A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Hi guys, I've been working on a self-hostable web analytics platform since the start of this year after being frustrated with Google Analytics and Plausible.
I've packed a bunch of cool web analytics features into Rybbit, but I've tried very hard to keep the interface simple to use,
https://github.com/rybbit-io/rybbit
Check it out!
OpenBSD does not have a docker engine. Can this be installed without docker?
What's the advantages over awstats?
from what i know, awstats gets analytics from server-side logs while Rybbit uses a client side script. So not really and apples to apples comparison
The same advantages as all free and open source solution, it's free and open source. That means how much it's going to cost to your business is directly under your control. You can make a decision on how you acquire hardware based on your business's needs. If you want to add or change features you can decide how to do that based on the deals you have with your programmers (like pick the developer you have with the best skills and the lowest cost), and then you get to control how much it costs you and how reliable the result is going to be.
If you feel like the support you get from customer service from Amazon or Google or Microsoft is reliable enough and you don't need more reliability then go ahead and stick with paid products. But if you already have a team of really expensive and talented engineers you might as well let them solve problems with free and open source equipment.
Docker is a security risk. Is it possible to install securely?
I imagine you can use Podman instead
I think that has the same problems, no? Or does podman do signature verification on all the layers it downloads from the container registry?
Docker is a security risk? … excuse me, what? Can’t you just, idunno, secure the environment that docker runs in? Use rootless images? Use immutable images?
And, are you asking for something that runs on bare metal? Couldn’t you just install the ISO that the dockerfile uses, then convert the dockerfile logic to an sh script?
Doker pull is insecure
It's the download that's not verified
Download the image manually with something like curl???
Hahahahahaha good luck.
You can verify the checksum to ensure the contents pulled are exactly the same as what was published. You can also use a private container registry.
How exactly would docker pull be any more insecure than something like pip install? Or, really anything… Let’s go with your preferred alternative, how are you going to get it on your machine in a more secure way than docker provides?
Docker uses TLS with registries, layers and manifests have cryptographic digests, checksums, and you can verify the publisher yourself. Push it into your own registry if you want, or just don’t use latest.
Yeah, that's the insecurity I'm talking about.
If you want to know how to implement this properly, look at apt. Its a known issue in docker; they just haven't prioritized the fix yet (DCT)
What are you talking about, “yeah that’s the insecurity I’m talking about.”
I didn’t mention an insecurity and neither have you. Would you mind being a little more clear than “Docker pull is insecure?”
Frankly, I was expressing confidence in dockers security. It goes without saying though, any user can do insecure things like download from untrusted sources. That’s not dockers problem though, it’s the users.
Edit: I see now that you added “it’s the download that’s not verified.” Integrity is verified, so I assume you mean authorship (via signing)? I guess you’re saying that, if admin credentials are stolen from a container publisher and the thief force pushes malicious code into the registry under a pre-existing tag—then you would be exposed to that?
Even in that case, though, a digest cannot be overwritten. Tags can. So you’d just pin the digest to avoid this one attack vector?
Checksums are not for security. You need signatures. I'm not making claims that aren't clearly documented.
You’re talking about authorship. Sure. But if you verify the container yourself as secure and pin the digest, what’s the issue?
What you just described cannot be done. You can't verify it, because its not signed.
You’re making big claims on security here, like “cannot be done,” and each time you do I feel like we’re talking past each other a bit. I never claimed you can verify that the person who pushed the container had access to a private key file. I claimed you can verify the security of a container, specifically by auditing it and reviewing the publisher’s online presence. Best practices. Don’t upgrade right away, and pin digests to those which can be trusted.
When you pin a digest, you’re not going to get a container some malicious agent force pushed after the fact. You pinned the download to an immutable digest, so hot-swapping the container is out the window. What, as I understand, you’re concerned with is the scenario that a malicious actor (1) compromised the registry login beforehand, (2) you pinned the digest after hand, and (3) the attack is unnoticed by you and everyone else.
I’m trying to figure out under what conditions this would actually occur, and thus justifies the claim that docker pull is insecure. In a work setting, I only see this being an issue if the process to test/upgrade existing ones is already an insecure process. Can you help me understand why I should believe that, even with best practices in place, Dockers own insecurities are unacceptable? Docker is used everywhere and I’m reluctant to believe everyone just doesn’t care about an unmanageable attack vector.
In its default state i think thats fair. Example docker bypasses most firewalls as it runs before iptables rules process. So if you don't either use 127.0.0.1:port:port (many compose files offered by projects do not do this) or add specialized iptables rules to fix that up you can end up directly exposing services with meaning to or even realizing.
And yeah privilege escalation etc. There are solutions like what you mentioned but it can be a lot of work to set all that up so most people won't
hmm interesting im using matomo but im not liking how its increasingly becoming bloated and subscription based
How can I run this on unraid, and can I point it at multiple domains and sub-domains?
Its a docker compose deployment so should just work on any system with docker installed. Copy the docker compose file and env file if it has one, and run 'docker compose up -d' in that directory.
It can collect analytics from multiple places.
Aways a fan of alternate options, this looks quite tidy! I had a few thoughts / queries. Not at my system right now but I will test it out later.
I noticed in the screenshots you have a "users" page - but with a cookieless tracking system I would have assumed it wouldn't be reliable to identify a long term user past individual sessions? Are you doing some hefty finger printing?
Looking at your features table has a few statements that might need adjusting. Such as GA4's segmentation sequencing / filtering can be quite complex, I'd argue its not limited and potentially more advanced than Rybbit (not tested yet). It also has a user exploration feature.
Do you have any plans for a drag and drop style report creation, so that I could create reports with any dimensions / metrics and filter accordingly? I think that would bring a lot of flexibility to the platform for an individuals bespoke needs.
A few more screenshots in case you don't want to leave the site
You're awesome. Thanks!
What should we try with the live demo? Neat stuff, it's this a long-term project?
I have no idea how to use this, but this is amazing!
Question is the self-hosted version less featured than the paid hosted version?
This looks amazing btw.
Only very slightly so. One of the reasons I created Rybbit is because platforms like plausible and fathom have much inferior self-hosted versions (very limited featureset and basically never updated). We have a comparison here
@Goldflag
I appreciate the intent behind Rybbit, but I have to respectfully disagree with the "only very slightly so" characterization. Looking at your official comparison table, the self-hosted version is missing:
That's 7 significant features—which seems more than "very slightly" different.
More importantly, this raises AGPL compliance questions. Under AGPLv3 Section 13, if users interact with modified AGPL software over a network (your cloud version), you're required to make the complete corresponding source code available to those users. If these cloud-only features are integrated into the same AGPL-licensed codebase, withholding them from the public repo while running them as a network service appears to conflict with the license terms.
There are really only two compliant scenarios here:
If it's neither—if these are AGPL-covered features running in your cloud service but withheld from the repo—that's exactly the "loophole" the AGPL was designed to close. The irony is that you criticized Plausible and Fathom for having "much inferior self-hosted versions," yet this appears to be a similar approach.
Could you clarify the licensing status of these cloud-only features? Are they in the public repo but disabled by default, or are they proprietary additions that don't derive from the AGPL codebase?
Thank you for your service.
Everything is in the repo and cloud features are just toggled off in the self-hosted build.
@Goldflag,
Thanks for clarifying! Good to hear everything's in the repo and that it's truly AGPL compliant.
Since as self-hosters we already carry the burden of maintenance, updates, security, and infrastructure costs that cloud users don't, would you consider documenting how to enable the cloud features in self-hosted setups?
I see the docs cover basic environment variables, but not for Pages View, Web Vitals, or VPN/ASN tracking. Even if some features need extra config (SMTP, OAuth creds), having that documented would help those of us willing to do the work.
That would truly differentiate Rybbit from Plausible/Fathom—not just code parity, but empowering self-hosters with full feature access.
You mentioned being frustrated at Plausible. What did you not like about it?
I haven't tried Plausible, but it seemed popular
it didn't have enough features, especially since the community version is heavily nerfed (it's missing even funnels)
Wow holy crap, great work - the world badly needs this. Im assuming the mechanism is the same, you inject a js script into your site. I'm also very interested in pure server side solutions for analytics, but they can't hit all the features you did in a generic way afaik
Yea, we use a client-side script like almost everyone else. The major difference is that we don't use cookies so you can avoid a lot of the cookie banner/GDPR nonsense.
Rybbit definitely isn't the first open source cookieless web analytics platform (Plausible and Umami are the two other big ones), but it's probably the most "all-in-one" of all these alternatives.
Do you use fingerprinting instead? Or what’s the mechanism you use?
it looks beautiful!! do you plan on making the wcv available for the self hosted version in the future?