Going to University - how can I manage my server remotely?
I'm leaving to University in a couple of days, and unfortunately don't expect I can host my server on a Uni network so I have to leave my server at home. I use my server for pretty much exclusively media, and have Jellyfin accessible to the internet using Caddy. I've tried using WG-easy in docker and although I can connect to the VPN, use the GUI, etc. I can't actually get any internet connection through it (it is port forwarded and my compose file is fine, have no clue what else it could be). What other options do I have to be able to SSH to my server and also access Radarr, Lidarr etc. without compromising the security of my network?
edit: I'm an idiot, I had previously had an incorrect compose file that I fixed a while ago but I hadn't downloaded the new .conf files to import into my Wireguard clients. WG-easy is still the best option for me I think
https://redd.it/1aqw7dg
@r_SelfHosted
0 0 0 159
0 16 0 5 0 0 0 0 0 79
1 16 0 5 0 0 0 0 0 79
07:10:01 all 30 0 7 0 0 0 0 0 163
0 14 0 4 0 0 0 0 0 82
1 15 0 4 0 0 0 0 0 81
14:30:13 ......................... logging restarted .........................
14:40:14 all 41 0 19 0 0 0 0 0 139
0 20 0 9 0 0 0 0 0 70
1 21 0 10 0 0 0 0 0 69
14:50:14 all 31 0 7 0 0 0 0 0 161
0 15 0 3 0 0 0 0 0 82
1 17 0 4 0 0 0 0 0 79
15:00:14 all 32 0 7 0 0 0 0 0 161
0 16 0 4 0 0 0 0 0 81
1 16 0 4 0 0 0 0 0 80
From what I can tell 10 min interval was not enough to catch anomaly state. I set it to 5 min now but I doubt it will be enough as I'm not sure just how fast it goes to 100%. Logging it every few seconds seems to be a bit too much.
Question: What else could you recommend me to find out what is causing this issue?
Thank you!
https://redd.it/1aqsabi
@r_SelfHosted
I created a service to monitor your crontab jobs
https://redd.it/1aqrf1j
@r_SelfHosted
Backup solutions for docker infrastructure
I have small pc with about 60 docker containers on it. I have whatsupdocker + ntfy and i update images at the end of the day they become available. I am using dockge so i have folders with stack names and docker-compose.yml files inside each of them.
Currently i backup manually at least once in 2 days. I have small bash script that stops all containers on my server, stops docker service itself on laptop and on server too, rsyncs docker root dir and these folders with configurations and different files in them to my laptop and to external ssd. When finished it starts all the containers on my server again. I am not using docker on my laptop at all. It's just a backup.
It takes almost 3 minutes just to stop all containers and around 15 minutes to rsync everything. Server has 1 Gbit/s LAN, but laptop does not have rj45 port so i am connected to 5 GHZ wifi.
This all works good. But i am interested in your backup solutions. Maybe i'll find something i like more.
https://redd.it/1aqo5iu
@r_SelfHosted
Feel like I've been looking for something like HomeBox my whole life. Fantastic tool with easy setup and an intuitive UI. Running mine off my Synology NAS and using in conjunction with a Brother label printer. Getting organised finally!
https://redd.it/1aqmgo0
@r_SelfHosted
My dashboard again, sorry I was not aware of the wednesday rule !
​
https://preview.redd.it/xwmfd1b28jic1.png?width=1790&format=png&auto=webp&s=0577e50534fde11328efd8593ffc8b3065541384
Here is my Dashboard, I also made a blog about my homelab if you want to read it : [https://www.bbq-cloud.com](https://www.bbq-cloud.com)
​
If you do no want to go there here is a quick resume :
​
* I have a 3 nodes proxmox cluster, No HA, no shared storage, backup by proxmox backup server
* 6 vms that act as a kubernetes cluster with 3 control planes and 3 workers.
* I use longhorn for storage in kubernetes.
