1
118

As a review, I want to highlight the constructive feedback:

  • Overwhelming majority support some kind of tagging to identify AI projects and discussions
  • A small portion have mentioned a preference for a "Not AI" tag, specifically for project promo posts to make it an active choice
  • Too many tags would make it too complicated
  • A tag for AI topics as well as a tag for AI projects would be helpful
  • A variation of [AI] is preferred by folks who commented on tag naming
  • A tag is not enough, how they used AI is important
  • A tagged post should not have drive-by comments that don't add to the conversation

For those who want "no AI ever", that isn't really possible. I'd recommend starting a new community, as so many critical pieces use AI in some capacity (linux, openssl, mariadb, curl, node, go, etc) that it would be a very different, hyper-specific community.


My recommendation based on what was said:

  • Three tags:
    • [CBH] - Code By Human - A promo post with a project that did not use AI in any capacity.
    • [AIP] - AI Project - A promo post with a project that used AI in development in any capacity. Disclosure is required for how it was used.
    • [AIT] - AI Topic - A discussion topic that includes AI. This is for items like "I want to customize a model to evaluate fish happiness based on CV captures" or "I'm having trouble configuring this MCP"

Posts that are not promotional and do not involve AI would not require a tag.

All promo posts would require a tag, making it an active decision to put [CBH] or [AIP], and would become kind of an extension of rule 7.

For [AIP], there would be a disclosure followup. I'm thinking something akin to the candor.md/ai-declaration.md approach, and this structure is based on that. The poster would need to identify which part of the process used AI:

  • Design - architecture, system design
  • Implementation - production code
  • Testing - writing tests, test plans, and QA.
  • Documentation - Docs, comments, readmes, changelogs
  • Review - Code review and pull request feedback
  • Deployment - CI/CD configuration.

And then the level (human only elements can be skipped):

  • Hint - AI suggested solution, human does the task.
  • Assisted - AI acts on part of a task, but a human handled the bulk.
  • Pair - About a 50/50 split of human made and generated.
  • Generated - a human prompted, the llm generated. (I see no substantial differentiation between Copilot and auto from ai-declaration.md for our use case, so I renamed to 'generated')

The requirement would be to call out only the parts which used AI, and the level of AI involvement for that process. So lets say there was an post tagged [AIP], and lets also assume there was a working automod to make this comment:


It looks like you've posted a project with the [AIP] tag.

Please reply to this comment with your AI Disclosure as described in the [AI RULES POST] (this will be a link), required for all [AIP] posts.

Identify which parts of the process involved AI (Design, Implementation, Testing, Documentation, Review, Deployment) and the level of AI involvement (hint, assist, pair, generated). See the [AI RULES POST] for details. Additional notes on use are welcomed if you'd like to provide them.


The [AI Rules Post] would contain the details above, just like the expanded rules post/explanations.

Failure to provide a disclosure after using the tag would mean removing the post. It could be locked, but I would have to assume the majority of the spam-type postings that happened to make it past the rule 7 criteria are the ones who will not provide the requested disclosure. I think it makes for a good filter this way, but please comment if you think otherwise.

In terms of timing, I'd say an hour should be more than enough time to provide a reply. If there isn't one, then the post should be reported so it could be removed. Removals, as always, will be by a person, so they will be at some point after the hour limit.

I'll likely make a crappy little bot in python to handle the tag check, check post_id to make sure it hasn't already replied (this way if it gets edited in it will still comment) specifically for the [AIP] tag only. It won't do a single thing otherwise. If you know of an existing (and good) bot for this, please share, or be subjected to the roughly 50 lines of code I wrote this morning. If I do use mine, I'll put it up on codeberg so everyone can see exactly what its doing.... and then get mad and tell me there is a better way.

Speaking of, I've made a repo for /c/selfhosted, currently with just the detailed rules post. I'll put other information there later, such as the AI rules post, the comment bot (if applicable), etc. This will also go into the sidebar once I've had time to update the README and other details.

