Trying to figure it out and work on extensions but it seems their own plugins can’t work on your server as extensions…?

Also, would be curious to hear of anyone else’s TRMNL experiences (beside the cringe lord CEO).

Self-hosted hosting control panel using Cloudflare Zero Trust Tunnels to securely route multiple domains from a single machine, even on a residential ISP without opening firewall ports. Includes SSL, Multi-PHP, PHPMA, DB, DNS, Backups, WireGuard management and more.

https://inetpanel.info/

Hi there, i have a few questions about GL-Mt3000 and Openwrt.

Context Wall fell free to skip:

Questions:

Is there any benefit to host AdguardHome outside the router? I did it to learn, but i don't know if it has any advantages.

I plan to learn openwrt and flash the router to vanilla openwrt. My reasons are that:

• I feel restricted by the gl-inet interface.
• Gl-inet doesn't seem to update too frequently their firmware.
• I'm worried their custom software will cause problems if i tinker Luci too much.
• I think it will easier to learn the vanilla version than a custom version.

Does all of this make sense? Do you think is worth to spend time on this?

New release: Newspipe 11.3.0 🚀

Security & privacy take the spotlight in this version:

• Fixed multiple XSS and SSRF vulnerabilities (thanks fyrepaw13 🙌)
• Safer API with stricter field validation and sanitization
• State-changing routes now protected with POST + CSRF tokens
• More privacy-friendly bookmarks page

Plus UX improvements across bookmarks, forms, and charts.

https://github.com/cedricbonhomme/newspipe

I built ActuFeed because I wanted a simple, distraction-free way to follow exactly the news sources I care about — without algorithms, ads, or tracking.

Key features:

• Fully customizable tabs and feeds (add any RSS or website) Smooth bilingual interface
• Clean reading experience optimized for desktop (works on mobile too)
• Very lightweight and easy to self-host with Docker
• No account required

You can try it instantly here: → https://actufeed.com/

GitHub repo (open source + Docker): https://github.com/drenlia/actufeed

Would love your feedback or suggestions!

A very jovial greeting to all,

About 20 minutes ago, I started the build for Hubzilla 11.2; as usual, it will be available for all to enjoy, and update their own instances after about an hour or so, so please don't update until then.

If you're curious about the code, you are most welcome to check out the Hubzilla code at: https://framagit.org/hubzilla/core/-/releases

and, of course, the docker image code at: https://github.com/dhitchenor/hubzilla

Questions, issues and PRs are all welcome; I'm looking forward to speaking with you.

I upgraded from a thinkpad x220, i5 2520M and 4gb of ram to my old desktop computer, with a FX6300, 16gb of ram and a GT 1030.

I already run my own mbin instance in there (the reason for the upgrade), but as it's a lot faster than the instance needs it to be, I would like to host other stuff too, mainly to Brazil.

I want to host things like searxng, invidious, maybe redlib too, but idk about other services. As there's the GPU in there, there could be some transcoding too.

Maybe a mixture of private and public services.

Hi guys, I wanted to share a project I’ve been working on called xSpa. It's an implementation of Single Packet Authorization that works at the XDP level.

I built this because I wanted something faster and more DDoS-resilient than traditional port-knocking or SPA tools that rely on userspace processing or iptables. Here, the "drop-all" logic happens right at the driver level.

Key bits:

L1 verification (SipHash) in kernel space.

L2 (ChaCha20-Poly1305) in Go userspace.

It uses the eBPF ring buffer for communication.

This is my first Go project and my first shot at Open Source. I’m still a bit of a noob when it comes to kernel-level programming, so I’d love to get some feedback on the architecture and security. If anyone has time to check the code, I’d love to hear your thoughts on how to make it better.

cross-posted from: https://lemmy.ml/post/44496833

4 years ago, I posted about the weather service I did build. Back then, Serenum used OpenWeatherMap, but after a while they changed their API and I didn't have any strength to make the changes in Serenum API.

Earlier this year, I started with the new version of Serenum without Serenum API (too much work, too little time), now using Open-Meteo. I released the first version last week as a beta and now I find Serenum enough finished to share it here on Lemmy.

Still in beta, though, since stuff needs to be improved. But everything(?) works as it should.

Voiden is an offline-first, git-native API tool built on Markdown Voiden is an API client we have been building that takes a different approach from most existing tools.

It didn’t start with the idea of “building a better Postman”.

A bit of background. Over time, API tooling has become heavyweight: cloud dependencies for local work, forced accounts, proprietary formats, and workflows that break the moment you are offline. On top of that, time wasted on fixing API specs that don’t match the code, docs in separate random tools, tests also separate and an overall governance mess. Not to mention collaboration.

