 00:01:24,880
little

34
00:01:24,880 --> 00:01:25,880
app.

35
00:01:25,880 --> 00:01:26,880
Right.

36
00:01:26,880 --> 00:01:32,160
If you look at the material for Stote, it looks like something way bigger.

37
00:01:32,160 --> 00:01:33,560
What are we actually deploying here?

38
00:01:33,560 --> 00:01:36,120
You've hit on the most important point right at the start.

39
00:01:36,120 --> 00:01:39,720
You are not deploying a single application, I mean, not even close.

40
00:01:39,720 --> 00:01:44,480
The configuration in the docs, it deploys a complete ready-to-go digital ecosystem.

41
00:01:44,480 --> 00:01:48,600
You're getting the backend API server, the web front end, a dedicated file server.

42
00:01:48,600 --> 00:01:51,520
Wait, a dedicated file server and a metadata proxy?

43
00:01:51,520 --> 00:01:54,680
Why do you need a separate proxy just for metadata and images?

44
00:01:54,680 --> 00:01:55,980
That's a great question.

45
00:01:55,980 --> 00:01:59,180
You could try to make the main server do it, but it would just grind to a halt, and

46
00:01:59,180 --> 00:01:59,260
it's

47
00:01:59,260 --> 00:02:00,440
a security risk.

48
00:02:00,440 --> 00:02:02,460
The proxy is like a shield.

49
00:02:02,460 --> 00:02:05,520
Its main job is to fetch things like link previews.

50
00:02:05,520 --> 00:02:10,390
So when someone pays to YouTube link, the proxy goes and gets that thumbnail and

51
00:02:10,390 --> 00:02:11,040
title,

52
00:02:11,040 --> 00:02:13,560
but it does it anonymously and securely.

53
00:02:13,560 --> 00:02:16,960
It takes the load off your main app and hides your server's IP.

54
00:02:16,960 --> 00:02:18,880
It's just good digital hygiene.

55
00:02:18,880 --> 00:02:19,880
I see.

56
00:02:19,880 --> 00:02:22,320
So we're talking about running four different services all at once.

57
00:02:22,320 --> 00:02:25,420
That sounds like a full-time job for a sysadmin a decade ago.

58
00:02:25,420 --> 00:02:28,780
How does Docker make this possible for a beginner?

59
00:02:28,780 --> 00:02:31,600
Docker's the only reason this is possible for a beginner.

60
00:02:31,600 --> 00:02:33,080
It's the magic.

61
00:02:33,080 --> 00:02:36,810
Instead of you having to install a specific database version and Node.js and

62
00:02:36,810 --> 00:02:37,360
configure

63
00:02:37,360 --> 00:02:38,360
all the network ports.

64
00:02:38,360 --> 00:02:39,360
A total nightmare.

65
00:02:39,360 --> 00:02:40,360
A total nightmare.

66
00:02:40,360 --> 00:02:41,360
Yeah.

67
00:02:41,360 --> 00:02:42,360
Docker just wraps it all up.

68
00:02:42,360 --> 00:02:47,210
The docker-compose.iml file is basically a recipe that says, hey, run these four

69
00:02:47,210 --> 00:02:47,880
things,

70
00:02:47,880 --> 00:02:51,120
connect them this specific way, and don't bother me with the details.

71
00:02:51,120 --> 00:02:53,200
It turns chaos into a single command.

72
00:02:53,200 --> 00:02:54,200
It packages the chaos.

73
00:02:54,200 --> 00:02:55,200
I like that.

74
00:02:55,200 --> 00:02:56,200
Okay.

75
00:02:56,200 --> 00:02:57,200
Let's talk reality.

76
00:02:57,200 --> 00:02:58,200
Someone's spinning up a new server for this.

77
00:02:58,200 --> 00:03:00,200
What are the minimum specs we're talking about?

78
00:03:00,200 --> 00:03:02,320
The docs are pretty realistic here.

79
00:03:02,320 --> 00:03:07,640
For a functional instance, even a small one, you need a machine with at least two vCPUs

80
00:03:07,640 --> 00:03:09,100
and two gig gibbies in memory.

81
00:03:09,100 --> 00:03:10,280
And what happens if you go with less?

82
00:03:10,280 --> 00:03:11,960
You're just going to have a bad time.

83
00:03:11,960 --> 00:03:12,960
Things will crash.

84
00:03:12,960 --> 00:03:14,160
Performance will be terrible.

85
00:03:14,160 --> 00:03:16,520
All those services need a little room to breathe.