Please respond with your questions, comments, and criticisms

2
378
submitted 3 years ago* (last edited 3 years ago) by devve@lemmy.world to c/selfhosted@lemmy.world

Hello everyone! Mods here 😊

Tell us, what services do you selfhost? Extra points for selfhosted hardware infrastructure.

Feel free to take it as a chance to present yourself to the community!

🦎

3
66

Enjoying the simplicity of a single tab setup!

4
21
sneakerweb (sneakerweb.org)

A parallel web updated through physical media.

5
20

Converted my daily driver to my vm/docker host. I assumed all my images would be included in timeshift's snapshots, but... nope!

Fortunately I figured it out before I needed it. was testing my backups as part of prep for wiping everything and going to headless debian, found libvirt was missing.

6
34

I have an old Xbox One X (the 1tb model) that I would love to turn into a Linux box to do self hosting. While I do my best to find tutorials online for installing Linux, I was hoping I could pick y’all’s brains on your experiences for upgrading:

  1. Best hard drives to use (internal and/or USB3)?
  2. Can the RAM be upgraded?
  3. Can the Bluray be replaced with a hard drive?
  4. Anything else I’m missing and don’t know to ask about?

Thanks!

7
52

Hi everyone,

I'm happy to share that Portabase now supports Docker volume backup and restore!

Portabase is an open-source, self-hosted backup and restore platform, currently supporting 9 databases including PostgreSQL, MariaDB, MongoDB, Redis, and more.

We’re now expanding it to cover Docker volumes too, because many self-hosted apps do not store critical data only in databases.

Typical use cases include WordPress uploads, Nextcloud user files, media libraries, app configuration data, and more generally any self-hosted service where critical data lives in Docker volumes.

The goal is still the same: make backup and restore simple, reliable, and easy to operate. Portabase uses a central server with lightweight agents running close to your workloads.

If you find bugs, please open an issue on GitHub, we’re actively looking for feedback.

Thanks!

8
90
Immich vs Ente ? (lemmy.world)
submitted 1 day ago* (last edited 1 day ago) by warmaster@lemmy.world to c/selfhosted@lemmy.world

Chosing the right photo app for my family

So, Immich vs Ente, this is my last piece of the selfhosted puzzle. Please help me make an informed decision:

Immich

on the plus side, it seems to have more features and it has a gazillion integrations with other selfhosted software. Downside: breaking changes are fairly common AFAIK.

Ente

looks like the opposite, more mature, scoped and less integrated.

Am I reading this right? Am I missing something?

Edit: Thanks everyone, I'm going with immich!

9
218
submitted 1 day ago* (last edited 1 day ago) by Vegan_Joe@anarchist.nexus to c/selfhosted@lemmy.world

I have docker installed, but only have a vague idea of how it works.

Back in the day, I would just port forward, but even then, I would need a static IP somehow.

I have heard a reverse proxy is an option, but that is an entirely new topic to me.

Surely there is an easy way to access Jellyfin outside of my home network that I'm just missing.

*Edit: I am blown away by all the help and support! I currently have tailscale running, and I'm in the process of purchasing a domain.

Thanks everyone!

10
58

I have a VPS that I secure as much as possible since the IP is public, but does a wireguard-access-only homelab warrant the same efforts? Those with homelabs like this, what do you do?

11
30

I'm a software developer working in the telecam sector on security related products, so I know a fair bit about system security. Yet I wound secure my own system far less than most people here if I didn't enjoy cybersecurity as a hobby.

I wonder what you are securing against? Some examples:

  • jellyfin: unless you have home videos on there, what does it matter if someone exfiltrates some movies? Surely you have basic DOS protection and/or region locking to reduce wasted network traffic, right?
  • linux: I assume nobody is using their servers as daily drive PCs, so what does it matter if somehow your system is superficially compromised. You can always reimage. Sure they could mine some bitcoin with your system, but it doesn't have that much PSU headroom to cost you much on your bills, right?

