Blocking internet on cameras makes them inaccessible via VPN
This makes no sense. I have some reolinks and a Ubiquiti Dream Machine router. I am trying to block the internet on to make them only accessible via local network and VPN. I go to uniquiti / settings / application firewall / traffic rules, and there I choose "block", then "internet" in "category", and select my cameras. This makes them inaccessible from the internet, but accessible via local network. Great. But then, if I connect to my cellphone's internet and turn on the wiregaurd VPN connection to my UDM, the connection works (I can use internet), but the cameras are not accessible. What is going on?
https://redd.it/17jlfbs
@r_SelfHosted
I made a script to remotely reflash a Raspberry Pi
Hey fellow self-hosters!
Not directly related to self-hosting, but since it looks like quite a few people here (like me) are using Raspberry PIs to self-host stuff, I thought some people might be interested.
I use my Raspberry Pi as a NAS, and I'm using Ansible to automate the whole setup. After trying some stuff and experimenting a bit, I like to start again with a clean install and run my Ansible playbook to have a clean setup.
But I'm not always home when I do stuff with my Pi and thought it would be useful to have a way to reflash it remotely, so I could continue to break stuff and just reflash it when it gets too messy.
So I made a script to remotely reflash the Raspberry Pi. The main idea is that after flashing the SD card with the Raspi Imager, I make a copy of the bootfs and rootfs partitions, and when I need to reset the Pi to the initial state, I restore both copies of the partitions.
I wrote a step-by-step guide explaining everything:
https://gist.github.com/lilianmallardeau/04368e95bc97eb9738fba13df3bbfe4a
Feel free to use it if you like!
https://redd.it/17jj6f7
@r_SelfHosted
Registered no save memory:...
https://redd.it/17jhe4s
@r_SelfHosted
Youtube Frontends via Portainer
Does anyone have an app template list for portainer that can install either Invidious or Piped. I can appreciate that most guides use docker compose files and I really should spend the time to learn it fully to be able to help myself. If anyone feels like they could help a brother out on some guides and/or templates that they have had success using with portainer I would be forever grateful.
https://redd.it/17jfatf
@r_SelfHosted
Can anybody host Fivem server for a fair price?
Hello guys
I'm looking for a cheap fiveM hosting for a moderate community of people I am looking at taking this seriously and working with a reputable company/person to help me with this and in the end make a return from membership when it gets off the ground. Hope this is okay to post here?
Thanks for reading 🙏
https://redd.it/17jc27l
@r_SelfHosted
Planning to register a domain primarly for my own personal email, should I hand out my real information?
I’m planning to buy a domain so I’d be able to have control over my email providers and not sure whether or not I should put my real information in the registrant’s site.
I know it’s an ICANN violation not to and I’m going to use porkbun which has free whois privacy either way but some people seem to recommend providing false infromation either way since the info could still be exposed through UDRP claims, though I find it highly unlikely that I’ll ever annoy anyone enough to make him pay $1330 to expose my information.
Sounds like providing false information would put my domain at extreme risk especially if I plan to use it for my main, personal email address and could lose it at any time for providing false information.
https://redd.it/17j9tdn
@r_SelfHosted
Android doesn't use my self-hosted dns-server in the private network
Hi, I'm hosting an own dns-server in my home-network, so that I can access my server in my private network with a domain without buying that domain. It works fine on my computer, but when I'm typing in the domain of my server on my smartphone, the browser doesn't resolve to the local ip of my webserver.
I already tried to change the dns-entry in the settings manually, but it doesn't worked. Do anybody of you faced the same problem or has a good solution for my problem?
https://redd.it/17j70xl
@r_SelfHosted
Windows Folder sharing like "Google Drive" style
hi everyone,
i want to make the switch moving from Google Drive to selfhosted,
and currenly I got a windows server up and running with a big hard drive which I want to make accessible like "Google Drive",
so on phone by an App,
on Windows like a mounted drive,
etc.
What do you guys use for that usecase?
https://redd.it/17j45hu
@r_SelfHosted
viewtube is awesome, how can I redirect all requests from YouTube.com to myviewtub.domain?
