Looking to install Immich, BitDefender Password Manager and YouTube downloader on the NAS this week.
Finally upgrading my Plex server from Ubuntu 22.04 to 24.04! I've been putting it off out of habit, as I always wait for the *.1 releases but I've done several of these for clients and every single one went flawlessly. But I still waited it out.
Also thinking about switching my Ext4 mirrored softRAID to ZFS... Since Ubuntu has the only acceptable ZFS implementation outside of UNIX proper (Ubuntu's is in-kernel, everyone else uses kernel modules, which i hate). But that's going to be extra work I may not be in the mood for. But damn would compression and deduplication be nice! So still maybe
Wait, you mean you host plex servers for clients? Or that you work with Ubuntu in general? And for the ZFS thing, it doesn't really matter if it's in-kernel or something else, at the end of the day, they all work the same. I'm using zfs on my arch machine for example, and everything works just fine (dkms). And zfs is super easy in general, you should definetly try it
That is one thing I still need to do, upgrade my Ubuntu server from 22.04 to 24.04. laat time I tried this I noticed many python packages were missing or failing. Reverted to the backup. Maybe now is the time to do the switch and iron out the crinks that may be left after.
For the first time I configured ssh with pubkey auth.
Auth between windows (agent) and alpine (host) to use as a helper/backup proxy in veeam (helper is used to mount file level restore assistant)
Took me 3 hours to find out that
Windows didnt know the private key
Pubkey auth wasnt active
Fucked up pubkey auth
Alpine isnt supported by Veeam so it didnt work
Needed to install a small debian VM.
:|
At least I did my first pubkey auth setup.
It gets better.
what's maintenance? is that when an auto-update breaks everything and you spend an entire weeknight looking up tutorials because you forgot what you did to get this mess working in the first place?
I do love how little maintenance is needed until you have to re-learn everything you forgot
I finally got IPv6 working in Docker Swarm...by moving from Docker Swarm to regular Docker.
Traefik now properly gets IPv6 addresses and forwards them to the backend.
What's the big benefit of moving to IPv6 for a LAN? Just wondering if there is any other benefits over addresses? My unifi kit can convert us to IPv6 but I'm hesitant without knowing what devices it will break.
Copying from an older comment of mine:
IPv6 is pretty much identical to IPv4 in terms of functionality.
The biggest difference is that there is no more need for NAT with IPv6 because of the sheer amount of IPv6 addresses available. Every device in an IPv6 network gets their own public IP.
For example: I get 1 public IPv4 address from my ISP but 4,722,366,482,869,645,213,696 IPv6 addresses. That’s a number I can’t even pronounce and it’s just for me.
There are a few advantages that this brings:
- Any client in the network can get a fresh IP every day to reduce tracking
- It is pretty much impossible to run a full network scan on this amount of IP addresses
- Every device can expose their own service on their own IP (For example: You can run multiple web servers on the same port without a reverse proxy or multiple people can host their own game server on the same port)
There are some more smaller changes that improve performance compared to IPv4, but it’s minimal.
My unifi kit can convert us to IPv6 but I’m hesitant without knowing what devices it will break.
You don't usually "convert" to IPv6 but run in dual stack, with both IPv4 and IPv6 working simultaneously. Make sure your ISP supports IPv6 first, there is little use to only run IPv6 internally.
Very helpful thanks for digging out up for me.
I also finally set up Lemmy on my home lab, as well as moving Authelia from Docker to bare metal.
Other than that, I’ve been struggling to find any other self-hosted apps that would actually be useful to me.
Yesterday i managed to successfully host a simple html safely (its more of a network test)
The path is nginx->openwrt->router to internet
Now i only need to:
and then i can throw everything i want on it :D
Finally setup Synology surveillance station and got my local cameras all hooked in with motion events. Very swish.
Attempted and failed to set up some sort of fail2ban between my Cloudflared container and my website I host at home.
I recently setup Music Assistant and have been trying to make it work in my VLANs with my esp32 devices. It has been slow going. Nothing has the level of logging required to easily debug the issues I've encountered but I'm slowly working through it all.
I’m building services out for my family as things enshittify. Moved the family over to an immich instance, run a family blog on Wordpress (working on rolling my own since it’s over complicated and with all the Wordpress shenanigans…), plex (lifetime account, works for now). I have a number of self-built projects as well, a “momboard” like system that is integrated with my Wordpress blog for access and control, a pi based backup server that lives at my friends house and nails a VPN connection to my router and I’m playing with Meshtastic as an offline communication system for my kids scout troop when we’re camping without cell signal. Lots of home automation with home assistant as well.
I host it all on Debian servers, raspberry pi’s and esp32 devices (Meshtastic and home automation). I used to run kubernoodles but it was more complicated than needed and for my use case, docker, ansible and bash scripts manage it all just fine.
I use Mend Renovate to keep up with the latest and greatest container images in my private repo.
What should I do next?
Set up peertube in a proxmox, difficulty: My hosting provider doesn't allow 443 or 80, I have cloudflare working for other things but I think this invades their TOS
Set up immich in a proxmox. Difficulty: I need regular backups off site and it's going to be pretty large.My wife is a professional photographer.
Set up my Coral TPU with frigate replacing my aging win10 blue iris.
I am also struggling with off-site backups. Mainly because I don't have a cheap and regular way of doing it.
You could have a friend to them for you, and viceversa.
That would be the idea, but then my friend would need to have a server running at his place. And there is still the problem of how to transfer the data securely over the network to my friend, without poking (too many) holes in the firewall
I’m patiently (cf impatiently) awaiting the arrival of an Aoostar WTR Pro and components to build my first NAS and full Arr stack for Linux ISO’s.
I completed a proof of concept and learning a month ago on a Pi 5, and I can’t wait to get my hands dirty with something more real!
I’ll take any advice anyone throws my way :D and thanks to this community for the learning and inspiration since I joined Lemmy!
I migrated my whole native service infrastructure to Docker services this weekend. I prepared for it the previous weeks; basically looking up information about details I wasn't sure about. The services were mailing, file cloud, and traccar with modoboa, ownCloud respectively. I moved to mailcow and Nextcloud and replaced my feedly account with NextCloud News as a bonus. So far pretty happy with it, had a couple set-backs but also learned a lot in the process. This was the first time for me doing something productive with Docker
I started hosting audiobookshelf since Jellyfin was pretty clunky for audiobooks.
Migrating from proxmox to incus, continued.
Lots of fun, actually!
I just set up wanderer and workout-tracker. Along with installing gadgetbridge on my phone, I now have a completely self hosted fitness/workout stack with routes, equipment tracking, heatmaps, general health metrics like HRV, heart rate, etc through my Garmin watch, without having Garmin Connect installed. Awesome!
I spent two hours last night beating myself over the head with RAM sticks. Got an ewasted server that had the alarm misconfigured, figured I'd upgrade it and put in a valid configuration since it was just off my size. Slapped in some matching size sticks and it wouldn't boot. It took my embarrassingly long to realize that the speeds werent the same and that the server really cared about the speeds being the same, more than it cared about sizes being the same incidentally.
I work in IT that should have been the first fuckin thing I checked smh
I remember when I worked in a data center and there was a custom server order that needed something like 64 sticks per server, and procurement didn't bother to make sure that we had sets that were the same speed, timing, or brand. Thankfully I caught it before we wasted a ton of time troubleshooting.
Fumbling around with k3s to get my toes into deploying a Kubernetes cluster from scratch for the first time ever. No real long term usage planned, just some testing to gather experience.
My current project is email. Setting up Mailcow and moving my domains over to VMs on a OVH KS-3 server right here in Canada. I'm sick of depending on cloud email providers and want more control of my data. Also getting Addy.io setup to move my aliases over from SimpleLogin. End game is to dump Proton and go all selfhosted for email and Mullvad for VPN. For Mullvad I found that you can buy a 6 or 12 month gift card vouncher on Amazon and it works out to being less than paying Mullvad directly per month.
I got a new job, and the group chat is on WhatsApp, so I'm looking into running a Synapse server with a bridge to it. I really don't want to have to use Meta's apps on my phone.
From what I've read so far, it seems like it's going to be the most convoluted install process I'll have encountered in my self-hosting journey. I'm excited to tackle it, but also a bit overwhelmed. Which is why I've been putting it off :P
Try conduwuit instead of Synapse if you get stuck. For me, it was really simple to install and the dev is really nice.
Been messing around w/ podman, and after hours of slamming my head against the wall, I decided Seafile isn't worth it. :) It launches a bunch of stuff inside one container, and I just couldn't figure out how to get that to work w/ quadlet (worked fine w/ podman kube play though).
I got forgejo set up and now I'm looking into setting up runners so I can finally migrate off hosted gitlab onto my own forgejo instance.
Some other things I'm planning on doing this week:
If I get time, I want to install openSUSE MicroOS onto my NAS and start migrating everything to it (from openSUSE Leap). I really like the idea of an immutable base OS, and my NAS is already 90% containers (pretty much just Samba left). I need to fix some permission issues anyway (keep having to chown my videos so samba and jellyfin can work together), and this should make things a bit more obvious.
I'll probably also start a blog about my self-hosting journey, because the info around podman is kinda sparse, especially when it comes to quadlet.
Edit: got OCIS working, but it was a bit of a pain. Starting that blog really sounds like a good idea...
I've set up a reverse proxy to try out hosting a few APIs but i'm curious about best practice and haven't found any good way to do it. Anyway, i have them running dotnet 9 on debian, and hosting them on http ports and then reverse proxying to apache that serves them externally with certbot on 443 to some real hostnames. I would really want to host them on https internally as well, but is there a neat way to "cert" them without an internal CA-service? My experience with self-signed certs are mostly that they always force me to trust the server cert in my connection strings, which is also unsafe so i just don't bother. Is it worth working on and which is the best approach here?
Non SSL behind your ingress proxy is acceptable professionally in most circumstances, assuming your network is properly segmented it's not really a big deal.
Self-signing and adding the CA is a bit of a pain in the ass and adds another unnecessary layer for failure in a home network.
If it really grinds your gears you could issue yourself a real wild card cert from lets encrypt then at DNS names with that wild card on your local DNS server with internal IPs, but to auto renew it you're going to have to do some pretty decent DNS work.
To be honest I've scrapped most of my reverse proxies for a nice tailscale network. Less moving parts, encrypted end-to-end.
Thanks! I initially considered going the wildcard route until i saw the workload involved for my host! There does seem to exist autorenewal programs for the largest hosts out there but i'm trying to support my local businesses so it's unfortunately out of of my scope at the moment, but i'll checkout your suggestion and see what tailscale has to offer!
This week I realised my Mastodon instance was severely out of date because I was using nix flakes and didn't autoupdate but now that's been fixed 😄
Total noob to Docker (desktop for windows) and I'm just trying to figure out how (and where) to add a config to my Navidrome image or change lines on the image itself, to point it to my music library and create admin login credentials (ಥ﹏ಥ) If I can accomplish that then I eventually want to try Immich or NextCloud afterward.
I want to switch to Linux but I'm not sure where to start! I want to
I don't know if any of those factors impose restrictions due to software/hardware differences (or if that even makes a difference), but I want to move over everything I can into a linux environment
All of those should be fine, the main caveats w/ Linux are:
Blender works perfectly fine, gaming on Steam and Heroic works well, emulators work well, and while I don't know anything about Linux music production, I know there are software options available.
Anyway, I recommend buying a separate disk and trying Linux out. That way you don't touch your current Windows install while messing w/ stuff.
Good to know, thank you for the tips!
If you're messing with docker, I suggest you use WSL and 'normal' Docker, as Docker for Windows it's confusing (at least for me). Ah, and try using docker compose instead of docker, it makes everything so much clearer.
I need to migrate off Docker Desktop for Windows and Storage Spaces but I fear the process will be difficult due to my data volume and the stupidity of Windows. I should never have gone Windows, but I wanted to use Steam Big Picture off the media PC and didn't want to deal with getting that functional on Linux.
But Docker Desktop for Windows keeps crashing WSL and bricking the network devices randomly, and also continuously grows memory consumption until the machine reboots. Piece of shit.
Maintenance day is when I log into my server once every 3 month because I forgot it (as everything is working fine).
But I just discovered OpenSuse microOS, while looking at the docs for my laptop Thumbleweed, and now I want to try it with no real reasons. Maybe it is just an excuse to buy a new Raspberry pi.
I'm looking at moving my NAS to it.
I currently use openSUSE Leap, so to prep for the switch, I'm moving everything to podman.
I've never had a system update go bad on Leap, but I am being impacted by old system packages but don't want to jump to Tumbleweed. I'm hoping this will give me a more up to date base and force me to put things into containers properly.
I'm working on my first kubernetes cluster. I'm trying to set the systems up with NixOS. I can get a kublet and a control plane running. But I'm getting permission errors when trying to use kubectl rootless on the system running the control plane. I think I figured out which file i need to change, now I just want to record that change in my configuration.nix.
Pinepods 0.7.4 is out! So as the Dev I'm going through new issues and knocking them out. Smart playlists, oidc logins and notifications on release are all a thing now on the self hosted podcast platform! We're nearing a v1 release with features on par with some of the big time podcast apps.
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!