Self Hosted - Self-hosting your services.

I thought it would be cool to have my own TLD, but apparently it's all managed by the ICANN, so you can't just name your website with any TLD you want. There are different prices. But at least you can customize your second level domain. Why aren't TLDs like this?

Hey; I just got a Lemmy instance up and running. I'd like to share some tips and things that helped me along the way.

I used the Ansible installer found here. Just following the instructions is pretty clear if you've ever set up a server before. I did have a couple of hickups though:

• In the hosts config file, there's a like that says "myuser@example.com: replace with the destination you use to connect to your server via ssh."" There's a typo down below where there is no myuser@example.com, it actually says example.com instead. Do replace it with your username and domain.
• The customPostgresql.conf DOES need to be tuned for your server memory and CPU; the default did not work for me
• When it says Configure a DNS A Record to point at your server's IP address. it means you need an IPv4 address for your server. Unfortunately, this means you can't use the cheapest Vultr tier at $2.5/mo, but you have to use the $3.5/mo instance at least.
• I used the $5/mo Vultr instance instead of $3.5 because 512MiB of RAM caused my server to run out of memory and start killing processes. For some reason nginx would be the first to go.
• Speaking of nginx; it was not configured to start on startup for some reason. A quick sudo systemctl enable nginx fixed that.
• To diagnose the memory issue; I had to go docker ps | grep postgres, get the hash/ID for postgres, then do sudo docker logs 5115641fc0b2 to see the logs
• To see the server logs, the /srv/lemmy/<domain name here> is where the docker-compose.yml file is, so if you cd into this dir, only then can you run docker compose logs -f lemmy or docker compose logs -f lemmy lemmy-ui pictrs to see the lemmy logs
• Sometimes, pressing a button in the config menu doesn't do anything. Generally, it's a backend issue and not a frontend one, but the front-end does not tell you that anything has gone wrong. If you "Inspect" and open up the console in your browser, you'll see the server request done and you can see the response.
• I was surprised to learn that you can't make a federated AND private Lemmy instance. I guess it makes sense? I kind of want to save on server bandwidth/resourse by being the only user though...
• My ISO of Debain did not have a swap file or partitioned any swap space. Create a swap file and make it permanent through the following commands: sudo fallocate -l 1G /swapfile sudo chmod 600 /swapfile sudo mkswap /swapfile sudo swapon /swapfile and then edit sudo nano /etc/fstab and add the line /swapfile none swap sw 0 0. Without the swap Lemmy would crash the server.

Anyways, hope these notes help someone! If you've got any tips I'd love to hear.

So I'm using a lot the option to chat myself in apps like WhatsApp or Telegram. But I don't wanna put my trust in them.

I tried about using NextCloud (I have an instance) Talk, but I'm not satisfied: the app won't load if I have no internet connection.

What I am actually looking for:

• something with cross client sync that sync is ideally on my server
• simple to use like sending message to self but with good search options, maybe even tagging
• ability to send images, files etc
• caches offline on clients

thanks.

P.S. wasn't really sure what tag to use here. Help seems like I'd use when I have an issue with an existing project. but I'm looking for a new one so I used this.

thanks!

Hello!

I have Jellyfin running locally on my linux pc, in a docker container but I also use Mullvad vpn. I'm still newish to linux but I can access jellyfin through my lan. I am at a total loss with how to remotely access it remotely and securely. I think I need to split tunnel jellyfin but I also run arr apps in other containers. Maybe gluetun? I cant find a guide that tells me for sure but it sounds like what I may need

I have been through several guides for different methods but I'm at a loss on what to do.

Can anyone point me in the right direction?

Hi :)

I've been playing around with a pi 4 for a few months now, but I want a dedicated home server now, since I want my pi to run HomeAssistantOS.

I'm looking for something that can store documents and photos (paperless and immich) and maybe run a small program like Ad guard. At first I just want to hookup an old SSD (250GB) and a HHD (1TB), but maybe I will buy a second one for RAID in the future. Power consumption at idle is really important for me (energy prices in Germany are really high).

As a beginner I find it very hard to find the right hardware, because everyone is recommending different things. (Slim-Clients, Intel Nuc, Raspberry Pi, Synology NAS).

I hope someone can recommend me something that will work for me.

Does anyone recommend a VPS to run Nextcloud? @selfhost

I convinced my brother to stop paying for Office Online and give us this money to use a self-hosted Nextcloud.

tl;dr: Run "docker run -it --rm --log-driver none --cap-drop=ALL --read-only --net none --security-opt=no-new-privileges --name ascii-matrix defnotgustavom/ascii-matrix" for a perfect cmatrix clone + ascii elmo.

