Okay but what happens when you have a breaking change from one of your updates?

I want to visibly second this (with a comment, not only an upvote). I dubbed the LAMP stack the CHAMP stack for some time now (CH standing for CSS and HTML).

one does not simply "deploy"

Ummm I'm sorry, but I don't see how this is practically simple. Theoretically, maybe - [and I agree with the idea that there is potentially (hopefully) a paradigm shift in initial play now, with the thrust being multifaceted including companies' lack of upholding user privacy/selling you as a product, slowly increasing service charges, and lack of customer customization.]

I think tis thrust towards self hosting should make the construction of these systems closer towards what you describe, but it isnt really that simple yet.

For instance, if you want to self host even a decent all-in-one calendar/notes/etc system like nextcloud, it isn't just `sudo pacman -S nextcloud` and youre done.

There is an enormous consideration of how to construct the 1) network architecture, 2) encryption of disks, 3) secure/encrypted, incremental, and full filesystem offsite backup, 4) security and encryption of network, 5) secure interplay between self hosted and non self hosted data, etc.

An example of (1) may be that, much if the discussion around self hosting states that one should not open their LAN to the internet with port forwarding (as it's inviting you to be hacked), and you should rather point your registered domain to a VPN such that you must login with any remote devices to access your server (just to point out - likely here you would need to use a dynamic dns service to get access to your system, which is also another hassle for newcomers).

Further on (1), this involves ensuring that the choice of VPN is adequate (many older technologies have known security flaws, like oracle padding attacks, etc.) - and finding a combination of routers with correct firmware to allow for VPN servers, (also VPN clients on top of that if you care about not having your isp sell you to everyone) the correct hardware and network architecture that can properly mitigate the encryption of traffic on your network (e.g. can a raspberry pi really handle all of your traffic and maintain 1Gbps file download/uploads with vpn encryption?).

I recognize that much of this is not really possible to `sudo apt-get` on one system with recommended hardware, but the more FOSS out there that can get closer to mitigating all of this, and to have well packaged tutorials on how to safely and properly self host (e.g. complete google service replacement) while maintaining security and 10Gbps speeds, the better off we will be.

This really is what we should be driving towards. Companies can certainly offer their servers for customer use, but I think it should be expected that companies have the code that is used to store that customer data fully as FOSS, for auditing and to allow for self hosting. There's still money to be made for companies in helping people self host everything for themselves - we just have to push for it.

One decent enabler of this is companies that make software for data backups. This is another one of the enumerations above, because it is quite difficult to find a solution that has quantum secure encryption, excellent compression, incremental (only pushing diff like git) capabilities, and is reasonably simple to use. AFAIK, Duplicati is the only option that seems to be able to hit all of these well (hopefully someone can correct me).

Anyway, this was a meandering long way to say - self hosting is complicated, but i do really hope we can change that.