Selfhosted

39116 readers
507 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
1
 
 

Just wrote up a little post for those who want to self host a lemmy instance with docker-compose and traefik.

2
 
 

Hello everyone! Mods here 😊

Tell us, what services do you selfhost? Extra points for selfhosted hardware infrastructure.

Feel free to take it as a chance to present yourself to the community!

🦎

3
 
 

Greetings, self-hosting enthusiasts and welcome to the Selfhosted group on Lemmy! I am formerly /u/Fimeg now Casey, your tour guide through the labyrinth of digital change. As you’re likely aware, we’re witnessing a considerable transformation in the landscape of online communities, particularly around Reddit. So let’s indulge our inner tech geeks and dive into the details of this issue, and explore how we, as a self-hosting community, can contribute to the solution.

The crux of the upheaval is a policy change from Reddit that’s putting the existence of beloved third-party apps, like Reddit is Fun, Narwhal, and BaconReader, in jeopardy. Reddit has begun charging exorbitant fees for API usage, so much so that Apollo is facing a monthly charge of $1.7 million. The ramifications of these charges have resulted in an outcry from the Reddit community, leading to a number of subreddits planning to go dark in protest.

These actions have pushed many users to seek out alternative platforms, such as Lemmy, to continue their digital explorations. The migration to Lemmy is especially significant for us self-hosters. Third-party applications have long been a critical part of our Reddit experience, offering unique features and user experiences not available on the official app.

As members of the Selfhosted group on Lemmy, we’re not just bystanders in this shift - we have the knowledge, skills, and power to contribute to the solution. One of the ways we can contribute is by assisting with the archiving efforts currently being organized by r/datahoarder on Reddit. As self-hosting enthusiasts, we understand the value of data preservation and have the technical acumen required to ensure the wealth of information on Reddit is not lost due to these policy changes.

So, while we navigate this new territory on Lemmy, let’s continue to engage in productive discussions, share insights, and help to shape the future of online communities. Your decision to join Lemmy’s Selfhosted group signifies a commitment to maintain the spirit of a free and open internet, a cause that is dear to all of us.

Finally, in line with the spirit of the original Reddit post, if you wish to spend money, consider supporting open-source projects or charities that promote a free and accessible internet.

With that, let’s roll up our digital sleeves and embark on this new journey together. Welcome to the Selfhosted group on Lemmy!

P.S. Thank you to Ruud who is actively maintaining the moderation front in this community!

4
 
 

Hi everyone, I decided there simply were not enough docker apps for downloading Youtube videos, and so I made the situation worse :p

In all seriousness, I couldn't find one that fulfilled all my desires in a YT downloader, so I wrote my own in python using pytubefix and streamlit. It's still fairly rough, but it works, and i'd love to get your feedback. Installation is just a simple docker compose.

services:
    pytube-gui:
        container_name: pytube-gui
        image: artisanbytecrafter/pytube-gui:develop
        ports:
            - 8501:8501
        volumes:
            - /path/to/downloads:/app/downloads # set to where you want downloads to go

Please let me know if you run into any issues, or have any feedback. I do still have a long list :)

Source code: https://codeberg.org/ArtisanByteCrafter/pytube-gui

5
 
 

So i've been hosting a modded Minecraft server for my friends and me on weekends. While it's been a blast, I've noticed that our current setup using LAN has its limitations. My friends have been eagerly waiting for their next "fix" (i.e., when they can get back online), and I've been replying with a consistent answer: this Friday.

However, exploring cloud providers to spin up a replica of my beloved "Dog Town" Server was a costly endeavor, at least for a setup that's close to my current configuration. As a result, I've turned my attention to self-hosting a Minecraft server on my local network and configuring port forwarding.

To harden my server, I've implemented the following measures:

  1. Added ufw (Uncomplicated Firewall) for enhanced security.
  2. Blocked all SSH connections except for the IP addresses of my main PC and LAN rig.
  3. Enabled SSH public key authentication only.
  4. Rebuilt all packages using a hardened GCC compiler.
  5. Disabled root access via /etc/passwd.
  6. Created two users: one with sudo privileges, allowing full access; the other with limited permissions to run a specific script (./run.sh) for starting the server.

Additionally, I've set up a fcron job (a job scheduler) as disabled root, which synchronizes my Minecraft server with four folders at the following intervals: 1 hour, 30 minutes, 10 minutes, and 1 day. This ensures that any mods we use are properly synced in case of issues.

any suggestions of making the computer any more secure, aswell as backup solutions? thanks!

--edit Im using openRc as my init system and my networking plan, is to have dogtown on a vlan via my 48port switch.

--added note, what hostnames do you guys call your servers? I used my favorite band albums and singles for hostnames.

