Hi everyone, we’ve been working on Safebox, an open-source framework that helps you install, manage, and access self-hosted applications such as Home Assistant, Nextcloud, and Jellyfin ect. Safebox runs on Linux, macOS, and Windows (supporting both x86 and ARM64 architectures, even Raspberry Pi, Banana Pi hardwares also tested). It manages domain and subdomain setup, Let's Encrypt certificates, DNS configuration, and reverse proxy (nginx). It also includes a WireGuard-based remote access feature and a geo-redundant backup system (currently in development). The project is in beta, and we’re looking for people interested in testing and sharing feedback. All information about Safebox and beta testing can be found in our Discord channel. Try it using Docker: docker run --rm -v /var/run/docker.sock:/var/run/docker.sock safebox/framework-scheduler
Then open: http://localhost:8080/
Links: Website: https://safebox.network/ GitHub: https://github.com/safeboxnetwork/framework-scheduler Discord: https://discord.gg/aBP8bz6N8J
We’d really appreciate any feedback or ideas for improvement.
Alright so I'll ask a hardball question or two. What precisely are you offering that isn't just repackaged install scripts and a wireguard wrapper?
What is your / your teams background in software security? The implication of the name and your "branding" are selling a lot - what outside of docker and wireguard are you bringing to the table. On that note: why docker?
Further - you are paywalling remote access... When your platform is utilizing wireguard.
Netbird (one of many examples) doesn't even do that... What's the reasoning?
I have more but let's start there.
Our software is basically a web app that makes it easier to install and manage supported third-party apps. Wireguard (currently) is only used for remote access, if you don’t need that you don’t have to turn it on.
For security, everything runs in an isolated sandbox using docker and that also answers your other question.
We do plan to offer a paid remote access service in the future, but it’s totally optional. The same goes for backups, they can be geo-redundant if you use our service, but these are optional feature.
So my point I was driving at - especially with such a diverse offering of wireguard services which do not charge for (effectively) VPN access to your own infrastructure - I was more interested in why your service would be looking to pay gate it as a "premium" feature.
This would be different if we were talking you hosting all these services on your infrastructure but considering the marketing to homelab - I find it to be an unusual choice... And was curious as to the reason for the decision.
Right. Docker does sandboxing. That's a core feature it provides - I'm just trying to ascertain what precisely your company is actually offering outside of a ui wrapper on these established services.
I mentioned earlier that your branding seems to emphasize security - but all I'm seeing is mention of existing security features inherent in the software being wrapped. Does your team do additional tuning for security? Do they have experience in infrastructure security, hardening systems, or the like? To be clear I just want to better understand the branding and what is being offered.
Alright so this is a feature that a homelab user can actually use - backups. Could you expand on how you will be managing this feature / plan to implement it once it is offered?