Yunohost Review: Initial Impressions
Recently I have been interested in user friendly, self hosting solutions. After a bit of web surfing, I found this was a much larger space than I had anticipated. It seems that in the last decade a variety of projects have been popping up, and with increasing frequency. Some of the buzzwords I came across where “personal cloud”, and “PaaS” or “Platform as a Service”. It is always fun to poke fun at buzzwords, but I think these terms are relevant when attempting to portray these ideas to a larger audience. This is still very niche and weird. Quite literally the best resource for a list of self hosting solutions was this kind of creepy youtube video.
The basic idea is to be able to easily deploy web services on a common platform. I'm partial to Debian based solutions, so Yunohost and FreedomBox stood out to me. This post is dedicated to Yunohost.
Overall, I like Yunohost a lot. It is fun, and easy to use. I spent a whole day installing and uninstalling apps to try things out.
What is Yunohost?
The Yunohost FAQ states:
It provides a software that aim to make it easy for people to run and administrate their own server, with minimal knowledge and time required.
YunoHost may be called a distribution or an operating system, but it's actually "just" a simple layer added over the top of Debian, which does most of the hard work for you.
FYI: The name Yunohost is pronounced, “Why You No Host?”.
The insallation instructions I followed for Debian Stretch can be found here.
I chose to run my installation on a brand new Debian cloud image with only 2G of RAM. For initial demo purposes, I noticed no serious performance issues on this machine. The first thing that got stuck me was that I was not able to install on Buster. There documentation only says Stretch, so I should've known better. You can track the status of this issue here. Besides this hiccup, the installation process was mostly a breeze. The documentation for this is very detailed. The docs are a wiki, so if you notice an issue you can actually submit patches directly from the site. I submitted a few patches myself.
To install on a Debian Stretch machine, simply run:
curl https://install.yunohost.org | bash
If you are concerned with this approach, they have a disclaimer on the docs about this. Essentially, what you are downloading is a Debian metapackage that will install the necessary dependencies. It is quite opinionated on how it does the configuration, which is why it is recommended to run this on a dedicated machine.In my opinion, having the yunohost app be an official Debian package would alleviate a lot of these concerns. It would be more intuitive for Debian users, especially when they advertise as being Debian based. I would like to be able to install the yunohost app with apt.
Out of the Box
Upon installation, Yunohost comes with a Single Sign On service, email server, xmpp server, and the admin GUI used to deploy applications.
When originally accessing the web GUI your browser will complain about the certificate. Find a way to bypass this and then you can login. Once there, you can go to Domains and set up a Let's Encrypt certificate for your domain.
The basic setup allowed for me to connect Thunderbird to the email server and send messages. These messages were sent to the Spam folders of the accounts I tested it with. With more domain hacking I should be able to fix this.
The Single Sign On Service, called SSOwat, is one of my favorite features of Yunohost. I haven't seen anything similar advertised by other projects. The implementation is a NGINX plugin written in Lua. Fine grained application access is controlled by SSOwat. Only users who are registered with the Yunohost service will be able to access these sites if the application is not made public. Easy setup private network is a great feature.
I tried a handful of applications. The official apps actually work out of the box. Others work with varying degrees of success and they try to be very transparent about this.
One thing that is confusing, is it isn't always clear how the domains should be setup for each app. Some apps are okay with a url route like
my.domain.org/riot, others require a subdomain like
matrix.domain.org. The yunohost app does catch these mistakes if you mess up It would be nice if this situation was more explicit though.
Now I'll go through a list of apps that I tried.
matrix-synapse and Riot are both easy to install with basic features working. The Matrix Synapse server that is installed does not come with a GUI (that is what Riot is for) you can access it with other Matrix clients like Fractal or Riot. I wanted to give the full experience a try, so I installed Riot along with it. This was quite easy to do. You can optionally put the Riot app behind a private network as well. I will probably be using this very soon for a small group of friends.
My experience with manually installing Pleroma a year ago was painful, so I had high hopes for this. Those expectations were met. The package for this installation was successful and the app seemed to work out of the box. Very pleased to see this only took a couple clicks to install.
Personally, I prefer Pleroma over Mastodon for a variety of reasons. Most of them being related to the implementation differences (Phoenix vs Rails). I'm a big fan of Elixir and like that Pleroma uses less resources than Mastodon. There are also no character limits... Using less resources on something like Yunohost is crucial. These two technologies are a good fit imo.
WriteFreely is a simple blogging service (the one I use for this blog). It is written in Golang with a minimalist and clean design. Unfortunately the package did not install successfully so I couldn't try this out. When this gets resolved I might migrate this blog to Yunohost.
Mobilizon is a Pleroma fork for coordinating events. This is something I need, and a lot of other people need. The app was able to install, however, the email Registration did not work. This is likely a fault of my own, however I had no issue with Riot. Not sure what deal is with that.
Custom Web App
I have not tried this feature out, but I wanted to point it out because I think it is neat. The real value Yunohost provides is not having to deal with server setup and certificates. So having a tool like Yunohost to host multiple sites with is really cool. Yunohost is really helpful for a hobbyist application developer trying to get things started. It is also possible to configure a simple redirect for a domain name to a particular url, even localhost. Could be fun to write a post detailing how to do this. This is where Yunohost starts venturing into Platform as a Service with these kinds of features.
Yunohost does a great job at lowering the barrier to entry for deploying all of these great open source applications. Since the domain stuff is still a bit tricky, I think that the target user is still someone with a technical background. By no means do they have to be a developer, just someone who isn't too afraid of Linux, the terminal, and DNS configs. If you are tired of annoying deployment setups then I recommend trying this out. There are a lot more bits and pieces I didn't cover here, like the intuitive UI and great branding. Try it yourself, you wont regret it.