Hi all,
I'm using viewtube for 3 days, and I love it.
My next step is migrate all request to that service, I test the video/playlist url os the same, and I use pi-hole as my local dns server.
Is possible to rewrite the domain on pi-hole? like any request to YouTube.com/watch?v=v43DXkj5b0I to mydomain.com/watch?v=v43DXkj5b0I ?
I was reading pi-hole docs and I can't find anything useful for this feature.
​
Thank you.
https://redd.it/17j0kxp
@r_SelfHosted
Worm-Hole v0.1.1
https://github.com/NOXCIS/Worm-Hole
### What Is Worm-Hole?
Worm-Hole is a fully automated Docker Based intranet deployment that allows users to host web other applications on their existing server and be able to securely connect to said web applications without exposing them to the open internet. This is done by utilizing the WireGuard protocol in conjunction with Docker Networks and Containers. Hence applications hosted behind the worm-hole private network need not expose any ports and can only be accessed via a WireGuard connection already registered to to an existing server interface on the deployed worm-hole instance. Secure by Design, the WireGuard Dashboard & other services are only accessible on first deployment via the master configuration that is generated at install and encrypted after being outputted to the console.
Wormhole also acts as a ISP DNS query logging bypass. Wormhole by default is configured to have minimal logging.
https://redd.it/17iztll
@r_SelfHosted
How to SSH into CapRover and dump a postgres database?!
I felt it better to post here, as a quick search for CapRover showed more posts here, than on /r/webdev.
I am a web developer and recently just installed CapRover on a DigitalOcean droplet. It also has a Directus installation, it's a headless CMS with postgres.
I'm not super familiar with Docker/containers, as I just don't use them often enough, but wanted to ask here:
I'm sure I can SSH into the server and run some command to make a backup of the postgres database instance?
My goal is to make/dump a 'Initial-Database.sql' and then occasionally/incrementally perform backups of the database.
I'm just not familiar enough with CapRover to do so. I didn't read anything in the docs regarding this.
https://redd.it/17iogr6
@r_SelfHosted
Can somebody help me understand the 0.0.0.0 address in docker?
Basically, I have this doubt, I have some self hosted services in docker where I add the ports like this:host_port:container_port, so I don't specify the interface, so by default, it is 0.0.0.0.
Somebody recently told me that this is dangerous and that I expose my services to the public internet by doing this. I don't want to do that since I am the only one accessing them so I just use a vpn to access them. So, to try this out, I typed in my browser my public ip alongside the host port I used for one of my services but I cannot access it. This has me puzzled. How's the deal? Am I exposing it? Should I change it?
What are your thoughts? Thanks!
Edit: The thread where I was told this was this one. Also, I have upnp enabled and port forwarding disabled.
https://redd.it/17imp9o
@r_SelfHosted
Interplanetary filesystem
So I got ipfs running tonight. For those unfamiliar, it's a distributed file system but isn't really searchable. The point is that your website, service, or content is spread out so it "can't" disappear. If you want to self hosted this, details are at https://docs.ipfs.tech/ . I installed kubo from the *.deb file and went straight to the webgui.
I originally wanted to help serve some government sites that are known to be ddos but couldn't find the CID.
So I archives and posted the next best thing: phrack.org
So if you want to try it out and help save a site, you should be able to use this CID (I think)
QmZ7SWRk21N5hTNaEDxFFHG5MujpeynqiDPqREkHHB8aMV
For those that know more than me:
1. Is there any risk to posting the CID like I did? Like can someone change my add to include malware?
2. How does publishing to ipns make it easier for people to find?
3. Is the only real option posting the CID or making dnslink connections to http?
https://redd.it/17iveu9
@r_SelfHosted
Multiple domains behind Traefik
I am trying to find a way to have two separate domains associated with separate emails accessible through Traefik.
I have done some research but cannot figure it put. I tried creating a TCP router to accomplish this but it does not work.
Is there a better way to accomplish this?
https://redd.it/17it465
@r_SelfHosted
Nextcloud: Can't Access Port 11000
I am installing the nextcloud-aio docker container and can never seem to get it to access 11000. No other application is using port 11000. I'm able to access 8080 and go through the setup process however I can't get pass that after all of the containers are up and running. I get a 502 bad gateway error. I'm a bit new to self hosting applications. I assumed that this would be the best way to host Nextcloud but maybe I'm wrong? I am using npm however I can't even access Nextcloud through port 11000 locally when at home connected to the same network. This is my docker-compose file that I am using. I took it from the nextcloud-aio github page and just removed and changed what I thought was correct. I'm having a hard time finding a solution on reddit or anywhere online thus far.
​
Thank you.
services:
nextcloud-aio-mastercontainer:
image: nextcloud/all-in-one:latest
init: true
restart: unless-stopped
containername: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly
volumes:
- nextcloudaiomastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work
- /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'WATCHTOWERDOCKERSOCKETPATH'!
ports:
# - 1080:80 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
- 8080:8080
# - 8443:8443 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
environment: # Is needed when using any of the options below
- APACHEPORT=11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
- APACHEIPBINDING=127.0.0.1 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
# - TALKPORT=3478 # This allows to adjust the port that the talk container is using. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port
volumes: # If you want to store the data on a different drive, see https://github.com/nextcloud/all-in-one#how-to-store-the-filesinstallation-on-a-separate-drive
nextcloudaiomastercontainer:
name: nextcloudaiomastercontainer # This line is not allowed to be changed as otherwise the built-in backup solution will not work
​
https://redd.it/17ipfir
@r_SelfHosted
Mail list for small club
I have been put in charge of our archery clubs technical needs. Up to this point when the coach needs to send an email to everyone he just adds them all to the To: line in the email. I cringe every time I get one of those emails...... So I have been looking for something we can self host where he can have a couple of lists that a couple of us can help keep up to date for mail lists. Basically it sounds like we need a cross between mailman and listmonk. Here is the basics of what we need:
We need a web interface so that a handful of us can keep the lists up to date (in all we have less than 100 members but the lists change depending on who is going to certain meets or not)
We need coach to be able to send an email to something like members@archeryclub.com or peopleatevent1@archeryclub.com and it goes to the proper list. We do not need mail discussions like mailman has, Just one way from coach to certain members.
Having the ability to track who reads what like listmonk has would be a bonus but I am not 100% sure this is possible without having the messages sent through the web interface.
​
Any and all input is very much welcome.
https://redd.it/17jkxr2
@r_SelfHosted
Centralized Syslog (remote and local hosts)
I want to centrally log messages for both internal and remote servers. I was looking at Loki at one point, as it seems to be a good option due to space savings. They also have a generous cloud option to get started and test it out.
Anyone have a setup that you have been using for a while that works really well?
I want to start getting CheckMK and Grafana up eventually along with it.
https://redd.it/17ji9ok
@r_SelfHosted
Web development Apps for selfhosting
Hi, I'm searching some apps for Docker to selfhost, which could help me with web development, web designing etc. I know about VSCode, GitLab, but I would like more ideas, tools.
Foe. does something to simulate different types of devices exist so I could test websites on it?
Just gimme tips and tricks. Also other not-selfhosted options are appreciated 👍
Thanks, guys 🤍
https://redd.it/17jg0ru
@r_SelfHosted
Last week in FOSS for the r/selfhosted community
Here is your weekly review of free and open source software (link at the end)
CERN and University of Texas launch their Open source program offices (OSPO)
Sentry.io donates $500K to open source maintainers and Spotify's FOSS Fund gives 100K Euro to 4 projects (3 Java libraries and Xiph)
qBittorrent v4.6.0 was released
Kernel 6.6 has some exciting features and Ubuntu 24.04 development began
Full post
https://redd.it/17jd60n
@r_SelfHosted
What's the point of self-hosting YouTube frontends?
Okay, before you downvote me, hear me out.
I self-host quite a bit of services and am knee-deep in this hobby, like many of you are. I try my best to analyze what makes sense to self-host and what doesn't just so that I don't jump the gun and switch everything over to self-host just for the sake of doing it. I try to focus on what brings value to the table and what doesn't, and I just cannot see the value in self-hosting YouTube front ends. I tried my best to like it and force it on myself for several weeks, but it seems to hinder and ruin the YouTube experience rather than enhance it for me.
I find extensions on desktop such as YouTube Enhancer paired with uBlock Origin is a more enjoyable experience, and on mobile I prefer to use ReVanced. I feel these options are superior to piped/invidious etc.
So tell me, I'm curious. Why do you bother to self-host YouTube when there subjectively appears to be better options?
https://redd.it/17jag2l
@r_SelfHosted
What selfhosted service have the best "return of investment"
Hi guys,
What services do you think have the best return of investment? Where is it truly worth it to selfhost?
Cheers
https://redd.it/17j89rs
@r_SelfHosted
Need some guidance with how to set up my project for easier self-hosting
Hey there!
I am building an open-source project, built with React and NestJS. This in turn has a few dependencies on certain services, all running from docker (postgres, minio, browserless etc.).
I need some guidance on how I can package this as a single open source project, that would make it easier for folks to just pull and image and run as-is, or copy the docker-compose.yaml and have it running on their system.
I'm facing issues particularly with how to allow all these different services to communicate with each other. My hunch was to use a single nginx config that would route requests to minio, browserless, the client or the server depending on their route, but I do not have much experience with nginx either (also, not sure if that provides the best experience for self-hosters, hence why I'm posting this question here).
How can you help, you ask? A brief description of what services I can use to orchestrate this architecture, or a GitHub repository where you or someone else has done something similar might help.
I would be very very appreciative of anyone who can help, I've been stuck on this for the past week. It feels really depressing especially to have put in so much into the product to build it well, but run into a wall because I don't know how to package it to users.
https://redd.it/17j592k
@r_SelfHosted
External WebDAV suggestions
I am looking for suggestions on the best way to access my WebDAV site from outside my network. Due to the upload size of the files, Cloudflare tunnel is not an option. I have attempted this.
The WebDAV site is currently in IIS. I have a domain that I would like to use. Is a reverse proxy the best option? I have some confusion on the setup of a reverse proxy in general. I feel like I am over complicating this whole process.
https://redd.it/17j2p5w
@r_SelfHosted
Retrieval Augmented Generation (RAG) with Free CPU-based LLMs from Hugging Face
Hi everyone, we created a Hugging Face repo with small LLMs (\~3b and under) that can be run without GPUs for RAG experimentation. Small LLMs do not perform well without fine-tuning for RAG use cases, so we fine tuned them for optimized RAG performance while at the same time not requiring expensive GPUs. https://huggingface.co/llmware
We also have an open source library for enterprise-grade RAG implementation that has text parsing, chunking, embedding, and other great features like source citation and fact checking that also integrates into LLMs on Hugging Face. https://github.com/llmware-ai/llmware
Here are some helpful YT links to get started: https://www.youtube.com/watch?v=JjgqOZ2v5oU and https://www.youtube.com/watch?v=0naqpH93eEU&t=3s
https://redd.it/17j1d6e
@r_SelfHosted
Nginx Proxy Manager + Cloudflare
I'm trying to set up NPM with my domain name being handled with Cloudflare and I keep getting a Error 522 code.
Cloudflare's webpage states:
* (Most common cause) [ Cloudflare IP addresses](https://www.cloudflare.com/ips/) are rate limited or blocked in .htaccess, iptables, or firewalls. Confirm your hosting provider allows Cloudflare IP addresses. **I'm struggling to work out how to do this properly on my debian.**
* An overloaded or offline origin web server drops incoming requests. **This is not the case, I have sufficient resources and it's not offline.**
* [Keepalives](http://tldp.org/HOWTO/TCP-Keepalive-HOWTO/overview.html) are disabled at the origin web server. **I don't really understand what to look for this?**
* The origin IP address in your Cloudflare **DNS** app does not match the IP address currently provisioned to your origin web server by your hosting provider. **I have an A name record for** [**mydomain.com**](https://mydomain.com) **pointing to my.external.IP.address and CNAME records for my services pointing to @.**
* Packets were dropped at your origin web server.The only thing I can come up with is that I need to whitelist cloudflare's IP addresses. **If I ping the site** [**npm.mydomain.com**](https://npm.mydomain.com) **it comes back successful so I don't think this is it.**
If you know what I'm missing or you'd like me to provide further information or clarification, I'm all ears.
https://redd.it/17izttl
@r_SelfHosted
How to deal with certificates?
Some applications have connections that needs certificates to work, I usually get my certificates a from the reverse proxy and let’s encrypt.
But if I want to run a service that supports connections with TLS and want to map the certificates to that container, I need to run that container as root, but what to do if I don’t want to run it as root?
Is copy them a “real” solution?
https://redd.it/17ik7v7
@r_SelfHosted
Feature Comparison Chart - Web-Based Markdown Editors / Note-Taking Applications
Each application on this chart is notable for it's own combination of unique features.
Which application do you prefer? Are there any other applications or features worth adding to the chart?
​
# Web-Based Markdown Editors / Note-Taking Applications
|\##|Features|Dillinger.io|FlatNotes|HedgeDoc 1.0|
|:-|:-|:-|:-|:-|
|00|Markdown Spec|CommonMark|CommonMark + GFL|HFM|
|00|License|MIT|MIT|AGPLv3|
|01|Docker Support|✔|✔|✔|
|02|Markdown Live Preview|✔|✔|✔|
|03|WYSIWYG Editor|✘|✔|✔|
|04|Mobile-Friendly UI|✔|✘¹|✔|
|05|Dark Mode|✘|✔|✔|
|06|Real-Time Collaboration|✘|✘|✔|
|07|Version Control|✘|✘²|✔|
|08|Local Filesystem Storage|✘|✔³|✔⁴|
|09|Cloud Storage Sync|✔|✘|✘|
|10|Authentication|✘⁵|✔|✔|
|11|Unique URLs|✘|✔|✔|
|12|Edit Mode - VI(M)|✔|✘|✘|
|13|Edit Mode - EMACS|✔|✘|✘|
## Notes
¹ Mobile UI is better optimized in Chrome than Firefox
² Can use Git for Version Control
³ Files are saved as markdown files in local directory
⁴ Files are saved in a database
⁵ Authentication for Cloud Service Providers only
https://redd.it/17ivv48
@r_SelfHosted
Roundcube 1.5.2 to 1.5.5 upgrade failure on database schema.
Updating results in fatal error upgrading at the end database schema update. Any ideas?
https://redd.it/17iujz0
@r_SelfHosted
Anyone have experience w/ Lenovo Thinkstation P320 and Thinkserver TS150 (or similar)?
I'm currently running a P320 as my home server with a 1230 V6 CPU, but have been looking at upgrading to a 1245 V6 for transcoding with Intel QSV. Now I have the opportunity to buy a TS150 with a 1245 V6 for only a bit more than the CPU alone.
I was going to jump on this right away because I figured the ThinkSERVER must be better than my ThinkSTATION, but comparing specs they seem extremely similar to me.
Same chipset, similar size, similar PSU, both I think I could get 5 drives in, and both have AMT. Curious if I'm missing something here. Does anyone have any thoughts on if this would be an upgrade (other than the CPU of course) or are these 2 platforms really this similar?
For reference, I'm running Truenas Scale as a file server plus a handful of apps.
https://redd.it/17is4oc
@r_SelfHosted
Caching content from my homelab on a proxy VPS?
My homelab server has several services on it (personal website, Nextcloud, Jellyfin, etc..) that I access via a VPS, which uses Nginx as a reverse proxy, and tunnels traffic to/from my server at home via a mesh VPN. The VPS' connection is very fast, but the VPN is rather slow, and bottle-necks the setup.
As a solution, I'd like to try to use the VPS as a cache, this way it would lessen the need to fetch content from my homelab through the slow connection. However, I am unsure about the most effective way to do this. I know that Nginx has a built in caching feature, but I'm not sure if/how I need to configure it to work with services like Nextcloud; or is there is a better, additional piece of software for the job?
Disclaimer: I know things like Cloudflare exist for caching, but I wanted this to be an educational, as well as practical project.
https://redd.it/17iqdai
@r_SelfHosted