It just seems like most attack vectors lead to mild annoyance at most for most systems.

Do you guys just enjoy cybersecurity? Do you actually keep sensitive data on your self hosted systems? Do you self-host on expensive hardware? What am I missing?

12
127
submitted 1 day ago* (last edited 1 day ago) by danielgraf@discuss.tchncs.de to c/selfhosted@lemmy.world

"Reitti" (Finnish for "route" or "path") is a self-hosted, personal location tracking and analysis platform. It is designed from the ground up with a privacy-first philosophy: all your data remains under your absolute control, stored exclusively on your own infrastructure. You own the database, you own your history, and you own your memories.

I am proud to announce that reitti v5.0.0 is officially live. This release marks a major milestone, evolving the platform into a comprehensive, customizable personal location diary.

I have packed this release with highly-requested features designed to give you full control over your data:

  • Custom Map Styles: Break free from standard map defaults. Upload your own styles, use hosted vector JSONs, or configure your own raster templates.

  • The Workbench: You can now aggregate data from multiple devices under a single account. Use the Workbench to stitch your timelines together and manually edit or clean up individual coordinate points.

  • Contextual Diary: Enrich your trips and visits with custom tags, moods, and Markdown notes to turn your location history into a living diary.

Global Accessibility

A massive thank you to our community of translators. Thanks to their hard work, reitti is now more accessible than ever, with support added for Portuguese, Chinese (Traditional), and Korean.

A Commitment to Sustainability

Starting with v5.0.0, reitti is transitioning to the AGPL-3.0 license.

Open-source sustainability matters. As the project grows, I want to permanently protect the hard work of our contributors and keep reitti open for the community. The AGPL-3.0 ensures that any improvements made to reitti must be shared back with the community under the same open-source terms. To keep our contributor power strong, no Contributor License Agreement (CLA) is required; the intellectual property remains entirely with the individuals who authored the code, keeping the project truly community-owned.

Development Transparency

I use AI as a development tool to accelerate certain aspects of the coding process, but all code is carefully reviewed, tested, and intentionally designed. AI helps with boilerplate generation and problem-solving, but the underlying architecture, logic, and quality standards remain entirely human-driven.

Getting Started

To simplify your deployment, I’ve taken inspiration from the excellent release practices of the Immich project. You will now find the docker-compose.yml file attached directly to the GitHub release notes to help you get up and running quickly.

Important: This is a major release with deep structural adjustments. Please read the v5.0 Upgrade Guide before deploying, as a database migration is required.

Community & Support

I am dedicated to keeping this project community-first. Everyone is encouraged to spread the word about this release on any platform they have access to.

Thank you all for being part of this journey. Happy tracking!

— Daniel

Full Changelog: https://github.com/dedicatedcode/reitti/compare/v4.0.5...v5.0.0

13
29

Hey, folks! I had begun configuring VLANs recently, and I've got two managed switches between my firewall and my mini PC. I set up a 10 VLAN on the third octet with a /24 mask, and the idea is that anything on 10 should be able to reach the internet but not VLAN 1, while VLAN 1 should be able to access the internet and VLAN 10 services. I'm not so crazy as to try to start with that configuration though. No ports or anything are exposed yet, so my first test was just going to be full access between networks. I maybe counted my initial configuration as a success too soon, because with the mini PC on the 10 network, I can reach the gateway at 192.168.10.1 but nothing else. I can even access the OPNsense config page at the 10 gateway address. If I ping 192.168.1.1, I get "Network is unreachable". If I ping www.google.com, I get "Temporary failure in name resolution", and I also can't pull up sites like YouTube. And again, this is all with a VLAN rule that I believed to be configured to allow all traffic, as it mimics what's set up for my default LAN interface. Pinging the mini PC from the 1 VLAN also fails; it just sort of times out with 100% packet loss, so perhaps the default rule is less permissive than I thought, but it does say it allows all.

