1
378
submitted 3 years ago* (last edited 3 years ago) by devve@lemmy.world to c/selfhosted@lemmy.world

Hello everyone! Mods here 😊

Tell us, what services do you selfhost? Extra points for selfhosted hardware infrastructure.

Feel free to take it as a chance to present yourself to the community!

🦎

2
18
submitted 2 hours ago* (last edited 2 hours ago) by Yesbutnotreally@lemmy.world to c/selfhosted@lemmy.world

Hey selfhosters.

I have a question about starting self hosting; I have run Jellyfin on an old MacBook for a bit and wanna dip more than a toe into the self host pool. Are there any guides out there you’d recommend for actual, complete beginners who knows nothing but wants to learn?

I’ve searched a lot but it feels like they’re pretty advanced for beginners. Is it just a really sharp learning curve to this, or am I not finding the good ones?

Edit: To clarify what level I’m really, truly at: I run the Jellyfin server on regular macOS and have an external 5TB drive connected via usb. That’s it.

3
32

I'm looking for help deciding, or maybe with info I haven't found on my own and or experience you have with these drives.

I'm finally pulling the trigger on a drive (more in the future, for now I still have a few smaller ones on my desktop for backup) specifically for use on my home server, so far I've been doing fine with my 2.5' hdd but besides running tight on space, I want a more reliable drive.

I've been researching and looking up options within my budget, payment methods and such and ended up with two options, both WD (the options I've found on seagate are a bit more expensive):

  • WD80EFPX WD red plus 8TB (in three different stores at similar enough prices, not sure if that's relevant here)
  • WD120EFGX WD red plus 12 TB, not too much more expensive Note that I've skipped 10 TB reds because I've read those have a couple problems like being abnormally noisy and unreliable

As far as I could find out, it seems this 12 TB option is a bit louder (I'm not sure if 30 vs 24 dB is too much, but idk really) and a bit slower data throughput (despite spinning the platters faster, or at least saying so in the specs), but I couldn't find anything about them being particularly unreliable (though I'm new to buying drives for reliability, unfortunately, timing-wise). I do want more storage (who doesn't?), but I'd rather focusing on reliability between these options.

While I don't exactly intend to run RAID, I ended up choosing nas drives for the 24/7 intended usage, I don't think it'll make much difference but I rather the peace of mind, my use is immich for photos (hence the reliability), jellyfin for a small selection of stuff (which doesn't require that much performance as far as I can tell) and a few small services that will mostly live on the ssd (and general NAS usage too, no need for much performance). Similarly big drives for regular use aren't that much cheaper anyways (between the options I have available and accounting for the reliability thing) but will still value your input on the topic, I'm still open to just looking for regular drives if it turns out I'm wrong about that.

Quick note on the topic of noise: I have my home server in the same space as my desktop and the noise of my desktop is already a bit much, It's fine but it's not far from being annoying, Can't hear anything from the server and hope it won't change much after the new drives (I'll focus on making my desktop quieter in the future).

Only other similarly dense (and priced) drives I've found are Seagate IronWolf ST8000VN004 8TB, Seagate Barracuda 8TB ST8000DM004 and then a bunch of surveilance drives which I've read again and again aren't worth getting for NAS or homelab usage.

Hope this is not too far from the topic of selfhosting since it's mostly about storage (for use in a home server).

As you can see, being succinct is not my specialty, sorry for the long post.

4
33

Hello everyone

Last week I bought a domain with the intention of connecting it to my NAS so I can access my apps over the internet without tailscale (plus give access to a few family members on jellyfin). I did it through clourflare.

I was very naïve but I had no ideal of the sheer amount of learning it would require to achieve the things I'm looking to do (just basic access with some additional authentication). So far I've managed to publish my immich server (behind a authentication screen) but largely still very confused about how its actually working. And very confused about setting up external auth and using reverse proxy. Honestly feeling quite defeated.

I've posted here in the selfhosted Lemmy and you guys have been really helpful but I think I could really benefit from someone showing me and explaining how it works. I have already learnt a lot from last week but the more I learn the more questions I have.

