1
117

As a review, I want to highlight the constructive feedback:

  • Overwhelming majority support some kind of tagging to identify AI projects and discussions
  • A small portion have mentioned a preference for a "Not AI" tag, specifically for project promo posts to make it an active choice
  • Too many tags would make it too complicated
  • A tag for AI topics as well as a tag for AI projects would be helpful
  • A variation of [AI] is preferred by folks who commented on tag naming
  • A tag is not enough, how they used AI is important
  • A tagged post should not have drive-by comments that don't add to the conversation

For those who want "no AI ever", that isn't really possible. I'd recommend starting a new community, as so many critical pieces use AI in some capacity (linux, openssl, mariadb, curl, node, go, etc) that it would be a very different, hyper-specific community.


My recommendation based on what was said:

  • Three tags:
    • [CBH] - Code By Human - A promo post with a project that did not use AI in any capacity.
    • [AIP] - AI Project - A promo post with a project that used AI in development in any capacity. Disclosure is required for how it was used.
    • [AIT] - AI Topic - A discussion topic that includes AI. This is for items like "I want to customize a model to evaluate fish happiness based on CV captures" or "I'm having trouble configuring this MCP"

Posts that are not promotional and do not involve AI would not require a tag.

All promo posts would require a tag, making it an active decision to put [CBH] or [AIP], and would become kind of an extension of rule 7.

For [AIP], there would be a disclosure followup. I'm thinking something akin to the candor.md/ai-declaration.md approach, and this structure is based on that. The poster would need to identify which part of the process used AI:

  • Design - architecture, system design
  • Implementation - production code
  • Testing - writing tests, test plans, and QA.
  • Documentation - Docs, comments, readmes, changelogs
  • Review - Code review and pull request feedback
  • Deployment - CI/CD configuration.

And then the level (human only elements can be skipped):

  • Hint - AI suggested solution, human does the task.
  • Assisted - AI acts on part of a task, but a human handled the bulk.
  • Pair - About a 50/50 split of human made and generated.
  • Generated - a human prompted, the llm generated. (I see no substantial differentiation between Copilot and auto from ai-declaration.md for our use case, so I renamed to 'generated')

The requirement would be to call out only the parts which used AI, and the level of AI involvement for that process. So lets say there was an post tagged [AIP], and lets also assume there was a working automod to make this comment:


It looks like you've posted a project with the [AIP] tag.

Please reply to this comment with your AI Disclosure as described in the [AI RULES POST] (this will be a link), required for all [AIP] posts.

Identify which parts of the process involved AI (Design, Implementation, Testing, Documentation, Review, Deployment) and the level of AI involvement (hint, assist, pair, generated). See the [AI RULES POST] for details. Additional notes on use are welcomed if you'd like to provide them.


The [AI Rules Post] would contain the details above, just like the expanded rules post/explanations.

Failure to provide a disclosure after using the tag would mean removing the post. It could be locked, but I would have to assume the majority of the spam-type postings that happened to make it past the rule 7 criteria are the ones who will not provide the requested disclosure. I think it makes for a good filter this way, but please comment if you think otherwise.

In terms of timing, I'd say an hour should be more than enough time to provide a reply. If there isn't one, then the post should be reported so it could be removed. Removals, as always, will be by a person, so they will be at some point after the hour limit.

I'll likely make a crappy little bot in python to handle the tag check, check post_id to make sure it hasn't already replied (this way if it gets edited in it will still comment) specifically for the [AIP] tag only. It won't do a single thing otherwise. If you know of an existing (and good) bot for this, please share, or be subjected to the roughly 50 lines of code I wrote this morning. If I do use mine, I'll put it up on codeberg so everyone can see exactly what its doing.... and then get mad and tell me there is a better way.

Speaking of, I've made a repo for /c/selfhosted, currently with just the detailed rules post. I'll put other information there later, such as the AI rules post, the comment bot (if applicable), etc. This will also go into the sidebar once I've had time to update the README and other details.

Please respond with your questions, comments, and criticisms

2
378
submitted 3 years ago* (last edited 3 years ago) by devve@lemmy.world to c/selfhosted@lemmy.world

Hello everyone! Mods here 😊

Tell us, what services do you selfhost? Extra points for selfhosted hardware infrastructure.

Feel free to take it as a chance to present yourself to the community!