86
00:03:16,520 --> 00:03:19,800
And for the operating system, they recommend Ubuntu Server.

87
00:03:19,800 --> 00:03:22,000
That's what they use in production, so it's the safest bet.

88
00:03:22,000 --> 00:03:23,000
Got it.

89
00:03:23,000 --> 00:03:25,000
Two vCPUs, two gigs of RAM, Ubuntu.

90
00:03:25,000 --> 00:03:26,280
So we've got our server.

91
00:03:26,280 --> 00:03:28,400
We're connected via SSH.

92
00:03:28,400 --> 00:03:32,680
Before we even type Git or Docker, you always say we need to lock it down.

93
00:03:32,680 --> 00:03:34,760
What happens if I just skip that part?

94
00:03:34,760 --> 00:03:37,360
You're starting with known vulnerabilities.

95
00:03:37,360 --> 00:03:41,640
Running AppGitUpdate and AppGitUpgrade at VH is just foundational.

96
00:03:41,640 --> 00:03:43,720
But the firewall, that's the critical step.

97
00:03:43,720 --> 00:03:44,720
The youth thing.

98
00:03:44,720 --> 00:03:46,840
The uncomplicated firewall, yeah.

99
00:03:46,840 --> 00:03:50,570
If you forget to configure it, you just put a giant kick me sign on the internet

100
00:03:50,570 --> 00:03:51,000
for every

101
00:03:51,000 --> 00:03:52,160
automated bot out there.

102
00:03:52,160 --> 00:03:56,200
But if I'm just running this for my small team, is it really that big of a threat?

103
00:03:56,200 --> 00:03:58,500
It's not overkill, it's survival.

104
00:03:58,500 --> 00:04:01,160
The threat isn't targeted, it's automated.

105
00:04:01,160 --> 00:04:07,040
If you don't run a Mathis AT, default deny, and then specifically open up SSH, HTTP,

106
00:04:07,040 --> 00:04:07,320
and

107
00:04:07,320 --> 00:04:11,680
HTTPS at only those, you might be exposing your database port to the whole world.

108
00:04:11,680 --> 00:04:12,680
Wow.

109
00:04:12,680 --> 00:04:13,680
Okay.

110
00:04:13,680 --> 00:04:16,360
You're basically shrinking your attack surface down to just the three doors you

111
00:04:16,360 --> 00:04:16,780
absolutely

112
00:04:16,780 --> 00:04:17,780
need open.

113
00:04:17,780 --> 00:04:18,780
That makes sense.

114
00:04:18,780 --> 00:04:20,960
Moving the defense line right up to the front door.

115
00:04:20,960 --> 00:04:22,920
And what about securing SSH itself?

116
00:04:22,920 --> 00:04:27,460
Well, if you set up an SSH key, which you really, really should, the next logical

117
00:04:27,460 --> 00:04:27,800
step

118
00:04:27,800 --> 00:04:30,880
is to just turn off password authentication completely.

119
00:04:30,880 --> 00:04:32,880
You just edit a config file for that?

120
00:04:32,880 --> 00:04:33,880
Yep.

121
00:04:33,880 --> 00:04:34,880
In etc.

122
00:04:34,880 --> 00:04:35,880
Shoot config.

123
00:04:35,880 --> 00:04:37,000
Passwords are always the weakest link.

124
00:04:37,000 --> 00:04:41,280
By using only trypto keys, you basically eliminate the entire threat of brute force

125
00:04:41,280 --> 00:04:41,840
password

126
00:04:41,840 --> 00:04:42,840
attacks.

127
00:04:42,840 --> 00:04:43,840
It's a huge security win.

128
00:04:43,840 --> 00:04:44,840
Excellent.

129
00:04:44,840 --> 00:04:45,840
Okay.

130
00:04:45,840 --> 00:04:46,840
Server's locked down.

131
00:04:46,840 --> 00:04:47,840
It's updated.

132
00:04:47,840 --> 00:04:48,840
Now we need the tools for the job.

133
00:04:48,840 --> 00:04:50,840
What do we have to install before we can even think about STOPE?

134
00:04:50,840 --> 00:04:51,840
Two main things.

135
00:04:51,840 --> 00:04:54,200
First, you need Git, obviously, to pull the code.

136
00:04:54,200 --> 00:04:56,400
And second, you need the entire Docker suite.

137
00:04:56,400 --> 00:04:57,600
Not just Docker itself.

138
00:04:57,600 --> 00:04:58,600
No.