* Traefik as ingress controller with cert-manager for auto SSL/TLS with let's encrypt
* Metallb as loadbalancer in ARP mode
* Monitoring is done with Thanos, prometheus, grafana, loki, healtchecksio and several exporters
* I use cloudnative postgres operator for all my databases deployments
* Authentication is done by forward auth to Authelia with traefik or OpenID with authelia as provider, users are stored in a light LDAP database ( LLDAP ).
* CI / CD stack : Gitea, ArgoCD and WoodpeckerCI
* I also run a small docker swarm cluster with portainer for tests, 1 control plane, 2 workers
* DNS cluster with powerdns / DHCP cluster with KEA dhcp.
​
Have a nice day !
https://redd.it/1aqkm0f
@r_SelfHosted
Selfhosted 2FA auth app with a desktop app?
Title says it all - since Twilio is ending support for their desktop app i'm inclined to finally move to a self hosted solution. Is something like this existing in the wild?
https://redd.it/1aqi26p
@r_SelfHosted
Dockerized web UI SSH client
Hey everyone! I'm looking for a service that's basically the equivalent of a web UI for SSHing into my server. It seems like there are a few tools around, but from what I can find, most of the posts here on the topic are 3+ years old.
I tried TTYD, which seems to work well, but I want a service run in a Docker container, and TTYD exposes the Docker container's CLI, not the host machine's.
What would you recommend for a Dockerized web UI SSH service to access my host machine?
https://redd.it/1aq8040
@r_SelfHosted
No-Code Data Science & Data Engineering Tools
Hi Everyone,
I am the founder of Heimdall and I built out a No-Code Data Science & Data Engineering toolkit that helps to build powerful machine learning algorithms in minutes rather than months. We have helped clients build powerful image classification algorithms using our Heimdall Vision suite paired with our Heimdall ML suite. We give you the power to build predictive analytics into your business without any of the hassle. Even better - its completely FREE for hobby users!
https://www.heimdallapp.org
Check it out today!
Thank You,
Joel Reji
https://redd.it/1aq73y6
@r_SelfHosted
Anyone else do themed names for their machines?
https://redd.it/1aq41bs
@r_SelfHosted
GUI to mount several OneDrives for Borg backup
If I understand the Borg recommdation correctly then I should mount my cloud storage and create a repository on it. Instead of syncing my local borg repository to onedrive.
I believe rclone allows me to mount several OneDrives via cli.
Question: is anyone aware of a maintained project to achieve the same via (web) GUI? Docker would be preferred.
I'm not limited to rclone based solutions, so alternatives to explore are also appreciated
https://redd.it/1apxaoj
@r_SelfHosted
Backblaze Drive Stats for 2023
https://www.backblaze.com/blog/backblaze-drive-stats-for-2023/
https://redd.it/1apxr1p
@r_SelfHosted
I have these 32 port GSM GOIP Gateways what to do with them?
https://redd.it/1apva4q
@r_SelfHosted
Bitwarden over cloudflare tunnel
Is it possible to set up biwarden without generating ssl certificates? Will cloudflare encrypt traffic going through a tunnel, so I wouldn't need to do it my self?
https://redd.it/1apoqr2
@r_SelfHosted
AWS SES production access for home use
Does anyone use SES for homelab and self hosted services use in a non-business environment? They keep denying my production access requests despite clearly outlining each self hosted service which would use their service and the extremely small email volume which I would give them; 90% of which would go to myself. I even sent them my documentation for my homelab. Sandbox limits would be fine except each recipient needs to be verified. I wanted to use SES since many other providers and my current one offer limited free plans then jump to a base of $10-15 per month for 10-15k emails (way overkill). Is non-business use forbidden? If not, what else do they want from me to prove I’m not going to use it for spam?
https://redd.it/1apnksy
@r_SelfHosted
"Someone else's computer" just lost all your files
https://www.dn.se/sverige/20-ar-av-data-borta-hackarna-kom-at-sakerhetskopior/
https://redd.it/1aqxlls
@r_SelfHosted
What could help to find what is causing sudden 100% CPU usage hanging my VPS?
