Crazyfrog@discuss.tchncs.detoSelfhosted@lemmy.world•Guide to Self-Hosting Lemmy with Individual Containers & Existing NGINX Instance.English
2·
1 year agoThis is great, thanks for this. I’ll give this a try later!
This is great, thanks for this. I’ll give this a try later!
It’s a very valid question in my opinion and as is often the case with security, it really depends on your individual threat model and threat tolerance. As you said it seems pretty unlikely that a maintainer would install malicious code as they have a reputation to protect. And as mentioned by another commenter, even if you compiled the code yourself, unless you can audit code yourself you still have to just trust the developers. Personally for my threat tolerance, I do not see the risk as big enough to warrant the extra effort.
Off topic but could you explain a little on how you use a VPS to access your internal services? There’s a few services I want to open up but I don’t trust cloudflare and I don’t want to port forward.