Check thread link for more info.

The number of containers I'm running on my server keeps increasing, and I want to make sure I'm not pushing it beyond its capabilities. I would like a simple interface accessible on my home network (that does not make any fishy connections out) that shows me CPU and RAM-usage, storage status of my hard drives, and network usage. It should be FOSS, and I want to run it as a Docker container.

Is Grafana the way to go, or are there other options I should consider?

cross-posted from: https://lemmy.ca/post/30126699

> I created this guide on how to install Jellyfin as a Podman Quadlet on your server. Enjoy.

I accidentally attempted to SSH into one of my servers from a device that did not contain my ssh key. I configure all of my servers to only allow authentication via cryptographic keys. Root ssh as well as password auth are disabled.

To my surprise, I was able to log in to my server with a password despite this. Baffled, I first tried some other servers. 2 of the 5 other servers I tried were accessabke via password.

After some swift investigation the culprit was found, a cloud-init ssh config in sshd_config.d/ with one line: password_authentication Yes.

So TLDR PSA....if you run a server in any type of virtualized environment, including a VPS, check your /etc/ssh/sshd_config.d/ folder. And more broadly, actually thoroughly test your ssh access to confirm everything is working as you intend it to.

cross-posted from: https://programming.dev/post/19958073

> Hi, > > I'm looking for a solution to archive files in a decentralized system. > that would meet those requirement: > > - FLOSS > - date-stamp the upload of the file. > - immutable storage ~ WORM > - anonymous (like TOR) > > I was considering IPFS but it does not date-stamp the upload :'( you can make a description-file but this is unreliable, as you can set any date.. > > I'm lost between hyphanet.org and Freenet.org ?!\ > are those the same project ? > > According to A.I: > > Hyphanet is focused on secure, private, and efficient communication and data sharing, with an emphasis on enabling users to monetize their data while maintaining control over their data sovereignty. > > is that true ? I can't found the information on their website...

Hello everyone,

I have a few questions about Frigate and security cameras, and I thought this would be a good place to ask.

I’m new to security cameras and Frigate, so please excuse any basic questions I might have.

I have a PC at home with an i7-8700 CPU running Proxmox, where I plan to install Frigate in an LXC container for device passthrough.

I came across this Amcrest camera on Amazon: Amcrest IP5M-B1276EW-AI. Since Amcrest is recommended, I assume it should work well, but I’d like to confirm before purchasing. If you have any camera recommendations in the $60 range, I’d appreciate them.

I also read that having dual network interfaces is recommended. My router doesn’t support creating new subnets (I don't know if that would be a problem), and my PC currently has only one network interface. My initial plan was to get a PoE switch and connect the cameras and the router to it, but would getting a separate PCIe network card, and then connect my PC to the switch instead of the router work for creating a separate, internet-less network?

Lastly, I understand that using a Coral accelerator is highly recommended. I’m deciding between the $25 PCIe version and the $60 USB version. Does Frigate benefit from the more expensive USB Coral, or is the $25 PCIe version sufficient? My motherboard is a Gigabyte B365M DS3H, in case that’s relevant.

Thanks in advance for your help!

cross-posted from: https://lemm.ee/post/41196370

> I have a spare 3070 GPU, as well as 16GB of Memory and my friend has a spare PSU, this part list has everything else I would need+everything I already have. Is there anything I should tweak or modify or will this build work, I plan to use it as a headless server. > > Thanks for the feedback! > > https://pcpartpicker.com/list/2fJJYN >

I built a system around a 3U chassis, then tried to stuff a GPU in the box and couldn't close the lid. I got a 4U chassis and rebuilt the system, but I still have the 3U and I'm thinking about filling it back out so I have a failover for Proxmox. Is there a GPU I should consider or just stick with the integrated graphics? I'm currently only using the GPU for Steam remote play using pass-though to a Windows VM, but Jellyfin, Frigate, Immich are on my to-do list.

I've recently gotten on board with Invidous/Viewtube - and they're both great in their own ways. I like not having the algorithm hide or force new content down my throat, but I'm wondering if there's a way to take this to the next level.

I also subscribe to nebula - and have some patreon exclusive videos. It would be amazing to gather them all together in one location - is there some self-hosted option for this? Maybe some combination of yt-dlp + plex/jellyfin?

How can you increase the disk capacity on a MiniPC?

I already have a 2TB SSD but I would like to have a raid of SSD or NVMe, but I'm not sure what is the best solution for MiniPCs

Any experience with a similar problem?

cc @selfhost@lemmy.ml @selfhosted@lemmy.world

Does anyone know of a self hosted food journal? I'm looking for an application that allows me to record all of the things I eat as well as how I feel so patterns of foods can be found when various symptoms are triggered. Bonus points for machine learning analysing the data and telling me what foods cause which problems!

I just setup my first automated and encrypted backup with borg. It's got me thinking about other chaotic events, and how to respond accordingly. I figured now is a good time to document my infrastructure: hardware, network, a files. This way if something bad happens, like my house burns down, I or a family member has instructions for how to quickly recover data and services. Examples:

1. If my website goes down, with my nextcloud on it, what steps do I need to take to recover the data and restore service?
2. If my harddrive fails, how do I access lost data and reimplement redundancy after a replacement is stood up?
3. If someone important to me needs to access encrypted files, how can that access that data and get access to the passwords/encryption keys?
4. If my phone bricks, how to recover 2fa codes?

So I'd like to have a physical printing copy that tries to cover these emergency scenarios. Of course, I'll have digital copy around as well.

I'm focusing more on digital assets, like encryption keys, personal files and media, cloud service access, accessing inaccessible machines, how to restart/recover from self hosted service if its down, etc. I understand how much wider this document can be to include physical assets, so to start I want to start with digital infrastructure.

So my big questions: what scenarios should be documented in this disaster recovery document? What should I prepare for? The nice correlary of this is that documenting a recovery plan will force me to actually stand up the backups/redundancy needed to recover.

Say I have a large txt or CSV file with data I want to search. And say I have several files.

What is the best way to index and make this data searchable? I've been using grep, but it is not ideal.

Is there any self hostable docker container for indexing and searching this? Or maybe should I use SQL?

cross-posted from: https://programming.dev/post/18360806

> Hi everyone, > > I would like to enable Cross-Origin Resource Sharing on my Nginx server. for few origins (cors requestor)/domains. > > I've found this article https://www.juannicolas.eu/how-to-set-up-nginx-cors-multiple-origins that is nice, but not complete and on my browser seem really hard to read due to the layout 🤮 > > So I've opened a CodeBerg git repository for the good soul that want to perfect this piece of code the allow the most of use to use CORS with Nginx. > > https://codeberg.org/R1ckSanchez_C137/BestOfxxx/src/branch/main/Nginx/CORS_MultiDomains.py > > If you don't want to create an account on codeberg feel free to post your code here ! > > nginx > server { > # Server > > map "$http_origin" $cors { # map in Nginx is somewhat like a switch case in a programming language. > default ''; #Seem to set $cors to '' empty string if none of the follwing rexeg match ? > "~^https:\/\/([\w-_\.]+\.)?example.com$" "$http_origin"; > #regex domain match > # ~ mean I suppose the string is RegEx ? > # Need to come with a RegEx expression that match https://anything.example.com[optional ports and Query string ?X=Y] > "~^https:\/\/([\w-_\.]+\.)?example2.com$" "$http_origin"; #regex domain match > } > > > location /static { > > # if preflight request, we will cache it > if ($request_method = 'OPTIONS') { > add_header 'Access-Control-Max-Age' 1728000; #20 days > add_header 'Content-Type' 'text/plain charset=UTF-8'; > add_header 'Content-Length' 0; > return 204; #https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/204 } > > if ($cors != "") { > add_header 'Access-Control-Allow-Origin' "$cors" always; # <-- Variable $cors > add_header 'Access-Control-Allow-Credentials' 'true' always; > add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; > add_header 'Access-Control-Allow-Headers' 'Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Requested-With' always;} > > # configuration lines... > > } > } > > } > > >

Hi folks, I'm considering setting up an offsite backup server and am seeking recommendations for a smallish form factor PC. Mainly, are there some suitable popular second hand PCs which meet the following requirements:

• fits 4x 3.5" HDD
• Smaller than a regular tower (e.g. mATX or ITX)
• Equipped with a 6th of 7th gen Intel CPU at least (for power efficiency and transcoding, in case I want it to actually to some transcoding) with video output.
• Ideally with upgradeable RAM

Do you know of something which meets those specs and is rather common on the second hand market?

Thanks!

Edit: I'm looking for a prebuilt system, such as a dell optiplex or similar.

I bought some new drives to replace the old ones I had lying around, and want to replace them entirely (4x 1tb -> 2x 4tb). I have a few apps running on it (Syncthing, Transmission, Tailscale, etc.), and I wanted to know what the best way to perform a drive upgrade would be. AFAIK the apps are installed on the pool as well, so will I just have to reinstall them from scratch?

The motherboard has 5 SATA ports, which are all currently occupied, so I don't know if I can do an "in-house" replacement.

My environment is a (freshly installed) Debian server with ZFS pools. I would like to store files in ZFS and share them using Samba.

My question is which is better from efficiency, effort, and security (for the host) perspectives? Running it natively on the bare-metal Debian host, running it in an LXC container, or running it in a VM? Why do you think one way is better than the others? I'm pretty familiar with VMs, but don't have much experience or knowledge of containers.

This is what I'm thinking at the moment, but I would appreciate any feedback:

1. Natively: no resource overhead, medium admin overhead (manual Samba configuration), least secure(?)
2. LXC: small resource overhead, least admin overhead (preconfigured containers and/or reproducible configs), possibly more security than native(?)
3. VM: most resource overhead, most admin overhead (not only manual configuration, but also managing virtual disk [including snapshots, backups, etc]), most secure

Requirements:

• based on Debian GNU/Linux
• easy to install/uninstall services

Services I'm interested in:

• several crypto nodes: BTC, BCH, ETH light node (Helios), XMR, ZEC, etc.
• Nostr
• SimpleX
• xBrowserSync
• taskwarrior
• Synchthing
• Mastodon
• vdirsyncer
• Element/Matrix

Is using containers with docker/podman on plain Debian the best approach for simplicity?

Does it make sense to have more than one VPS? E.g. one for crypto nodes and another one for the rest?

I have a Kasa HS210 3-way switchm but it has started to fail... maybe it is related to the fact that I blocked the DNS entries to tp-link servers, but every a few days it restarts it self.

Do you have a recommendation of a local-only 3-way switch that is HomeAssistant friendly (and hopefully not super expensive)?

cc @selfhost@lemmy.ml @selfhosted@lemmy.world @homeassistant@lemmy.world @ironicbadger@techhub.social

[Cross-posted from HomeServer@lemmy.ml]

I have Navidrome set up on my home server running TrueNAS, and I've set up a few playlists there via the web interface. However, I've noticed that the android apps with OpenSubsonic support do not allow me to create playlists on them. Are there any apps with this feature (as well as local download support), or is this not supported over OpenSubsonic?

When I open a file Jellyfin always shows "fetching additional data".

Is there a way to do that before opening a file, ideally for all files?

cc @selfhost@lemmy.ml @selfhosted@lemmy.world @jellyfin@lemmy.ml

cross-posted from: https://lemmy.world/post/17048910 >Got this server for free, so I talked about it on my blog ! > > Do you guy have any ideas on what I could run or install on this thing ? (For fun of course, nothing serious!)

Howdy All! I've been self hosting some services on a pi 4 for a year or two now and have been fiddling with new services lately. I realized I'm pushing 60% or so of RAM and maxing out the SWAP file while fiddling with things. I currently just set up a nightly reboot as a temporary solution but I'm thinking about picking up a mini PC of some sort to replace it with, and wanted to get input from the community (Read: people smarter than me haha.)

I'm happy to hear any preferences anyone would care to share on hardware. I know obviously more RAM is key, as far as I'm aware CPU isn't super important and any recent-ish box will probably have a fine enough processor in it, and of course I'll probably end up getting a bigger external drive to hook up to it but that's not a big deal.

Also, I'm currently running docker/portainer on an OMV core, just how I learned/got into self hosting. Should I take the opportunity to learn Kubernetes or some other big boy system? I've not done alot of reading into it but I know clusters are gaining steam these days even for self hosting, would that be valuable to learn more about as a hobbyist/enthusiast/whatever? I'm fairly competent and used to have some CompTIA certs but as such I know better than to unnecessarily complicate my life lol. It sounds cool but I don't see a use case in my personal usage.

Thank y'all for your time and knowledge!

I'm currently running: Baikal, Bookstack, Bitwarden, Duplicati, Filebrowser, freshrss , Linkwarden, Apache, Navidrome, nginx, portainer, rpi-monitor, searxng, stirlingpdf, syncthing, watchtower,

I'm considering: Nextcloud, Maybe a game server or two depending on the needs?, Whatever else seems interesting, I guess :P

Self hosting kids-friendly multiplayer games on Raspberry Pi 4

I'm working on a little project and I would like to have some multiplayer game that I can play with the kids. Ideally they should be little kids friendly, so no doom or quake.

I tried Minecraft, bedrock but the latency over wifi (and it needs to be over wifi for my project) is really bad.