139
00:04:58,600 --> 00:05:04,680
You need docker-race, container.io, and the Docker Compose plugin.

140
00:05:04,680 --> 00:05:09,220
You need the whole stack because Docker Compose is the tool that's going to orchestrate

141
00:05:09,220 --> 00:05:09,320
all

142
00:05:09,320 --> 00:05:10,320
the different containers.

143
00:05:10,320 --> 00:05:11,320
It's the conductor.

144
00:05:11,320 --> 00:05:12,320
Exactly.

145
00:05:12,320 --> 00:05:13,920
It's the conductor of the container orchestra.

146
00:05:13,920 --> 00:05:15,320
So dependencies are installed.

147
00:05:15,320 --> 00:05:18,600
We use Git clone to get the self-hosted repository.

148
00:05:18,600 --> 00:05:19,680
Now we're in the folder.

149
00:05:19,680 --> 00:05:24,240
For someone who hates editing config files, what's the shortcut the docs give us?

150
00:05:24,240 --> 00:05:26,740
The elegance is a simple shell script.

151
00:05:26,740 --> 00:05:31,340
You just run .generic-config.ash, your .domain, and that's it.

152
00:05:31,340 --> 00:05:34,370
It creates the core config files for you, and it prefills your domain name

153
00:05:34,370 --> 00:05:34,720
everywhere

154
00:05:34,720 --> 00:05:35,720
it needs to be.

155
00:05:35,720 --> 00:05:37,160
It's the easiest way to get started.

156
00:05:37,160 --> 00:05:39,340
That does lower the barrier quite a bit.

157
00:05:39,340 --> 00:05:42,740
So we've run the script, but before we launch, what are some of the other knobs we

158
00:05:42,740 --> 00:05:43,320
can tweak?

159
00:05:43,320 --> 00:05:45,360
This is where you get a lot of control.

160
00:05:45,360 --> 00:05:50,000
You can immediately enable things like email verification to stop spam accounts.

161
00:05:50,000 --> 00:05:52,280
Or you can add a captcha to the signup page.

162
00:05:52,280 --> 00:05:53,560
Oh, that's useful.

163
00:05:53,560 --> 00:05:56,960
Or maybe you want to use your own S3 bucket for file storage.

164
00:05:56,960 --> 00:05:58,720
You can set that up right away.

165
00:05:58,720 --> 00:06:00,120
These aren't just details.

166
00:06:00,120 --> 00:06:02,720
They're choices that define how your community works.

167
00:06:02,720 --> 00:06:06,960
Okay, so we've set our configuration, the moment of truth.

168
00:06:06,960 --> 00:06:11,500
What's the command to actually launch this whole thing, and how do we make sure it

169
00:06:11,500 --> 00:06:11,840
stays

170
00:06:11,840 --> 00:06:12,840
running?

171
00:06:12,840 --> 00:06:13,840
The final step is Docker ComposeUp.

172
00:06:13,840 --> 00:06:14,840
Yeah.

173
00:06:14,840 --> 00:06:16,040
Here's the trick.

174
00:06:16,040 --> 00:06:19,320
The first time you run it without the LD flag.

175
00:06:19,320 --> 00:06:20,320
You run it in the foreground.

176
00:06:20,320 --> 00:06:21,320
Why?

177
00:06:21,320 --> 00:06:22,320
Because you want to see the logs.

178
00:06:22,320 --> 00:06:23,320
Oh.

179
00:06:23,320 --> 00:06:26,380
A flood of text is going to fill your screen, and you want to watch it for, say, 30

180
00:06:26,380 --> 00:06:27,000
seconds.

181
00:06:27,000 --> 00:06:28,240
You're looking for errors.

182
00:06:28,240 --> 00:06:29,880
Is the database connecting?

183
00:06:29,880 --> 00:06:31,040
Is the API starting?

184
00:06:31,040 --> 00:06:32,280
It's your preflight check.

185
00:06:32,280 --> 00:06:33,280
The preflight check.

186
00:06:33,280 --> 00:06:34,280
I like that.

187
00:06:34,280 --> 00:06:35,280
Exactly.

188
00:06:35,280 --> 00:06:38,480
Once you see everything looks stable, you hit well, brish plus C to stop it, and

189
00:06:38,480 --> 00:06:38,840
then

190
00:06:38,840 --> 00:06:40,320
you run the real command.

