Selfhosted

39118 readers
404 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
1
 
 

So i've been hosting a modded Minecraft server for my friends and me on weekends. While it's been a blast, I've noticed that our current setup using LAN has its limitations. My friends have been eagerly waiting for their next "fix" (i.e., when they can get back online), and I've been replying with a consistent answer: this Friday.

However, exploring cloud providers to spin up a replica of my beloved "Dog Town" Server was a costly endeavor, at least for a setup that's close to my current configuration. As a result, I've turned my attention to self-hosting a Minecraft server on my local network and configuring port forwarding.

To harden my server, I've implemented the following measures:

  1. Added ufw (Uncomplicated Firewall) for enhanced security.
  2. Blocked all SSH connections except for the IP addresses of my main PC and LAN rig.
  3. Enabled SSH public key authentication only.
  4. Rebuilt all packages using a hardened GCC compiler.
  5. Disabled root access via /etc/passwd.
  6. Created two users: one with sudo privileges, allowing full access; the other with limited permissions to run a specific script (./run.sh) for starting the server.

Additionally, I've set up a fcron job (a job scheduler) as disabled root, which synchronizes my Minecraft server with four folders at the following intervals: 1 hour, 30 minutes, 10 minutes, and 1 day. This ensures that any mods we use are properly synced in case of issues.

any suggestions of making the computer any more secure, aswell as backup solutions? thanks!

--added note, what hostnames do you guys call your servers? I used my favorite band albums and singles for hostnames.

2
3
submitted 2 hours ago* (last edited 2 hours ago) by Dust0741@lemmy.world to c/selfhosted@lemmy.world
 
 

I am trying to not use any Google services for notifications and so I'd like to make a script to send notifications via ntfy based on discord messages.

How would I get access programmatically to my own discord account? Do they even support it? They have bots, but is their api for DMs?


Edit: the solution may just be a bot in servers, then not responding to DMs unless they use signal

3
 
 

Hi. I am currently using google drive mounted with rsync (encrypted) to stream files over my VPS since my VPS provider charges a lot for extra storage compared to google. I have offline backups of the said data at home

I currently have a 100GB google drive plan and it's working suprisingly great. Also it's cheap in my country due to regional pricing

Now, as I learned, Google keeps your files for 2 years after you cancel your extra storage subscription. It also doesn't allow you to upload anything which locks up Gmail but that doesn't matter if it's an alt account. So, can I just create an alt account, buy a 1 month subscription, upload everything, cancel it, then read it using rclone? Does Google restrict api access (for rclone) on drives with expired subscriptions?

Yeah I know I'm stretching this a bit too far but I just wanna know

4
 
 

I'm considering a business plan for people getting in to self-hosting. Essentially I sell you a Mikrotik router and a refurbished tiny x86 server. The idea is that the router plugs in to your home internet and the server into the router. Between the two they get the server able to handle incoming requests so that you can host services on the box and address them from the broader Internet.

The hypothesis is that $150 of equipment to avoid dozens of hours of software configuration is a worthwhile trade for some customers. I realize some people want to learn particular technologies and this is a bad fit for them. I think there are people out there that want the benefit of self-hosting, and may find it worth it to buy "self-hosting in a box".

What do you think? Would this be a useful product for some people?

5
 
 

Hi guys!

Back in the day I used to have a VM holding nginx and all the crap exposed...and I did set it up with fail2ban. I moved away from it, as the OS upgrade was turning messy, and rebuilt onto an LXC container. How should I use fail2ban/iptables in order to protect/harden my LXC container/server? Do the same conditions apply, or will I have any limitations/issues due to the container itself?

Thanks!

6
 
 

I just setup a minecraft server on an old laptop, but to make it acessible i needed to open up a port. Currently, these are the ufw rules i have. when my friends want to connect, i will have them find their public ip and ill whilelist only them. is this secure enough? thanks

`Status: active

To Action From


22/tcp ALLOW Anywhere Anywhere ALLOW my.pcs.local.ip`

also, minecraft is installed under a separate user, without root privlege

7
 
 

These seem to be purpose built for home servers. Is there a benefit to using one of them?

8
9
 
 

So, I have a rpi4b that's currently running a VPN for family abroad. I'm just finishing setting up Ubuntu server 24.04LTS(I have limited number of USB sticks, and the largest is only 8gb, so this choice was one of size, I can go into ones I had considered before) on an old laptop. For my small business I've also bought a domain for a work email, and eventually a website both are/will be hosted externally as I don't want to faff about with securing those aspects on my home network. The VPN though, that is currently pointing to no-ip dns service, and I want to migrate that to both the laptop and my own registered domain. What's best practices here? I do need the VPN to exit through to my network, so that my MiL can watch UK streaming from abroad(TV licence shenanigans).

10
 
 

I'm syncoiding from my normal RAIDz2 to a backup mirror made of 2 disks. I looked at zpool iostat and I noticed that one of the disks consistently shows less than half the write IOPS of the other:

                                        capacity     operations     bandwidth 
pool                                  alloc   free   read  write   read  write
------------------------------------  -----  -----  -----  -----  -----  -----
storage-volume-backup                 5.03T  11.3T      0    867      0   330M
  mirror-0                            5.03T  11.3T      0    867      0   330M
    wwn-0x5000c500e8736faf                -      -      0    212      0   164M
    wwn-0x5000c500e8737337                -      -      0    654      0   165M

This is also evident in iostat:

     f/s f_await  aqu-sz  %util Device
    0.00    0.00    3.48  46.2% sda
    0.00    0.00    8.10  99.7% sdb

The difference is also evident in the temperatures of the disks. The busier disk is 4 degrees warmer than the other. The disks are identical on paper and bought at the same time.

Is this behaviour expected?

11
 
 

This is a decent writeup on applying "Zero Tust" principles to a home lab using mostly open source tools. I'm not the author, but thought it was worth sharing.

12
 
 

Is there any service that will speak LDAP but just respond with the local UNIX users?

Right now I have good management for local UNIX users but every service wants to do its own auth. This means that it is a pain of remembering different passwords, configuring passwords on setting up a new service and whatnot.

I noticed that a lot of services support LDAP auth, but I don't want to make my UNIX user accounts depend on LDAP for simplicity. So I was wondering if there was some sort of shim that will talk the LDAP protocol but just do authentication against the regular user database (PAM).

The closest I have seen is the services.openldap.declarativeContents NixOS option which I can probably use by transforming my regular UNIX settings into an LDAP config at build time, but I was wondering if there was anything simpler.

(Related note: I really wish that services would let you specify the user via HTTP header, then I could just manage auth at the reverse-proxy without worrying about bugs in the service)

13
14
 
 

I'm looking at getting a gateway device to replace the ISP router that sits between the internet connection and the mesh WiFi.

I am running pi-hole on a (very old) raspberry pi, but I know some gateways get quite fancy so I'm wondering if it's possible to have pi-hole on the gateway itself, to run as DNS and DHCP servers?

Other things I'm looking for in a gateway are VPN as a client (preferably Wireguard) and PoE ports for cameras.

If it's possible to host something like pi-hole directly on the gateway then hardware recommendations are appreciated!

15
 
 

This seems like a solid choice for those of use looking for a obsidian-like replacement. Personally tried all editors out there, but nothing is able to defeat my love for obsidian. However, i look forwards to trying out Haptic when it comes to Linux. Currently it only supports Web and Mac. But state Linux and Windows support is on-the-way.

Kudos to selfh.st that provides consistent updates within this community and who shared this among other cool projects this week -> https://selfh.st/newsletter/2024-09-06/?ref=this-week-in-self-hosted-newsletter

16
 
 

Hi there self-hosted community.

I hope it's not out of line to cross post this type of question, but I thought that people here might also have some unique advice on this topic. I'm not sure if cross posting immediately after the first post is against lemmy-ediquet or not.

cross-posted from: https://lemmy.zip/post/22291879

I was curious if anyone has any advice on the following:

I have a home server that is always accessed by my main computer for various reasons. I would love to make it so that my locally hosted Gitea could run actions to build local forks of certain applications, and then, on success, trigger Flatpak to build my local fork(s) of certain programs once a month and host those applications (for local use only) on my home server for other computers on my home network to install. I'm thinking mostly like development branches of certain applications, experimental applications, and miscellaneous GUI applications that I've made but infrequently update and want a runnable instance available in case I redo it.

Anybody have any advice or ideas on how to achieve this? Is there a way to make a flatpak repository via a docker image that tries to build certain flatpak repositories on request via a local network? Additionally, if that isn't a known thing, does anyone have any experience hosting flatpak repositories on a local-network server? Or is there a good reason to not do this?

17
 
 

Hi!

I have setup ScanServJS which is an awesome web page that access your scanner and let you scan and download the scanned pages from your self hosted web server. I have the scanner configured via sane locally on the server and now I can scan via web from whatever device (phone, laptop, tablet, whatever) with the same consistent web interface for everyone. No need to configure drivers anywhere else.

I want to do the same with printing. On my server, the printer is already configured using CUPS, and I can print from Linux laptops via shared cups printer. But that require a setup anyway, and while I could make it work for phones and tablets, I want to avoid that

I would like to setup a nice web page, like for the scanner, where the users no matter the device they use, can upload files and print them. Without installing nor configuring anything on their devices.

Is there anything that I can self-host to this end?

18
 
 

Looking for recommendations for a versatile USB stick with Ventoy. I'm trying to create the "perfect, all-in-all" USB stick using Ventoy to store various ISOs and rescue tools. So far, I have the following ISOs:

  • Arch
  • OpenSuse TW
  • NixOS
  • Bazzite + AuroraDX
  • Win10 ISO
  • Clonezilla

I'm looking for suggestions on additional ISOs or tools that are compatible with Ventoy. What do you recommend adding to make my USB stick to make it more useful?

19
 
 

So, I'm selfhosting immich, the issue is we tend to take a lot of pictures of the same scene/thing to later pick the best, and well, we can have 5~10 photos which are basically duplicates but not quite.
Some duplicate finding programs put those images at 95% or more similarity.

I'm wondering if there's any way, probably at file system level, for the same images to be compressed together.
Maybe deduplication?
Have any of you guys handled a similar situation?

20
 
 

So we're starting a general contractor company and i I'm wondering if anyone else did that and had general advice? Its with someone else that is not really technology savy.

Currently we're using:

  • WordPress for website
  • OpenProject for project related task
  • InvoiceNinja for invoice purposes

Any advice and comments would be appreciated!

21
 
 

I've been playing around with self hosting for file sharing, backups, and a handful of other ideas I might one day get round to. I like the idea of a mesh VPN and being able to, for example, connect a travelling laptop to a 'host' laptop nearby, though my only public ip is a VPS in another country.

Of all the options I found, I liked the look of Nebula most. Fiddly in some places, but it's working nicely for me, and I appreciate some of the simplicity of design.

I'm wondering if people here have much experience of it, though? My biggest concern is over its future. With,

  1. The Defined Networking site focusing on making money off it, and
  2. The Android app doesn't allow full configuration (including the firewall, so I can't host a website from a phone) but - I heard - does if you use Defined Networking's paid service for configuration,

makes me worry they might be essentially trying to deprecate viable FOSS Nebula in favour of a paid or controlled service.

Any thoughts? Insight?

22
 
 

I'd like to get to a docker swarm sort of situation where I have 3 identical docker VMs, running 3 identical Caddy configurations, with 3 identical Apache VMs, and requests load balanced across them. And then I want a shared filesystem so the users can upload the files for their web sites to one location, and it's made available to all the web front ends.

I'm currently in a mixed environment:

  • #xcpng on bare metal
    
  • FreeBSD VMs running important services (bastions, email, DNS)
    
  • #AlpineLinux VMs running docker for all my container-based stuff
    

So I'm trying to do the shared, highly available FS part of this design and I'd stay with FreeBSD if I could. #selfhosted

23
 
 

So I have a retired but still very serviceable PC that I intend to use as my first home server. I gave two basic goals in self-hosting:

  1. Host family media through Jellyfin, etc. This would include tv, music, and possibly books as well. Many of these will be managed through the Arr apps.
  2. Degoogle my phone - I'm beginning by replacing Photos with Immich, but hope to also use Home Assistant, backup other phone data such as messages media, shopping lists, etc. I hope to replace Google storage/backup with Proton Drive.

So the question is what OS should I set up to run that? My proof of concept was an immich container running in xubuntu on an old laptop. I chose Xubuntu because I like the availability of documentation and community support for Ubuntu like distros, but wanted a lower powered alternative for the older device.

It seems to be working well, but I've had a few hiccups trying to update it, and I've heard that once you get into it, Linux distros like Ubuntu are not very user friendly for self-hosting as a beginner.

So is it better on the whole for a beginner to have a popular distro with lots if documentation and step by step guides, or to have a purpose-built OS like TrueNAS that might be more straightforward, but with less support?

24
 
 

I have been trying to setup my own newsletter for ages.

All of the platforms that I researched asked for stupid amounts of money for the services they where offering.

20$/month for 500 subscribers is not fair pricing mailchimp.

So I looked around the web for selfhosted solutions. Finally I found Listmonk, it's a selfhosted newsletter and mailing list manager, written in go and is extremely performant.

So I wrote an article on how to set that up!

I hope this helps some fellow selfhosters!

If you have any feedback please feel free to comment it bellow.

25
view more: next ›