Selfhosted

As a follow up to this post in this community: The Future is NOT Self-Hosted

I have thought about how to set up local, community-hosted fediverse servers that respect privacy and anonymity while still guaranteeing that users joining the server are human-beings.

The reasoning behind these requests is that:

• You want anonymity to guarantee that people won't face repercussions in real life for the opinions they voice in the internet. (liberty of free speech)
• You want to keep the fediverse human, i.e. make sure that bot accounts are in the minority.

This might sound like an impossible and self-contradictory set of constraints, but it is indeed possible. Here's how:

Make the local library set up a fediverse server. Once a month, there's a "crypto party" where participants throw a piece of paper with their fediverse account name into a box. The box is then closed and shaked to mix all the tokens in it. Then, each one is picked out and the library confirms that this account name is indeed connected to a human. Since humans have to be physically present to throw in a paper, it is guaranteed that no bot army just opens a hundred anonymous accounts. Also, the papers are not associated to a particular person that way.

So I’ve been trying to get into peertube and away from google, but I’m having trouble finding a frontend to actually use peertube, or perhaps I’m missing something with how to use peertube. Does anyone have any recommendations for this?

For the past several years, I’ve been updating a little self-hosting puzzle I’ve made for myself to keep me busy. I have an old power Mac G4 cube shell. I’ve been designing, 3d printing, and releasing the completed designs for new skeletons to replace Apple’s core with one of my own design that allows off the shelf parts to fit into this little case and serve my home networking needs. I technically beat apple to the internet with the first ARM-powered Mac years ago.

I switched back to intel for the most recent incarnation of this rig, but I’m definitely cheating a little at this point to get it all to fit in there. I’m not proud of this latest version and I don’t think I even released the final version publicly. The project gave me a fun little engineering challenge but now I fear I cannot go further with it without an electrical engineering degree and several years of PCB design work under my belt. I need to make a big boy server now. It’s time to move on.

This little server has always been quiet and energy efficient. It’s been stable, and reliable. It’s just getting to the point where I cannot realistically fit all the parts I want into that shell anymore.

One of the things I want to do is declutter my equipment a bit, combining several things into one enclosure if possible. I’d like to move from my firewalla purple to something that doesn’t need the cloud at all. I’d like to be able to replace more of my cloud based things, including my home cameras, with self hosted options. The way I want to do those things means I really can’t cram them into that box anymore.

My current plan is to build a PC with a Ryzen CPU and at least 6 cores, 7000 or 9000 series, install proxmox, put OPNsense in a VM with a few cores pinned to it and PCI passthru to an intel dual-port NIC and installing a coral TPU for frigate detection. I would install an intel GPU to handle the media decode and encode for frigate managing my cameras and jellyfin managing my media. I’d install immich, and qBitTorrent and i2PD and if its going to be doing all that anyway, why not throw in a second AMD GPU just for rendering games in a Linux VM with the GPU accessed via PCI passthru and stream those to my tv via sunshine? Just throw it all in that one box. Build it into a rack case, put it in the basement. Make it nice and clean and tidy. All in one piece.

There are two problems with this. First, it’s going to be expensive, but that’s less of a problem as I can just do this over time, stretch the project out and add resources to it as they are needed. It doesn’t have to do everything on day 1, the old stuff still works. The other issue is power consumption. This thing is NOT going to be as efficient as my arm based firewalla purple and the N100 lattepanda Mu in my G4 cube. It will be able to do much more than those two on their own could ever hope to do, but most of the time, it’s not going to need all the muscle it has. It’s just sitting idle, and consuming more energy to do the same shit.

I thought maybe I could just skip the gaming requirement, modify something like an WTX Pro off amazon to use an intel ARC GPU for the transcoding and camera decoding and thought would work well enough. It would sip power, cost less, do almost everything the other set up would, but be less versatile and more janky thanks to the modifications I would have to do for the GPU. I looked at other ryzen embedded boards and intel based NAS boards and they all had something about them that would just make them impractical to use for this. then I saw a video on YouTube today about someone going the other direction with his homelab due to the energy expense and breaking it all up into smaller, weaker hardware all tied together with 2.5G Ethernet. A little N100 based NAS, a little ARM based this and that and all the separate things tied together through network but all acting as their own independent boxes. Ugly, sloppy, more complex, but they used MUCH less power than 1 big box.

I figured maybe I could set up proxmox to only spin up the gaming VM when I needed it, and when its shut down, power down the AMD GPU and maybe even disable the CPU cores I would have pinned to the gaming VM. The CPU cores probably wouldn’t save that much power though and may even be more efficient just leaving them available for the running containers rather than collapsing those smaller container loads into the few remaining cores and clocking them up to compensate. I wasn’t sure of the math on this. According to chatGPT it’s kind of a wash but the AI is really only useful if I know what I’m doing so I can correct it or question it when it says something suspicious so that doesn’t tell me much.

I’m just in the planning stages now. I considered intel for the CPU but the prices are higher, the chips aren’t as good as AMDs per dollar, and I’d get a longer life out of an AM5 socket than the intel stuff which changes every time a board member sneezes. Plus the AMDs are generally lower on power consumption.

I’m kind of thinking I’m getting carried away with this, that the power draw won’t be all that major considering it’s just in my basement and not churning through heavy traffic in an enterprise environment. But I’ve always only ever built 24/7 stuff out of more efficient stuff so I’m not sure what I’m in for here. I know I can’t build an ARM server because OPNsense isn’t supported there.

I need some outside opinions. I’m drowning in options here.

I am looking for recommendations for an open source self-hosted ~~version control system~~ source code hosting service. I found a few, but I can't decide on which one to pick:

• Gogs
• Gitea
• Forgejo

If there's a better one than the ones I've listed here, I'd love to hear about it!

I care primarily about privacy and security, if that makes any difference.

Hey everyone. For a variety of reasons I’ve ended up with a paperless-ngx install that has not been upgraded for a while. It’s currently on 1.17.1, and I’ve been researching to figure out the best way to get back up to current. I’m worried about major changes that have happened over time and what the best way to go about this is, but I’ve not had good luck finding something that gives me the confidence to go about it. Hoping someone here has some guidance. Cheers!

I made a video about copyparty, the selfhosted fileserver I've been making for the past 5 years.

The main focus of the video is the features, but it also touches upon configuration. Was hoping it would be easier to follow than the readme on github... not sure how well that went, but hey :D

This video is also available to watch on the copyparty demo server, as a high-quality AV1 file and a lower-quality h264.

I don't really have anyone else to shout at about this, but it's an amazing way to host services in rootless containers entirely in user space using systemd (systemctl --user).

https://docs.podman.io/en/latest/markdown/podman-systemd.unit.5.html

Hello all! As the title suggests, I'm looking for some help and recommendations for starting a NAS storage/backup between a few households in my family.

Apologies if this isn't the right place to ask this. This will be my first entry into something something like this, so I'm not entirely sure where to go.

What I would like to do is have an enclosure in each house and have them all sync together. Two drives will be necessary since I'll use one drive just on my own since I have a lot of files to store. The other drive I would like to partition so that each household can be given a set amount of storage.

The rest of my family isn't very tech savvy, so I would prefer a solution that is relatively straight forward to setup and troubleshoot in the rare case I might need them to do something remotely.

I would like to keep the price of the enclosure reasonable since the rest of my family is pitching in on the costs.

Some extra info I copied from one of my comments:

• At this point, will have 2 houses, but likely 3 by next year.
• The first two will be a short drive away, but the third will be hours away.
• The houses are on 100/50Mb fiber. Very stable internet.
• Me being the tech person, I'll access them every way that's available. For the rest of my family I'll likely set them up either with a hardwire or local network.
• We will be using them as part of a 3-2-1 backup for all of our files like photos or documents. I'll be using the second drive for occasional video backup storage.
• The shared drive will probably be 5-10 TB, depending on how much storage each household wants. The second drive for me will be around 20TB.
• We want multiple units so we have multiple copies of all our important files in the event of something like a house burning down.

Another clarification:

We do want to access files from each NAS individually instead of having everyone connect to one master NAS. The storage will be used mainly for archival and backup, so version conflicts of individual files wont be much of a concern.

The future is community-hosted

Related Hacker News thread:

• https://news.ycombinator.com/item?id=44682175

The team behind Maybe just released version v0.6.0, and with it announced a major shift: the project is officially moving away from open-source development and pivoting to a B2B-focused model.

From now on, Maybe will focus on enterprise-grade data analysis and scenario planning tools for businesses. As a result, there will be no further updates, maintenance, or community support

This marks the end of Maybe as a public, code-based personal finance tool.

If you’ve been using it personally, v0.6.0 is the final release. You can keep using it as-is, but don’t expect updates.

Hey there selfhosters,

I imagine some of you are selfhosting Kubernetes and that you might have used some Bitnami images/helmchars.

Bitnami communicated recently about some changes in their catalog [here] (https://github.com/bitnami/charts/issues/35164), and will be effective at the end of August.

For the simple version, they are migrating images from docker.io/bitnami to docker.io/bitnamilegacy, implying some changes there.

But to be expected is that at some point even docker.io/bitnamilegacy will be removed (or of course pay a license to them to access their “secure” images)

I was wondering if someone was affected by this ?

Cheers !

Hi,

TLDR: Does anyone have an experience with setting Authentik to already existing user accounts, most importantly in Immich?

I am currently thinking (and studying how to) about deploying Authentik and using it as SSO for the stuff I host. The main reason is to rise the WAF and make them more accessible and appealing for perhaps other family members.

I already see some roadblocks ahead and am trying to understand, how to go over them in a smooth and safe way.

For most of the services, there shouldn't be much risk (loosing watch history in jellyfin might be unfortunate but not mission critical).

Though, I'm running Immich with three users, each with several years of photos.. And here I'm afraid of how to link these already existing photos to the new accounts introduced by Authentik.

The other service is Nextcloud, but I'm the only one using it now and I could prepare and move the data, contacts and so on, though calendars might be PITA...

If anybody have some experience with it, I'd be so grateful.

I run most of my stuff in docker containers on an Unraid server at home, behind a hell of a cgnat and a tiny VPS where my caddy proxy and synapse HS live, and where I'd like to set up the Authentik as well.

Hi, right now I'm in the planning process for a self hosted virtualization and containerization environment on one or more Linux hosts. Incus looks promising. And there will be mainly Linux instances. I'm not sure how to solve the shared storage issue - since it is a bad idea to mount a fs more than once. Maybe you have some hints? I'd appreciate that. :)

The OS of an instance can sit on an exclusively used volume, that is solved for me (store it in a local storage pool).

But how should I organize shared read/write storage? It should be accessed by multiple instances at the same time. It should be easily usable as a mount point. Storage replication among multiple hosts is optional - there is rsync. Is NFS still the way to go or are there nicer options? Is there an overlayfs which could resolve concurrent writes?

Folks,

When I’m at home, I’ve got Heimdall setup to let me into my applications easily.

When I’m away, I use tailscale to get into my home network. But I end up having to put in the URLs of the applications manually.

What options do I have? Do I setup another Heimdall instance with all the URLs as tailscale friendly?

Is there another dashboard solution out there that maybe takes the base URL of the dashboard and uses that to build the URLs of the applications?

So if I go to home.local then all the apps point to home.local:port and if I get to the dashboard using home.ts.net, then all the apps become home.ts.net:ports

Any suggestions or recommendations of dashboards that do this?

Folks,

When I'm at home, I've got Heimdall setup to let me into my applications easily.

When I'm away, I use tailscale to get into my home network. But I end up having to put in the URLs of the applications manually.

What options do I have? Do I setup another Heimdall instance with all the URLs as tailscale friendly?

Is there another dashboard solution out there that maybe takes the base URL of the dashboard and uses that to build the URLs of the applications?

So if I go to home.local then all the apps point to home.local:port and if I get to the dashboard using home.ts.net, then all the apps become home.ts.net:ports

Any suggestions or recommendations of dashboards that do this?

I'm currently using Authelia to authenticate for some of my self hosted services. It works fine, but the limited user backends (ldap or... yaml??) make me want to look for an alternative.

Authentik seems good, but after looking at their website I get the feeling of imminent enshitification, where they're going to either pull the rug on the open source version, or basically gatekeep essential features behind an enterprise license.

So, for those using Authentik, how has your experience been so far?

I'm hoping someone could shed some light as to what's going on here.

I was able to get Handbrake installed on my Synology DS920+ NAS with Intel Quick Sync support. Using the exact same settings that I do on my local installation of Handbrake, the file size and end results appear vastly different.

I've tested different video files, but also the exact same one.

For example:

• Original file H.264 1.3 GiB 18.1MBits/s bitrate
• Handbrake local H.265 459 MiB 6.42 Mbits/s bitrate
• Handbrake docker H.265 973 MiB 13.6 Mbits/s bitrate

My settings are:

• Video encoder: H.265 (Intel QSV)
• Framerate: Same as source
• Variable framerate
• Preset: Quality
• Constant Quality: ICQ 32
• Multi-pass encoding enabled.
• Profile: Auto
• Level: Auto
• Filters: off
• Dimensions: default (no resize, rescale, etc.)
• Audio: AAC (avcodec) (mono)
• Web optimized: Yes
• Align A/V start: Yes
• Passthrough Common Metadata: Yes

Is there an oversight that I'm missing that could explain this? I'd rather use the Docker version, since it doesn't tie up my main laptop.

Just a quick question on whether it is alright to have Dockge manage the Backrest/Restic container as one of its stack.

Currently my main directory is as follows:

• ~/docker
  • dockge
  • stacks

I only have Dockge running as an independent container whose data is inside its respective folder. Every other container is managed via the stacks and all volumes are stored in their respective stack folders.

For context, I just want to back up the ~/docker directory and I am only planning to store the data in the same local machine for the time being but I wish to be able to import it to a different drive in the future. I just want a simple backup solution that is reliable and easy to manage.

Since it's my first time setting up a backup solution like this, if you have useful advice on the steps for properly backing up data for my config, I would really appreciate it.

Hello fellow selfhoster! on my debian server I use Caddy as reverse proxy, and would like to protect some services and files with a password. I would like, however, to be able to access some protected files programmatically, from a script. using Caddy's built-in basic_auth works as intended, but I'd like to be able to use a login form instead of just a browser prompt. This is AFAIK not possible, so I'm looking for alternatives. Any idea?

I'm looking to setup Authentikibut I can't for the life of me get the postgresql container working. I'm gettingconnectionn refused.

I've followed the docentation, watched several videos of people who have done the exact same thing as me but its not working. The compose file is the same file from the documentation.

I'm running it on an lxc in proxmox but I've also tried a VM with the same result. Any ideas or assistance?

This is in preperation for netbird and I've also tried the netbird all in one docker script that uses Zitadel but again that fails as well. The zdb container fails with connection failed to server 172.20.0.2 ( docker IP). I need to have it connect to the host.

We’re excited to announce our new partnership with Thinkfree Office, a self-hosted office suite developed in South Korea, which is known for its ease of use. This collaboration is all about giving you more options, greater control, and a better user experience.

We believe in a world where users aren’t locked into a single ecosystem. That’s why we’re always on the lookout for innovative tools that align with our values.

Thinkfree Office fits that vision perfectly. Thinkfree Office is a powerful web-based collaborative editor for seamless document viewing, creation, and real-time editing. Designed for teams and businesses of all sizes, it supports word processing, spreadsheets, and presentations with industry-leading compatibility with Microsoft formats. Thinkfree Office is built for effortless deployment across various environments and integrates smoothly with a wide range of platforms and devices.