I have a VPS I manage on my own. There are running just as much as a few Node.js projects, docker projects, crowdsec. The usual CPU load is about 20%.
Occasionally server's CPU usage skyrockets to 100% and everything stops working, I'm unable to connect to it over SSH as it just doesn't respond. In the control panel of my VPS provider where I can see some monitoring information I can see it going to 100% in a very short time.
When that happened the first time I had no means to find one what was going because I didn't setup resource monitoring from, the only thing I saw was something like this is my syslogs:
Feb 14 07:18:46 v1274582 systemd1: openvpn@server.service: Failed with result 'exit-code'.
Feb 14 07:18:46 v1274582 systemd1: Failed to start OpenVPN connection to server.
Feb 14 07:18:51 v1274582 systemd1: openvpn@server.service: Scheduled restart job, restart counter is at 354411.
Feb 14 07:18:51 v1274582 systemd1: Stopped OpenVPN connection to server.
Feb 14 07:18:51 v1274582 systemd1: Starting OpenVPN connection to server...
Feb 14 07:18:51 v1274582 ovpn-server3020525: Options error: In CMD-LINE:1: Error opening configuration file: /etc/o>Feb 14 07:18:51 v1274582 ovpn-server3020525: Use --help for more information.
Feb 14 07:18:51 v1274582 systemd1: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE
Feb 14 07:18:51 v1274582 systemd1: openvpn@server.service: Failed with result 'exit-code'.
Feb 14 07:18:51 v1274582 systemd1: Failed to start OpenVPN connection to server.
Feb 14 07:18:56 v1274582 systemd1: openvpn@server.service: Scheduled restart job, restart counter is at 354412.
Feb 14 07:18:56 v1274582 systemd1: Stopped OpenVPN connection to server.
Feb 14 07:18:56 v1274582 systemd1: Starting OpenVPN connection to server...
Feb 14 07:18:56 v1274582 ovpn-server3020557: Options error: In CMD-LINE:1: Error opening configuration file: /etc/o>Feb 14 07:18:56 v1274582 ovpn-server3020557: Use --help for more information.
Feb 14 07:18:56 v1274582 systemd1: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE
Feb 14 07:18:56 v1274582 systemd1: openvpn@server.service: Failed with result 'exit-code'.
Feb 14 07:18:56 v1274582 systemd1: Failed to start OpenVPN connection to server.
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^>Feb 14 14:30:13 v1274582 systemd1: Mounting FUSE Control File System...
Feb 14 14:30:13 v1274582 systemd1: Mounting Kernel Configuration File System...
Feb 14 14:30:13 v1274582 systemd1: Condition check resulted in Rebuild Hardware Database being skipped.
Feb 14 14:30:13 v1274582 systemd1: Starting Flush Journal to Persistent Storage...
Feb 14 14:30:13 v1274582 systemd1: Condition check resulted in Platform Persistent Storage Archival being skipped.
Feb 14 14:30:13 v1274582 systemd1: Starting Load/Save Random Seed...
Feb 14 14:30:13 v1274582 systemd1: Starting Apply Kernel Variables...
As seen from this log something went wrong at around 07:18 AM and then it added new longs after I forcefully rebooted my VPS using CP. To be prepared better for the next time I setup atop and set an interval of 10 min for each log.
Today it happened again and I checked atopsar:
06:30:01 cpu %usr %nice %sys %irq %softirq %steal %guest %wait %idle cpu
06:40:01 all 30 0 8 0 0 0 0 0 161
0 16 0 4 0 0 0 0 0 80
1 15 0 4 0 0 0 0 0 81
06:50:01 all 30 0 7 0 0 0 0 0 162
0 15 0 3 0 0 0 0 0 81
1 15 0 4 0 0 0 0 0 81
07:00:01 all 31 0 10 0 0
LinguaCafe v0.7 released: improved reading experience and dictionary searches.
Hi!
LinguaCafe is a self-hosted software that helps language learners read foreign languages and acquire vocabulary. It provides a set of tools to read texts, look up unknown words and review them later as effortlessly as possible.
GitHub
# v0.7
New features:
Replaced the python Django server with Bottle for better performance.
Added dynamic language model loading. Models are only going to be loaded at the first import for each language. This will significantly decrease memory use based on which and how many langauges are used on a server after its startup.
Added new "Plain text" import option.
Added new "Text file" import option.
Added new "Jellyfin subtitle" import option.
Added new "Subtitle file" import option.
Setting words' and phrases' level is now possible while hovering over them.
Added dictionary search for hover vocabulary box.
Added DeepL search for hover vocabulary box.
Separated DeepL search from regular dictionary search in the vocabulary box. Users won't have to wait for DeepL server's response to see the dictionary search results which load much faster.
Added loading indicator for vocabulary box dictionary search.
Added an option to automatically highlight a word when it gets a translation added to it.
A list of words which were not counted in the statistics now will be automatically set to ignored when imported. Also added all numbers and more symbols to the list.
Vocabulary search page's edit dialog now will close on its own after saving it, and the search results will be updated automatically.
Added chapter length option to import dialog.
Added hotkeys for text scrolling.
The selected library layout will now be remembered.
Added option to change the default MySQL database and user.
Added windows installation guide and installation file.
Bug fixes:
Fixed a bug that caused the records on the vocabulary search page to appear in random order inside the specified order by parameter.
Fixed an issue in the text reader glossary, where empty parentheses were visible in languages that have no readings.
Fixed a visual issue where the scrollbars' background were a different color than the area they were placed on.
Fixed an issue that caused long chapter titles to hide the text.
Furigana now displays the editable reading field. Previously it displayed the reading that was assigned to the exact word in text while importing it.
Fixed a visual issue where the day text was not visible in the calendar while using dark theme.
Added missing lemma to review card when using example sentence mode.
Removed furigana from e-book imports.
Other changes:
Removed media player page, it has been replaced with Jellyfin subtitle import option.
Improved text selecting design.
Removed unnecessary files from the webserver image and decreased its size.
https://redd.it/1aqpjjx
@r_SelfHosted
Watchtower DNS Queries - A LOT!
I have two raspberryPi servers both running watchtower. One instance of watchtower is set to check for new images at 4am and the other at 5am. Is it normal to have thousands of DNS queries when watchtower is looking for updates? \~30,000 queries between both instances seems excessive and that perhaps something is misconfigured. The queries are not blocked so it's not a case of a device/application shouting into the void when DNS requests aren't resolved.
Edit: adding images that didn't upload with original post
https://preview.redd.it/m6xj93rfckic1.jpg?width=1002&format=pjpg&auto=webp&s=5b8db41eb4116f559ddf471b208148ac665a255e
https://preview.redd.it/o8gqm5rfckic1.jpg?width=513&format=pjpg&auto=webp&s=c94c4c198bcc6745026d8da0558102e182c3cb30
https://redd.it/1aqndd7
@r_SelfHosted
A low power VDI for my Homelab VMs for programming and fun
Hi folks,
December 2023 i got a Dell precision T8510 with E5-2695-V4 and 4 x 32GB RAM. I want to migrate from a Dell Optiplex mini with a 9500T, 64GB RAM to this machine. Also I use a Synology NAS for NFS and Datastorrage.
My usecase:
I want a low power VDI (a la Raspi) solution which i can access all my VMs on the T8510. I use this VMs for programming, office work. Watching youtube/Udemy courses is also a must.
I've tried with a Raspi 3 but the streaming quality was very poor and choppy (followed this \[guide\]([https://www.youtube.com/watch?v=oLatrZBFQrw](https://www.youtube.com/watch?v=oLatrZBFQrw)))
Why i want or need this? I have to slim down on my owned hardware:
* Thinkpad x201
* Thinkpad x220
* Thinkpad x2100 (i7 10770U)
* Surface Laptop 3
* Surface Laptop Go 2
* HP Elitedesk G2 (my current "Thin Client")
* Dell Optiplex min (which is my Proxmox host)
* Dell Precision T8510
* Gaming Rig (Ryzen 1200, GTX 1650 Super, 32GB RAM)
* Raspberry Pi 3
* NanoPi M4v1 with Sata Hat
* Ipad Pro M2
* HP Elitebook G7 (work laptop) - dont want to do my personal stuff on here
I've tried also with my iPad, since stage manager is out, but the ()\[\]{} and other special caracter are in diffrent key and i can not get used to it... i'm getting old guys -.-'
Guacamole is also a thing... but honestly working in a browser ist not a permanent solution. Is just for emergency.
Is there a peace of hardware i own i can use for the VDI? Or do you guys have an other solution? What are you Thougt on this?
Thanks and stay save
https://redd.it/1aqkczw
@r_SelfHosted
looking for a "ticketing" system
Hi all, I've started a new job as an helpdesk/software developer and I quickly realised that I need some software to keep track of what I'm doing, what I'm supposed to do and what I've done.
I've asked my manager and it turns out we don't use a ticketing system because upper management will want to look at it to check how many calls we do and it will become stressful for no reason; but we need a better management system, at least for me.
​
So I'm looking for some piece of software that allows me to create and edit tickets for my calls and to replace my post-it notes for when I need to call someone back or redirect to another collegue.
Do you have any raccomandation? I prefer something in a docker container
​
thanks in advance to everyone
https://redd.it/1aqighp
@r_SelfHosted
Developers of r/selfhosted, do you code your own apps?
I really got into this homelab/selfhosting hobby. There are great alternatives to lots of app/services, but nobody stops you to build your own app. Me, after 8 hours of coding at work, I'm tired (and I try to keep my hobbies less "technical") and when I want to host an app I just run some docker and everything is up and running in no time. Probably the thing I'll build will be a personal website/blog even tho there are lots of alternatives, but it's more personal if I build it myself.
Are most developers like me or some of you code your own apps? What did you build?
https://redd.it/1aq7f9v
@r_SelfHosted
My very first homelab!
https://redd.it/1aq5v47
@r_SelfHosted
Alternative to Authy?
I have been using Twilio Auth for a long time. Mostly because I can run it on multiple devices and if my mobile dies I'm still able to use 2fa from my PC and later sync with the new mobile.
Today I received notice that Twilio is shutting down desktop Apps so I'll look for an alternative and I was wondering what do you use for 2fa that can be synced in multiple devices or has a way to backup to a server or second pc.
https://redd.it/1aq1ypb
@r_SelfHosted
Any suggestions for a cheap/affordable mini PC for the sole purpose of hosting a personal Jellyfin server?
Basically topic title.
I'm looking for an affordable Mini PC that can run a Jellyfin server and stream my media within my house without any really issues.
Any recommendations or go-to products for this?
https://redd.it/1apzlw1
@r_SelfHosted
Introducing ShareTOTP - Easy 2FA Code Sharing for Teams!
Hey everyone!
I'm excited to share a project I've been working on called ShareTOTP. It's a handy tool for sharing 2FA codes within teams, making security easier for everyone.
You can find ShareTOTP on GitHub here. It's free and you can host it yourself, which means you have full control over your data.
No need to pay hefty fees for similar services. With ShareTOTP, you get all the features without spending a dime.
I'd love for you to check it out, give it a star ⭐️ on GitHub, and maybe even contribute if you're up for it. Whether you're a developer or just interested in open-source projects, your help is super valuable.
Check out ShareTOTP on GitHub
Thanks
https://redd.it/1apxclf
@r_SelfHosted
Tutorial for creating a USB-key backup
Hello folks,
I recently have decided to backup my system on a USB-key in order to benefit from a backup in case of a fire or whatever should destroy my whole homelab. It is the last part of my backup strategy. I keep the USB key in my pocket with my keys, protected by a 32-character password, itself protected by vaultwarden. I wanted to share that experience here. I am no technical guru, so there might be better ways to achieve that result.
In order to protect the key, I have installed `gocryptfs`, which permits to create encrypted disks. I have mounted the key on `/mnt` and encrypted it : `sudo gocryptfs -init -xchacha /mnt`. I keep the password in a file `/home/eric/sauvegarde/.pass`.
When running that last command, two files are created on the key : `gocryptfs.diriv` and `gocryptfs.conf`. The last one includes a password-encrypted master key, so I prefer to move it from the key to the directory on the host where I keep the backup scripts : `sudo mv /mnt/gocryptfs.conf /home/eric/sauvegarde`. The support key is now ready. I can run the first backup. I have created the following script :
#!/bin/bash
mount -U <UUID> /mnt
mkdir /srv/copie-ext
gocryptfs -config /home/eric/sauvegarde/gocryptfs.conf -passfile /home/eric/sauvegarde/.pass /mnt /srv/copie-ext
rsync -artucv --delete-during --progress /srv/hdd/nas /srv/copie-ext
fusermount -u /srv/copie-ext
rm -r /srv/copie-ext
umount /mnt
In that script, the first line declares that the script is written in bash (shebang).
The second line mounts the key as an unencrypted support.
The third line creates a directory where I will map the key as an encrypted support and the fourth maps it. Let's dig down that line :
* `-config /home/eric/sauvegarde/gocryptfs.conf` indicates to `gocryptfs` the path to the initial configuration file of the key,
* `-passfile /home/eric/sauvegarde/.pass` gives the password to `gocryptfs`,
* `/mnt /srv/copie-ext` indicate the paths of the key and where the encrypted directory will be mapped.
Now I just have to run `rsync` as usual (fifth line) in order to copy the content of `/srv/hdd/nas` (the data I want to backup) to `/srv/copie-ext`, our target repository.
When the `rsync` process is over, I can unmount the encrypted directory with command `fusermount -u`. Then the directory `/srv/copie-ext` is empty and I can supress it, and unmount the USB key, to carry it with my keys.
I have my backup with me.
Feel free to improve that tutorial.
https://redd.it/1apw2k8
@r_SelfHosted
need secure hosting setup for external contractor
hello,
I am looking to setup a server for a contractor (joe) for software work. So that he can work on our software but cannot copy or share the code and files.
This seems to me to be a very standard use case so I was wondering if there is something like this prebuilt (aws/gcloud/any other provider or vm template, etc.)? or do I need to set it up from scratch?, is there any guide for this?
I guess the requirements for the server would look like below:
\- no outgoing internet allowed. joe cannot access github or so from the server.
\- a shared folder on the server which can be read/write from outside by anyone/joe, but joe has only has read access to this folder from within the server, so joe cannot copy files there.
\- only admin can copy any files out of the server
\- joe cannot change these rules.
https://redd.it/1aprksj
@r_SelfHosted
End Of General Availability of the free vSphere Hypervisor (ESXi 7.x and 8.x) (2107518)
https://kb.vmware.com/s/article/2107518
https://redd.it/1apoef1
@r_SelfHosted
Advice for setting up server/NAS for Jellyfin
I'm looking for advice on setting up a home server or NAS to host Jellyfin. I'm not planning on doing anything other than streaming around the home, 99% of the time only 1 stream but never more than 2. I also don't want to have anything on my main PC as I don't want to leave it running all the time.
I was looking into a NAS to do this as I've read that a NAS can host Jellyfin, but the cheapest new options I could find were around $500 CAD (I'd like at least 4 bays). I also read some concerns online about the performance of a standalone NAS setup when streaming 4k, but not sure how true that is.
Then I started looking into just building my own NAS, but at that point figured I might as well build a small server, but was a little put off by how large the case would be in order to get multiple drive bays.
Then I started looking into hosting off something like an NUC, but they seemed kinda pricey and I'd still need a storage solution like a NAS anyway so that blows my budget out of the water.
Anyway, needless to say I'm a little lost as to which route I should go. Ideally I want something small and expandable without costing a fortune. Anyone have any tips/suggestions here? Thanks in advance!
https://redd.it/1apkazv
@r_SelfHosted
