Browse Source

fix stupid readme

main
forest 2 weeks ago
parent
commit
9410fdc3d2
5 changed files with 92 additions and 10 deletions
  1. +54
    -8
      README.md
  2. +3
    -2
      frontend/static/greenhouse.css
  3. +2
    -0
      readme/ALPHA.md
  4. +33
    -0
      readme/SECURITY.md
  5. BIN
      readme/anticloudflareaktion.jpg

+ 54
- 8
README.md View File

@ -1,27 +1,62 @@
# greenhouse
![greenhouse logo](readme/greenhouse.png)
Instant port-forwarding with automatic HTTPS, for everyone everywhere! Like CloudFlare's tunnel product,
but completely redesigned in order to put the TLS encryption keys and ownership/control back into the self-hoster's hands.
![greenhouse logo](readme/anticloudflareaktion.jpg)
Greenhouse is a new cloud service designed to break down barriers to entry & make
real ownership and production of _The Internet_ accessible to more people.
Greenhouse gives any local file or service a secure URL in seconds. Send this URL to anyone;
as long as your computer is still running and has internet access, it should stay online.
> # [greenhouse.server.garden](https://greenhouse.server.garden)
Check it out at:
It enables you to self-host internet services / websites on your own computer easily,
while retaining exlusive ownership of your processes, data, and your user's data as well.
> ## [greenhouse.server.garden](https://greenhouse.server.garden)
⚠️ Please Note ⚠️ This is "alpha" software, it's currently not the most stable thing in the world.
-------
## what makes greenhouse different
_You_ run the [open source Greenhouse self-hosting software](https://git.sequentialread.com/forest/greenhouse-daemon) on _your_ computer.
This software has an instance of [Caddy](https://git.sequentialread.com/forest/caddy) embedded inside it, and that Caddy server
automatically issues a TLS certificate for you through [Let's Encrypt](https://letsencrypt.org/).
(TLS stands for [Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security), sometimes also known as its older name "SSL").
The TLS [private key](https://en.wikipedia.org/wiki/Public-key_cryptography) associated with your certificate is created on your machine,
and it never has to leave your machine.
That means you "own" the traffic going in and out of your machine not just on paper,
but in real terms, you have physical custody of it you would be able to audit or modify any part of it if you wanted.
This is not the case with a traditional cloud service like DigitalOcean or CloudFlare. With those services, the service provider is the one who
holds physical custody of the server and its data / encryption keys. They can theoretically spy on you or your website visitors as much as they want.
## goals of the greenhouse project
Greenhouse aims to make self-hosting ✨ radically easier ✨ for the average person.
No matter who you are or where you live, as long as you have an internet connection,
you can run your own **reliable** web site or web service with Greenhouse!
In the future, Greenhouse will be easy to use with existing self-hosting solutions like [yunohost](https://yunohost.org/), [syncloud](https://syncloud.org/), and others.
For more information about the motivation behind greenhouse, see my blog post about it: [The "Pragmatic Path" 4-Year Update: Introducing Greenhouse!](https://sequentialread.com/the-pragmatic-path-4-year-update-introducing-greenhouse/)
## related self-hosting applications / services
## is this safe?
#### someone told me that opening up my home network to the outside world is dangerous!! 😱
First of all, yes, there are risks associated with self-hosting. There are also risks associated with browsing the web,
or using a computer on the internet at all.
You should be informed, but at least in my opinion, you shouldn't be afraid of self-hosting.
For more information, see [SECURITY.md](readme/SECURITY.md).
## related repositories
This repository only houses the web application for the cloud service. There are many other processes involved in making
greenhouse work, and making it easy for anyone to use.
* ### [🏔️⛰️🛤️⛰️🏔️ threshold](https://git.sequentialread.com/forest/threshold)
* ### [🏔️🛤️🏔️ threshold](https://git.sequentialread.com/forest/threshold)
* Public Internet facing gateway (TCP reverse tunnel) server/client that greenhouse uses
* ### [🔒 caddy](https://git.sequentialread.com/forest/caddy)
* A slightly modified fork of the Caddy 2 HTTP server by Matthew Holt / Let's Encrypt
@ -36,6 +71,17 @@ greenhouse work, and making it easy for anyone to use.
![a screenshot of the alpha version of the greenhouse admin panel with "choose your greenhouseusers.com subdomain" feature, a bandwidth usage graph, and cross platform self-hosting software installation options](readme/screenshot.png)
## alpha release demo video
See https://sequentialread.com/greenhouse-alpha/
# Developement Notes
Note: everything here is moderately to severely outdated. TBD
## setup local environment
Write the config file `config.json` in the root directory:


+ 3
- 2
frontend/static/greenhouse.css View File

@ -272,8 +272,9 @@ pre.flash.info {
}
.white-pill img {
height: 16px;
margin: 0 5px;
height: 20px;
margin: -2px 5px -4px 5px;
filter: brightness(1.4);
}


+ 2
- 0
readme/ALPHA.md View File

@ -16,6 +16,8 @@ If you wish to contact the developer directly, you may email `forest@sequentialr
- The greenhouse windows uninstaller won't get rid of the greenhouse-service user account.
- The greenhouse windows user shows up on the login page
- the UI text on the mac version of the desktop app is a bit too small.. ?
- the greenhouse web app will log you out randomly if you use it for a long time (refresh session does not work)


+ 33
- 0
readme/SECURITY.md View File

@ -0,0 +1,33 @@
# is this safe?
### someone told me that opening up my home network to the outside world is dangerous!! 😱
First of all, yes, there are risks associated with self-hosting. There are also risks associated with browsing the web,
or using a computer on the internet at all.
You should be informed, but at least in my opinion, you shouldn't be afraid of self-hosting.
Running the greenhouse self-hosting software on your computer does not "open up your home network" in the general sense.
It does its best to keep you in control: By default, it exposes nothing.
You have to specifically tell it to expose something (a folder full of files, or a local server application for example),
and when you do, it exposes exactly what you asked, nothing more.
This is similar to the security risk associated with [configuring "port forwarding" on your home router](https://portforward.com/how-to-port-forward/):
the risk entirely depends on what's being published.
Let me try to explain a bit:
There are bots that crawl the web searching for any machines or services which were left exposed with an un-changed default password.
They will try to log in to your computer and take it over for their own nefarious purposes.
The same bots may also look for un-patched security holes in popular software,
like the recent ["log4shell" vulnerability in Log4j](https://www.lunasec.io/docs/blog/log4j-zero-day/).
This means that if you were to publish an old version of some software which has a known vulnerability,
or if you were to publish a server application before configuring its security features (changing the password for the administrator user, for example),
then it's possible your computer could be taken over and you could even lose your data if you don't have a backup.
But "possible" does not mean it's actually going to happen to you. I think the risk is very low, especially when you are first starting out.
People experimenting with self-hosting (and the apps they're likely to run) aren't exactly attractive or common targets.
The bots going around trying to pick every lock are out to land bigger fish, like business machines on corporate networks.
There are also plenty of ways to mitigate this risk;
If you try greenhouse out and decide you want to keep on running a server, you could purchase a small, low-power server computer for cheap,
like an [ODroid HC4](https://www.hardkernel.com/shop/odroid-hc4/) or [ROCKPro64](https://pine64.com/product/rockpro64-4gb-single-board-computer/).

BIN
readme/anticloudflareaktion.jpg View File

Before After
Width: 378  |  Height: 191  |  Size: 11 KiB

Loading…
Cancel
Save