I setup wg-easy, am I somehow exposed to attacks?
I configured wg-easy on my home-server (docker installation) and want to check if I missed something security-wise:
- I port-forwarded UDP 51820 on my router
- I have a domain which I purchsed, it's managed in Cloudflare and I created an A record pointing to my WAN IP.
- Not sure if it matters, but all I have for my wg.domain.com is a username/password authentication and it's secured with an SSL certificate, which is obviously only valid inside of my LAN.
I currently assume that since I port-forwarded a UDP port, people can't try and access MY_WAN:51820. Is it somewhat correct?
Any tips on this would be great. I'm not interested in exposing my setup to the internet, all I want is a secure VPN to sometimes access my network from my phone.
By the way, huge props to wg-easy, very quick and simple setup.
https://redd.it/18279nd
@r_SelfHosted
Selfhosted Wallpaper Service
HI Guys,
I want to setup a wallpaper service for my extended family and friends. I am looking for a self-hosted server to host a bunch of wallpapers for desktops and mobiles. I will update the collection periodically.
Consumers can set up some apps or software at their end and choose my wallpaper service to dynamically refresh the wallpaper on their devices.
Has anyone come across any self-hosted service like this?
​
https://redd.it/1827vuo
@r_SelfHosted
Nitro - 3mb binary to self-host LLMs
https://nitro.jan.ai/
https://redd.it/1821rg8
@r_SelfHosted
Any self-hosted alternatives to Plex's sonic analysis feature so far?
The recent debacle with Plex has gotten me looking into alternatives again. However they have one really killer feature that, last I looked into it, had no alternatives, which is the sonic analysis features that you can use with Plexamp.
I'm specifically talking about the feature that scans each song in your music library (using a deep learning algorithm) and determines detailed metadata about its qualities like genre, instruments, types of vocals, mood, and other timbral qualities, and then lets you generate playlists based on this data. Here's the page detailing the feature.
My favorite so far is being able to create a "Sonic Adventure" playlist, which lets you pick two or more tracks and then generate a playlist of tracks between them that gradually moves from one track you picked to the next.
Has anyone made an attempt at an open source or self-hosted version of this so far? (Is there even an open source tool for scanning audio to obtain this sort of metadata?)
https://redd.it/18228g1
@r_SelfHosted
More self-hosted solutions
Hello!
I'm aware of this awsome list, but recently I stumbled across this private list that contains other solutions, like IT-Tools and Llama (chat-gpt), so here it is, some other tools that are not in our favorite github page. (maybe the owners there can update it?)
​
​
https://redd.it/1821yie
@r_SelfHosted
Good email provider
Sorry, this has been brought up a number of times obviously, but I figured I'd still give it a shot. I'm not self-hosting email, because it sounds like a huge PITA. I was looking for a decent email provider, but coming up short for now, wonder what people here are using. My requirements:
support for a custom domain,
support for hooking up my applications via SMTP (just to send, like, update notifications, nothing spammy),
(optional, but would be good to have) nice apps for Android/iOS.
Things I've tried (all paid subscriptions):
Fastmail - felt excellent until I tried actually using it and found that 1) my SMTP messages are lost/delayed by a few hours. 2) SMTP-sent messages are not in the Sent folder, which makes things really hard to track. More details here: https://www.reddit.com/r/fastmail/comments/181tnuf/experiencewithfastmailasanewuser/
Proton Mail - doesn't have SMTP support, wat.
Purelymail - feels a bit hackish to me, and I don't want my wife to input weird IMAP settings on her phone.
Any good recommendations? Thanks a lot!
https://redd.it/181za7k
@r_SelfHosted
Hosting a static website on AWS with a single command
I'm sharing a repository that includes a starter kit for deploying static websites to AWS using the Cloud Development Kit (CDK): https://github.com/pagemosaic/pagemosaic-website-starter
This work started as part of my project to create a web platform, and it's my first time using AWS CDK. The code is carefully written and well-documented, making it helpful for those who prefer to use their own setup on AWS instead of services like Vercel.
I realize this method might be a bit more complex than using standard hosting services, but the repository provides clear, step-by-step instructions.
I'm posting it here, hoping it will be useful to someone looking for this kind of solution.
https://redd.it/181v2h3
@r_SelfHosted
Ways to backup your docker volumes ?
I bought a second hand NUC to have a little more horsepower to run various services. I have it connected to my NAS, but almost all of the docker volumes reside on the SSD in the NUC.
It would be nice to be able to backup those volumes to my NAS in case the NUC fails. I have Debian 12 running on it.
What are my options ? Should I just backup my docker volumes or does it make more sense to backup the entire NUC ? (I'm less tech savvy then I might appear. Please be generous with your explanation, I still have a lot to learn)
https://redd.it/181v210
@r_SelfHosted
Very low resource usage on Openlitespeed (LOMP) on Ubuntu 22.04
I have been testing a custom PHP script on LOMP (Ubuntu 22.04) running on VirtualBox (2GB/2Core). First, I tried Apache and upon benchmarking the script, it could complete 10K requests in \~36s - ab benchmark on Apache
Then, I installed LOMP and tried the same script after tweaking a few things under Server configuration (CPU Affinity, etc.). And, this time, it took 410s - ab benchmark on OLS without LSMCD
Later, I learned about LSMCD and gave it a try. This resulted in time being brought down to 185-250s - ab benchmark on OLS without LSMCD
What baffles me is the CPU usage when running OLS (with or without LSMCD). It never goes above 20% on a core, while the other core is under 5% when benchmarking. On the other hand, Apache easily hits 100% CPU when benchmarking. I believe I could get better results on OLS if I could make it use more CPU, but I don't have the least idea how. Have been searching for a solution for the past few days with no luck.
https://redd.it/181u9c3
@r_SelfHosted
How to avoid using my ISP's gateway/router? I live with people who still pay for cable TV, so the coax is required for some TV functions.
https://redd.it/181sgoh
@r_SelfHosted
What service one should NOT self host
Like the title says, I'm new to self hosting world. 😀 while I was researching, I found out that many people dissuaded me to self host email server. Just too complicated and hard to manage. What other services that you think we should just go use the currently available providers in the market and why?
🙂thank you
https://redd.it/181m75o
@r_SelfHosted
Can't get SSL certificates
Hey all, I'd love some more eyes on this problem I've been having.
Context:
I'm behind a CGNAT.
I have a domain
I have VPN with a dedicated IP
My DNS records are pointed at that dedicated IP
I have a TP\_Link A8 Router, and a Surfboard DOCSIS 3.1
Router has Bonded light
I'm running a server with Proxmox VM
It works amazing locally
​
Goal(s):
Use NextCloud/OwnCloud
Ability to access NC/OC from outside local network
Being able to use domain name instead of dedicated IP when accessing page
Actions:
Install a Debian 12 VM (or LXC depending upon attempt)
Update package repositories
Add user to sudoers file
Install UFW
Install VPN application
Enable UFW
Deny ALL but 40,443
Install Docker Engine
Enable VPN
Install Cosmos Server
Go through initial setup
Configure domain as Dedicated IP
Here my attempts just hang.
I have tried this using NGINX Reverse Proxy
I have tried this using Apache2 as a reverse proxy
​
Technical Information
Port scanning options see ports as open
SSL certificate application (letscrypt) hangs
​
I have also followed the 'how to' https://docs.nextcloud.com/server/latest/admin\_manual/installation/source\_installation.html from Nextcloud, using manual installation, and can install it, but when I get to the letscrypt stage, I can never get it to complete. I've tried the AIO as well. as the Docker image.
The issue is always with SSL/connecting from the outside. I can access it locally, but that doesn't help me leave commercial clouds behind!
I've included my network diagram of what I *think* is going on
​
https://preview.redd.it/xt1o7o4aez1c1.png?width=1148&format=png&auto=webp&s=ff7c8bfef0cc612ce80505a0ffa63dd9a2e04953
Thanks!
https://redd.it/181momw
@r_SelfHosted
What is the most efficient and lightest web-based file browser similar to Filebrowser?
I am looking for a file manager similar to Linux's Nautilus or Windows' File Explorer. It should allow me to click and drag files, move them between folders, and open a context menu with a left mouse click. Features like playing videos and the ability to create or edit files would be a plus. I prefer software that is not heavy or overly feature-rich. In this regard, Filebrowser is almost perfect, but its usability falls short for high manual workloads. For instance, it lacks a context menu that opens with a left mouse click on a file. It also doesn't offer a free selection area for selecting files with the mouse. Additionally, every time a file is moved, Filebrowser redirects the page to the target folder. This behavior is atypical and not very useful compared to real file managers.
https://redd.it/181k1nx
@r_SelfHosted
What radicalized you? For me it was Spore.
