I finally moved from reddit to Lemmy. maybe a 3-4 hour set up time to get it all working lol.
this post was submitted on 02 Mar 2025
121 points (96.9% liked)
Selfhosted
43130 readers
1292 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Finally moved all my lxc onto a lower-power Xeon D host, consumes 1/3 the electricity of my previous Dell R430, same essential performance.
Since it's winter and I mostly don't want to leave my house, I busted out an unused Raspberry Pi 4b a couple weeks ago. Started with CasaOS and AdGuard. Have now added a few other services including Navidrome to serve up a lot of local-area music for myself and friends. Got a Cloudflare tunnel set up, then some authentication through CF as well. And finally secured a static IP from my ISP. This is the farthest along I've ever gotten with any of this and it's been going great. Nearly every hurdle I've encountered I've been able to work through.
Two things causing me grief today though:
-
I also have Nextcloud hosted on a VPS and I cannot get to the point of running occ commands. First it wasn't found, then no php cli, then just errors. I gave up.
-
I'm using Homer because it's just so simple, but the theming and CSS is driving me nuts. Sure, I can change colors, but will this little bar in the neon theme change from 4em to 100% for me? NOPE. Override fonts? Nosir. All good though.
I'm a new selfhoster and reached the limit on what my DS923+ can handle after setting up an Immich instance (on top of qbitorrent, radarr/sonarr, plex). So I picked up a mini PC this week and migrated the Immich stack over (pointing to an NFS mount for the NAS!) and now it's running super smooth 🙌 Now I'm hype to move over more services and eventually start separating out media services from mission-critical stuff like photos when I have another machine handy.
I wanted to set up local domain resolution for my devices in order to stop having to visit sites with the local 192.168.1.x IP, so I started following some guides to run dnsmasq on the mini PC (Ubuntu Server) and add entries to /etc/hosts. It was pretty easy to get working OK, but for whatever reason the DNS doesn't seem to be working on a fresh boot. My local workstation can't ping the custom DNS entries for my devices until I sudo systemctl restart dnsmasq on the mini PC, after which everything works fine, which leads me to believe it's some weird boot order problem? I'm trying not to screw with it too much before bed, but hopefully I can figure out what's going on this week.
Highly suggest putting Caddy on a machine, forwarding port 443 and 80 to caddy, and then letting it do your reverse-proxy stuff. Register a domain name, give it your IP address, and then tell caddy that 'immich.yourdomain.bleh' goes to port 78789 and plex goes to 'media.yourdomain.bleh' port 89898 -- Caddy handles all of the TLS stuff, handshaking, you name it - so you can have secure sites with proper certs.
Then make sure those things are isolated from your home network through vlans if your router supports it.
You can get fancier with it using a tailscale and getting some datacenter IP to forward into your network
I set up DNS challenge with Let's Encrypt with Caddy, and now I don't need to forward anything to it if I don't want to.
DNS challenge so you can get a wildcard cert? Or is it still per domain? I haven't looked recently but it seemed difficult but I'd like to avoid transparency log installs where I can.
You can do both (not sure how wildcard works through Caddy though), I did it per domain. I prefer doing TLS trunking per device, hence no wildcard.
Thanks for the advice, I didn't know a reverse proxy was what I was setting up though I've seen that term all over. I think Caddy is likely in my future but I already have basic access to my home network through a Wireguard tunnel for now so I was hoping dnsmasq could solve for my case without getting too fancy or exposing any ports. I think I should probably try to learn about reverse proxies more generally to figure out the next steps forward.
load more comments
(1 replies)
I'm setting up Seafile and trying to swap everything from docker to podman. The longer term goal is that once everything is on podman, I'll get a new NVME drive and install MicroOS so I can retire my old SATA SSD (I've had it for 10 years or so, across 3 PCs).
I'm also considering setting up Forgejo and getting a worker to build my Rust projects.
You can use https://schedule.lemmings.world/ to automate the posts. Or, given the community we're in, you can selfhost it!
This week I've been doing some work on my GOG Downloader to finally back up all my GOG stuff when I buy new disks, that's pretty much it for my selfhost/homeserver stuff this week.
I didn't know that, cool! Though I should probably talk to the mods before setting up such a thing.
I'm the one who files the most bug reports on github under a different name. Our instance runs on Lemmy Schedule, so thanks!
I've been working on some bash scripts to help manage my media files. I've been slowly working on learning more bash and I'm pretty pleased with my progress. After I finish this bash book I'm reading (can't remember the title atm), I think I'm gonna jump into awk.
Bash is a really great shell, but consider trying out a functional shell scripting language like Elvish (which is also a shell). Syntatically it's pretty similar and not hard to pickup, but it's stupid powerful. A cool example is updating different servers via ssh in parallel using a servers.json file;
[
{"name": "server.com", "user": "root", "identity": "~/.ssh/private_key0", "cmd": "apt update; apt upgrade -y"},
{"name": "serverb.com", "user": "root", "identity": "~/.ssh/private_key1", "cmd": "pacman -Syu"},
{"name": "serverc.com", "user": "root", "identity": "~/.ssh/private_key2", "cmd": "apk update; apk upgrade"}
]
and a little elvish magic;
var hosts = (from-json < servers.json)
peach {|h|
ssh $h[user]@$h[name] -i $h[identity] $h[cmd] > ssh-$h[name].log
} $hosts
Just run the script and boom, done. You can even swap out peach which is parallel each for each if you want to do each command procedurally--but I really love using peach, especially with file operations over many different files. Linux is fast, but peach is fuckin' crazy fast. Especially for deleting files (fd -e conf -t file | peach {|x| rm $x }, or one thing that I do is extract internal subs (so they play on my chromecast) in my Jellyfin server, using elvish makes it really fast;
fd -e mkv | peach {|x| ffmpeg -i $x -map 0:s:0 $x.srt }
Find all *.mkv files, pass the filenames through ffmpeg (using peach) and extract the first subtitle as filename.mkv.srt. Takes only about a few seconds to do thousands and thousands of video files. I highly recommend it for home-labbers.