191
00:06:40,320 --> 00:06:45,560
Docker compose up A-O-B-O-D, that little D means detached, and it runs everything

192
00:06:45,560 --> 00:06:45,600
in

193
00:06:45,600 --> 00:06:48,040
the background, so it stays up even after you log out.

194
00:06:48,040 --> 00:06:51,240
And we're live, but probably still on test settings.

195
00:06:51,240 --> 00:06:52,720
Let's talk customization.

196
00:06:52,720 --> 00:06:57,110
The docs make a big deal about replacing every instance of local.stote.chat with

197
00:06:57,110 --> 00:06:57,560
your real

198
00:06:57,560 --> 00:06:58,560
domain.

199
00:06:58,560 --> 00:06:59,560
Why is that so important?

200
00:06:59,560 --> 00:07:03,500
It's dangerous to miss this because of how modern browsers work.

201
00:07:03,500 --> 00:07:07,520
The default config uses unencrypted HTTP.

202
00:07:07,520 --> 00:07:10,320
If you deploy that, browsers will just block it.

203
00:07:10,320 --> 00:07:14,000
You'll get security warnings, things won't load, it'll be completely broken.

204
00:07:14,000 --> 00:07:16,600
So you have to manually find and replace it in the file?

205
00:07:16,600 --> 00:07:20,420
In both revolt.tombol and .env.web, yes.

206
00:07:20,420 --> 00:07:22,200
And when you do, you have to switch the protocols.

207
00:07:22,200 --> 00:07:23,200
What do you mean?

208
00:07:23,200 --> 00:07:27,080
Your public URL needs to be HTTPS, not HTTP.

209
00:07:27,080 --> 00:07:28,260
And this is one people always forget.

210
00:07:28,260 --> 00:07:34,020
The real-time communication has to use secure web sockets, so WSS, not WS.

211
00:07:34,020 --> 00:07:37,500
If you miss that WS.part, your chat just won't work.

212
00:07:37,500 --> 00:07:38,500
That's a huge...

213
00:07:38,500 --> 00:07:39,500
Gotcha.

214
00:07:39,500 --> 00:07:40,500
Okay.

215
00:07:40,500 --> 00:07:41,500
Let's talk about control.

216
00:07:41,500 --> 00:07:44,060
Say I want to run a private, members-only instance.

217
00:07:44,060 --> 00:07:45,640
How do I make it invite-only?

218
00:07:45,640 --> 00:07:49,480
So you start by editing revolt.tombol and setting invite-only true-true.

219
00:07:49,480 --> 00:07:50,480
That's the easy part.

220
00:07:50,480 --> 00:07:51,480
You've locked the front door.

221
00:07:51,480 --> 00:07:52,480
But how do people get in?

222
00:07:52,480 --> 00:07:53,480
Right.

223
00:07:53,480 --> 00:07:54,480
It doesn't automatically create any invites.

224
00:07:54,480 --> 00:07:57,240
You have to generate the codes yourself, manually.

225
00:07:57,240 --> 00:07:59,120
And how technical is that?

226
00:07:59,120 --> 00:08:01,740
It forces you to get your hands dirty.

227
00:08:01,740 --> 00:08:04,200
You have to go directly into the database.

228
00:08:04,200 --> 00:08:09,820
You run docker-compose exec-database-mong-dash to open the Mongo shell.

229
00:08:09,820 --> 00:08:13,590
And then you run a database command to literally insert an invite code into the

230
00:08:13,590 --> 00:08:14,880
invites collection.

231
00:08:14,880 --> 00:08:15,880
Wow.

232
00:08:15,880 --> 00:08:16,880
Okay.

233
00:08:16,880 --> 00:08:18,680
So you're not just clicking a button in a web UI.

234
00:08:18,680 --> 00:08:19,680
Nope.

235
00:08:19,680 --> 00:08:23,360
This is a key moment for any new admin because it shows you that for real

236
00:08:23,360 --> 00:08:24,880
operational control,

237
00:08:24,880 --> 00:08:27,120
you're manipulating the database directly.

238
00:08:27,120 --> 00:08:29,440
That's a whole other level of technical depth.

239
00:08:29,440 --> 00:08:31,240
That really drives home the commitment.

240
00:08:31,240 --> 00:08:33,560
Speaking of which, let's talk updates.

241
00:08:33,560 --> 00:08:36,080
What's the standard process when new code is released?

242
00:08:36,080 --> 00:08:38,240
It's a three-step dance, usually.

243
00:08:38,240 --> 00:08:41,280
First you run git pull to get the latest config changes.

244
00:08:41,280 --> 00:08:45,820
Second, this is crucial, you manually compare your config file with a new example

245
00:08:45,820 --> 00:08:46,160
one to

246
00:08:46,160 --> 00:08:47,160
see what's changed.

247
00:08:47,160 --> 00:08:48,160
You can't just skip that.

248
00:08:48,160 --> 00:08:49,160
You really can't.

249
00:08:49,160 --> 00:08:52,890
Then you pull the new images with Docker Compose pull and finally restart with

250
00:08:52,890 --> 00:08:53,600
Docker Compose

251
00:08:53,600 --> 00:08:54,960
a PD.

252
00:08:54,960 --> 00:08:59,360
But that simple process doesn't always work, which brings us to the big warnings.

253
00:08:59,360 --> 00:09:05,970
All right, we're moving from the happy setup phase to the cold reality of

254
00:09:05,970 --> 00:09:07,600
maintenance.

255
00:09:07,600 --> 00:09:10,640
What are the big pitfalls the source material is screaming about?

256
00:09:10,640 --> 00:09:13,000
The first one is about the database.

257
00:09:13,000 --> 00:09:20,770
The docs explicitly warn you, do not add port 27017.27017 to expose your database

258
00:09:20,770 --> 00:09:21,320
to the

259
00:09:21,320 --> 00:09:22,320
internet.

260
00:09:22,320 --> 00:09:26,740
That database has everything, user data, messages, all of it.

261
00:09:26,740 --> 00:09:29,000
Exposing it is a catastrophic security failure.

262
00:09:29,000 --> 00:09:31,920
So if you see a tutorial telling you to do that, just close the tab.

263
00:09:31,920 --> 00:09:32,920
Run the other way.

264
00:09:32,920 --> 00:09:33,920
Absolutely.

265
00:09:33,920 --> 00:09:37,120
The second and maybe even bigger hurdle is that sometimes you have to perform

266
00:09:37,120 --> 00:09:37,480
manual

267
00:09:37,480 --> 00:09:38,800
data migrations.

268
00:09:38,800 --> 00:09:39,800
What does that mean?

269
00:09:39,800 --> 00:09:41,440
It means there's a breaking change.

270
00:09:41,440 --> 00:09:45,320
The source material gives a perfect example from September 30, 2024.

271
00:09:45,320 --> 00:09:48,120
The data structure changed so much that you couldn't just restart.

272
00:09:48,120 --> 00:09:51,790
You had to manually start a temporary container, shell into it, and run special

273
00:09:51,790 --> 00:09:52,360
scripts to

274
00:09:52,360 --> 00:09:54,320
convert your database to the new format.

275
00:09:54,320 --> 00:09:57,510
Wait, so if I missed that announcement and just ran the normal update command, what

276
00:09:57,510 --> 00:09:57,800
would

277
00:09:57,800 --> 00:09:59,320
happen? My instance would just break.

278
00:09:59,320 --> 00:10:01,420
It would almost certainly fail to start.

279
00:10:01,420 --> 00:10:04,600
The new code wouldn't be able to read the old database.

280
00:10:04,600 --> 00:10:07,800
This is what separates self-hosting from a sauce product.

281
00:10:07,800 --> 00:10:12,480
You are now the on-call engineer responsible for these high-states data procedures.

282
00:10:12,480 --> 00:10:13,960
That's a huge commitment.

283
00:10:13,960 --> 00:10:15,320
And it wasn't just data, right?

284
00:10:15,320 --> 00:10:17,360
There were config file changes, too.

285
00:10:17,360 --> 00:10:18,360
Correct.

286
00:10:18,360 --> 00:10:20,400
Look at the November 28, 2024 update.

287
00:10:20,400 --> 00:10:22,960
They just renamed some sections in the config file.

288
00:10:22,960 --> 00:10:24,920
API.vapid became pushed.vapid.

289
00:10:24,920 --> 00:10:29,360
If you didn't see that and manually change your file, your push notifications would

290
00:10:29,360 --> 00:10:30,040
just

291
00:10:30,040 --> 00:10:31,360
silently stop working.

292
00:10:31,360 --> 00:10:34,240
So you have to be constantly reading the change log.

293
00:10:34,240 --> 00:10:37,020
You have to have an active relationship with it, or essential features will just

294
00:10:37,020 --> 00:10:37,320
break

295
00:10:37,320 --> 00:10:38,320
under you.

296
00:10:38,320 --> 00:10:40,200
And why all this diligence?

297
00:10:40,200 --> 00:10:44,200
What kinds of security flaws are actually being patched that make this so critical?

298
00:10:44,200 --> 00:10:47,480
Oh, the list of advisories tells a pretty clear story.

299
00:10:47,480 --> 00:10:52,080
Back in June 2024, there was a bug that allowed unrestricted account creation.

300
00:10:52,080 --> 00:10:55,080
Unpatched, your server becomes a spam factory.

301
00:10:55,080 --> 00:10:58,510
In December, a vulnerability could let someone crash your server with a simple

302
00:10:58,510 --> 00:10:59,000
denial of

303
00:10:59,000 --> 00:11:00,000
service attack.

304
00:11:00,000 --> 00:11:02,880
So real availability risks, what about user data?

305
00:11:02,880 --> 00:11:04,360
Any close calls there?

306
00:11:04,360 --> 00:11:05,360
Absolutely.

307
00:11:05,360 --> 00:11:10,240
The February 2025 advisories are pretty eye-opening.

308
00:11:10,240 --> 00:11:13,980
One of them notes that webhook tokens were basically public, which could let people

309
00:11:13,980 --> 00:11:14,280
mess

310
00:11:14,280 --> 00:11:15,280
with your integration.

311
00:11:15,280 --> 00:11:16,280
Yikes.

312
00:11:16,280 --> 00:11:19,080
But even worse was another one from that month.

313
00:11:19,080 --> 00:11:23,050
A bug in the message fetching could be exploited to download the entire message

314
00:11:23,050 --> 00:11:23,600
history of

315
00:11:23,600 --> 00:11:26,960
a channel, completely bypassing the normal limit.

316
00:11:26,960 --> 00:11:27,960
Wow.

317
00:11:27,960 --> 00:11:31,000
That right there proves that staying up to date isn't a suggestion.

318
00:11:31,000 --> 00:11:33,520
It's mandatory if you care about user trust.

319
00:11:33,520 --> 00:11:34,520
Exactly.

320
00:11:34,520 --> 00:11:37,070
You are the one responsible for protecting your users from these things, and the

321
00:11:37,070 --> 00:11:37,320
only

322
00:11:37,320 --> 00:11:41,680
way to do that is to stay on top of these very technical, very manual updates.

323
00:11:41,680 --> 00:11:42,680
Incredible.

324
00:11:42,680 --> 00:11:46,970
So we've gone from a blank server through Docker, set up security, customized it,

325
00:11:46,970 --> 00:11:47,240
and

326
00:11:47,240 --> 00:11:52,680
now we've stared into the abyss of long-term operational commitment.

327
00:11:52,680 --> 00:11:54,880
The goal was to give a clear roadmap.

328
00:11:54,880 --> 00:11:59,120
Docker makes the launch easy, but it's the ongoing diligence that's the true cost

329
00:11:59,120 --> 00:11:59,240
of

330
00:11:59,240 --> 00:12:00,440
digital independence.

331
00:12:00,440 --> 00:12:04,280
So what's the final takeaway for someone listening who is thinking about going down

332
00:12:04,280 --> 00:12:05,120
this road?

333
00:12:05,120 --> 00:12:10,020
I think given what we've seen, the need for these frequent manual migrations, the

334
00:12:10,020 --> 00:12:10,320
serious

335
00:12:10,320 --> 00:12:13,750
security advisories from data leaks to denial of service, the real question you

336
00:12:13,750 --> 00:12:14,160
have to

337
00:12:14,160 --> 00:12:20,610
ask yourself is this, what is the true long-term commitment in time and technical

338
00:12:20,610 --> 00:12:21,680
skill required

339
00:12:21,680 --> 00:12:25,120
to maintain your digital independence with a platform this dynamic?

340
00:12:25,120 --> 00:12:26,740
It's not really a hobby.

341
00:12:26,740 --> 00:12:28,460
It's more like a part-time job.

342
00:12:28,460 --> 00:12:29,920
A crucial thought to end on.

343
00:12:29,920 --> 00:12:31,680
Thank you for joining us for this deep dive.

344
00:12:31,680 --> 00:12:34,280
And thanks again to Safe Server for supporting the show.

345
00:12:34,280 --> 00:12:38,120
Safe Server can handle your software hosting and supports digital transformation.

346
00:12:38,120 --> 00:12:41,840
Find out more at www.safeserver.de.

347
00:12:41,840 --> 00:12:44,400
We'll see you next time for the next deep dive into the sources.