I've taught myself home networking, I knew nothing about it before I built a NAS, but with this I just want to be sure I'm doing it right.

I can pay you. Not heaps but hopefully enough for 20-30 minutes of your time. Not trying to rip anyone off here haha

Thanks for all your continued advice on this

5
15

So I've been self-hosting for a few years now...got a decent setup...

But I only really got into docker-compose in the last few months... I mean, I've used it through the "Apps" in TureNAS, but never directly....

I ran a mastodon host on a VM (giant pain in the ass) and a few other things that weren't available as apps, but never mainstream...

Once I got into it, I managed to get everything moved over to truenas as docker containers..

Last week it saved my ass...the AC in the house failed..and I was able to shut down everything save the Truenas (with a fan pointed at the front of the server) and keep everything up and running throughout..

So it's been helpful to know, and an awesome learning experience. (I'm happiest when I'm learning new things)

My question is this...

How do you back them up? I mean, I have snapshot backups of my docker-volume ZFS dataset, and replicate that to a remote host...but I'm not even sure I'd know how to recover it if I had to...is it just a file copy and restart?

6
652

This is why you should not install any of the vibe coded apps that get advertised in here regularly. You're just creating a liability for yourself.

7
93

The summer and its rabid heat is here and i still have a lot of lawn that hasnt been replaced by gardens yet (work in progress) and grows super fast

Im trying to get better and decouple myself from cloud services, but my searches for what robotic lawn mowers are self hostable/dont require wan isnt giving me confidence

I might just deal with the heat and get a push mower and deal with it, but if anyone has experience with a good local-only robotic lawn mower, or which ones to avoid - id love to hear it

8
52

SbTEwwlrjN5y7jq.webp

How Authelia Performs Multi-Factor Authentication

Authelia sits between your reverse proxy and the apps behind it, intercepting requests and performing auth checks before forwarding traffic, giving you true MFA that can be integrated with something like Google Authenticator, or Yubikey/Titan key, etc...

Stop exposing unsecured apps. Learn how to deploy Authelia in Docker with a KeyDB backend and SWAG to enforce centralized Multi-Factor Authentication.

Setting up Authelia can be a bit intensive at first, but very worth the payoff / time and effort!

Disclaimers: I'm the author & run this exact setup, in production for myself. It's a "battle tested" setup, which has been in use for a few years now. Written & verified by a human! The header image is a composite of my Authelia MFA token page & AI generated infographic. NO ADS or affiliate marketing on page!

Happy to chat in the comments!

9
72

Comments are disabled, to start a discussion with the community about this post or the rules in general, please make a meta post. Please stick to one specific item to address as your post to keep discussions on topic.

Due to the large number of AI-involved projects, posts oriented towards AI use on a self-hosted system, and the widely varied sentiment around AI usage, an additional rule has been created to manage them.

If your post is about AI or is a project promotion post, please read here first. If you are not posting about AI or making a project promotion post, you don't need to read further.

If a post has tagged with an AI tag, low effort comments regarding their use will be removed.

Post Tagging

There are three types of tags for project promotional / AI posts.

  • [CBH] - Code By Human - A project promotional post with a project that did not use AI in any capacity. No disclosure necessary.
  • [AIP] - AI Project - A project promotional post with a project that used AI in development in any capacity. Disclosure is required for how it was used.
  • [AIT] - AI Topic - A discussion topic that includes AI. This may be for a discussion on hardware to self-host on, llama.cpp vs ollama, your experience using vulkan, etc.

[AIP] - AI Project Disclosure Requirements

Declaration structure is a modified version of ai-declaration.md. If you are promoting a project where AI was used in any capacity in the creation of the project, you will need to provide the details of its use. If you already have an ai-declaration.md or similar disclosure in your repository, you may link directly to it. If you do not, use the following structure:

Declare what aspect of the project used AI. You only need to provide the categories where AI was used:

  • Design - architecture, system design
  • Implementation - production code
  • Testing - writing tests, test plans, and QA.
  • Documentation - Docs, comments, README, change logs
  • Review - Code review and pull request feedback
  • Deployment - CI/CD configuration.

Then state the level of AI involvement for each category listed:

  • Hint - AI suggested solution, human does the task.
  • Assisted - AI acts on part of a task, but a human handled the bulk.
  • Pair - About a 50/50 split of human made and generated.
  • Generated - Human prompted, AI generated.

If you have used the [AIP] tag without a disclosure, a comment will request it. Please note that failing to provide the disclosure will mean the removal of your post.

For any questions, please send a message for clarification.

10
213

Enjoying the simplicity of a single tab setup!

11
41
sneakerweb (sneakerweb.org)
submitted 2 days ago* (last edited 14 hours ago) by 0x1C3B00DA@piefed.social to c/selfhosted@lemmy.world

A parallel web updated through physical media.

EDIT: lobsters thread has some good discussion

12
43
submitted 2 days ago* (last edited 1 day ago) by BonkTheAnnoyed@piefed.blahaj.zone to c/selfhosted@lemmy.world

Converted my daily driver to my vm/docker host. I assumed all my images would be included in timeshift's snapshots, but... nope!

Fortunately I figured it out before I needed it. was testing my backups as part of prep for wiping everything and going to headless debian, found libvirt was missing.

Edit: Added rsync tag to reflect the comments section, which really deserves its own thread.

13
12

I have noticed it's not uncommon for there to be quite a few posts around self hosting security, especially with any services that would be public facing. I was thinking security is (or should be) a core component of self hosting and was wondering if it would be worth a resource wiki would be beneficial on the sidebar under resources? At least for some 101 security guides/resources

14
42

I have an old Xbox One X (the 1tb model) that I would love to turn into a Linux box to do self hosting. While I do my best to find tutorials online for installing Linux, I was hoping I could pick y’all’s brains on your experiences for upgrading:

  1. Best hard drives to use (internal and/or USB3)?
  2. Can the RAM be upgraded?
  3. Can the Bluray be replaced with a hard drive?
  4. Anything else I’m missing and don’t know to ask about?

Thanks!

15
57

Hi everyone,

I'm happy to share that Portabase now supports Docker volume backup and restore!

Portabase is an open-source, self-hosted backup and restore platform, currently supporting 9 databases including PostgreSQL, MariaDB, MongoDB, Redis, and more.

We’re now expanding it to cover Docker volumes too, because many self-hosted apps do not store critical data only in databases.

Typical use cases include WordPress uploads, Nextcloud user files, media libraries, app configuration data, and more generally any self-hosted service where critical data lives in Docker volumes.

The goal is still the same: make backup and restore simple, reliable, and easy to operate. Portabase uses a central server with lightweight agents running close to your workloads.

If you find bugs, please open an issue on GitHub, we’re actively looking for feedback.

Thanks!

16
100
Immich vs Ente ? (lemmy.world)
submitted 3 days ago* (last edited 3 days ago) by warmaster@lemmy.world to c/selfhosted@lemmy.world

Chosing the right photo app for my family

So, Immich vs Ente, this is my last piece of the selfhosted puzzle. Please help me make an informed decision:

Immich

on the plus side, it seems to have more features and it has a gazillion integrations with other selfhosted software. Downside: breaking changes are fairly common AFAIK.

Ente

looks like the opposite, more mature, scoped and less integrated.

Am I reading this right? Am I missing something?

Edit: Thanks everyone, I'm going with immich!

17
230
submitted 3 days ago* (last edited 3 days ago) by Vegan_Joe@anarchist.nexus to c/selfhosted@lemmy.world

I have docker installed, but only have a vague idea of how it works.

Back in the day, I would just port forward, but even then, I would need a static IP somehow.

I have heard a reverse proxy is an option, but that is an entirely new topic to me.

Surely there is an easy way to access Jellyfin outside of my home network that I'm just missing.

*Edit: I am blown away by all the help and support! I currently have tailscale running, and I'm in the process of purchasing a domain.

Thanks everyone!

18
66

I have a VPS that I secure as much as possible since the IP is public, but does a wireguard-access-only homelab warrant the same efforts? Those with homelabs like this, what do you do?

19
133
submitted 3 days ago* (last edited 3 days ago) by danielgraf@discuss.tchncs.de to c/selfhosted@lemmy.world

"Reitti" (Finnish for "route" or "path") is a self-hosted, personal location tracking and analysis platform. It is designed from the ground up with a privacy-first philosophy: all your data remains under your absolute control, stored exclusively on your own infrastructure. You own the database, you own your history, and you own your memories.

I am proud to announce that reitti v5.0.0 is officially live. This release marks a major milestone, evolving the platform into a comprehensive, customizable personal location diary.

I have packed this release with highly-requested features designed to give you full control over your data:

  • Custom Map Styles: Break free from standard map defaults. Upload your own styles, use hosted vector JSONs, or configure your own raster templates.

  • The Workbench: You can now aggregate data from multiple devices under a single account. Use the Workbench to stitch your timelines together and manually edit or clean up individual coordinate points.

  • Contextual Diary: Enrich your trips and visits with custom tags, moods, and Markdown notes to turn your location history into a living diary.

Global Accessibility

A massive thank you to our community of translators. Thanks to their hard work, reitti is now more accessible than ever, with support added for Portuguese, Chinese (Traditional), and Korean.

A Commitment to Sustainability

Starting with v5.0.0, reitti is transitioning to the AGPL-3.0 license.

Open-source sustainability matters. As the project grows, I want to permanently protect the hard work of our contributors and keep reitti open for the community. The AGPL-3.0 ensures that any improvements made to reitti must be shared back with the community under the same open-source terms. To keep our contributor power strong, no Contributor License Agreement (CLA) is required; the intellectual property remains entirely with the individuals who authored the code, keeping the project truly community-owned.

Development Transparency

I use AI as a development tool to accelerate certain aspects of the coding process, but all code is carefully reviewed, tested, and intentionally designed. AI helps with boilerplate generation and problem-solving, but the underlying architecture, logic, and quality standards remain entirely human-driven.

Getting Started

To simplify your deployment, I’ve taken inspiration from the excellent release practices of the Immich project. You will now find the docker-compose.yml file attached directly to the GitHub release notes to help you get up and running quickly.

Important: This is a major release with deep structural adjustments. Please read the v5.0 Upgrade Guide before deploying, as a database migration is required.

Community & Support

I am dedicated to keeping this project community-first. Everyone is encouraged to spread the word about this release on any platform they have access to.

Thank you all for being part of this journey. Happy tracking!

— Daniel

Full Changelog: https://github.com/dedicatedcode/reitti/compare/v4.0.5...v5.0.0

20
31

I'm a software developer working in the telecam sector on security related products, so I know a fair bit about system security. Yet I wound secure my own system far less than most people here if I didn't enjoy cybersecurity as a hobby.

I wonder what you are securing against? Some examples:

  • jellyfin: unless you have home videos on there, what does it matter if someone exfiltrates some movies? Surely you have basic DOS protection and/or region locking to reduce wasted network traffic, right?
  • linux: I assume nobody is using their servers as daily drive PCs, so what does it matter if somehow your system is superficially compromised. You can always reimage. Sure they could mine some bitcoin with your system, but it doesn't have that much PSU headroom to cost you much on your bills, right?

It just seems like most attack vectors lead to mild annoyance at most for most systems.

Do you guys just enjoy cybersecurity? Do you actually keep sensitive data on your self hosted systems? Do you self-host on expensive hardware? What am I missing?

21
58
submitted 3 days ago* (last edited 3 days ago) by OpenAltFinder@lemmy.world to c/selfhosted@lemmy.world

I just noticed that tvtime.com is being shut down on July 15th.