I've been following beginner guides from the Home Network Guy (a name that makes this stuff sound more approachable than how he actually presents it), but even with a video that's not even 3 years old, pieces of OPNsense have been deprecated and replaced with new components such that I can't follow along verbatim. For instance, it was an ordeal to get DHCP working now that the one he used has been replaced with Dnsmasque DNS and DHCP, and I can't even tell you what I changed that eventually got it working, but my first couple of tries did not. In one of those videos I've been following, he indicates that the default rule on the LAN interface will allow full access between all networks, but that doesn't seem to be the case, as the same settings on the other VLAN aren't allowing them to talk to one another.

Obviously, I don't intend to leave full access between the networks when it's time to go live, but this simple smoke test shows that there's a gap in my understanding if I can't get what should be the easiest test to work. Does anyone know what I'm missing or what I should do to troubleshoot from here?

14
56
submitted 1 day ago* (last edited 1 day ago) by OpenAltFinder@lemmy.world to c/selfhosted@lemmy.world

I just noticed that tvtime.com is being shut down on July 15th.

Are there any good open source alternatives? So far I know about

TV Time alternatives

15
21
submitted 1 day ago by xana@lemmy.zip to c/selfhosted@lemmy.world

Hello fellow TCP users,

I am moving my homelab from Docker to Kubernetes (because I have nothing to do with my homelab anymore) and I am having an issue with services that need to be accessible both within the cluster and from the outside world on the same hostname.

For an example, supposedly you have two pods: A and B which are accessible via the Gateway with hostname a.example.com and b.example.com respectively. Pod A also need to contact Pod B so there are two ways to do this:

  • Via b.example.com. This works but in this case, the traffic will go from pod A -> the boarder internet -> the loadbalancer -> the gateway -> pod B which is not very optimal.
  • Via b.default.svc.cluster.local. This also works but in this case you lose:

In Docker case, I can just set the alias of my reverse-proxy container to b.example.com and it is done. I am wondering is there anything I can do to get the traffic goes from pod A -> the gateway -> pod B in Kubernetes. Also is this a common issue or not because I don't see a lot of articles about this issue on the internet :/

Thank you very much!

16
64

For my Masters thesis project, I'm required to keep a blog documenting my progress, and being the open source/self hosting guy that I am, I decided to host my own WriteFreely instance on my VPS.

The problem is, WriteFreely doesn't support direct image uploads, only embeds. I'd of course like to self host my images for the blog too, so I'm in need of a really lightweight image hosting solution. Things like Immich or Nextcloud are far too much for what I need, I basically just need a password-protected upload interface and the ability to grab the direct links to the images to embed them. I don't need analytics or account management or anything like that.

I know I could transfer images to my server directly via scp or rsync or ftp and host them behind nginx directly, but that's a faff and I'd rather just deploy a container once and be done with it.

Does anyone have any recommendations?

17
41

Hi, I have a hypothetical question that is probably going to sound very dumb once someone shows me a very simple workaround :

In this situation : there is a properly setup server in house A with a running jellyfin/immich server, and there's a second server in house B for homeassistant.

Is there a way I can use server B to remotely connect to server A to access JF and Immich and stream it via HDMI a TV in house B ?

Thank you in advance

18
17

I'm big on retro tech (which, sadly, is becoming code for credit bills in a trenchcoat; why did I give all that good shit away :( ) and occasionally think "damn, I should try to get an old C64 or Amiga, specc it up and use it as a daily driver".

Then I got to wondering "do folks still use retro PCs to self host cool stuff?"

So, do folks here still use retro computers for self-hosting- either actually hosting services on the old hardware, or self-hosting lightweight tools specifically for use from vintage machines?

