Looks like in Radicale 3.7, there is improved collection sharing? Has anyone tried using this?

I haven't tried any sharing previously because it seemed like it wasn't officially (or well) supported before, since you had to do some weird symlink hack.

Is sharing now more officially supported now? I looked at the UI, but I didn't see anything mentioning sharing...

Does anyone know what has happened to Kitchenowl?

All I see is a 404 when I go to the Kitchenowl website (https://kitchenowl.org/), docs site (https://docs.kitchenowl.org/) or the author's Github (https://github.com/TomBursch/kitchenowl/).

I've mostly stuck with IPv4 in my LAN, but ive been wanting more and more to more to move to IPv6, if only for the learning experience. Since my ISP only uses 6rd and so I can't get a static IP much less a GUA subnet to use, I'm trying to decide strategy for setting up the network, NAT, etc. And I know it's probably not worth the effort, but again at this point it's more a learning exercise.

I have an OpnSense router and use Unbound on it for DNS, Kea for DHCP, and Caddy for reverse proxy, so I am pretty flexible. What strategies have others employed? I use static addresses assigned at the router's Kea DHCP service for IPv4 for all known devices. I have 4 VLANS for guest, mostly trusted devices like my phone and laptop, private stuff like my NAS, Home Assistant server, and Kubernetes cluster, and IoT for stuff that is private but I don't have as much control over like light switches, cameras, and the TV. I use a pihole on the VLAN my personal devices are on to allow for ad, tracking, and malicious site blocking. And I use Pangolin for external access to some private services. And I have a domain dedicated to LAN devices and another for externally hosted VPS servers. Though I dont host much externally now that I finally got access to fiber and no more asymmetric, slow up speeds from Cable service.

I use static IPv4 addresses in Kea DHCP, mostly to assign devices to VLANs and give devices domain names. I'm guessing that will still be necessary. I rarely use the IP addresses in service setup or browsing to services if I can help it, just domain names. What other concerns should I consider?

Any experiences or advice for similar IPv4 to IPv6 LAN conversions would be greatly appreciated, so I can plan ahead.

Keeps alerting me to empty boxes of 'person' detected with 90+% confidence. So frustrated right now.

Hello again!

Recently had made a post where y'all helped me out as a noob setting up a server. One comment in particular gave me an idea and now I'm wondering if this would work and would it perhaps be easier to do, since I've had trouble figuring out how to (safely) set up the remote connection stuff.

I installed Fedora Kiinoite on the server/htpc and was learning how to use Podman since I don't want to go through the trouble of using Os-tree.

But it just occurred to - would it work if I used Gnome Boxes to run Cosmos Cloud and run all the services I want to remotely connect to from there? Or would there be an issue since it's a VM? Cosmos Cloud seems to make it easy to securely remotely connect, and it uses containers too.

cross-posted from: https://lemmy.world/post/45721589

Hi All, It has been while,

Dograh is an open-source, self-hostable voice AI agent platform. Think n8n but for phone calls. Visual workflow builder, inbound and outbound calling, bring your own LLM, STT, and TTS.

GitHub: https://github.com/dograh-hq/dograh

Setup

one command with Docker, about 2 minutes. No signup or API keys needed to get started:

What is new

Pre-call data fetch. Hit your CRM, ERP, or any HTTP endpoint during call setup and inject the response into your prompts. The agent greets the caller by name, references their account status, skips the "can I get your customer ID" step. Configure a POST endpoint in the Start Call node - API key, bearer, basic, or custom header auth supported. 10-second timeout; if the endpoint fails, the call continues without the extra context. Reference fetched values anywhere in prompts with {{customer_name}} syntax.

Pre-recorded voice mixing. Drop in actual human recordings for the predictable parts - greetings, confirmations, hold messages - and let TTS handle only what needs to be dynamic. The greeting sounds human because it is. Latency goes down, TTS costs go down.

Speech-to-speech via Gemini 3.1 Flash Live. One single streaming connection replaces the separate STT, LLM, and TTS hops. Turn response latency drops noticeably and the conversations feel more natural.

Post-call QA with sentiment analysis and miscommunication detection. Full per-turn call traces via Langfuse.

Tool calls, knowledge base, variable extraction are all there too.

What is coming

Real-time noise separation for live call streams - still the thing I most want to solve after last week's thread. BSD-2 licensed.

GitHub: https://github.com/dograh-hq/dograh

Special thanks to this community that supported me with my last post ❤️

Happy to get feedback and contributors. A star would mean a lot

---

Just curious what people are using n8n for.

I just finished setting up a workflow that sends me a Telegram message every night about photography opportunities for the next day. It puts together weather data, POIs (which I defined for my location), sun/moon position, milky way visibility, cloud cover, etc. The message then simply tells me if it's worth it going out in the morning.

I've been selfhosting my video / photo / book collections for a while now and also running other services like personal bugeting, piehole DNS, and stuff like that.

Lately I've been working on the hardware side of my home network. I'm looking for some advice and normally I'd turn to one of the homelab communities. But the three communities I found hadn't had much or any activity in the past 6 months.

I considered asking a question here related to my switch and my wifi access point. I bet there are lots of clever folks in this community. But before hitting submit I remembered to check the community rules in the side bar and noticed rule #3:

Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing.

Where do all the lovely self-hosters here turn when they want to chat networking or server hardware? Anyone have some recommendations for neighbouring communities they find useful?

I noticed by accident that in my home network IPv6 is not functional, so I decided to fix that, and started studying about IPv6.

I have an opnSense firewall which connect to my ISP port as WAN, and then the LAN. The point is that o do not get a GUA on my WAN, but I get it if I connect directly a pc to the ISP port....

The opnSense seems to be configured properly, and the ISP itself do provide IPv6 as I can get a GUA address when I connect my Linux laptop to the ISP router, so I am not sure...

Anybody has any hints?

Tired of streaming services dictating my music discovery, I resurrected an old internet relic to reclaim my listening experience.

We open sourced Voiden a few months ago: an offline API tool where API requests live as executable Markdown and are versioned in Git. We wanted to build something that combines the power and flexibility of Obsidian-style files with the simplicity of curl.

The basic idea of Voiden is that instead of being static forms, API requests are composed by using blocks (endpoint, auth, params, body). Blocks that you can add, reuse, override, and stitch together across files (more like functions than requests).

Most of the feedback, requests and contributions that we have gotten since Open Sourcing, have been around defining workflows, chaining requests, scripting them, and structuring everything in reusable .void files.

These are some of the key highlights that I wanted to share:

-- Real scripting, (instead of sandboxes): In most API tools scripting lives in a constrained JS sandbox, an environment that doesn't take advantage of powerful runtimes that might be available locally for a developer. The biggest limitation here is the assumption that the tool should define the runtime. Voiden runs fully locally, so this allows you to just run your scripts with actual runtimes (JS, Python, shell, with support for others being added).

-- Multiple requests per file (mini workflows): Allowing multiple requests in a single .void file turned out to be surprisingly useful. Instead of scattering related requests, you can group them naturally: an order flow (create - pay - confirm), or a full CRUD cycle in one place. The file effectively becomes an executable flow: run one request, or the entire sequence end-to-end. And since Voiden is executable Markdown, docs and tests are in the same .void file that can be organised better, preventing duplication and drift.

-- Stitch (composable workflows across files): Instead of a single large collection, workflows (“Stitch”) are built from .void files that you can combine across scenarios. You define small flows (auth, setup, CRUD, etc.) and stitch them together into larger workflows, without duplication. This is just the first version of this capability, we still have a lot to do here.

-- Agents :The file-based, local-first model also works well with agents. Since Voiden has a built-in terminal and uses Markdown, we added “skills” so that Claude and Codex agents can work directly with .void files (using your own subscriptions).

We also published an SDK for community plugins, and made improvements to performance, reliability, and DX (keyboard-first), with careful attention to performance given the Electron base

Looking for feedback and suggestions.

Github : https://github.com/VoidenHQ/voiden

Download : https://voiden.md/download

Latest Lemmy discussion : https://lemmy.world/post/43922166

I’m setting up a new server and am planning to try applications such as Jellyfin, Baikal, Nextcloud, Syncthing, Immich, Home Assistant, SearXNG, CryptPad, and possibly Element/Synapse if my little pi4 can handle it.

I’ll probably only have three users, so I’m hoping to fit a fair amount on my pi4 (8GB RAM), but will add mini PC if I need to. I do not plan on making any service publicly available without logging in as a user on my Yunohost server. I will eventually switch to a Docker setup, but for now the Yunohost debian setup is much more user-friendly for me, and everything has been pretty functional as-is.

I’m mostly concerned for a baseline level of security. One user suggested:

• patch/upgrade your kernel and services regularly
• run a hardened kernel with stack protection and address space randomization
• Put a firewall between you and the internet with only minimal ports open
• Scan your machine and ensure no extra ports are open
• Disable/remove every device driver the kernel has that you aren't using
• Remove all software on the device that isn't in active use or part of your debugging toolset, and disable all features of services you don't need.
• Add an extra trustworthy layer of authorization to nextcloud before you can talk to PhP
• Disable root ssh access completely
• Disable user ssh access except for via ssh key
• Encrypt the most critical data client side, so access to the server doesn't give access to the data (e.g. my passwd database is in nextcloud, but the key to unlock it isn't)
• Use 2-factor authentication
• Only allow access over VPN
• Firewall whitelist only networks you know you and your users might be accessing from. No reason why a host on a random ISP from Kazachstan should be allowed to even attempt a login.

Plan: From that, I plan to take the suggestion for

• disabling root SSH and only use the authentication key setup
• change the default SSH port, port forward through a VPN service
• use encrypted backups on client side (phones and computers)
• Yunohost to my knowledge uses nftables built-in for a firewall, so I can default block everything and whitelist the services I need

Yunohost does not yet support 2FA login, but suggests to disable the web api if it will not be used, to decrease attack surface.

Questions:

1. Would security for ports be sufficient to use a VPN service like Wireguard or Proton VPN and enable port forwarding? Or simply disable unused ports?

2. Should I disable ports that Yunohost defaults on? These are: TCP ports 22, 25 53, 80, 443, 587, 993, 5222, 6269 and UDP ports 53, 1900, 5353. I am new to network stuff but understand that 22 is the default SSH until I were to change it, 80 is needed for HTTP, 443 is needed for HTTPS, and Element would probably need 5222.

3. Is blocking everything via firewall and only whitelisting services I use feasible? Is that necessary if running the whole thing with port forwarding through the VPN? I’m concerned that I won’t be able to manually figure out every service my applications need.

I understand there is a balance between security and compatibility/usability, but I would like to have a reasonable amount of confidence that my files and photos will not be easily taken. Any insight is greatly appreciated.

Hey gang, recently rebuilt my home server using docker and portainer and I've been having a blast curating the different things on it. Homehub has the spouse absolutely stoked and she asked if I could get it to send notifications. I honestly have no Idea so I thought I'd ask here.

Is there a reliable way to send notifications from a home server to smart phones? I'm already set up for remote access, but I'm still new enough that I don't even know how to look for that.

It’s a 10 minute read when it should probably be a 2 minute read, likely due to LLMs fluffing it up (I got that vibe from skimming it). But what do you all think, is there anything in here that would compel you to switch from your current VPN solution to this?

For example, if I want a website where users can I signin to choose options such as changing or restarting a Docker container. Or various other systems level options available from a web interface.

I'm looking for something in the cloud but also something self hosted at home.

There are a ton of selfhosted bookmark syncing and managing solutions.
In addition to https://github.com/awesome-selfhosted/awesome-selfhosted#bookmarks-and-link-sharing I found these:

• Betula - https://sr.ht/~bouncepaw/betula/
• Linkwallet - https://github.com/tardisx/linkwallet
• Nextcloud Bookmarks - https://apps.nextcloud.com/apps/bookmarks (Only makes sense when you've already set up Nextcloud)
• Postmarks - https://github.com/ckolderup/postmarks
• xBrowserSync - https://www.xbrowsersync.org/

I'm sure there are a ton more out there.

Basically all I want is to sync and somewhat categorize/tag bookmarks across my devices. Website archival, sharing and multi-user support is optional.

Going by GitHub stars I guess using Floccus with LinkWarden or Karakeep is the way to go?

https://github.com/TechSquidTV/Cliparr

Hey guys. I have a few selfhosted systems that are available to the public. Its getting difficult to notice if any wrong port is still open or some web server is out of date. I am looking for a (foss) tool that can reguarly monitor my systems (via their public ip/domain) and notify me if any port that I not specifically allowed (in a config) is open. Additionally it would be cool if it checked all open ports if they provide out of date software (like webservers) or known security issues.

I found nikto, but it feels like its doing only half of what I want. greenbone feels way to bloated for my use case.

Do you know any kind of software that would do something like that?

So...with all this openclaw stuff, I was wondering, what's the FOSS status for something to run locally? Can I get my own locally run agent to which I can ask to perform simple tasks (go and find this, download that, summarize an article) or things like this? I'm just kinda curious about all of this.

Thanks!

Hi there, I’m looking for a tool to create reports for a self-hosted Caldav calendar, or even a client-side tool.

Here is what I want to achieve:

• I have a calendar where I write down events, such as my team meetings and work alone time.
• I want to use a tool to sum the time used per day and per week.
• The output should be easily copyable or exportable, so text output would be best.

That’s all.

Do you know of a tool, script or service that can do this?

Thank you!

Solution: FetchMail + Dovecot. Just need to set it up, but it's pretty much what I was looking for.

The goal is to allow easily moving away from an email provider e.g from protonmail to tutanota or fastmail or whatever. How do people achieve this?

I just want to have myname@mydomain, the emails to go to whichever managed email service that allows it, and to then grab everything from that service with POP to then self-host a proxy that multiple devices can connect to. STMP can go either to my hosted server or the managed host, doesn't matter.

The idea is explicitly not to do the job of a managed email service. No DKIM, no SPF, no DMARC, none of that.

Distro is NixOS, but can adapt any instructions given. Mentioning just in case somebody already has a nix configuration with this setup.

Yesterday's update to Vaultwarden paved the way for yesterday's second update to Vaultwarden (by causing an issue)