Pretty dumb example, but peach is like 6x faster;
❯ time { range 0 1000 | each {|x| touch $x.txt }}
5.2591751s
❯ time { range 0 1000 | peach {|x| touch $x.txt }}
776.2411ms
Just swapped VPS hosts from ssdnodes to MassiveGRID. Got a pretty sweet deal, so I'm pretty excited.
Got my services transferred over this week and it's been fun as hell. It's interesting because I was discussing Portainer with my buddy and he has Portainer on his local PC to connect to his remote instances and with hindsight it sounds obvious of course, but it's such a nice little setup. Just finished setting up my Jellyfin reverse proxy so I'm gonna watch a movie and chill.
I used Portainer for a while and still like it for checking out networking stuff, but try out Dockge! It's more open sourcey and basic, but makes updating easier.
Dockge
Dockage was nice, and it was much simpler, however, I had to leverage more docker commands via my VPS with it, because there weren't a lot of options, specifically network settings.
Pushed Wireguard back onto my network. I've been a Tailscale user for a couple of years, but never really saw the need for it for me as I'm the only user of the service. :)
I will freely admit though, there's nothing wrong with the service and honestly is great if you are behind a CGNAT router or don't want to use Cloudflare for your tunneling.
Many issues this week:
- Broke external-dns on my kube cluster because I updated my Pihole to v6
- Thinking of a way to expose a game server externally (usually used CF tunnels for specific services, but couldn’t get it to work cause it’s TCP/UDP and not HTTP traffic)
But at least i got my Velero backups working on an private S3
For no 2, in k8s, you can use MetalLB. Then the service will be of type LoadBalancer and you won’t have to create an ingress.
load more comments
(2 replies)
I finally got link warden up and running, but I'm chasing down some failures on a few websites.
Also realized that me biting the bullet for unlimited bandwidth (screw you Comcast!) means I can run archive team warrior, so that's been going.
IMO linkwarden was a real PITA. I've been trying linkding and it's been really great so far. I've had no issues like I had with linkwarden.
A third, and hopefully final attempt at getting an iredmail setup going. SPF, DKIM & DMARC all checking out fine. It's actually working this time. Need to get the ISP to change our PTR record though, last bit of the puzzle.
Also picked up a used negate device, so we now have pfsense fronting everything. That's allowed me to move the original router to a better location and put it in AP mode.
Emby media server moved off a Synology and into a proxmox container. Finally, we can stream high def with the hardware acceleration we weren't getting before.
Got Prometheus and Grafana setup with https on my Talos Linux cluster. Tried to use cert-manager with a DNS01 Challenge with Let's Encrypt but was using a local TLD and found out it won't issue it. So I had to switch to a local issuer. Was using metallb to gain a routable ip, I used the nginx-ingress controller for Prometheus and Grafana. Next time I can tinker I'll place the rest of my services behind it.
I hadn't heard of Talos Linux, sounds cool! We are using haproxy as ingress controller with stepca for local certificates at work.
I spent half a dozen hours this weekend trying to get Proxmox running on a 2nd hand laptop, but I can't get it to run without sounding like a jet engine. The machine did fine when I ran Mint and used it as a laptop - but even after blacklisting the dGPU and forcing all the CPU cores to powersaving, I'm still making heat like crazy.
Plan B is to put Mint back on it and install podman and see if fan noise is a problem then. But I'd rather have podman running in an unprivileged LXC.
Hmmm you might be able to first install Debian 12 and make sure the fan control works properly, then just install the proxmox application inside of that
https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm
load more comments
(2 replies)
Personally I'm mostly involved with my homelab migration so there's not too much on the selfhosting page except os updates. I set up meshmini earlier to access my thin clients via vPro/AMT but I need to configure the clients before being able to actually using meshmini. Once I'm done with that I'll finally be able to set up Lemmy and Pine pods.
My selfhosted stuff currently works fine without me doing much which feels good and lets me focus on hardware stuff currently.
Experimented with selfhosting a Woodpecker CI as a complement to my Forgejo.
Works quite nicely, I just need to set up a native ARM64 agent as the overhead of cross compilation on x86_64 is quite big.
Why not just use forgejo's actions and runner?
Woodpecker is more mature and I can control access better since I am not the only one using my Forgejo. But I think at some point the built in ones might reach feature parity.
Experimented with selfhosting a Woodpecker CI as a complement to my Forgejo.
If you need CI, check out OneDev. It's a git solution that comes with an integrated CI solution.
I like iOS shortcuts. This week, I created an iOS shortcut to scan my Plex library. Now this may seem weird since there is an option to scan a library from the official Plex iOS app and there are also options to scan the library automatically or periodically. For various reasons (excuses), I didn't like that the official app only lets you scan one library at a time and I have automatic/periodic scans turned off to avoid network drive access, so I created the shortcut to scan from my phone any time I felt like I wanted to trigger it.
- Create a new iOS shortcut
- Add the "Get contents of URL" action
- Get your X-Plex-Token (see instructions on official website)
- Set the URL in your action to:
https://{ip_address}:{port}/library/sections/all/refresh?X-Plex-Token={plex_token}
load more comments
(1 replies)