19
12
submitted 2 days ago* (last edited 2 days ago) by osanna@lemmy.vg to c/selfhosted@lemmy.world

Hello :)

I am trying to set up an encrypted gdrive connection in rclone.

For some reason, it won't upload to gdrive when I use the crypt remote, but it works fine when i use just the gdrive remote.

When I use the crypt remote, it simply created a folder called the gdrive remote name, then uploads everything encrypted to there with a directory called whatever remote name i use for the remote crypt. I'm probably not explaining very well.

/media/drive/drive/docs$ ll

total 19112

drwxrwxr-x 30 osanna osanna    4096 Jul  5 05:37  ./

drwxrwxr-x  3 osanna osanna  4096 Jul  5 05:33  ../

-rw-rw-r--  1 osanna osanna 123794 Jul  4 22:19  106.nClDs-5357-30-32_45.78.43-DpCGpC.EIE

-rw-rw-r--  1 osanna osanna   596291 Jul  5 01:17  11.HE.DKCruHI

-rw-rw-r--  1 osanna osanna  176385 Jul  5 01:17 '120.ozRRVNQCR BNOX.JCAW'

-rw-rw-r--  1 osanna osanna    11444 Jul  5 01:44 '14.nGMBMExw 2.HwL'

-rw-rw-r--  1 osanna osanna   182000 Jul  5 01:17  157.bmEEIADpE.wpnJ

-rw-rw-r--  1 osanna osanna   94588 Jul  4 14:37  163.827663.HFy

-rw-rw-r--  1 osanna osanna     8612 Jul  5 01:13  178.rmAA.FtAF

my rclone.config:

[drive]

type = drive

token = {"access_token":"[redacted]","token_type":"Bearer","refresh_token":"[redacted[,"expiry":"2026-07-05T06:26:08.783447+08:00","expires_in":3599}

team_drive = 

[drivecrypt]

type = crypt

remote = drive

password = [redacted]

filename_encryption = obfuscate

directory_name_encryption = false

The command I'm using is this:

/media/drive$ rclone copy files drivecrypt:docs/

Anyone got any idea? I'm losing my mind here.

TIA :)

20
32
submitted 3 days ago* (last edited 3 days ago) by doctorflynt@feddit.org to c/selfhosted@lemmy.world

I‘ve got 2 Machines with Proxmox on both installed. One hosts my data and media and runs Services like Jellyfin, NAS,… The other one is a Mini-PC that hosts my Services like Adguard, Home Assistant,…

Whats the best way to Backup the data and configs of those 2 machines? Installing Proxmox Backup Server on each and store the Backups on a seperate HDD? Or would it be better if a move all the services to a single machine and use the second only for backups?

thank you!

21
91
22
384
23
46

Language warning.

Documented my journey backing up my Oracle Cloud server. With their latest changes to always free, I don’t think my instance will last very long. This isn’t a tutorial, there are probably many much better ways to do this.

24
78

Hey everyone! Just signed up on Lemmy. I've been running self-hosted services for a while now and looking forward to learning from this community. Glad to be here.

25
122

Hi everyone

Thanks for all the advice on buying a domain. Its a big week for me. Getting on grapheneos, buying a domain, and I also recently started self hosting my contacts and calendar. I love this way of life.

My original plan was to one of the xyz 1.1111b domains for $1 a year but most of the feedback I got said just go with cloudflare. Its a lot more money than I had planned but all the security features are baked in and I feel that's worth the extra money.

Here are my questions. I use the latest version of truenas community

  1. How do I connect my domain to my server apps? I've got a series of apps I'd love to he able to access without tailscale and solely use the domain.
  2. I have heard the term DNS a million times but don't really understand it. What do.I need to know about DNS to keep security up and stay protected
  3. I'd like to let family access my media server, are there any considerations I need to make?
  4. How can I use one domain to access multiple services on my server? Do I need to pay extra for subdomains?

Thank you for any advice

view more: next ›

Selfhosted

60482 readers
592 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS