Found out that docker volumes are important after restarting my server 🙃
Am I mistaken that docker creates temporary volumes with a nondescript name and you can potentially dig up the volumes that were being used in /var/lib/docker/volumes?
I've been fending off AI bots the last week or so; wrote about it here:
https://gerowen.substack.com/p/the-ai-data-scraping-is-getting-out
Interesting writeup, thanks! I thought maybe dropping connections with those user agents would be the best but idk. My sites have not been targeted yet fortunately.
So far I haven't seen any attempts to change their user agents. I've seen one or two other bots poking around, but nothing to write home about so I've left them alone.
I have heard however that changing user agents is a tactic they do indeed employ, especially Claude, so it may be that I'll eventually have to adapt my defenses.
Finally switched from plex to jellyfin, seems to be ok so far. Needed to make some small scripts for metadata management but it's running smoothly. Finally decided I'm hosting enough software with user accounts that I've made an authentik instance for SSO with each (ofc jellyfin first)
The only feature I want that jellyfin doesn't have (or I haven't found it) is shuffle. Throwing on how it's made or mythbusters on shuffle is great background stuff.
I see it in the default WebUI, perhaps whatever app you're using doesn't support it?
Ya I don't think it's supported on the apple tv app. Damn.
Finally starting my self hosted journey. I have everything I need I'm setting up a 6tb nas for linux iso's photos and files. And I recently got a "broken" laptop that works perfectly fine that I will use for running all my applications in proxmox such as immich, jellyfin and nextcloud. And probably many others in the near future.
I've setup Nextcloud on Hetzner, and have ordered a mini PC to run Immich and experiment with.
Still trying to decide on a good cheap email host that I can also move my family on to eventually.
I recently moved from Gmail to mailbox.org with my own domain. Works as it should so far. And for 2.5€ per month I can't complain about the price either.
And switching email addresses has actually been less painful than I expected. Most services let you change the associated Mail easily.
Was using realvnc to vnc from remote, it was easy and cloud driven.
Fully swapped to tailscale and normal VNC sever now.
Performance is good and works great for the troubleshooting and small GUI stuff I need to do.
I set up my own Lemmy server, mastodon, and matrix. Finally making the move off centralized social media and communication platforms
Do you just do this for your own personal use, a few friends or just anyone from the internet?I'm just curious what the point is and how much effort is involved in connecting with other instances.
I've finally powered on a 15 year old machine to run a bot I've been writing. The thing is slow as dirt and stuck behind a flakey power line network, but it's working. I got to write my first systemd service definition, which is kind of cool.
The computer I'm using currently, I set the BIOS in 2012. WHen I built it, I stuffed every last piece of cutting edge tech of the time into it. Dual CPU, SLI, started with 64gb ram then later on maxed the board out at 128gb. It's still a workhorse tho. It's one of the three I use all the time for music production, selfhosting etc.
My machine is not a workhorse. I got it second hand. It has around 8gb of RAM, and an 80gb HDD I found in a laptop.
But it's enough to work as a testbed, so it's fine with me.
This is the home lab creed: You do with what you have. Before I accumulated a bit of equipment, I've used laptops, RPi, minicomputers, at one time I had a cluster of Wyse thin clients bootstrapped together.
A catalog for organizing various Roms you have. It can pull metadata from a number of sources and properly add all the details, cover art, and platform information to each game. It’s smart enough to auto-generate collections based on game series, and embed YouTube videos for gameplay of each one without even any configuration.
The best part? It has Ruffle and EmulatorJS built in so you can play any games supported by EmulatorJS in your browser. I tested games up to N64 and they all ran smooth as butter right in the browser with gamepad configurations built in. They even support local multiplayer.
I'm moving to Podman quadlets for self hosting infrastructure (Forgejo and Woodpecker CI) and Kubernetes for the actual services. I also still need to figure out were I'm going to do SSL terminations.
Nextcloud will be moved to Nextcloud AIO
Finally installed jellyfin when I realized I could use rclone to mount 10G of free disk space from box (with client side encryption using rclone) on my server.
Very easy to install on Debian, but the plugins are a security nightmare. Jellyfin devs are kinda dumb.
A LOT of plugins in many projects are a huge concern. I say this as someone who ran security for an OS for a while. It's just people making bad decisions for everyone and then hand-waving the risks when questioned.
I dont mean the plugins themselves but the fact that there's no way to safely download a plugin.
Even if the plugin really is benign, jellyfin will happily download something inauthentic and malicious befuarse there's no cryptographic signature checks
Recently been working on setting up forgejo to migrate away from GitHub. My open source stuff I’ve actually put onto codeberg and I’ve set up a handful of pull mirrors on my local instance for redundancy. This weekend I’ve been testing out woodpecker-ci for automating pushing files to s3 for some static websites for repos on codeberg as well as my forgejo instance. Today will tell if that is successful!
I added a cheap PCI 4 slot NVMe expansion card and a couple of SSDs for a new pool and then migrated all the database-heavy stuff over to it. Required some use of local ZFS send/receive which I didn't know was possible, but it has gone smooth so far. Very happy with it! It no longer sounds like my HDD pool is trying to escape from hell and some of the services are much snappier, especially Bitmagnet. I'd highly recommend it as an upgrade for anyone still running purely HDDs. I thought I could get away with it but ZFS speeds are no faster than single drives and the amount of stuff I had was hammering it non-stop.
I also bought my own domain finally to escape the free-tier dynamic DNS woes and I can finally feel good about sharing links with other people. I slapped a file share container with disabled registrations on a sub domain. I put it all behind free tier Cloudflare to hide my server's IP, it took a little bit of learning what the different records are but so far much easier than I thought. Although I have yet to do the hardest part of setting up dynamic IP for my DNS records. I see a bunch of scripts floating around, but none seem that easy or well-maintained...
Oh, and the PI I've had running Pi-Hole v5 for god knows how long with no maintenance couldn't run Tailscale, so I wiped the entire thing to start fresh and got it up and running with Pi-Hole v6, Tailscale, and Unbound. I like having these separated from my other services as they are more critical to have at all times and I have had 100% uptime with my Pi so far. Although I chose Dietpi for my OS on a whim because it looked interesting and am not sold on it. I like that it has easy software installs with sane defaults so I probably saved time overall, but the amount of time I spent debugging the weird choices Dietpi made for basic shit like networking options really threw me off.
Shoutout to @Estebiu@lemmy.dbzer0.com for helping me appreciate the joy of docker compose. I got to set up Navidrome and it's been great!
With that said, I have a security-related question: at what point in self-hosting am I exposed to the outside internet that warrants things like reverse proxies and other security measures? I'm currently typing router IPs (e.g. 192.168.x.x) to access the services, so is my machine exposed if the only people intending to connect are local on our wireless network?
To expose your stuff to the outside internet, you need to actively set port forward in your internet router, you won't do that by accident.
What a relief, thanks for the clarity! I have vague memories of doing that as a teenager to play various games with friends, which sounds like something risky a teenager would do 😅
There's nothing wrong with making a reverse proxy only for use inside your homelab. It's one way to resolve internal DNS queries and give addresses to your services. It's perhaps the best, because it's the only way I know that doesn't necessitate remembering port numbers.
E.g. You are hosting something at 192.168.1.20 on port 3310. Even if you set a local DNS record for pihole.itjust.donn to resolve to 192.168.1.20, you'll still have to type pihole.itjust.donn:3310 to access it. The same isn't true with a reverse proxy.
This is good to know because I'm learning about nginx currently, so I'm glad it has practical use without opening up my network 🤘
Building a simple workflow with AI agent for our community watch group. Also building an open source automation platform, currently working through GUI templates for it.
Oh, I've just been tinkering around with LangFlow specifically as a news aggregator.
The flow: https://i.imgur.com/5HqznQm.png
Then asking AI to go get me some news: https://i.imgur.com/ltZPBwC.png
Still needs a little tinkering and as the final step, to send said news stories to my Telegram. I really have a blast with automation platforms like N8N, Flowise, Gotify, DopplerTask, & Kestra.
Afterwards, I smoked a small bowl and worked on a couple songs I have in the works.
HBU?
Debatting with myself and to a lesser degree what to do in terms of our homeserver situation. While the proxmox node has more than enough CPU and RAM capacity left, the NAS, an older Synology, is full to the brim, EOL and needs replacement.And sadly being a mini PC the proxmox node is unable to get the HDs connected.
So something new is needed and I would rather have my setup streamlined and combine the two.
But that is... More difficult than anticipated. I really would like something power saving with ECC ram that can take at least two PCI-e (SFP+ and a potential graphic card for AI later on). That can take 4,better 6 HDs. And at least one,better two NVMe. ...that basically means self building which I am happy with, but all current builds I calculate come out somewhere south of 2000€ (including two new HDs, as two old ones need to go). And that's sadly out of the financial possibility at the moment.
If only the fucking Ugreen (DXP6800)would support ECC. While not ideal in terms of PCI-e it would be enough to do the trick.
I had to reboot my Proxmox server after applying powertop --auto-tune. All was fine with every advised tweak but touching the Lan interfaces was not a great idea
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