In an ideal situation, I'd like to have one or more games that \- Can be played in multiplayer mode \- Ideally you only need the browser \- Is relatively lightweight, so can be run on a Raspberry Pi with Wifi

Any suggestions besides the one I mentioned? Maybe some emulator that can be used? Thanks!

cc @selfhost@lemmy.ml @selfhosted@lemmy.world

Question about replacing/expanding a disk

I have a small mini pc as server similar to [1], which has a super nice small form and has an internal slot for a 2.5" ssd disk. Currently I have a 2TB SSD, but it is filling up rapidly.

My options are:

1. Buy a way more expensive 8TB SSD and replace the existing one
2. Buy a much cheaper 8TB HDD + enclosure and connect it via USB.

I wonder what are the pros and cons of each option. I like 1 more because the form factor of the homelab is maintained and I don't need to plug yet another thing. OTOH I'm allergic to spending money 😆 so a cheaper solution (about 4 times cheaper) is always welcome.

Maybe I'm missing a third alternative? Opinions?

[1] https://www.amazon.com/gp/product/B0BVLS7ZHP/

cc @selfhost@lemmy.ml @selfhosted@lemmy.world

• The live app
• Introducing the app
• Docs
• GitHub
• Reddit community

Id like to introduce you to a decentralized chat app that works purely in the browser. Breaking away from traditional solutions that require registration and installation.

A decentralized infrastructure has many unique challenges and this is a unique approach. Ive taken previsous feedback and made updates. Its important to note, it is still a work-in-progress and provided for testing/review/feedback purposes. it would be great if you can tell me what you think.

Some of the features of the app include:

• Free
• Decentralised
• No cookies
• P2P encrypted
• No registration
• No installing
• Group messaging
• Text messaging
• Multimedia messaging
• Offline messaging (LAN/hotspot)
• File transfer
• Video calls
• Data-ownership
• Selfhosted (optional)
• Screensharing (on desktop browsers)
• OS notifications (where supported)

With no registration or installation required, its easy to get started.

Is there a feature in a CI/CD pipeline that creates a snapshot or backup of a service's data prior to running a deployment? The steps of a ideal workflow that I am searching for are similar to:

1. CI tool identifies new version of service and creates a pull request
2. Manually merge pull request
3. CD tool identifies changes to Git repo
   1. CD tool creates data snapshot and/or data backup
   2. CD tool deploys update
4. Issue with deployment identified that requires rollback
   1. Git repo reverted to prior commit and/or Git repo manually modified to prior version of service
   2. CD tool identifies the rolled back version
      1. (OPTIONAL) CD tool creates data snapshot and/or data backup
      2. CD tool reverts to snapshot taken prior to upgrade
      3. CD tool deploys service to prior version per the Git repo
5. (OPTIONAL) CD tool prunes data snapshot and/or data backup based on provided parameters (eg - delete snapshots after _ days, only keep 3 most recently deployed snapshots, only keep snapshots for major version releases, only keep one snapshot for each latest major, minor, and patch version, etc.)

Syncing password between firefox clones

I use floorp at home and firefox at work and I would like to sync password between those in a self-hosted way. I saw some mozilla server code somewhere to do so, but seems abandoned.

I would prefer a native mozilla-like solution instead of installing an extension, but if nothing else, that is also an alternative... suggestions?

cc @selfhost@lemmy.ml @selfhosted@lemmy.world

I'm starting a project along with my siblings to scan all of the family negatives, slides, and photos in an effort to preserve them.

I currently have Immich as well as Nextcloud Memories internally. That said, neither seem to be ideally suited to this task. I'm looking for a solution that would allow all siblings the option to view and upload scanned pics to the same library as we work through the shoeboxes full of memories. While Immich and Nextcloud both have account support, I can't seem to find a way to share a library amongst all accounts.

Does anyone have any recommendations for this project? I would then backup the scanned pictures on my server as well as B2 storage for redundancy and each sibling should have the option to download and backup the same library however they see fit.

I'm running an Unraid server as well as NextcloudPi on a Pi4. I also have two very basic VPSes that I rent.

I've looked at both ente.io and PiWiGo, but am currently having trouble getting either to work (still learning this selfhost stuff). I'd like to know if anyone has used either in this type of capacity before I spend more time trying to figure out what I'm doing wrong.

Question about #restic

Currently I'm backing up my personal computer on a local server and a remote repository. The easiest solution is to have a cronjob for 2 processes. However, I'm wondering if it is possible to scan the files only once and send the backup updates to both repositories instead of doing two scans... suggestions?

cc @selfhost@lemmy.ml @selfhosted@lemmy.world

The ports 80 and 443 are already used by Adguard Home. I didnt find any way to change those ports for Bitwarden.