6
 
 

Hi. I am currently using google drive mounted with rsync (encrypted) to stream files over my VPS since my VPS provider charges a lot for extra storage compared to google. I have offline backups of the said data at home

I currently have a 100GB google drive plan and it's working suprisingly great. Also it's cheap in my country due to regional pricing

Now, as I learned, Google keeps your files for 2 years after you cancel your extra storage subscription. It also doesn't allow you to upload anything which locks up Gmail but that doesn't matter if it's an alt account. So, can I just create an alt account, buy a 1 month subscription, upload everything, cancel it, then read it using rclone? Does Google restrict api access (for rclone) on drives with expired subscriptions?

Yeah I know I'm stretching this a bit too far but I just wanna know

7
 
 

I'm considering a business plan for people getting in to self-hosting. Essentially I sell you a Mikrotik router and a refurbished tiny x86 server. The idea is that the router plugs in to your home internet and the server into the router. Between the two they get the server able to handle incoming requests so that you can host services on the box and address them from the broader Internet.

The hypothesis is that $150 of equipment to avoid dozens of hours of software configuration is a worthwhile trade for some customers. I realize some people want to learn particular technologies and this is a bad fit for them. I think there are people out there that want the benefit of self-hosting, and may find it worth it to buy "self-hosting in a box".

What do you think? Would this be a useful product for some people?

8
6
submitted 9 hours ago* (last edited 9 hours ago) by [email protected] to c/[email protected]
 
 

I am trying to not use any Google services for notifications and so I'd like to make a script to send notifications via ntfy based on discord messages.

How would I get access programmatically to my own discord account? Do they even support it? They have bots, but is their api for DMs?


Edit: the solution may just be a bot in servers, then not responding to DMs unless they use signal

9
15
submitted 20 hours ago* (last edited 20 hours ago) by [email protected] to c/[email protected]
 
 

Hi guys!

Back in the day I used to have a VM holding nginx and all the crap exposed...and I did set it up with fail2ban. I moved away from it, as the OS upgrade was turning messy, and rebuilt onto an LXC container. How should I use fail2ban/iptables in order to protect/harden my LXC container/server? Do the same conditions apply, or will I have any limitations/issues due to the container itself?

Thanks!

10
 
 

I just setup a minecraft server on an old laptop, but to make it acessible i needed to open up a port. Currently, these are the ufw rules i have. when my friends want to connect, i will have them find their public ip and ill whilelist only them. is this secure enough? thanks

`Status: active

To Action From


22/tcp ALLOW Anywhere Anywhere ALLOW my.pcs.local.ip`

also, minecraft is installed under a separate user, without root privlege

11
12
 
 

These seem to be purpose built for home servers. Is there a benefit to using one of them?

13
 
 

So, I have a rpi4b that's currently running a VPN for family abroad. I'm just finishing setting up Ubuntu server 24.04LTS(I have limited number of USB sticks, and the largest is only 8gb, so this choice was one of size, I can go into ones I had considered before) on an old laptop. For my small business I've also bought a domain for a work email, and eventually a website both are/will be hosted externally as I don't want to faff about with securing those aspects on my home network. The VPN though, that is currently pointing to no-ip dns service, and I want to migrate that to both the laptop and my own registered domain. What's best practices here? I do need the VPN to exit through to my network, so that my MiL can watch UK streaming from abroad(TV licence shenanigans).

14
 
 

I'm syncoiding from my normal RAIDz2 to a backup mirror made of 2 disks. I looked at zpool iostat and I noticed that one of the disks consistently shows less than half the write IOPS of the other:

                                        capacity     operations     bandwidth 
pool                                  alloc   free   read  write   read  write
------------------------------------  -----  -----  -----  -----  -----  -----
storage-volume-backup                 5.03T  11.3T      0    867      0   330M
  mirror-0                            5.03T  11.3T      0    867      0   330M
    wwn-0x5000c500e8736faf                -      -      0    212      0   164M
    wwn-0x5000c500e8737337                -      -      0    654      0   165M

This is also evident in iostat:

     f/s f_await  aqu-sz  %util Device
    0.00    0.00    3.48  46.2% sda
    0.00    0.00    8.10  99.7% sdb

The difference is also evident in the temperatures of the disks. The busier disk is 4 degrees warmer than the other. The disks are identical on paper and bought at the same time.

Is this behaviour expected?

15
 
 

This is a decent writeup on applying "Zero Tust" principles to a home lab using mostly open source tools. I'm not the author, but thought it was worth sharing.

16
 
 

Is there any service that will speak LDAP but just respond with the local UNIX users?

Right now I have good management for local UNIX users but every service wants to do its own auth. This means that it is a pain of remembering different passwords, configuring passwords on setting up a new service and whatnot.

I noticed that a lot of services support LDAP auth, but I don't want to make my UNIX user accounts depend on LDAP for simplicity. So I was wondering if there was some sort of shim that will talk the LDAP protocol but just do authentication against the regular user database (PAM).

The closest I have seen is the services.openldap.declarativeContents NixOS option which I can probably use by transforming my regular UNIX settings into an LDAP config at build time, but I was wondering if there was anything simpler.