🦎

3
13

I have an old Xbox One X (the 1tb model) that I would love to turn into a Linux box to do self hosting. While I do my best to find tutorials online for installing Linux, I was hoping I could pick y’all’s brains on your experiences for upgrading:

  1. Best hard drives to use (internal and/or USB3)?
  2. Can the RAM be upgraded?
  3. Can the Bluray be replaced with a hard drive?
  4. Anything else I’m missing and don’t know to ask about?

Thanks!

4
41

Hi everyone,

I'm happy to share that Portabase now supports Docker volume backup and restore!

Portabase is an open-source, self-hosted backup and restore platform, currently supporting 9 databases including PostgreSQL, MariaDB, MongoDB, Redis, and more.

We’re now expanding it to cover Docker volumes too, because many self-hosted apps do not store critical data only in databases.

Typical use cases include WordPress uploads, Nextcloud user files, media libraries, app configuration data, and more generally any self-hosted service where critical data lives in Docker volumes.

The goal is still the same: make backup and restore simple, reliable, and easy to operate. Portabase uses a central server with lightweight agents running close to your workloads.

If you find bugs, please open an issue on GitHub, we’re actively looking for feedback.

Thanks!

5
68
Immich vs Ente ? (lemmy.world)
submitted 17 hours ago* (last edited 12 hours ago) by warmaster@lemmy.world to c/selfhosted@lemmy.world

Chosing the right photo app for my family

So, Immich vs Ente, this is my last piece of the selfhosted puzzle. Please help me make an informed decision:

Immich

on the plus side, it seems to have more features and it has a gazillion integrations with other selfhosted software. Downside: breaking changes are fairly common AFAIK.

Ente

looks like the opposite, more mature, scoped and less integrated.

Am I reading this right? Am I missing something?

Edit: Thanks everyone, I'm going with immich!

6
50

I have a VPS that I secure as much as possible since the IP is public, but does a wireguard-access-only homelab warrant the same efforts? Those with homelabs like this, what do you do?

7
191
submitted 1 day ago* (last edited 23 hours ago) by Vegan_Joe@anarchist.nexus to c/selfhosted@lemmy.world

I have docker installed, but only have a vague idea of how it works.

Back in the day, I would just port forward, but even then, I would need a static IP somehow.

I have heard a reverse proxy is an option, but that is an entirely new topic to me.

Surely there is an easy way to access Jellyfin outside of my home network that I'm just missing.

*Edit: I am blown away by all the help and support! I currently have tailscale running, and I'm in the process of purchasing a domain.

Thanks everyone!

8
27
submitted 19 hours ago by lambdabeta@lemmy.ca to c/selfhosted@lemmy.world

I'm a software developer working in the telecam sector on security related products, so I know a fair bit about system security. Yet I wound secure my own system far less than most people here if I didn't enjoy cybersecurity as a hobby.

I wonder what you are securing against? Some examples:

  • jellyfin: unless you have home videos on there, what does it matter if someone exfiltrates some movies? Surely you have basic DOS protection and/or region locking to reduce wasted network traffic, right?
  • linux: I assume nobody is using their servers as daily drive PCs, so what does it matter if somehow your system is superficially compromised. You can always reimage. Sure they could mine some bitcoin with your system, but it doesn't have that much PSU headroom to cost you much on your bills, right?

It just seems like most attack vectors lead to mild annoyance at most for most systems.

Do you guys just enjoy cybersecurity? Do you actually keep sensitive data on your self hosted systems? Do you self-host on expensive hardware? What am I missing?

9
124
submitted 1 day ago* (last edited 1 day ago) by danielgraf@discuss.tchncs.de to c/selfhosted@lemmy.world

"Reitti" (Finnish for "route" or "path") is a self-hosted, personal location tracking and analysis platform. It is designed from the ground up with a privacy-first philosophy: all your data remains under your absolute control, stored exclusively on your own infrastructure. You own the database, you own your history, and you own your memories.

I am proud to announce that reitti v5.0.0 is officially live. This release marks a major milestone, evolving the platform into a comprehensive, customizable personal location diary.

I have packed this release with highly-requested features designed to give you full control over your data:

  • Custom Map Styles: Break free from standard map defaults. Upload your own styles, use hosted vector JSONs, or configure your own raster templates.

  • The Workbench: You can now aggregate data from multiple devices under a single account. Use the Workbench to stitch your timelines together and manually edit or clean up individual coordinate points.

  • Contextual Diary: Enrich your trips and visits with custom tags, moods, and Markdown notes to turn your location history into a living diary.

Global Accessibility

A massive thank you to our community of translators. Thanks to their hard work, reitti is now more accessible than ever, with support added for Portuguese, Chinese (Traditional), and Korean.

A Commitment to Sustainability

Starting with v5.0.0, reitti is transitioning to the AGPL-3.0 license.

Open-source sustainability matters. As the project grows, I want to permanently protect the hard work of our contributors and keep reitti open for the community. The AGPL-3.0 ensures that any improvements made to reitti must be shared back with the community under the same open-source terms. To keep our contributor power strong, no Contributor License Agreement (CLA) is required; the intellectual property remains entirely with the individuals who authored the code, keeping the project truly community-owned.

Development Transparency

I use AI as a development tool to accelerate certain aspects of the coding process, but all code is carefully reviewed, tested, and intentionally designed. AI helps with boilerplate generation and problem-solving, but the underlying architecture, logic, and quality standards remain entirely human-driven.

Getting Started

To simplify your deployment, I’ve taken inspiration from the excellent release practices of the Immich project. You will now find the docker-compose.yml file attached directly to the GitHub release notes to help you get up and running quickly.

Important: This is a major release with deep structural adjustments. Please read the v5.0 Upgrade Guide before deploying, as a database migration is required.

Community & Support

I am dedicated to keeping this project community-first. Everyone is encouraged to spread the word about this release on any platform they have access to.

Thank you all for being part of this journey. Happy tracking!

β€” Daniel

Full Changelog: https://github.com/dedicatedcode/reitti/compare/v4.0.5...v5.0.0

10
23

Hey, folks! I had begun configuring VLANs recently, and I've got two managed switches between my firewall and my mini PC. I set up a 10 VLAN on the third octet with a /24 mask, and the idea is that anything on 10 should be able to reach the internet but not VLAN 1, while VLAN 1 should be able to access the internet and VLAN 10 services. I'm not so crazy as to try to start with that configuration though. No ports or anything are exposed yet, so my first test was just going to be full access between networks. I maybe counted my initial configuration as a success too soon, because with the mini PC on the 10 network, I can reach the gateway at 192.168.10.1 but nothing else. I can even access the OPNsense config page at the 10 gateway address. If I ping 192.168.1.1, I get "Network is unreachable". If I ping www.google.com, I get "Temporary failure in name resolution", and I also can't pull up sites like YouTube. And again, this is all with a VLAN rule that I believed to be configured to allow all traffic, as it mimics what's set up for my default LAN interface. Pinging the mini PC from the 1 VLAN also fails; it just sort of times out with 100% packet loss, so perhaps the default rule is less permissive than I thought, but it does say it allows all.

I've been following beginner guides from the Home Network Guy (a name that makes this stuff sound more approachable than how he actually presents it), but even with a video that's not even 3 years old, pieces of OPNsense have been deprecated and replaced with new components such that I can't follow along verbatim. For instance, it was an ordeal to get DHCP working now that the one he used has been replaced with Dnsmasque DNS and DHCP, and I can't even tell you what I changed that eventually got it working, but my first couple of tries did not. In one of those videos I've been following, he indicates that the default rule on the LAN interface will allow full access between all networks, but that doesn't seem to be the case, as the same settings on the other VLAN aren't allowing them to talk to one another.

Obviously, I don't intend to leave full access between the networks when it's time to go live, but this simple smoke test shows that there's a gap in my understanding if I can't get what should be the easiest test to work. Does anyone know what I'm missing or what I should do to troubleshoot from here?

11
54
submitted 1 day ago* (last edited 13 hours ago) by OpenAltFinder@lemmy.world to c/selfhosted@lemmy.world

I just noticed that tvtime.com is being shut down on July 15th.

Are there any good open source alternatives? So far I know about

TV Time alternatives

12
17
submitted 1 day ago by xana@lemmy.zip to c/selfhosted@lemmy.world

Hello fellow TCP users,

I am moving my homelab from Docker to Kubernetes (because I have nothing to do with my homelab anymore) and I am having an issue with services that need to be accessible both within the cluster and from the outside world on the same hostname.

For an example, supposedly you have two pods: A and B which are accessible via the Gateway with hostname a.example.com and b.example.com respectively. Pod A also need to contact Pod B so there are two ways to do this:

  • Via b.example.com. This works but in this case, the traffic will go from pod A -> the boarder internet -> the loadbalancer -> the gateway -> pod B which is not very optimal.
  • Via b.default.svc.cluster.local. This also works but in this case you lose:

In Docker case, I can just set the alias of my reverse-proxy container to b.example.com and it is done. I am wondering is there anything I can do to get the traffic goes from pod A -> the gateway -> pod B in Kubernetes. Also is this a common issue or not because I don't see a lot of articles about this issue on the internet :/

Thank you very much!

13
40

Hi, I have a hypothetical question that is probably going to sound very dumb once someone shows me a very simple workaround :

In this situation : there is a properly setup server in house A with a running jellyfin/immich server, and there's a second server in house B for homeassistant.

Is there a way I can use server B to remotely connect to server A to access JF and Immich and stream it via HDMI a TV in house B ?

Thank you in advance

14
61

For my Masters thesis project, I'm required to keep a blog documenting my progress, and being the open source/self hosting guy that I am, I decided to host my own WriteFreely instance on my VPS.

The problem is, WriteFreely doesn't support direct image uploads, only embeds. I'd of course like to self host my images for the blog too, so I'm in need of a really lightweight image hosting solution. Things like Immich or Nextcloud are far too much for what I need, I basically just need a password-protected upload interface and the ability to grab the direct links to the images to embed them. I don't need analytics or account management or anything like that.

I know I could transfer images to my server directly via scp or rsync or ftp and host them behind nginx directly, but that's a faff and I'd rather just deploy a container once and be done with it.

Does anyone have any recommendations?

15
16

I'm big on retro tech (which, sadly, is becoming code for credit bills in a trenchcoat; why did I give all that good shit away :( ) and occasionally think "damn, I should try to get an old C64 or Amiga, specc it up and use it as a daily driver".

Then I got to wondering "do folks still use retro PCs to self host cool stuff?"

So, do folks here still use retro computers for self-hosting- either actually hosting services on the old hardware, or self-hosting lightweight tools specifically for use from vintage machines?

16
11
submitted 1 day ago* (last edited 1 day ago) by osanna@lemmy.vg to c/selfhosted@lemmy.world

Hello :)

I am trying to set up an encrypted gdrive connection in rclone.

For some reason, it won't upload to gdrive when I use the crypt remote, but it works fine when i use just the gdrive remote.

When I use the crypt remote, it simply created a folder called the gdrive remote name, then uploads everything encrypted to there with a directory called whatever remote name i use for the remote crypt. I'm probably not explaining very well.

/media/drive/drive/docs$ ll

total 19112

drwxrwxr-x 30 osanna osanna    4096 Jul  5 05:37  ./

drwxrwxr-x  3 osanna osanna  4096 Jul  5 05:33  ../

-rw-rw-r--  1 osanna osanna 123794 Jul  4 22:19  106.nClDs-5357-30-32_45.78.43-DpCGpC.EIE

-rw-rw-r--  1 osanna osanna   596291 Jul  5 01:17  11.HE.DKCruHI

-rw-rw-r--  1 osanna osanna  176385 Jul  5 01:17 '120.ozRRVNQCR BNOX.JCAW'

-rw-rw-r--  1 osanna osanna    11444 Jul  5 01:44 '14.nGMBMExw 2.HwL'

-rw-rw-r--  1 osanna osanna   182000 Jul  5 01:17  157.bmEEIADpE.wpnJ

-rw-rw-r--  1 osanna osanna   94588 Jul  4 14:37  163.827663.HFy

-rw-rw-r--  1 osanna osanna     8612 Jul  5 01:13  178.rmAA.FtAF

my rclone.config:

[drive]

type = drive

token = {"access_token":"[redacted]","token_type":"Bearer","refresh_token":"[redacted[,"expiry":"2026-07-05T06:26:08.783447+08:00","expires_in":3599}

team_drive = 

[drivecrypt]

type = crypt

remote = drive

password = [redacted]

filename_encryption = obfuscate

directory_name_encryption = false

The command I'm using is this:

/media/drive$ rclone copy files drivecrypt:docs/

Anyone got any idea? I'm losing my mind here.

TIA :)

17
31
submitted 2 days ago* (last edited 2 days ago) by doctorflynt@feddit.org to c/selfhosted@lemmy.world

Iβ€˜ve got 2 Machines with Proxmox on both installed. One hosts my data and media and runs Services like Jellyfin, NAS,… The other one is a Mini-PC that hosts my Services like Adguard, Home Assistant,…

Whats the best way to Backup the data and configs of those 2 machines? Installing Proxmox Backup Server on each and store the Backups on a seperate HDD? Or would it be better if a move all the services to a single machine and use the second only for backups?

thank you!

18
90
19
-26
submitted 1 day ago* (last edited 1 day ago) by TraceApps@lemmy.world to c/selfhosted@lemmy.world

CookTrace is a self-hosted recipe manager (Docker + Android, AGPL-3.0). rc.3 is the next public roll-up, bundling everything since the rc.1 first public release plus the rc.2 patches in between.

What's new

  • Pantry variants. A pantry row can now carry brand-specific rows underneath it. Recipes link to the generic parent (Whole Milk); each variant (Greenwise, Publix) has its own barcode, photo, stock, and expiration date. A generic can either use its own nutrition or pull from a chosen variant, so recipe math reflects the label of the product you actually cook with. Add Variant with inline suggestions from existing pantry rows; deleting a parent with variants asks whether to keep them as standalone items or remove them together.
  • Pantry expiration dates + digest push. Every pantry row gains an Expires On field with amber/red pills and an "Expiring Soon" filter chip. A once-a-day roll-up delivers everything expiring within a chosen window (1 / 3 / 5 / 7 / 14 days) at a chosen time, through Apprise, Gotify, or ntfy plus the local device channel. Past-expiry items always included.
  • AI Scan Label for pantry nutrition. Take a photo of a nutrition label from the pantry item editor and Trace extracts name, brand, serving size, and every nutrient it can read. Complementary to the existing barcode scanner: barcode β†’ Open Food Facts lookup for name-brand products; label scan β†’ store-brand jars, homemade batches, imports OFF doesn't cover. Requires an AI provider configured in Settings.
  • Shopping list aisle grouping + drag reorder. New chip row toggles between By Aisle, By Recipe, and Flat. Every pantry category picks up an optional Default Aisle label; items added from a linked pantry row inherit that aisle automatically. Custom aisles work as free-text groups (write "Freezer" once and it becomes a group). Rows drag to reorder within a group; cross-group drops in By Aisle mode reassign the moved item's aisle, so shuffling the list is the same gesture as reclassifying an item.
  • Simplified shopping quick-add + per-row edit. Primary add is now name plus optional qty plus a labeled Add pill, matching Google Keep, Bring!, AnyList, and OurGroceries. Unit moved to a per-row Edit modal so the sweep flow ("milk, eggs, bread") is name-tap-Add-repeat rather than three fields per item. The two bulk-add sources (Recipe, Planned Cooks) collapse behind a single + button in the header.
  • Recipe Rest Time + Total Time. New Rest Time field for hands-off periods (rise, rest, marinate, chill, soak, ferment) rolls into the auto-calculated Total Time. Optional manual override on Total Time when the recipe's stated total is bigger than the components would imply. Times render as 1h 15m across list cards, recipe view, cookbook, public share, and the recipe-card image.
  • Multi-select on Pantry and Recipes. Long-press to enter selection mode. Header title flips to "N Selected" and top-right icons become trash + cancel on Pantry, or trash + add-to-cookbook + cancel on Recipes. Matches the pattern used on NutriTrace's Diary + Foods. Replaces the older floating action pill.
  • Mobile ingredient rows. The three per-row action buttons (link to pantry, section divider, delete) collapse behind a kebab menu on small screens so the ingredient name field has room to read. Adding a note is one tap in the kebab; the note appears on a second inline row.
  • Four animated page banner styles. Retired the illustrated SVG headers in favor of Shimmer, Drift, Pulse, and Aurora gradient animations. All four honor Reduce Motion. Settings β†’ Appearance β†’ Banner Style.

Fixes

  • Cook Mode now reliably keeps the screen awake on Android via the native KeepAwake plugin β€” the Web Wake Lock path silently stopped working on some Android WebView versions
  • Cook photos taken during a diary log render immediately on the Diary Photos tab; older photos still render via a backstop URL conversion
  • Bulk-add from a recipe or planned cook populates each row's aisle from the linked pantry item's category, so items land pre-grouped instead of piling into Uncategorized
  • Long-pressing a shopping row no longer lets you drag it while the action menu is open β€” the finger-hold that opened the menu was feeding pointer moves into the reorder tracker
  • Cancel out of Pantry multi-select no longer leaves an invisible layer blocking taps until reload
  • The Shopping quick-add box no longer freezes on mobile when the pantry has hundreds of items β€” the suggestion list is now capped
  • Last Cooked date no longer concatenates with a full timestamp
  • Mealie ZIP importer extracts cook-event photos for full live-API parity

Security

  • Dependency security bumps clear every actionable Dependabot alert: multer 1.4.5-lts.1 β†’ 2.2.0 (three high-severity DoS CVEs on the LTS line), nodemailer 8.0.7 β†’ 9.0.3 (five CVEs including TLS OAuth cert-validation bypass and CRLF header injection), vite 7.3.3 β†’ 7.3.6 (dev-only server.fs.deny bypass), plus an esbuild override to clear a dev-server CORS advisory nested under svelte-i18n. Self-hosters on Docker just need to pull the new image.

Install / upgrade

  • Docker: pull the new image and restart your stack (see the README for compose snippets)
  • Android: signed APK on the release page
  • Full CHANGELOG: main repo

What is CookTrace?

Self-hosted recipe manager. Full recipe library with live scaling, ingredient unit conversion, FDA-style Nutrition Facts, cook mode, and cook log. Pantry catalog with barcode scanning (ML Kit on Android, QuaggaJS on web), Open Food Facts + USDA lookup, variants, expiration dates, and an "8/10 in pantry" match pill on every recipe card. Cook diary + meal planner with list and month-calendar views. Shopping list that pulls missing ingredients from a recipe and skips anything you already have stocked. Trace AI assistant (Claude / OpenAI / Gemini / Ollama). Multi-user with OIDC SSO. Federation with NutriTrace (nutrition) and LiftTrace (lifting). Docker on the server, Capacitor app on Android. AGPL-3.0 licensed.

20
-31
submitted 1 day ago* (last edited 1 day ago) by TraceApps@lemmy.world to c/selfhosted@lemmy.world

NutriTrace is a self-hosted nutrition tracker (Docker + Android, AGPL-3.0). rc.53 is a catch-up roll-up, bundling everything from rc.48 through rc.53 β€” the last update posted here was rc.47.

What's new

  • Reorder + hide Statistics categories. Settings β†’ Statistics β†’ Categories now has a drag list of every metric the chart page renders (nutrients, body stats, water, wellness). Drag rows to pick your own order, toggle any of them off. New wellness sources you connect later automatically append to the end. (#85)

  • Bulk delete on Foods, Meals, Recipes. Long-press an item in your catalog, pick "Select Multiple" from the action sheet, tap other items to add them to the selection, delete them all with one confirmation. Matches the multi-select UX the Diary already has. Diary entries that reference deleted items keep their nutrition snapshot but lose the link.

  • Open Food Facts serving sizes + density. Foods scanned or searched from OFF now auto-import their serving units (1 slice, 1 cookie, 1 bottle, etc.), so you can log them in those units directly instead of converting to grams. Foods can also carry an optional density (g/ml) for accurate cross-system conversion on liquids like oil or honey. Unit metadata is opt-in via Settings β†’ Diary β†’ Show Unit Metadata for anyone who wants the leaner default. (#69, #70)

  • Trace AI now logs real foods. Asking "add an apple to snacks" or "log Greek yogurt for breakfast" creates a real food entry with full nutrition (protein, carbs, fat, fiber, vitamins) instead of a Quick Calories row with just kcal. Searches your local catalog first, then Open Food Facts. Honors renamed / reordered meals so "snacks" routes to the right slot. (#79)

  • French language. Full UI translation contributed by @antoinech2 (PR #72). Switchable in Settings β†’ Language. A handful of less-common settings screens are still English and will be translated incrementally.

  • Background Health Connect sync on Android. Wearable data syncs to the server about once an hour in the background even when NutriTrace is closed, so today's steps are already there when you open the browser build on a desktop. Settings β†’ Wellness β†’ Health Connect has a Background Sync row showing when the last sync ran plus battery-optimization guidance. (#68)

  • Tap a date in the Statistics history list to jump into that day. Nutrient / water / body-stat rows open the Diary on that date, wellness rows open the Wellness page. Pairs with the rc.47 Nutrition Summary drill-down for an end-to-end "chart shows a spike, day page shows the cause" flow. (#64)

  • Body-stat charts auto-fit their Y-axis to your actual data range (weight, HRV, RHR, body measurements, etc.) instead of pinning the floor to zero. If a goal is set, the range extends to keep the goal in view. Nutrient / counted charts still anchor to zero. (#67)

  • Animated banner styles. The illustrated SVG page banners are retired in favor of four animated gradient styles: Shimmer, Drift, Pulse, Aurora. Pick in Settings β†’ Appearance β†’ Banner Style. All four honor the OS's Reduce Motion preference.

Fixes

  • Editing a diary or body-stat entry from mobile and PWA in the same day could silently wipe an earlier entry when the two devices' sync windows overlapped. Every save path now refetches server state before writing so a stale cache can't overwrite fresh data from another device (#81)
  • Browser password suggestions ("Suggest strong password" in Safari, 1Password, Bitwarden, etc.) now include a special character and pass validation on the first try (#82)
  • Statistics charts were blank for users whose only wellness source was Health Connect or Google Health. Every wellness-source check across the app now routes through a single shared gate (#65)
  • Adding a food with a phone-camera photo to the diary no longer fails with a silent 413 on busy days. Photos now save as proper uploaded files instead of inline base64 in the food record (#74)
  • Removing a food or meal photo by tapping the X actually removes it now (kilkalabs follow-up on #74)
  • Statistics chart tooltip no longer throws when hovering over days with missing data (#66)
  • Wellness sync icons on Fitbit / Garmin / Withings / Google Health buttons rotate in the direction their arrows point (#86)
  • Readiness on severe HRV crash days reads closer to Fitbit's own value (raised the interaction penalty cap to fully reflect the combined HRV+RHR crash signal)
  • Inline barcode scan icons are accent-coloured and meet the 44x44 tap-target minimum (#71)
  • OFF nutrients flagged as estimated no longer pull rough numbers into your totals

Security

  • rc.53 clears every actionable Dependabot alert. multer 1.4.5-lts.1 β†’ 2.2.0 (three high-severity DoS CVEs on the LTS line), nodemailer 8.0.7 β†’ 9.0.3 (five CVEs including a TLS OAuth certificate-validation bypass and CRLF header injection), vite 6.4.1 β†’ 6.4.3 (dev-only, server.fs.deny bypass on Windows). No user-facing changes; self-hosters just need to pull the new image.

Install / upgrade

  • Docker: pull the new image and restart your stack (see the README for compose snippets). The image is multi-arch (amd64 + arm64), so Raspberry Pi 4 / Pi 5 works without a source build (#76). The README's compose snippet now includes env_file too, so INSECURE_COOKIES and other .env vars actually forward into the container.
  • Android: signed APK on the release page
  • Full CHANGELOG: main repo

What is NutriTrace?

Self-hosted nutrition tracker. Diary + Foods catalog (with Open Food Facts / USDA / Mealie search + barcode scan), wellness integrations (Fitbit, Garmin, Withings, Google Health, Health Connect), workouts, goals, statistics, recipes, multi-user, OIDC SSO, federation with LiftTrace and CookTrace, AI assistant (Claude / OpenAI / Gemini / Ollama). Docker on the server, Capacitor app on Android. AGPL-3.0 licensed.

21
-31

LiftTrace is a self-hosted weightlifting tracker (Docker + Android, AGPL-3.0). rc.7 is the next public roll-up, bundling everything from rc.6 plus the rc.7 security-only follow-up.

What's new

  • Per-exercise sharing. Every exercise now has a Share button in its detail header that produces a portable JSON file. Send it to another LiftTrace user through any channel (email, Drive, whatever), and they can import it. The Exercises page's "+" button offers Import From File and Import From URL, so anyone can pull an exercise from a public URL (raw.githubusercontent.com works out of the box; github.com/blob URLs are auto-rewritten). Sets the stage for a community exercise repo pattern.
  • CSV workout export. The Workout Summary sheet has a download button that produces a long-format CSV (one row per set) with date, exercise, set number, reps, weight, RPE, warmup flag, completion state, and per-set / exercise / workout notes. Unilateral splits become two rows so left and right stay separate. PWA downloads directly; Android writes the file to Cache and opens the system Share sheet. Made for anyone feeding an external analysis pipeline.
  • Custom equipment. Add your own equipment types (Slackboard, Sandbag, Weight Vest, whatever's in your home gym or hotel gym) via a new "+ Add" pill in the Exercise Editor's equipment picker. Custom entries sync across devices via your account. They also appear as dashed-border chips in the Exercises filter row when at least one exercise uses them.
  • Multi-select equipment filter. The Exercises page equipment chip strip is multi-select now (was one-at-a-time), so you can pick everything you have access to today (Barbell + Dumbbell + Bodyweight when you're travelling and the hotel gym is bare) and filter the library to matching exercises. Selection persists across navigation.
  • Animated banner redesigned. The illustrated SVG banners that used to fill each page's header on Animated mode were retired (cross-viewport rendering issues on narrow phones, the art crowded the title and hid action buttons on the Exercises page). Setting Banner Style to Animated now paints the same compact accent bar as Gradient plus a subtle motion effect, picked under Settings β†’ Appearance β†’ Banner Animation: Shimmer (soft white sweep, default), Drift (slow hue rotation), Pulse (brightness breathing), or Aurora (overlapping accent clouds). All four honour Reduce Motion. Reclaims about 40 pixels of vertical real estate on every page.

Fixes

  • Editing the same workout from two devices near-simultaneously (phone + PWA) could clobber the other device's just-completed sets with a stale in-memory snapshot; the workout store now refetches and merges before writing.
  • Browsers and password managers now correctly generate passwords that satisfy the policy (upper + lower + digit + special char, 8+ chars) when signing up, accepting an invite, resetting a password, or changing one from Profile. Previously the "suggest strong password" flow produced passwords without a special char, which the field then rejected.
  • Trace FAB visualizer on Android now tracks music dynamics with the same amplitude as it does on the PWA; was previously over-damped by an extra smoothing layer.

Security

  • Multer 1.4.5-lts.1 β†’ 2.2.0 closes three high-severity CVEs on the LTS line (unhandled-exception DoS, crafted-request DoS, unclosed-stream memory leak).
  • Nodemailer 8.0.7 β†’ 9.0.3 closes five CVEs including raw-option bypass, TLS OAuth cert validation, and CRLF header injection.
  • Vite bumped for the Windows server.fs.deny bypass patch.
  • npm audit at both root and server now reports zero vulnerabilities. Self-hosters should pull the new Docker image or rebuild from source.

Install / upgrade

  • Docker: pull the new image and restart your stack (see the README for compose snippets)
  • Android: signed APK on the release page
  • Full CHANGELOG: main repo

What is LiftTrace?

Self-hosted weightlifting tracker. Workouts and programs with progressive overload memory, statistics, exercise library with imports from Strong / Hevy / FitNotes / Jefit + custom exercises, radio + library music player (Subsonic / Jellyfin / Plex / Emby), body stats + weight trend, rest timer with countdown beeps, Smart Log (text or voice), superset / warm-up / RPE tracking, multi-user, OIDC SSO, federation with NutriTrace for calories-burned sync, AI assistant (Claude / OpenAI / Gemini / Ollama). Docker on the server, Capacitor app on Android. AGPL-3.0 licensed.

22
382
23
-15
submitted 1 day ago* (last edited 19 hours ago) by binaryqueen@programming.dev to c/selfhosted@lemmy.world

Did some experiments with my DS Lite and ended up with this. Using DevkitPro libs (libnds, dswifi, calico). Apfel on macOS and a wifi (WEP) bridge running on a RPi Zero 2W. πŸ–€

24
45

Language warning.

Documented my journey backing up my Oracle Cloud server. With their latest changes to always free, I don’t think my instance will last very long. This isn’t a tutorial, there are probably many much better ways to do this.

25
78

Hey everyone! Just signed up on Lemmy. I've been running self-hosted services for a while now and looking forward to learning from this community. Glad to be here.

view more: next β€Ί

Selfhosted

60451 readers
874 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS