Selfhosted

I made a video about copyparty, the selfhosted fileserver I've been making for the past 5 years.

The main focus of the video is the features, but it also touches upon configuration. Was hoping it would be easier to follow than the readme on github... not sure how well that went, but hey :D

This video is also available to watch on the copyparty demo server, as a high-quality AV1 file and a lower-quality h264.

I don't really have anyone else to shout at about this, but it's an amazing way to host services in rootless containers entirely in user space using systemd (systemctl --user).

https://docs.podman.io/en/latest/markdown/podman-systemd.unit.5.html

Hello all! As the title suggests, I'm looking for some help and recommendations for starting a NAS storage/backup between a few households in my family.

Apologies if this isn't the right place to ask this. This will be my first entry into something something like this, so I'm not entirely sure where to go.

What I would like to do is have an enclosure in each house and have them all sync together. Two drives will be necessary since I'll use one drive just on my own since I have a lot of files to store. The other drive I would like to partition so that each household can be given a set amount of storage.

The rest of my family isn't very tech savvy, so I would prefer a solution that is relatively straight forward to setup and troubleshoot in the rare case I might need them to do something remotely.

I would like to keep the price of the enclosure reasonable since the rest of my family is pitching in on the costs.

Some extra info I copied from one of my comments:

• At this point, will have 2 houses, but likely 3 by next year.
• The first two will be a short drive away, but the third will be hours away.
• The houses are on 100/50Mb fiber. Very stable internet.
• Me being the tech person, I'll access them every way that's available. For the rest of my family I'll likely set them up either with a hardwire or local network.
• We will be using them as part of a 3-2-1 backup for all of our files like photos or documents. I'll be using the second drive for occasional video backup storage.
• The shared drive will probably be 5-10 TB, depending on how much storage each household wants. The second drive for me will be around 20TB.
• We want multiple units so we have multiple copies of all our important files in the event of something like a house burning down.

Another clarification:

We do want to access files from each NAS individually instead of having everyone connect to one master NAS. The storage will be used mainly for archival and backup, so version conflicts of individual files wont be much of a concern.

The future is community-hosted

Related Hacker News thread:

• https://news.ycombinator.com/item?id=44682175

Hey there selfhosters,

I imagine some of you are selfhosting Kubernetes and that you might have used some Bitnami images/helmchars.

Bitnami communicated recently about some changes in their catalog [here] (https://github.com/bitnami/charts/issues/35164), and will be effective at the end of August.

For the simple version, they are migrating images from docker.io/bitnami to docker.io/bitnamilegacy, implying some changes there.

But to be expected is that at some point even docker.io/bitnamilegacy will be removed (or of course pay a license to them to access their “secure” images)

I was wondering if someone was affected by this ?

Cheers !

The team behind Maybe just released version v0.6.0, and with it announced a major shift: the project is officially moving away from open-source development and pivoting to a B2B-focused model.

From now on, Maybe will focus on enterprise-grade data analysis and scenario planning tools for businesses. As a result, there will be no further updates, maintenance, or community support

This marks the end of Maybe as a public, code-based personal finance tool.

If you’ve been using it personally, v0.6.0 is the final release. You can keep using it as-is, but don’t expect updates.

Hi, right now I'm in the planning process for a self hosted virtualization and containerization environment on one or more Linux hosts. Incus looks promising. And there will be mainly Linux instances. I'm not sure how to solve the shared storage issue - since it is a bad idea to mount a fs more than once. Maybe you have some hints? I'd appreciate that. :)

The OS of an instance can sit on an exclusively used volume, that is solved for me (store it in a local storage pool).

But how should I organize shared read/write storage? It should be accessed by multiple instances at the same time. It should be easily usable as a mount point. Storage replication among multiple hosts is optional - there is rsync. Is NFS still the way to go or are there nicer options? Is there an overlayfs which could resolve concurrent writes?

Hi,

TLDR: Does anyone have an experience with setting Authentik to already existing user accounts, most importantly in Immich?

I am currently thinking (and studying how to) about deploying Authentik and using it as SSO for the stuff I host. The main reason is to rise the WAF and make them more accessible and appealing for perhaps other family members.

I already see some roadblocks ahead and am trying to understand, how to go over them in a smooth and safe way.

For most of the services, there shouldn't be much risk (loosing watch history in jellyfin might be unfortunate but not mission critical).

Though, I'm running Immich with three users, each with several years of photos.. And here I'm afraid of how to link these already existing photos to the new accounts introduced by Authentik.

The other service is Nextcloud, but I'm the only one using it now and I could prepare and move the data, contacts and so on, though calendars might be PITA...

If anybody have some experience with it, I'd be so grateful.

I run most of my stuff in docker containers on an Unraid server at home, behind a hell of a cgnat and a tiny VPS where my caddy proxy and synapse HS live, and where I'd like to set up the Authentik as well.

Folks,

When I’m at home, I’ve got Heimdall setup to let me into my applications easily.

When I’m away, I use tailscale to get into my home network. But I end up having to put in the URLs of the applications manually.

What options do I have? Do I setup another Heimdall instance with all the URLs as tailscale friendly?

Is there another dashboard solution out there that maybe takes the base URL of the dashboard and uses that to build the URLs of the applications?

So if I go to home.local then all the apps point to home.local:port and if I get to the dashboard using home.ts.net, then all the apps become home.ts.net:ports

Any suggestions or recommendations of dashboards that do this?

Folks,

When I'm at home, I've got Heimdall setup to let me into my applications easily.

When I'm away, I use tailscale to get into my home network. But I end up having to put in the URLs of the applications manually.

What options do I have? Do I setup another Heimdall instance with all the URLs as tailscale friendly?

Is there another dashboard solution out there that maybe takes the base URL of the dashboard and uses that to build the URLs of the applications?

So if I go to home.local then all the apps point to home.local:port and if I get to the dashboard using home.ts.net, then all the apps become home.ts.net:ports

Any suggestions or recommendations of dashboards that do this?

I'm hoping someone could shed some light as to what's going on here.

I was able to get Handbrake installed on my Synology DS920+ NAS with Intel Quick Sync support. Using the exact same settings that I do on my local installation of Handbrake, the file size and end results appear vastly different.

I've tested different video files, but also the exact same one.

For example:

• Original file H.264 1.3 GiB 18.1MBits/s bitrate
• Handbrake local H.265 459 MiB 6.42 Mbits/s bitrate
• Handbrake docker H.265 973 MiB 13.6 Mbits/s bitrate

My settings are:

• Video encoder: H.265 (Intel QSV)
• Framerate: Same as source
• Variable framerate
• Preset: Quality
• Constant Quality: ICQ 32
• Multi-pass encoding enabled.
• Profile: Auto
• Level: Auto
• Filters: off
• Dimensions: default (no resize, rescale, etc.)
• Audio: AAC (avcodec) (mono)
• Web optimized: Yes
• Align A/V start: Yes
• Passthrough Common Metadata: Yes

Is there an oversight that I'm missing that could explain this? I'd rather use the Docker version, since it doesn't tie up my main laptop.

I'm currently using Authelia to authenticate for some of my self hosted services. It works fine, but the limited user backends (ldap or... yaml??) make me want to look for an alternative.

Authentik seems good, but after looking at their website I get the feeling of imminent enshitification, where they're going to either pull the rug on the open source version, or basically gatekeep essential features behind an enterprise license.

So, for those using Authentik, how has your experience been so far?

Just a quick question on whether it is alright to have Dockge manage the Backrest/Restic container as one of its stack.

Currently my main directory is as follows:

• ~/docker
  • dockge
  • stacks

I only have Dockge running as an independent container whose data is inside its respective folder. Every other container is managed via the stacks and all volumes are stored in their respective stack folders.

For context, I just want to back up the ~/docker directory and I am only planning to store the data in the same local machine for the time being but I wish to be able to import it to a different drive in the future. I just want a simple backup solution that is reliable and easy to manage.

Since it's my first time setting up a backup solution like this, if you have useful advice on the steps for properly backing up data for my config, I would really appreciate it.

Hello fellow selfhoster! on my debian server I use Caddy as reverse proxy, and would like to protect some services and files with a password. I would like, however, to be able to access some protected files programmatically, from a script. using Caddy's built-in basic_auth works as intended, but I'd like to be able to use a login form instead of just a browser prompt. This is AFAIK not possible, so I'm looking for alternatives. Any idea?

I'm looking to setup Authentikibut I can't for the life of me get the postgresql container working. I'm gettingconnectionn refused.

I've followed the docentation, watched several videos of people who have done the exact same thing as me but its not working. The compose file is the same file from the documentation.

I'm running it on an lxc in proxmox but I've also tried a VM with the same result. Any ideas or assistance?

This is in preperation for netbird and I've also tried the netbird all in one docker script that uses Zitadel but again that fails as well. The zdb container fails with connection failed to server 172.20.0.2 ( docker IP). I need to have it connect to the host.

We’re excited to announce our new partnership with Thinkfree Office, a self-hosted office suite developed in South Korea, which is known for its ease of use. This collaboration is all about giving you more options, greater control, and a better user experience.

We believe in a world where users aren’t locked into a single ecosystem. That’s why we’re always on the lookout for innovative tools that align with our values.

Thinkfree Office fits that vision perfectly. Thinkfree Office is a powerful web-based collaborative editor for seamless document viewing, creation, and real-time editing. Designed for teams and businesses of all sizes, it supports word processing, spreadsheets, and presentations with industry-leading compatibility with Microsoft formats. Thinkfree Office is built for effortless deployment across various environments and integrates smoothly with a wide range of platforms and devices.

From North America, and I’m going on vacation in china for a few weeks. I wonder if anyone knows if I’ll be able to access any of my self-hosted services over zerotier while I’m abroad?

Edit: To be specific, I’m hoping to ssh into my machine over zerotier in case I need to fix something and back up some photos to my home NAS via rsync or something

Hello,

Some time ago, I started self-hosting applications, but only on my local network. So far, it's working fine, but I can't access them as soon as I go outside (which is completely normal).

For the past few days I've been looking for a relatively secure way of accessing my applications from outside.

I don't need anyone but myself to have access to my applications, so from what I've understood, it's not necessarily useful to set up a reverse-proxy in that case and it would be simpler to set up a VPN.

From what I've seen, Wireguard seems to be a good option. At first glance, I'd have to install it on the machine containing my applications, port-forward the Wireguard listening port and configure my other devices to access this machine through Wireguard

However, I don't have enough hindsight to know whether this is a sufficient layer of security to at least prevent bots from accessing my data or compromising my machine.

I've also seen Wireguard-based solutions like Tailscale or Netbird that seem to make configuration easier, but I have a hard time knowing if it would really be useful in my case (and I don't really get what else they are doing despite simplifying the setup).

Do you have any opinions on this? Are there any obvious security holes in what I've said? Is setting up a VPN really the solution in my case?

Thanks in advance for your answers!

I'm trying to set up local DNS using Pi-hole.

I have successfully set up Pi-hole and added a local DNS record local.com, pointing it to the server running the Pi-hole container 192.168.0.101.

Then I set up the Audiobookshelf container using the guide from Audiobookshelf, where I set up Nginx Proxy Manager with the following compose file:

services:
  nginx-proxy-manager:
    image: docker.io/jc21/nginx-proxy-manager:latest
    container_name: nginx-proxy-manager
    ports:
      - 80:80
      - 443:443
      - 81:81
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    restart: unless-stopped

And Audiobookshelf with the following compose file:

services:
  audiobookshelf:
    image: ghcr.io/advplyr/audiobookshelf:latest
    container_name: audiobookshelf
    volumes:
      - ./audiobooks:/audiobooks
      - ./podcasts:/podcasts
      - ./metadata:/metadata
      - ./config:/config
    restart: unless-stopped
networks:
  nginx:
    name: nginx-proxy-manager_default
    external: true

I did not specify a port, hoping that Nginx could manage it.

Then I set up Nginx Proxy Manager following the guide from Audiobookshelf by adding a proxy host. ~~Trying to resolve audiobookshelf.local.com to~~ I simply followed the guide and wasn’t sure why the “Forward Hostname / IP” should be the container name audiobookshelf.

I also created a self-signed certificate.

But I cannot access https://audiobookshelf.local.com/ or http://audiobookshelf.local.com/ (it automatically forwards to HTTPS).

I tried adding a local DNS record:
audiobookshelf.local.com → 192.168.0.101 in Pi-hole.
Now, when I access audiobookshelf.local.com, the site shows:
502 Bad Gateway – openresty

I think the problem lies in the Docker network setup. I suspect the Audiobookshelf Docker container is not communicating with Nginx.

Would appreciate any help!

Are there any folks here who have set up hosting for Pangolin in the EU and if so; what hosting options have you chosen? Are there any good free tier options?

I'm also keen on finding a platform which supports terraforming the setup for the VPS, firewall etc.

Hi everyone,

I got a bit of an issue/I am a bit lost in terms of photo management software and the special usecase I have.

My situation: I have two main proxmox servers - one at home, one as a dedicated server with a hoster. The former is pretty capable and has plenty of storage. The latter is doing okay,but storage is getting freaking expensive pretty fast on dedicated machines so I have that much space available.

I usually use the public machine for anything "public facing", e.g. services I host for friends and family, website and -and here comes my problem- photo backup from mobile devices as well as sharing photos with relatives,friends,etc.

The home server originally started as a NAS and acts as a storage for my relatively large photo collection (I worked as a photographer as a sidegig for a bit and therefore have,well, a relatively large collection).

My task/issue: I can't really put the home box public facing (home internet is way too unstable here) and honestly don't want to for security concerns. On the other hand I can't really put my collection on the public machine - that would quadruple my costs as I would need a much better dedicated machine then. For the lower amount of new photos coming in through backups it's not an issue,but for the whole collection it would be. Now,very rightfully, the family complains that uploading and sorting the photos twice can't also be a proper solution. Side note: (Photos shared are basically only newly added ones)

So I had the idea to enable a one way push from the public facing instance to the private instance. That can of course be done by an export script once per day or something. But that would only export the actual pictures - no software I know of provides an option to one way sync the metadata around it as well. Which is quite odd, as I don't think I would be the only one with that issue.

So... People...am I overthinking this? Am I doing something wrong? Does anyone have an idea how to solve this?