Some people get into self hosting just because they're interested in the mechanics of it, but many people I think got inducted by the fact that for example, Facebook or snapchat make it so difficult to save your own pictures or migrate to another service, or the possibility that Google is reading all of your emails, etc. Others may have been radicalized by a specific event, such as a service provider closing up business and therefore you lose your data.
For me, it was Spore com. I loved Spore, from the time I got it for my 10th birthday to maybe the age of 16 or 17 I poured hundreds or probably thousands of hours into this game. As I got older I became less invested in the gameplay and more invested in the creative aspect of it. I designed some badass creatures and spaceships that I was really proud of. I had a whole line of Spaceships that all served different roles in my head cannon, with different races of aliens following different themes.
EA/Maxis/whoever runs Spore now purged all of them from spore.com, and now they're gone. Years of my childhood essentially put into a locked box and the key thrown away. For me it was like losing a scrapbook in a fire. What right did they have?
So I ask, What radicalized you?
https://redd.it/181hs7j
@r_SelfHosted
Wireguard + GreenTunnel
https://github.com/SadeghHayeri/GreenTunnel
https://redd.it/181enpa
@r_SelfHosted
Working on a frontend to youtube-dl which doubles as a fully-functional video-hosting website
https://redd.it/1829vzd
@r_SelfHosted
How do you back up all your selfhosted services
Hi Everyone
I need some help
I'm currently selfhosting some of my applications on Digital Ocean and i run a container using Portainer CE. I was wondering how you guys keep backups for the applications running on docker.
I'm currently using Digital ocean's snapshots feature but is there a better way i could use, any help on this is highly appreciated.
https://redd.it/18267f2
@r_SelfHosted
Is there a self-hosted tool that can subscribe to (and transcribe) niche video platforms?
I research far-right groups who are mostly banned from YT. I want some kind of tool that automatically downloads content from their groups (mostly on BitChute, Rumble, Oddysee) and then does a TTS transcribe if subtitles are unavailable.
I've tried Metube, which is really good at downloading from niche sources but lacks the concept of a subscription. In other words, I cannot just give it a bunch of channels I want and then let it do its thing.
Yt-archivist is excellent but is YouTube only. It doesn't support the niche video sites I need.
If only there were a tool with archivist's features but Metube's breadth of support. I've not yet seen any tool that can automatically transcribe the content in a directory, but that would be perfect - some tool that I could feed a directory of content and then have it automatically transcribe anything that doesn't have subtitles.
The reason I need transcription is so that I can search for certain comments. For example, I might want to find out when a particular group started campaigning on an issue or used a particular phrase.
Ideally, I'm looking for stuff that runs as a Docker-Compose configuration. I have a NAS with a few TB of storage. It would be great if I can just run this directly on the NAS and
https://redd.it/182362e
@r_SelfHosted
Yay... tunnels!
https://redd.it/1822bxq
@r_SelfHosted
Why doesn't qBittorrent open from Homarr???
Hi guys,
I recently set up Homarr and linked all my docker containers to it. Everything works well and opens correctly except for qBittorrent. But then if I click on the address bar and click enter it works.
What's happening here?
​
https://preview.redd.it/9y68lt39m12c1.png?width=979&format=png&auto=webp&s=e7c3d9567f57da60f9449ce9f8ff441bc7de146c
https://redd.it/181v06v
@r_SelfHosted
Any suggestions about a Reliable Open Source WAF solution with SSL Termination on
Hey Everyone, I hope you are doing well, I would like to know from you guys if any has experimented with any WAF projects. any feedback and suggestions would be good.
​
Happy self hosting
https://redd.it/181ykqe
@r_SelfHosted
What operating system do you use for your home server? I’m planning to do unraid but what are the other options and why would you pick one or another?
Cross posted to r/homeserver
https://redd.it/181wpa8
@r_SelfHosted
Trigger.dev - Long running jobs on NextJS
TriggerDev can add background jobs to your NextJS application.
Furthermore, They implemented some cool ways to deal with the timeout for Vercel serverless functions by isolating each task in one request.
They are fully open-source, and self-hosted.
Here is the link:
https://github.com/triggerdotdev/trigger.dev
https://redd.it/181v243
@r_SelfHosted
Web content filtering
What is a good web content filtering that I can host in my lab? I know Pi-Hole and pfBlocker, but was wondering what else I should try.
https://redd.it/181nkdu
@r_SelfHosted
My first steps into self hosting and my homelab dashboard
Homer dashboard with custom theme
After lurking for years on this subreddit I finally bought a mini PC for the soul purpose of experimenting with self hosting. So the past few days I've been learning about Docker and stealing all your docker-compose files and combined them into something I could actually use.
The code is available on Github. Please give me some feedback because I'm 200% sure I did a lot the wrong way. What I've however learned from you guys is to document what you're doing when you're doing it instead of later (never).
https://redd.it/181lrzf
@r_SelfHosted
Starting with Firefox 120, FF can now automatically trust custom TLS certificates from OS store
https://support.mozilla.org/en-US/kb/automatically-trust-third-party-certificates
For those of us who run in-house CA, now there's one one less step in rollout procedures.
Previously, FF trusted only Mozilla Certificate Store. Since release 120, it continues to trust its own store, but also detects any custom Root CAs you've added to your OS store and allows to trust them.
https://preview.redd.it/u84glpcdyy1c1.png?width=724&format=png&auto=webp&s=3ab4114f777c301d1f5fa8e24ceef66ddbdceb38
https://redd.it/181kkri
@r_SelfHosted
rclone+Deluge+Plex: How do I automatically copy completed downloads?
I have a plex setup on Ubuntu with Deluge, Jackett, *arr apps, etc. All is gravy.
Except I currently need to manually run `rclone copyto` on completed Deluge torrents in order to [reliably] pipe the media to rclone/Plex.
Context:
1. Deluge downloads to `~/local/`
2. rclone is mounted to `~/gdrive/` using:
```
rclone mount gdrive: ~/gdrive --allow-other --vfs-cache-mode off --bwlimit 15M --tpslimit 4 --tpslimit-burst 4
```
3. Plex serves from `~/gdrive/Media/TV` and `~/gdrive/Media/Movies`
Initially I was using Deluge Labels to auto-move completed downloads, but this resulted in IO errors (and occasionally illegal disk seeks when I messed with enabling vfs cache writes).
I tried setting up a cron job to monitor `~/local/` for completed files then copying to rclone, but that resulted in IO errors.
The ONLY reliable solution I've found is manually running `rclone copyto` from a `screen` session for completed downloads. It _works_ but it's a pain in the ass.
My questions for yall:
1. Any idea why I'm getting these IO errors? I'm not pegging the CPU or the disk. There doesn't seem to be hardware issue, it really feels like the problem relates to rclone and Google's APIs
2. Any idea how to troubleshoot this and get downloads automatically moving? Any logging mechanism I use (Deluge, rcloone, kernel) just gives generic IO errors. It doesn't point me in any direction
https://redd.it/181icqb
@r_SelfHosted
Healthcheck of your Selfhosting installation - what are you monitoring and why?
Hey all,
I just found healthcheck.io \- and it's awesome.
I wrote multiple bash-scripts (via ChatGPT as I'm no programmer), e.g.
\- Check every LXC-Container if the defined docker containers are still running
\- Update every LXC-Container
\- Refresh the Letsencrypt-Certificat in every LXC-Container
If the tasks is successful, they Ping my healthcheck.io instance running on a VPS connected via WireGuard. If the VPS don't get a ping in the defined timeframe, I get an e-mail notification.
I really love, that I don't have to install anything on the hosts I want to monitor, so it's always working.
Any ideas of other metrics that are worth to monitor, and that I could realize with simple bash-scripts?
(I'm using Proxmox with multiple LXC containers running Docker and apps like Bitwarden, Nextcloud, etc.)
https://redd.it/181e1xj
@r_SelfHosted
CasaOS Run Docker Post Deployment Script
I'm new to CasaOS and fairly new to docker but have been able to deploy some containers on my Zimaboard.
I have manually installed SWAG with the compose file which works fine but was wondering is it possible to run some post shell scripts automatically once the docker container is started. I want to installed keepalived as i plan to run two zimaboards with either an active/active or active/passive swag reverse proxy. The docker images do not come with this package automatically deployed but it is available via apk.
I have been reading on the internet and have tried using command: sh script and entrypoint: sh script in the compose file but they don't seem to work and the swag services don't start or the container just restarts. Another method I have found is to use a dockerfile but i don't see anyway of do this with casaos.
Can anyone help suggest a method i can run a post script automatically each time the container is started. This way when i come to update the container the package will be reinstalled and hopefully start keepalived with a config file I will put on an attached volume.
Any help would be appreciated.
https://redd.it/181e3kt
@r_SelfHosted