Are there any good open source alternatives? So far I know about

TV Time alternatives

22
35

Hey, folks! I had begun configuring VLANs recently, and I've got two managed switches between my firewall and my mini PC. I set up a 10 VLAN on the third octet with a /24 mask, and the idea is that anything on 10 should be able to reach the internet but not VLAN 1, while VLAN 1 should be able to access the internet and VLAN 10 services. I'm not so crazy as to try to start with that configuration though. No ports or anything are exposed yet, so my first test was just going to be full access between networks. I maybe counted my initial configuration as a success too soon, because with the mini PC on the 10 network, I can reach the gateway at 192.168.10.1 but nothing else. I can even access the OPNsense config page at the 10 gateway address. If I ping 192.168.1.1, I get "Network is unreachable". If I ping www.google.com, I get "Temporary failure in name resolution", and I also can't pull up sites like YouTube. And again, this is all with a VLAN rule that I believed to be configured to allow all traffic, as it mimics what's set up for my default LAN interface. Pinging the mini PC from the 1 VLAN also fails; it just sort of times out with 100% packet loss, so perhaps the default rule is less permissive than I thought, but it does say it allows all.

I've been following beginner guides from the Home Network Guy (a name that makes this stuff sound more approachable than how he actually presents it), but even with a video that's not even 3 years old, pieces of OPNsense have been deprecated and replaced with new components such that I can't follow along verbatim. For instance, it was an ordeal to get DHCP working now that the one he used has been replaced with Dnsmasque DNS and DHCP, and I can't even tell you what I changed that eventually got it working, but my first couple of tries did not. In one of those videos I've been following, he indicates that the default rule on the LAN interface will allow full access between all networks, but that doesn't seem to be the case, as the same settings on the other VLAN aren't allowing them to talk to one another.

Obviously, I don't intend to leave full access between the networks when it's time to go live, but this simple smoke test shows that there's a gap in my understanding if I can't get what should be the easiest test to work. Does anyone know what I'm missing or what I should do to troubleshoot from here?

23
22
submitted 3 days ago by xana@lemmy.zip to c/selfhosted@lemmy.world

Hello fellow TCP users,

I am moving my homelab from Docker to Kubernetes (because I have nothing to do with my homelab anymore) and I am having an issue with services that need to be accessible both within the cluster and from the outside world on the same hostname.

For an example, supposedly you have two pods: A and B which are accessible via the Gateway with hostname a.example.com and b.example.com respectively. Pod A also need to contact Pod B so there are two ways to do this:

  • Via b.example.com. This works but in this case, the traffic will go from pod A -> the boarder internet -> the loadbalancer -> the gateway -> pod B which is not very optimal.
  • Via b.default.svc.cluster.local. This also works but in this case you lose:

In Docker case, I can just set the alias of my reverse-proxy container to b.example.com and it is done. I am wondering is there anything I can do to get the traffic goes from pod A -> the gateway -> pod B in Kubernetes. Also is this a common issue or not because I don't see a lot of articles about this issue on the internet :/

Thank you very much!

24
65

For my Masters thesis project, I'm required to keep a blog documenting my progress, and being the open source/self hosting guy that I am, I decided to host my own WriteFreely instance on my VPS.

The problem is, WriteFreely doesn't support direct image uploads, only embeds. I'd of course like to self host my images for the blog too, so I'm in need of a really lightweight image hosting solution. Things like Immich or Nextcloud are far too much for what I need, I basically just need a password-protected upload interface and the ability to grab the direct links to the images to embed them. I don't need analytics or account management or anything like that.

I know I could transfer images to my server directly via scp or rsync or ftp and host them behind nginx directly, but that's a faff and I'd rather just deploy a container once and be done with it.

Does anyone have any recommendations?

25
41

Hi, I have a hypothetical question that is probably going to sound very dumb once someone shows me a very simple workaround :

In this situation : there is a properly setup server in house A with a running jellyfin/immich server, and there's a second server in house B for homeassistant.

Is there a way I can use server B to remotely connect to server A to access JF and Immich and stream it via HDMI a TV in house B ?

Thank you in advance

view more: next ›

Selfhosted

60526 readers
930 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS