I've been successfully using Jellyfin and Sonarr/Radarr for over 2 years now, and one of those things I find really annoying when it happens is incorrect audio tracks playing or subtitles showing. It happens rarely enough that I forget to do anything about it (until now) but it's something I'd like to never have to think about again.

I'd ideally like my setup to abide by the following rules

For subtitles:

1. Display English[Forced] subtitles by default if applicable (the kind that show up if characters suddenly start speaking another language as part of the media in question)
2. Otherwise have subtitles off by default
3. Have English subtitles available as an option in case I want them
4. Completey remove all other subtitle options from the media entirely

For audio tracks:

1. English by default if available
2. Otherwise the native language of the media as the default (bonus points if English subtitles can be enabled automatically if this case arrises)
3. The native language of the media available as an option if applicable (even if an English audio track is available)
4. All other audio track options removed from the media entirely.

Does anyone know of any tools or post-processing options I can use to accomplish what I want?

I run 0807, a small self-hosted file host. Drop a file, get a short link, and choose when it disappears.

What it does:

• No account, no ads, no trackers
• Auto-delete by time (1 hour up to 30 days, or never) or after a set number of downloads
• Optional password protection on files and on text notes
• Files up to 20 GB, with 16 TB of storage behind it
• Reachable over Tor through an onion service
• Text notes with the same self-destruct and password options
• A few file types are blocked for safety (exe, bat, scripts, and similar)

PS: there is no end-to-end encryption, and that is deliberate. The server can read what is stored.

I want to be able to take illegal uploads down when they get reported, CSAM in particular.

End-to-end encryption would make the server blind to its own contents, which is great for privacy but would also stop me from acting on those reports.

If you need real secrecy, encrypt the file before you upload it. The password option is there for casual privacy (not as protection from me or from whoever might get into the server.)

The code is open, and I host it the same way I host the files, on my own server instead of HERE .

You can read it, propose a change, or open an issue there, no account needed

Happy to answer questions about the setup or take feedback.

Wanted to provide an update around the CLI runner that we shipped a few days ago. This was already on beta for quite some time so now that its on stable, I thought of giving it another go in the community.

For those who are not familiar with the tool and what the h#$@ I am talking about: Voiden is an offline, git-native API tool built on Markdown.

We built it (and then open sourced it) because API tooling sucked (and we work a lot of APIs enough to care to do something about it). I will just name a few issues: cloud dependencies, forced accounts, proprietary formats plus many more.

Long story short, this is Voiden: instead of keeping API requests inside a cloud workspace, Voiden stores them as .void files that can live with your codebase, be versioned in Git, reviewed in PRs, and reused across a team. Plus everything is plain executable markdown. By "everything" I mean really everything: API specs, tests, docs, context...everything.

We have now released the @voiden/runner, which is a headless CLI for running those .void files outside the desktop app.

The runner executes the requests, prints the results, and exits with a standard exit code that CI systems can use.

Things to note:

• runs on Node.js 18+
• works in terminal, CI/CD, Docker, and cron jobs
• supports REST, WebSocket, gRPC, and GraphQL
• supports request chaining through runtime variables
• works with core Voiden plugins like scripting, assertions, faker, advanced auth, + more.

The ultimate goal is to make .void files executable API workflows, not just files used inside the desktop app.

The Github repo: https://github.com/VoidenHQ/voiden

Voiden CLI Runner : https://github.com/VoidenHQ/voiden/tree/beta/packages/voiden-runner

Visit Voiden here : https://voiden.md/

P.S this post is mainly around the Runner but every feedback outside that is also welcome, especially coming from any postman or insomnia power users in the room :)

Tl;dr: I understand docker is supposed to help get things running on different systems easily, can someone give me a copy of their working Arr stack?

Frustrated venting I'm past being new to this server thing having run mine for over a year so I guess I can officially say I'm just bad at it. I've been working on getting Sonarr, Radarr, and, lidarr running since 4 in the afternoon, discounting dinner that's 6 hours of constantly failing to get these to work. This is my 5th time trying since I learned about it in April.

I've given up on the automatic downloads, I've given up on the request system, I'm even done with the torrenting, I'll just do that on my phone. All I want is something that format my 5TB of media to Title (date) instead of MOVIE_TITLE_ALL_UNDERSCORE, or TB_1000, or movie.videoformat.year.special.deluxe.username.host.visit.my.site.please. I was sold on this idea that self hosting was a relatively easy thing that anyone can get into and while I have a good understanding of how a config.yml is supposed to look and work, and I've got a decent understanding of ssh and sftp between two computers, but trying to grt any one of these things to run is soul crushing. I literally work in the foster system and my worst cases do not give me the stress this does. I just want to get it fixed so I can watch Pokemon with my family and offer it to people who will never bother to log on.

~~Edit: OMFG I moved them back into individual folders and they work now. 6 hours of videos and tutorials and not a single thing saying they absolutely have to be in their own folders or it won't work.~~ edit unclear, brain stuck in toaster

Edit 2: turns out, Radarr can't find movies at /movies/movie.mkv and needs /movies/folder/movie.mkv. Now Radarr can import movies but all other problems persist.

Just released GeoTag Photos, a Nextcloud Files plugin to add, read, or remove geolocation metadata from photos in one click.

This tool works both ways: inspect or add location metadata during investigations, visualize where photos were taken via Nextcloud Maps/Memories, or scrub it before sharing sensitive files, all self-hosted, without third parties.

Howdy Selfhosters!

A family member who does not live in my state recently got a new PC, and asked for my help in setting it up. Since it can't be done in person, I'll have to do this over the phone. Problem is, I don't really want to walk them through all of the steps (download Firefox, ublock origin, uninstall W11 bloat, etc) over the phone. I was hoping there exists a software that I could host on my Linux machine (I am able to port forward/host externally if necessary), and instruct them over the phone to download the "other end" (client-side) of the software so that I can remote in and set their PC up myself.

I checked out the awesome-selfhosted list and found that most of the remote access softwares are mainly for SSH servers. I did check out Guacamole, but I'm not sure I understand how to utilize the software. Any help and suggestions are welcome. Thank you everyone!

Hi all,

I'm looking at exposing some self-hosted web-based services externally so that some relatives can access them and would appreciate some advice.

Vikunja is the starting point (mostly to facilitate my spouse and I using it when away from home) but in future I want to set up Immich or similar to replace Google Photos, and that in particular will need to be shared with friends and family (especially so that immediate family can have camera uploads on automatically).

I understand that ideally I'd use SSH, a VPN, or tailscale or similar (although I don't have experience with tailscale), but that's not going to be feasible. Most of the family will not be able to set up those connections themselves (which means I would need to) and several are far enough away that it is impractical for me to provide on-site support or do it myself. Even if I could get a VPN or similar deployed on all their devices, I suspect that they're going to struggle with needing to connect to it just to upload or view photos, then disconnect afterwards to resume using the Internet -- I really need this to "just work" for them.

So this brings me back to safely exposing these services to the outside world. My network architecture complicates this a little, so for context:

• Modem/router has basic firewall and points to a Raspberry Pi for DHCP. I already have No-IP set up with a domain name so that I can SSH into my LAN when away from home.
• RPi runs Pi-hole + dnscrypt, acting as DHCP and DNS server for the network.
• I want to use nginx as a reverse proxy running on this RPi, as I have experience with it and it can add SSL using certbot. The router would be configured to use port forwarding to direct external traffic for ports 80 and 443 to the RPi.
• Vikunja is hosted on a separate Raspberry Pi (with other things like Shiori)
• I have not yet determined where Immich or similar is going to go. I have existing home server that I use for backups and important family stuff, but I really don't want this to be vulnerable to the outside world. If I were to install Immich here, I'd need it to be well-isolated from the rest of the system. The other option is to get a NUC or similar, which is what I am leaning towards as the less stressful option.

So my main questions are:

1. Beyond fail2ban and my router's firewall, what else can I do to protect my network once I open ports 80 and 443?

2. How do I handle fail2ban configuration when the services are on different devices to the nginx proxy? I understand the best place to put fail2ban would be on the Pi running nginx (since it's the access point to the outside world), but that it also needs to read the logs from Vikunja, etc. to be effective.

3. Where would you put Immich in my network architecture?

Any other tips/recommendations for making this easy to use for my less tech-inclined friends and family would be much appreciated as well. Thanks.

@vincent - I'm fairly new to running services on my vms but does anyone have any experience running DotMakeup ? I'd like to host an instance to share some Twitter and instagram accounts in a controlled way to my family on my #friendica instance.

I'm kinda of at that point where I can sort of use #DockerCompose but umm.. honestly not really sure where I would start from git.sr.ht/~cloutier/dotmakeup

Currently running all my docker compose containers on my gaming PC. 15 containers in total. Mostly *arr stack, plex, immich, home assistant, actual budget and jellyfin. Running on Mint.

Want to get these onto a dedicated pc. I have a mini with a I5 10-600, 32GB ram. I've played with it a little with jellyfin, on Debian and don't think I was able to get quick sync enabled with my testing, and one transcode pretty much maxed out the CPU usage. To use this PC, I'd need to buy a 4 bay USB HDD enclosure.

So, basically I'm just wondering before I spend money and time if the hardware is even capable enough for my usage. 3 concurrent streams is probably the most it'd ever see, ideally with no more than 2 transcodes. Immich, home assistant etc are all pretty new and just in testing for now, but would only have 2 users total. Mostly using Plex, jellyfin is also in testing so it'll be ready if plex enshitifies too much.

Hello,

I know it is strictly related to selfhosting but I don't have a reddit account so please bear with me. I've been using a Blackblaze B2 bucket as the storage for my restic backup for my whole homelab for a while and recently when reading from that bucket it is so so so so so so slow and unreliable (a lot of unexpected EOF and interruption). I've tested this on several machines (including a VPS on Hetzer) and I can access other sites just fine. Their status page says nothing and I wonder is it just me or do some of you also experience the same thing ?

Also any alternative recommendation is welcome but I can not selfhost my S3 at the moment :(

Thank you very much!

Edit: this is the log for my restic check --read-data (something similar on Hetzner VPS).

create exclusive lock for repository
load indexes
check all packs
check snapshots, trees and blobs
Load(<data/ef0e80ecc6>, 541, 6322304) returned error, retrying after 508.096097ms: unexpected EOF
Load(<data/ef0e80ecc6>, 541, 6322304) operation successful after 1 retries
Load(<data/c10459132f>, 535, 14002087) returned error, retrying after 1.352882596s: unexpected EOF
Load(<data/c10459132f>, 535, 14002087) operation successful after 1 retries
Load(<data/44089c2105>, 536, 10041504) returned error, retrying after 1.094099947s: unexpected EOF
Load(<data/44089c2105>, 536, 10041504) operation successful after 1 retries
Load(<data/c10459132f>, 481, 3262415) returned error, retrying after 1.418694544s: unexpected EOF
Load(<data/927e700367>, 467, 7776453) returned error, retrying after 634.119689ms: unexpected EOF
Load(<data/927e700367>, 473, 7798234) returned error, retrying after 849.03055ms: unexpected EOF
Load(<data/927e700367>, 467, 7776453) returned error, retrying after 1.243622488s: unexpected EOF
Load(<data/653ef7abb0>, 523, 8280899) returned error, retrying after 578.669152ms: unexpected EOF
Load(<data/fd9edf4117>, 533, 485866) returned error, retrying after 823.382046ms: unexpected EOF
Load(<data/c10459132f>, 528, 3248055) returned error, retrying after 1.402372952s: unexpected EOF
Load(<data/c10459132f>, 524, 3175555) returned error, retrying after 1.425799941s: unexpected EOF
Load(<data/9b179c749d>, 534, 13802701) returned error, retrying after 1.234603672s: unexpected EOF
Load(<data/7b827c96f6>, 531, 8412866) returned error, retrying after 1.49579899s: unexpected EOF
Load(<data/ef0e80ecc6>, 530, 5093059) returned error, retrying after 1.405885227s: unexpected EOF
Load(<data/927e700367>, 409, 7763564) returned error, retrying after 798.04783ms: unexpected EOF
Load(<data/c10459132f>, 481, 3262415) returned error, retrying after 1.362966862s: unexpected EOF
Load(<data/653ef7abb0>, 523, 8280899) returned error, retrying after 2.966804822s: unexpected EOF
Load(<data/927e700367>, 467, 7776453) operation successful after 2 retries
Load(<data/fd9edf4117>, 533, 485866) operation successful after 1 retries
Load(<data/927e700367>, 409, 7763564) operation successful after 1 retries
Load(<data/9b179c749d>, 534, 13802701) operation successful after 1 retries
Load(<data/c10459132f>, 528, 3248055) operation successful after 1 retries
...

Edit: After a day my restic check --read-data finished with no data corruption but it took a lot of retrying, even 7 retries to read the correct data :/ So I guess it is a sign for me to move to somewhere else.

I've bounced around running my server on many different OS options, I used proxmox with Ubuntu VMs and containers for a long time and did really like it but decided that for my tiny operation basically just trying to run Jellyfin and maybe a few other things like a Minecraft server, a simple one click deployment OS works good enough for me. Most of the time.

I've really been loving ZimaOS, management is so easy when you're only running a couple basic services like I am. But I decided I wanted to set up an arr stack to build up my media library easier and let others request things. I actually had this set up before on proxmox so it's not my first time.

The only problem is I can't for the life of me get qBittorrent to use my gluetun VPN with Mullvad, the fact that I can't directly edit the compose yml is killing me, because the options that I need to change should hypothetically be simple, but they just don't appear to even exist in the ZimaOS app settings gui. Has anyone gotten this to work?

Hi there, everyone.

For various reasons, our family makes use of Life360. I'm wanting to move to either a linux or completely degoogled phone(ATM, I'm on Graphene but utilize the Play store for Life360 and a few other apps) but can't afford not to have the ability for a group of 4 phones to share their locations with each other all the time, not just to send a pin at certain times. I ONLY need the real time sharing to other devices in the group, I don't need anything else that Life360 offers.

It can't be hard to use as one of the phones we need it on is owned by an 80yo with cognitive/memory issues. This is where Life360 shines, we're able to find him without him ever needing to do anything on his phone.

Is there an option for this out there for self hosting? I could even handle not self-hosted but multi-OS and non-Play connected. I do have a couple VPS I could run backend software on, if needed.

Thanks for your time!

- I'm new to #Authentik - I've just spun up a test instance and tried to connect my first application (#Postiz) but I'm kind of stuck.

I've installed both Postiz and Authentik using Docker Compose - as provided by the relevant apps.

As far as #Authentik goes it looks like its approving authentication requests (its showing successes in the GUI) but the application just returns to the login screen without progressing.

One thing that I found was that within the configuration of the Application and Provider one URL provided by Authentik is the /application/o/postiz/.well-known/openid-configuration which lists several URLs used by the application - one is /application/o/authorize/ but unlike all the others this returns a 404 error when I try to load it via the browser.

I am struggling to work out if - this URL should 404 should occur and also how to diagnose what the problem is.

I've popped messages in their relevant Discord forums but any ideas or input would be greatly appreciated - I'm figuring getting Authentik is going to be key to getting other applications going.

I wanted to improve the security of a TV connecting to a server on a different LAN, and one approach I thought of is to use a RPi on the network to look after the secure connection.

So the pi could connect to the remove server through SSH, and forward the port locally. I thought this port could then be opened, and the TV can then be pointed at the pi on the local network.

Port forwarding to the pi works but I can't connect to it from another device, even after setting firewall settings.

Basically the firewall rule is ufw allow from 192.168.1.0/24 port 1234

Does this idea work, or is there a better approach? Am I missing something in the setup?

Hello friends!

My first attempt at a selfhosting project is up and running.

My goal was to make a private email and calendar system for my family. As it is private, as in we only email each other, I don't have to worry about delivery blocks or spam. The system needs to support 12 users. Turned out it was easier than I though it would be!

Here is my stack:

• Thinkpad T480 with 64G ram and 1tb ssd
• Windows Server 2022 eval
• MailEnable Standard Edition which is free software from Australia https://www.mailenable.com/standard_edition.asp
• Thunderbird Mobile https://www.thunderbird.net/en-US/mobile/

Right now we are using the native android calendar app but I would love suggestions for a better calendar app.

Happy Hosting!

so im setting up a proper anime server and im kind of stuck on the metadata

been running jellyfin for a bit , had everything scan and it looked fine at first but then i noticed stuff was misclassified , wrong episode orders, some seasons (of the same show) getting merged when they shouldnt be. basically a mess

wiped everything and starting fresh. currently looking at shoko server + shokofin plugin as the proper solution instead of just trying to fix filenames manually

my situation is a bit different tho , i dont torrent. most of my stuff came from animepahe and similar sites so the files are encoded in mp4 ,

anyone gone through this with a similar source situation ? is shoko the move or is there something better for my anime :)

thanks!

Edit : Almost forgot ! if you have any tools, tips or anything really that would be helpful to a beginner like me (like tailscale) please mention them in the comments and i will check them out.

Hi, so been working on this for a week but not really happy with the solutions I find as they seem to be done by induviduals who rely heavily on ai. I got wireguard easy going and can remotly connect which is great but id love to be able to route any internet traffic to and from the wireguard clients to go though another server while filtering my local onsite services. Felt that if i can crack this i dont need to rely on tailscale. The end goal is to have no reliance on tailscale as i am preparing for the eventual enshitification.

I'm a Windows guy since forever and I recently got into selfhosting. So far its a blast! Are posts about that welcome here?

I have nearly every service imaginable running and have now started a new project.

I am creating a searchable stock photo archive for my lan. It has been a very interesting project but think i may have crossed the line into overkill lol.

I had hundreds of stock photo cds from the 90s I have turned them all into ISO's.

I then spent ages dealing with some strange cdrom layouts but got all the images off.

I then converted them all to JPG.

I have now setup a batch script that dedupes then takes the images in 2k batches, runs them through a ai vision model to add keywords and descriptions; as they have none.

They are then copied to a folder where I have photoprism running as the front end and I only have 4k done so far but they look amazing and the search and descriptions are really accurate and useful.

400k more images to go but at least it should all be automated now.

While building PolyTalk, one of the biggest decisions we faced was whether to rely on cloud APIs or keep everything self-hosted.

At first, cloud services seemed like the obvious choice. They make it easy to get started and remove a lot of operational overhead.

But the deeper we got into the project, the more we realized that self-hosting wasn't just a deployment preference, it was a requirement for many of the use cases we were exploring.

A few things we learned along the way:

• Running speech recognition, translation, and TTS locally is absolutely possible, but latency quickly becomes one of the biggest engineering challenges.
• Supporting multiple audio sources (microphones, meetings, browser tabs, system audio, etc.) is often more complicated than the translation itself.
• Choosing models is a constant trade-off between quality, speed, hardware requirements, and language coverage.
• Privacy, compliance, and data sovereignty concerns came up far more often than we expected when talking to potential users.

Self-hosting definitely isn't the easier path. You have to think about infrastructure, updates, monitoring, and resource management.

That said, the trade-off is greater control over your stack, fewer external dependencies, and more flexibility in how the system is deployed and operated.

For us, those benefits were worth the extra complexity.

I'm curious how others in the self-hosting community think about this.

When do you decide a service is important enough to self-host instead of relying on a managed API or SaaS provider?

For anyone interested, PolyTalk is the project that led us down this rabbit hole:

GitHub: https://github.com/PolyTalkIO/polytalk

Website: https://polytalk.io/-

Hello,

As the title suggests, how do you manage your DBs for docker services.

Do you spin a new DB for every new docker cluster or do you have a centralized DB that is accessible to the docker clusters.

What are the pros and cons of both method?

For the moment, I spin a new DB for every services as I feel it is easier to backup the service in case of a problem.

Hello guys, so I have been self hosting a bunch of stuff for some years now. But I want to increase the protection of the services I host.

I was thinking of using a VPS just for ddos protecting my services like game servers, web servers, email etc.

Any suggestion on how to set this up well? I was thinking of routing all traffic from the VPS back home with wireguard. My connection is gigabit so I don't think the performance impact will be too big, any suggestion on which proxy, VPS and other things to use?

Hello,

First let me answer your first question : No, It's not AI generated.

I started working on a new project geared towards small self-hosted environment which automate the use of snapshot to reduce downtime when doing offline backups.

Instead of waiting for the entire external backup to finish to restart the service LaManager create a instantaneous snapshot using Copy on Write (COW) restart the service and upload the external backups reducing downtime significantly.

More details in the readme.md.

Warning the project is still very early so there might be rough edge and bugs, be careful. However I hope to be able to make something nice and usefull out of it.

PS: It is my first post on lemmy after looking around without account here for a while, the lack of history is not me being a bot, I'm just new here.