Relevant to !selfhosted because one of the projects getting funding cut is Let's Encrypt.
this post was submitted on 07 Apr 2025
426 points (98.9% liked)
Selfhosted
45748 readers
614 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Let's Encrypt has done so much for encouraging the spread of HTTPS and good certificate practices. If they went away, I honestly think a good chunk of the internet would start breaking after ~6 months.
Less HTTPS = easier government & advertiser data collection
I’m pretty sure browsers don’t even load http sites anymore.
When I spin up a new self hosted service it's easier to add caddy to the stack than to convince Firefox to load http.
Tailscale is also ridiculously easy to use for this purpose. The serve and Funnel features make secure self hosting really easy from your tailnet (one can easily provision certificates for nodes using Let's Encrypt from the CLI: https://tailscale.com/blog/reintroducing-serve-funnel
HTTP works fine in Firefox unless you set it to HTTPS only. Even then, you only have to click off a warning to open an HTTP site.
But if you try to load a local resource as localhost in Firefox...
For the sake of completeness:
Firefox contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit.
More info: https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp
Insecure, but fast fix, if you don't want to install a local webserver:
about:config
security.fileuri.strict_origin_policy
change to false
They load. I have to specify http:// to get it to work though.
I’m sure google will fix that in chrome, like killing adblocker functionality.
At least there's some competitors now, which could be used as drop-in replacements if Let's Encrypt were to disappear.
I suspect the vast majority of certificate authorities will implement the ACME protocol eventually, since the industry as a whole is moving towards certificates with shorter expiry times, meaning that automation will essentially be mandatory unless you like manually updating certs every 90-180 days.
It’s okay, Let’s Encrypt only provides SSL certs for… 63.7% of the market?
Okay okay, that is a lot. But what does a CA need funding for anyway? It doesn’t take much bandwidth to send out new certs.
The only thing that could be expensive is if they had to rapidly invalidate thousands of certs to protect the security of the entire internet.
But haha, that’s a pretty outlandish scenario that would never happen.
I'm gonna have to donate then.
Same. I've been thinking about who to donate to this year, and it looks like they're making the cut. I'll probably also throw some money at my Lemmy instance and a handful of projects I use, including Tor, because apparently they got caught in the dragnet too.
Well donating is good it's not going to replace the government funding.
Which other projects caught your attention? I was going to donate to Graphene, EFF and some TOR operators
Far more than I can reasonably support:
- self hosted things I use - caddy, the document foundation, Jellyfin, Forgejo, etc
- Android apps - F-Droid, NewPipe, Signal, RethinkDNS, etc
- desktop apps - flatpak, For, Godot, etc
- infrastructure stuff - let's encrypt, openssh, Linux distros (mine doesn't accept donations unfortunately), etc
But the short list for now is:
- Let's Encrypt
- Signal
- F-Droid
And I'll probably run a Tor relay or something as well.
If only there was a decentralised tracker which would track project funding and give us metrics like which project is dangerously close to shutting down
Man, ReThink is such a lifesaver. It's so good people at Graphene recommend it. I might give Qubes some bucks too, they are awesome
Every day just gets worse doesn't it.
This really sucks. I honestly didn't know the Feds gave so much money to FOSS, but I looked up the USAGM and that makes sense.
It tracks with current trends. Basically anything that could be interpreted as benefiting any county other than the United States or any demographic other than rich white men is getting funding cut. What an embarrassment.
At a time when decentralizing information is critical, our tools to do so are also threatened.
Fortunately, those projects still exist and we all have an opportunity to financially support them.
Yet another instance of Trump being too small to understand soft power.
Have you even said thank you once
He has angered the penguins
That 4 miles long military parade for his 79th birthday doesn't pay by itself, unfortunately 😢
What languages and patterns will be considered woke?
For sure memory safety and dependent types. C++ will probably be shoved down our throats.
COBOL.
Rust
Have you donated to your favorite foss projects this week?
Let's put some numbers on all of this. The OTF's total budget slowly raised from ~$10M in 2019 to a grand total of $40M in 2023, almost half of all allocated funds by Congress to promote Internet freedom globally.
That's an incredibly tiny amount of money.
More recently, Congress had directed that - for both the fiscal years of 2024 and 2025 - the funding should be "not less than $43,500,000", which guaranteed an income stream for 2025 too.
Looks like some spicy legal action will suck up a lot of those cuts...
I also like to measure in jetwing money ... This is like half a jetwing.
I like to estimate by cost per congressperson, which is ~$7.5M/year. So the whole of OTF is about 3 congresspeople (and their staff), that sounds fair.
is that their taxpayer funded salary? because you can buy one much much cheaper.
No, current salary for all representatives outside of a handful of leadership positions is $174,000. This is the cumulative cost for everything else (staff, expenses, etc).
I personally think $174k is a bit low for salary, especially given the COL for the area and the importance of the role. I'd like to see that increase, while also increasing our expectations from our reps (i.e. jail time for bought politicians).
Why would he fund communism in the first place? (/s before you try to hit me with that downvote button).
The problem is, European leaders are sacks of shit too. They don't care either.
Although they could do more, I wouldn't say they don't care. For instance, Germany established the Sovereign Tech Agency.
With the new leadership I am doubtful on how long that will last. One of the better things that came of Scholz's era
On the one hand, I share your doubt, which is justified in the face of all the deceit and mismanagement that Merz in particular and the CDU and CSU in general engage in and their disdain for the public good. On the other hand, the fact that the Sovereign Tech Fund / Agency survived the German budget crisis gives me some hope that it will at least stay.
The problem is that no other country has done anything of the sort. I'm sure the Swiss, the Dutch, the French, the other german-speaking countries and especially the Nordics have enough money to give a few million here and there to FOSS. But they didn't, because their leaders are just as corrupt and vile. Everybody is acting as if America is the ultimate villain: the fact of the matter is, give any of those European leaders power over America and sooner or later they would turn out exactly the same. It is in their nature. And I say this having lived in Europe for a while.
The German fund staying is pure luck since the hawks at EU are stupid. They'll come after it once they're done with Chat control.
I know it's only vaguely related, since they're not US-funded, but at some point I think it would be hilarious (in a particularly poignant way) if the Lemmy developers' funding got cut off by the process of the explicitly rabid governments they are fans of finally succeeding at destabilizing the friendly Western countries where they live to the point that NLNet wasn't funded anymore. As I understand it, NLNet is already facing some headwinds because the friendly liberal elements in EU politics are getting replaced by the same kind of "fuck everyone just give money to rich people and also anyone who disagrees with me dies" elements that Russia likes to give money and social-media-shilling campaigns to support.
Surely Russia and China will jump to the front and fund basic infrastructure work for the good of everyone, if that happened. They could count on it happening, instead of having to get jobs.
Surely.
Im not saying Zuck is good or a savior of choice, but now would be a good time for facebook investors to pressure him to eat that difference.
Not that he should, but hes been all in on Open Source* lately
*Massive stipulations apply.