(Related note: I really wish that services would let you specify the user via HTTP header, then I could just manage auth at the reverse-proxy without worrying about bugs in the service)

17
18
 
 

I'm looking at getting a gateway device to replace the ISP router that sits between the internet connection and the mesh WiFi.

I am running pi-hole on a (very old) raspberry pi, but I know some gateways get quite fancy so I'm wondering if it's possible to have pi-hole on the gateway itself, to run as DNS and DHCP servers?

Other things I'm looking for in a gateway are VPN as a client (preferably Wireguard) and PoE ports for cameras.

If it's possible to host something like pi-hole directly on the gateway then hardware recommendations are appreciated!

19
 
 

This seems like a solid choice for those of use looking for a obsidian-like replacement. Personally tried all editors out there, but nothing is able to defeat my love for obsidian. However, i look forwards to trying out Haptic when it comes to Linux. Currently it only supports Web and Mac. But state Linux and Windows support is on-the-way.

Kudos to selfh.st that provides consistent updates within this community and who shared this among other cool projects this week -> https://selfh.st/newsletter/2024-09-06/?ref=this-week-in-self-hosted-newsletter

20
 
 

Hi there self-hosted community.

I hope it's not out of line to cross post this type of question, but I thought that people here might also have some unique advice on this topic. I'm not sure if cross posting immediately after the first post is against lemmy-ediquet or not.

cross-posted from: https://lemmy.zip/post/22291879

I was curious if anyone has any advice on the following:

I have a home server that is always accessed by my main computer for various reasons. I would love to make it so that my locally hosted Gitea could run actions to build local forks of certain applications, and then, on success, trigger Flatpak to build my local fork(s) of certain programs once a month and host those applications (for local use only) on my home server for other computers on my home network to install. I'm thinking mostly like development branches of certain applications, experimental applications, and miscellaneous GUI applications that I've made but infrequently update and want a runnable instance available in case I redo it.

Anybody have any advice or ideas on how to achieve this? Is there a way to make a flatpak repository via a docker image that tries to build certain flatpak repositories on request via a local network? Additionally, if that isn't a known thing, does anyone have any experience hosting flatpak repositories on a local-network server? Or is there a good reason to not do this?

21
 
 

Hi!

I have setup ScanServJS which is an awesome web page that access your scanner and let you scan and download the scanned pages from your self hosted web server. I have the scanner configured via sane locally on the server and now I can scan via web from whatever device (phone, laptop, tablet, whatever) with the same consistent web interface for everyone. No need to configure drivers anywhere else.

I want to do the same with printing. On my server, the printer is already configured using CUPS, and I can print from Linux laptops via shared cups printer. But that require a setup anyway, and while I could make it work for phones and tablets, I want to avoid that

I would like to setup a nice web page, like for the scanner, where the users no matter the device they use, can upload files and print them. Without installing nor configuring anything on their devices.

Is there anything that I can self-host to this end?

22
 
 

Looking for recommendations for a versatile USB stick with Ventoy. I'm trying to create the "perfect, all-in-all" USB stick using Ventoy to store various ISOs and rescue tools. So far, I have the following ISOs:

  • Arch
  • OpenSuse TW
  • NixOS
  • Bazzite + AuroraDX
  • Win10 ISO
  • Clonezilla

I'm looking for suggestions on additional ISOs or tools that are compatible with Ventoy. What do you recommend adding to make my USB stick to make it more useful?

23
 
 

So, I'm selfhosting immich, the issue is we tend to take a lot of pictures of the same scene/thing to later pick the best, and well, we can have 5~10 photos which are basically duplicates but not quite.
Some duplicate finding programs put those images at 95% or more similarity.

I'm wondering if there's any way, probably at file system level, for the same images to be compressed together.
Maybe deduplication?
Have any of you guys handled a similar situation?

24
 
 

So we're starting a general contractor company and i I'm wondering if anyone else did that and had general advice? Its with someone else that is not really technology savy.

Currently we're using:

  • WordPress for website
  • OpenProject for project related task
  • InvoiceNinja for invoice purposes

Any advice and comments would be appreciated!

25
 
 

I've been playing around with self hosting for file sharing, backups, and a handful of other ideas I might one day get round to. I like the idea of a mesh VPN and being able to, for example, connect a travelling laptop to a 'host' laptop nearby, though my only public ip is a VPS in another country.

Of all the options I found, I liked the look of Nebula most. Fiddly in some places, but it's working nicely for me, and I appreciate some of the simplicity of design.

I'm wondering if people here have much experience of it, though? My biggest concern is over its future. With,

  1. The Defined Networking site focusing on making money off it, and
  2. The Android app doesn't allow full configuration (including the firewall, so I can't host a website from a phone) but - I heard - does if you use Defined Networking's paid service for configuration,

makes me worry they might be essentially trying to deprecate viable FOSS Nebula in favour of a paid or controlled service.

Any thoughts? Insight?

view more: next ›