Hey everyone, I’m looking to replace my router with a NanoPi R6S but want to do everything myself from Alpine Linux.

I’ve been doing a lot of research and it seems that the chipset and hardware are supported as of Linux 6.3, but looking at Alpine’s ARM documentation makes installation sound a bit more advanced than I’m used to (specifically, the partition layout and U-Boot are confusing to me).

Has anyone gone this route?

I have a HDD 4tb Toshiba drive I had in a Raid 1 NAS device (NSA320) that failed in the raid and I replaced it and rebuilt the raid and life was good.

I have finally moved to a better custom TrueNas scale setup with 2x 8tb HDD in a Raid 1 with weekly encrypted backups to online cloud. I have 2 4tb Toshiba HDDs that match closely with the dead hdd.

I want to try to recover data from it mainly because I want the experience... Let me explain. The drive clicks, yes you can hear the disks spin up to speed and then you hear clicking as it's trying to read.

I want to know if I can start off trying to swap the circuit board to rule that out without much issue? I have true HEPA filter air purifiers and I can rotate and angle them to have a positive pure air pressure if I need to open it up and swap out the arms.

Is it worth trying? Anything I should know or think about in my decision to try this?

Hi, I am planning to purchase a 2.5-inch HDD. If I connect it to my computer using a SATA to USB adapter instead of directly to the computer's SATA, can it somehow affect the result of this scan?

I apologize for my ignorance but I couldn't find an answer to this question anywhere

Has anybody here managed to install Funkwhale using Portainer? I've already tried 3 times, first tried a template, but turns out the AIO container is deprecated, then tried modifying the default docker-compose and env files available on Funkwhale's repo, didn't work (couldn't run the required commands to create a user). Then I spun up a brand new debian 12 LXC container on proxmox, ran their quick install script and failed (something related to snapd, even though it was installed).

Up until now I've been an avid Navidrome user, but since we've been cutting some costs, Spotify had to go. Too late I realised Navidrome has no library separation: Even though you can have multiple users, they all pull from the same library, making it a mess.

I'm just looking for a simple deployment I can use either within my LAN or via TailScale, just for me and a few family members.

My family needs a new router to replace the old (though not old enough that it should be dying) netgear router that is slowly dying. I want to do something with good foss firmware like opnsense or openwrt. I was thinking that the BananaPi options look good, but had some concerns. I would like to install the firmware myself, rather than trust that the manufacturer didn't modify it in any way. I don't know if the pre-made openwrt bananapi routers can be flashed with custom firmware easily. Also I need something with wifi (ideally wifi 6 or better), though would be willing to consider a separate WAP. VLANs would be nice too, but I could live without them. Have any of you done this? What has your experience been, both with install and long term? Is there anything I should look out for that I might not think of? What resources can I use to find out more about this?

Edit: This is the one I'm looking at. Sorry for linking to Amazon but I used FF's remove tracking from URL feature. https://www.amazon.com/youyeetoo-BPI-R3-Development-MediaTek-Support/dp/B0BLVF9697/ref=cm_cr_arp_d_product_top?ie=UTF8

I set up Netbird with Nginx Proxy Manager to reach my self-hosted servers. But I can't get it to configure Mailcow. Does anyone have an idea how I can make Mailcow work with Netbird and NPM?

chat.positive-intentions.com

https://github.com/positive-intentions/chat

I'm excited to share with you an instant messaging application I've been working on that might interest you. This is a chat app designed to work within your browser, with a focus on browser-based security and decentralization.

What makes this app unique is that it doesn't rely on messaging servers to function. Instead, it works based on your browser's javascript capabilities, so even low-end devices should work.

Here are some features of the app:

• Encrypted messaging: Your messages are encrypted, making them more secure.
• File sharing: Easily share files using WebRTC technology and QR codes.
• Voice and video calls: Connect with others through voice and video calls.
• Shared virtual space: Explore a shared mixed-reality space.
• Image board: Browse and share images in a scrollable format.

Your security is a top priority. Here's how the app keeps you safe:

• Decentralized authentication: No central server is required for login, making it harder for anyone to gain unauthorized access.
• Unique IDs: Your ID is cryptographically random, adding an extra layer of security.
• End-to-end encryption: Your messages are encrypted from your device to the recipient's device, ensuring only you and the recipient can read them.
• Local data storage: Your data is stored only on your device, not on any external servers.
• Self-hostable: You have the option to host the app on your own server if you prefer.

The app is still in the early stages and I'm exploring what's possible with this technology. I'd love to hear your feedback on the idea and the current state of the app. If you have any feature requests or ideas, I'm all ears in the comments below!

Looking forward to hearing your thoughts!

The live app

About the app

Docs

Speaker: Martin Kleppmann, University of Cambridge, Inc & Switch

We have come a long way since my colleagues and I published the local-first essay five years ago. In this talk I'll review where the local-first idea came from, where we are now, and what I hope the local-first community can work towards in the future.

cross-posted from: https://lemmy.world/post/16959253

I got this AP for free, and had some fun trying to configure it, and I decided to look at the inside of this thing. It has a PowerPC processor, pretty cool!

It is a Cisco Aironet 1131AG

More pics:

It's an old AP from around 2007, I managed to get the latest firmware thanks to some guy on the Internet Archive (thank god they exists) ! ( https://archive.org/download/cIOS-firmware-images/ )

Good day, friends. Since catching the self-hosting bug, I've set up a couple of Proxmox home servers with a bunch of services I enjoy.

Now I'd like to set up a server and local network on my sailboat so I can self-host servarr, pihole, and other services while traveling. The tricky part is that everything on the boat is 12V and I would rather not use an inverter, if possible. Also, it needs to be ultra-low power so I can leave it on at all times and not to deplete my batteries too much.

Criteria:

• ultra-low power
• Small form factor
• runs on 12V
• 10 TB of storage plus ability to make full local backup
• Capable of hosting servarr, audiobookshelf, freshrss, etc. via docker
• HDMI output
• Full local mirror/backup of the entire file system, including the media library.
• We will have two laptops and two Android phones to access the server, so the server doesn't need to run a desktop environment.

I'll have a mobile wifi router and a cellular signal booster (or maybe Starlink eventually) for internet access. Since internet bandwidth will be limited and expensive while traveling, I don't want to have to re-download a massive media llibrary if the storage media fail. Thus, I want the media library to be mirrored or fully backed up or synced locally.

What hardware and Linux distro would you use in this situation?

Centralization is bad for everyone everywhere.

That bring said... I just moved my homeserver to another city... and I plugged in the power, then I plugged in the ethernet, and that was the whole shebang.

Tunnels made it very easy. No port forwarding no dns configuration no firewall fiddling no nothing.

Why do they have to make it so so easy...

Hi! I'm starting out with self-hosting. I was setting up Grafana for system monitoring of my mini-PC. However, I ran into issue of keeping credentials secure in my Docker Compose file. I ended up using Docker Swarm since it was the path of least resistance. I've managed to set up Grafana/Prometheus/Node stack and it's working well.

However, before continuing with Docker Swarm, I want to check if this is a good idea or will I potentially dig myself into a corner? Some of the options I've found while searching:

• Continue with Docker Swarm and look into automation of stack/swarm in future

  • Ansible playbook has plugins for Docker Swarm.

• Self-hosted vault: I want to avoid hosting my own secret/password manager at the moment.

• Kubernetes (k8s / k3s) - I don't wanna 😭

  • More seriously, I'm actually learning this for work but don't see the point of implementing it at home. The extra overhead doesn't seem worth it for a single node cluster.

• ~~Live dangerously - Store crdentials in plaintext. Also use admin as password for everything~~

Edit: Most of the services I'm planning on hosting will likely be a single replica service.

I understand that people enter the world of self hosting for various reasons. I am trying to dip my toes in this ocean to try and get away from privacy-offending centralised services such as Google, Cloudflare, AWS, etc.

As I spend more time here, I realise that it is practically impossible; especially for a newcomer, to setup any any usable self hosted web service without relying on these corporate behemoths.

I wanted to have my own little static website and alongside that run Immich, but I find that without Cloudflare, Google, and AWS, I run the risk of getting DDOSed or hacked. Also, since the physical server will be hosted at my home (to avoid AWS), there is a serious risk of infecting all devices at home as well (currently reading about VLANS to avoid this).

Am I correct in thinking that avoiding these corporations is impossible (and make peace with this situation), or are there ways to circumvent these giants and still have a good experience self hosting and using web services, even as a newcomer (all without draining my pockets too much)?

Edit: I was working on a lot of misconceptions and still have a lot of learn. Thank you all for your answers.

Hi,

not sure where else to post this. For a while now, I've unsuccessfully been trying to get WireGuard to work with Crunchyroll.

Setup is as follows:

• dedicated server hosts a wg-quick instance in [neighboring country]
• OPNSense acts as peer on a single IP
• I have a rule for routing the entire traffic of some source device via that IP

This works just fine. Handshake successful, traffic is routed via the server. traceroute shows the server as the hop immediately after my device's local gateway. The connection is stable, and fast.

...except for Crunchyroll. The site / app itself is fine, but I can not, for the life of me, get a video to play. It just keeps loading forever.

I don't think this is an issue with CR recognizing that I'm not where I say I am - looking online, it seems pretty easy to use CR with a VPN. I've also tried from multiple other devices, all with the same symptom.

If anyone has suggestions, I'd love to hear them 😅

EDIT: ~~It was MTU. Had to manually set it to 1500 on both devices.~~

Nope, still the same issues. I was using the fallback interface there briefly.

Hey all,

I have given up hope of hosting my own mail server but was hoping for one that would serve as an archive -

• downloads new emails via IMAP from my mail provider on a regular basis
• allows my mail clients to connect via IMAP to view and search emails

Any suggestions for a docker solution for this?

Thanks

I'm new to self hosting and just got CasaOS setup following up to part two of Tech DB's guide. The SMB works on my Linux computer, I can create documents, etc. However I'm having trouble accessing it on my Android phone. I'm using Material Files, Search for SMB shares, and find "CASAOS" but it's under a different IP address as the server. Then when I click on it, it prefills some of the lines such as "Hostname: CASAOS" and "Port: 445". I have added my login info as either my CasaOS login and SSH login but both don't work and I've changed the port to 80 as that's CasaOS default but every combination I try fails with "java8... UnknownHostConnection... and more" Any ideas?

Hello,

I'm trying to setup an online computer store via YunoHost installed on my VPS. I'm okay with payments to be handled via a third party payment processor (who preferrably also has no JS, but I understand that is probably unlikely). I also have my domain up and running, so I'm ready to test whatever I can get.

TIA!

I’ve made a few posts in the past about my experimentation with connecting various devices and servers over a VPN (hub and spoke configuration) as well as my struggles adapting my setup towards a mesh network.

I recently decided to give a mesh setup another go. My service of choice is Nebula. Very easy to grasp the system and get it up and running.

My newest hurdle is now enabling access to the nebula network at the same time as being connected to my VPN service. At least on iOS, you cannot utilize a mesh network and a VPN simultaneously.

TLDR: Is it a bad or a brilliant idea to connect my iOS device to a nebula mesh network to access for example my security camera server, as well as route all traffic/web requests through another nebula host that has a VPN such as mullvad on it so I can use my phone over a VPN connection while still having access to my mesh network servers?

Figured I would hopefully save others from the annoyances I've had with their service. I experienced daily high packet loss to both my VPS and their website, including the control panel (greater than 50%, typically). The control panel was broken and couldn't tell me the status of my VPS. When I asked for a root cause and fix for the packet loss issue the "senior admin" response to both of these issues is "It's intermittent and under control". It's still happening daily, so not really under control. They never even addressed the control panel issue.

I decided it was best to just give up on it, and requested a refund a few days ago after experiencing the same issue every day for 3 days after my purchase. I'm still waiting for a response to that request, 4 days later.

Avoid Virpus like the plague.

I want a centralized way to manage keys and secrets. And some service users with little privileges over a subset of the secrets. Ideally, a service user only should be able to read its own subset of secrets. So, let's say, if a container gets pwned it will only read its secrets and no more. It should be FOSS and self-hostable.

And a beautiful nice-to-have feature would be access log, to know who read what and when.

My only experience with something similar is Hashicorp Vault, but I don't want to be near any Hashicorp stuff ever again.

Do you know a FOSS alternative to Vault?

Just stumbled across this (overly dramatic?) article and thought I'd just post it here...

It's more to act as a reminder that if you've got a NAS that is serving content to the interwebs, then make sure it's behind a proxy of some kind to prevent weaknesses (ie in the management Web UI) being exposed.

Obvz, this article is pointing to Zyxel, but it could be your DIY home-built NAS with Cockpit: CVE-2024-2947 - just an example, not bashing that project at all.

I've used Squid and HAProxy over the years (mostly on my pfSense box) - but I'd be interested to know if there's other options that I've not heard of

Hi! I’m currently using navidrome, but eventually I will probably need support for multiple users (each user has access to different music or the same music) which isn’t supported in navidrome right now. I don’t really want to run two containers of the same thing if I can avoid it. Thanks

I know that the answer is yes, I should, but outlets near the setup are not grounded (even though they look like they are) and I don't want to have wires running though my living room.

The real question is what are potential problems ? Occasional system reboots? Permanent damage to PSU? Permanent damage to other components?

Dockge allows you to start/stop containers and edit your compose files from a handy ui.

Pros: if something goes wrong while you're away, it would give you a tool to restart a service or make some changes if necessary.

Cons: exposing that much control to the outside world (even behind a log in) can potentially be catastrophic for your stack if someone gets in.