So we asked a simple question: What if an API tool respected how developers already work?

That led to a few core ideas:

• Offline-first , no accounts, no telemetry
• Git as the source of truth.
• Plain text files: specs, tests, and documentation live together in Markdown
• A programmable interface instead of static forms: requests are composed from reusable blocks (endpoints, headers, auth, params, bodies, etc.) that you can structure the way you want
• Plugin system for extending functionality rather than bloating the core with new features Some of our core plugins include gRPC,GraphQL,WebSockets,etc…

We have just also updated our docs to welcome community plugins, so teams can extend the tool for their own workflows or integrations. https://docs.voiden.md/docs/plugins/build-a-plugin

We opensourced Voiden because extensibility without openness just shifts the bottleneck. If (API) workflows should be transparent, the tools should be too.

Welcome to try out and share feedback- happy to chat with everyone.

Strong opinions are encouraged. :)

Github : https://github.com/VoidenHQ/voiden

Download here : https://voiden.md/download

What tools and/or resources can I use to start such a project?

I've been putting some research into it but besides getting conflicting views, I always get the feeling the advices being offered feel exaggerated for what I have in mind.

My intention is to solely publish text.

I was thinking on getting a RPi, perhaps an older model, to use it as host. My idea is to have the public facing machine completely isolated from my daily use computer and network, so that in the event the site gets attacked I can simply re-upload everything and be done.

For the website creation itself I've been thinking about using Hugo to start but in the background learn some HTML and build a simple site by myself to replace the original.

What am I not considering or misjudging here?

Are there any other tools I should be looking into?

Any thoughts on this are welcome and apreciated.

How I could get a #LibreELEC Image into a #LXC or #VM container and AutoStart it on boot without interaction?

In best case without the need that this container use the graphic core exclusively.

I have to use one device for several usecases, but I do wish to split my #Mediacenter from other #SelfHosting projects.

#helpneeded #LinuxServer @selfhost @docker@lemmy.ml

Hi, not sure where else to post this on the Fediverse, if there is a better community let me know and I will move this post there :)

I recently was trying to figure out an easy way to negate spam calls for my family. I am aware of tools like Spam Blocker however they are not fool proof. I don't really get spam calls myself, but the rest of my family does. The reason I suspect this is, is because I do not give out my phone number unless it is strictly necessary. I do not sign up for store memberships, when I'm on online shopping websites I usually just provide a dummy non-working number, and the only time I really do give my phone number out is in cases of emergency or for close family and friends.

This made me think, what if the family had a shared number to give out to take advantage of store memberships, online shopping, and whatever else. Then I could have everyone rotate their current numbers and do what I do where they only give out their main phone number in case of emergency. Being a self-hoster, this then evolved from a "family phone" that is kept at home, to "what if I could utilize SIP technology to let anyone in the family access the number from their own phones". I've tried looking into this on my own, but the most I can find is people with similar ideas abandoning the idea in favor of true telephony/SIP services.

The reason a telephony service won't work is a lot of the businesses have gotten smart about filtering phone numbers and will not let you sign up with one of these services (Especially if they have an old-fashioned 2FA method like SMS.) Not to mention, I prefer paying for my phone service in cash at a physical store for the added privacy of not having to give a real name.

What I was thinking was SMS USB Modem -> Home Lab -> SIP Program(?) -> SIP Clients (Phones).
Is this possible? Would SMS/MMS/Voice calls work? Is there a better solution that would be easier (While still working for my use case of using a real SIM card?)

Thanks in advance, hope you all are having a lovely day :)

I saw some projects, but they all seem not really polished. It would be nice to be able to share sound too.

cross-posted from: https://lemmy.world/post/42574918

I am getting started with self hosting and one of the things I would love to host is a Signal TLS proxy using Docker.

Problem is that I have ports 80 and 443 taken by Nginx Proxy Manager (also in a Docker container), through which I forward to different services depending on the subdomain.

I tried modifying the docker-compose.yml file to use ports 9443 and 980 and have it working using a certificate created on NPM, but to no avail.

Being a beginner, it can well be that I don't understand reverse proxies well enough, but that's why, with your help I would love to take this opportunity to learn more.

Thanks in advance.

cross-posted from: https://lemmy.ml/post/42502523

Charmarr aims to make self-hosting a media stack in Kubernetes easy. It provides charmed versions of *arr applications (radarr, sonarr, etc) and some friends. Charms are operational wrappers, that is they configure the underlying applications themselves. So deploying Radarr, Prowlarr, SABnzbd, Gluetun. Setting a required TRaSH profile Radarr and routing the traffic of SABnzbd and Prowlarr via Gluetun VPN tunnel can be done with a few intuitive commands. An example command snippet would be sth like

# deploy the apps into my cluster
juju deploy radarr-k8s
juju deploy prowlarr-k8s
juju deploy sabnzbd-k8s
juju deploy gluetun-k8s

# tune 4k TRaSH guide profiles in my Radarr
juju config radarr-k8s variant=4k

# Route Prowlarr and SABnzbd via Gluetun
juju integrate sabnzbd-k8s gluetun-k8s
juju integrate prowlarr-k8s gluetun-k8s

This can be extended to any cross-communicating tools like Overseerr (already part of charmarr), Plex (already part of charmarr), Huntarr (planned) etc.

This also enables the using OpenTofu to deploy the entire stack using a single command:

tofu init && tofu apply

okay, 2 cmds. This way your entire media stack can have a declarative deployment using a single 20-30 line .tf file instead of multiple manifests. This sets up all applications, handles storage, handles VPN routing (you just provide your VPN credentials and media paths), connects everything together, and it's ready in about 10 minutes. You just need to log into Plex, connect Overseerr, and add your indexers.

"But K8s is overkill for a homelab and no one needs it"

Totally agree. This is intended to make managing the media stack in a Kubernetes substrate easier for the veterans and loosening up the entry point into Kubernetes for a self-hosted media server for this who are interested in K8s. That said, it will still have some learning curve if you're completely new to K8s.

All the tools that are part of charmarr including charmarr itself (except for Plex, which I plan to switch with or add on top of Jellyfin eventually) are open source and free to use.

Is it stable?

It's been running in my lab for more than a month without any issues. But, I wouldn't call it stable yet especially if you enable all the fancy bells and whistles, but I've been running nightly tests deploying the stack using tofu and tearing it down and it's been consistently successful. If you're interested in experimenting or using it, its enough that you have a Ubuntu system (I also have an oneliner to setup the required infra to deploy charmarr).

Here's the repo - https://github.com/charmarr/charmarr

PS: sorry about the ads on the docs site. It's hosted by readthedocs and they include ads on the free version.

cross-posted from: https://discuss.online/post/34584845

Curious on what tools people would recommend, either from clients, locally or self-hosted.

• privatebin works nicely as a basic pastebin.
• stuffedanimalwar is just silly fun, with group drawing collaboration and chat that only exists in the active client session.

cross-posted from: https://discuss.online/post/34494723

Detailed episode for pairing with the very light "A Great Day for Linux". Hope you enjoy it. Since Lemmy struggles with markdown from Castopod, here is a link to the notes.

I've really enjoyed working on and improving Taskpony and am pleased to be able to release another update in the hope that you'll also like it.

• Demo 1
• Demo 2
• More information
• Release Notes

cross-posted from: https://feditown.com/post/2375147

I'm not the creator of this program, but its too fun not to share! The comments from the developer and users joining the swarms on the reddit thread are hilarious.

It's basically a decentralized swarm of docker users. It does nothing except tell you how many other users you are connected to. Some are in the tens of thousands, haha!

https://github.com/lklynet/hypermind

I've tried unsuccessfully to get Valutwarden working without a proxy. See here. Any request with https leads me to the SSL_ERROR_RX_RECORD_TOO_LONG error, while via http I get the "Loading wheel" running indefinitely.

Despite the top of the page here suggests you can run Valutwarden without internally without proxy, my experience suggest that this is not the case and have tried on different VMs getting the same error. So seems like the only way is going via proxy. From what I've read, people seem to suggest that Traefik is the way to go. So I'm thinking of setting it up on my same VM as Valutwarden.

Note that my network is behind a pfsense install on another hardware machine. DNS forwarding is enabled with unbound. Will installing Traefik require changes to pfSense config? Looks like it may be the case from here. For now all I want is getting Vaultwarden going; later down the line I'll learn how Traefik can benefit the rest of my homelab.

I'm trying to work out the simplest way of getting Vaultwarden going using a minimalistic proxy, as there seems to be no alternative to not having a proxy going. Thoughts?

I'm having some problems installing Vaultwarden and I wonder if it because I'm running docker compose in the wrong way and there are user permission issues.

What is the right way of installing docker compose (on a linux VM)? In in the past I would create a docker folder /home/user/docker. In there I would create the folder firefly or whatever and then I would run docker compose as user. So, when installing firefly, I would be in the /home/user/docker/firefly and run docker compose from within. Not as root (using sudo) but as a the normal user user. Firefly service would just run without problmes. Shoudl I be installing containers this way of shoudl I be using root (sudo)?