Tool to manage multiple linux machines
Hi everybody, i'm searching for a software that can be selfhosted to manage multiple linux machines, at the moment where i work we have 20+ machines running mint and debian, what i need is a way to run scripts and updates on multiples machines at the same time.
UPDATE: Thanks to all the comments, i'll be trying Ansible and see if it fits my needs at the moment.
https://redd.it/18rzcpk
@r_SelfHosted
Hyperswitch - Free and open-source payments orchestrator
Hyperswitch is an attempt to replicate India's success with UPI (Unified Payments Interface) globally. Today, the payment ecosystem is:
* Dominated by closed systems and walled gardens
* Ever increasing in diversity
* Becoming expensive for businesses
Payments should be a basic utility of the internet and these problems can only be solved by a community led effort.
Self host Hyperswitch: [https://docs.hyperswitch.io/](https://docs.hyperswitch.io/about-hyperswitch/readme)
GitHub: [https://github.com/juspay/hyperswitch](https://github.com/juspay/hyperswitch)
Hyperswitch is built with Rust and is now fully free and open source (app server, card vault, web client SDK & dashboard). It is optimized for sub 30ms overhead with 50+ processor integrations. There's also multiple self hosting options
https://redd.it/18rzd4a
@r_SelfHosted
What to do with my Christmas present?
So a friend of mine knows I’m into self-hosting, because I never shut up about it.
They bought me a raspberry Pi 5 8GB for Christmas, and I’ve managed to not touch it for 36 hours.
What should I do with it? I currently have a 32GB machine with 7TB storage already running the usual suspects:
- arr stack for media (including overseerr)
- plex
- HA with alarmo for home security
- bionicgpt to mess around with on LLMs
- homepage with glances
- VS Code
- mealie cause we love cooking
- paperless ngx (can I just say what a gamechanger this is???)
All of this is hosted and exposed using cloudflare tunnels and swag.
Here’s the different options I’ve been thinking of:
- backup for redundancy (any suggestions on how to keep this robust?)
- dev server to test stuff out
- tailnet-based exposing of services to share media with my family
- frigate (could always get extra cameras like hardware and a coral usb stick)
But I have no clue on what to choose or if this list is even close to comprehensive. What would you do with a spare pi? Happy for any suggestions!
https://redd.it/18r7bv0
@r_SelfHosted
services to stop. Sart the instance by pressing **\[ ▸ START \]**
When a Pi-hole instance starts up, the default configuration is set to automagically configure networking. If you change networks on the Android device simply restart the instance for Pi-hole to pick up the new settings.
The Pi-hole instance on Android otherwise behaves like it is running on a 'real' Raspberry-Pi or a standard PC. Consult the extensive documentation online to learn how to fully leverage Pi-hole's functionality.
Adjust QT display scaling: `~/startwm.sh`
Change the font size in QTerminal: `~/.config/qterminal.org/qterminal.ini`
[RDP Connection to Debian Linux, hosted on an Amazon Fire HD 8 \(2017\)](https://preview.redd.it/g62jtsdhzp8c1.png?width=1392&format=png&auto=webp&s=e5a968aa35827f6e29b758eac74fe3764a848ad7)
***\*If\**** **your Android device has a battery and was unused for months or years, replace its battery!** Old, worn, or abused Li-ion batteries can fail when pushed back into service. Failure appears as a bulge in the battery, or worse a [***thermal event***](https://www.urbandictionary.com/define.php?term=unexpected+thermal+event). A good battery provides [UPS](https://en.wikipedia.org/wiki/Uninterruptible_power_supply) protection for your newly provisioned microsever.
**Note:** There is no endorsement or partnership between this page and [Pi-hole© LLC](https://pi-hole.net/). They deserve [your support](https://pi-hole.net/donate/) if you find this useful.
https://redd.it/18rl7ox
@r_SelfHosted
Chat with Paperless-ngx documents using AI
Hey everyone,
I have some exciting news! SecureAI Tools now integrates with Paperless-ngx so you can chat with documents scanned and OCR'd by Paperless-ngx. Here is a quick demo: https://youtu.be/dSAZefKnINc
This feature is available from v0.0.4. Please try it out and let us know what you think. We are also looking to integrate with NextCloud, Obsidian, and many more data sources. So let us know if you want integration with them, or any other data sources.
Cheers!
Links:
Project: [https://github.com/SecureAI-Tools/SecureAI-Tools/](https://github.com/SecureAI-Tools/SecureAI-Tools/)
Release v0.0.4: https://github.com/SecureAI-Tools/SecureAI-Tools/releases/tag/v0.0.4
https://redd.it/18rn3gr
@r_SelfHosted
Recommendation for vpn setup
What setup do you guys recommend for setting up a VPN to access systems at home?
Is there anything FOSSthat is relatively easy to setup and troubleshoot?
https://redd.it/18qyfqs
@r_SelfHosted
AI Model Storage?
i need something to storage a large amount of models like Civitai but lightweight
I try Gitea with LFS and deleting the old commits with This the LFS files remain in the Gitea Server so useless files taking space any Selfhosted alternative ?
https://redd.it/18qti3c
@r_SelfHosted
How to properly selfhost EmulatorJS
I recently started looking at EmulatorJS because me and a few of my friends like to play some old GBA, GBC, and GB games. I want to provide this service for them much like how I give them access to my Plex libraries.
Ideally only I should have access to manage the ROMs similar to how only I have access to manage the media files on my Plex. Ideally as well, I want me and my friends to have our own EmulatorJS profiles so that our save files don't mix with others and they will all be organized properly.
A few things I noticed while I was testing out EmulatorJS locally before I set it up on my VM and point a subdomain to it like games.domain.com where all of us will access it from is that the backend isn't protected. You just have to point your browser to the IP address and specify the port and you're in and you're able to upload files to the server without any kind of authentication. This is a massive security issue for me because then anyone who has the domain name (it's so easy to see all of the available subdomains of a domain) and the port number and they can upload whatever they want onto my server. Another issue I have is with user profiles.. I tried setting two accounts when I was testing it out locally and a user doesn't really have to login to start playing. They just specify the IP address or the domain name and they just start playing.
Anyone has any guides on how I could set up EmulatorJS the way I described above? Here's my docker-compose.yml file:
version: '3'
services:
emulatorjs:
image: lscr.io/linuxserver/emulatorjs:latest
containername: emulatorjs
restart: unless-stopped
environment:
- PUID=1001
- PGID=1002
- TZ=Etc/UTC
- SUBFOLDER=/ # optional
ports:
- 8800:3000
- 8880:80
# - 8801:4001 # optional
volumes:
- /var/emulatorjs/config:/config
- /var/emulatorjs/data:/data
networks:
- gateway
networks:
gateway:
name: npmgateway
external: true
I use Nginx Proxy Manager as a reverse proxy in front of every docker container to assign certificates and manage the domain mappings to each container hence why you see some network stuff in there.
https://redd.it/18qt8eo
@r_SelfHosted
Is there any way to automate updating Tandoor instead of having to this:
https://docs.tandoor.dev/system/updating/
Every time they update their version of Postgres you would have to export and reimport the DB. Is there another, automatic way?
​
https://redd.it/18lmklg
@r_SelfHosted
Homelab on Proxmox
Hi guys,
it’s the first time I’m getting my hands dirty building a home server / lab.
Here’s the list of my hardware:
- HP EliteDesk 800 G5 SFF
- CPU: Intel i5 9500
- GPU: Intel UHD Graphics 630
- PSU: 250 W (80 PLUS Platinum)
- Crucial MX500 SATA SSD (1 x 500GB)
- Crucial P3 M2 NVMe SSD (2 x 2TB)
- Crucial Pro RAM 64GB DDR4 2666 (2x32GB)
Specs: https://support.hp.com/us-en/document/c06414352
I still got space for another two 3.5” SATA HDD like 2 x Seagate IronWolf Pro. But honestly I don’t want to integrate magnetic disks because they make noise and are not power sufficient. The current setup is surprisingly power efficient like 11-13W..
I plan to run Proxmox bare metal on the SATA SSD (Crucial MX500 SSD -500GB). The SSD would also be the storage for ISO images. Maybe I want to use TrueNAS Scale in the future for NAS but I’d need additional storage to use RAID10, at least two disks which ideally would be SSD (SATA or NVME).
Primarily I want to host software development stack with integrated CI/CD (like GitLab) but also ‘must have’ apps like media server stuff like Plex/Jellyfin and other useful tools like NextCloud and PiHole.
I’ve got technical background in Docker. Can/Should I just use Portainer in an Ubuntu server VM to spin up several services? I don’t know if creating services in Kubernetes (K3S) or on platforms like Rancher would be a good idea?
I want to use best practices when setting up everything. There are bunch of tutorials on YouTube but I haven’t found nothing really comprehensive which goes step-by-step through all the stuff. Techno Tim has fascinating stuff but he’s showcasing his results, it’s less a walkthrough / how-to tutorial which would be interesting for newbies.
Thanks for your help.
https://redd.it/18lje2j
@r_SelfHosted
New (and Free!) Home Assistant Remote Access - Looking For Beta Testers
I'm looking for beta testers for a new project I'm working on to provide free, secure, and private remote access to Home Assistant! It's called Homeway.io!
I want to put this upfront. I know privacy and security are essential to this subreddit, and they're very important to me as well.
Homeway has a very strong privacy and security commitment; we will never sell, store, or give away your data. Homeway tunnels your data from your browser to your Home Assistant and back, then it's deleted. All of your data stays locally in your home, I'm just building a secure way to access it. I have written an extensive page describing our system security; I would like feedback and scrutiny!
There are other remote access solutions, but I'm trying to build an easy-as-possible-to-use system that requires no setup, so there's no way to misconfigure the system and expose it to the public internet. I have worked in software and security for 10 years, so I have seen the user benefits of systems that are drop-dead easy to set up and have seen the horrors of security issues resulting from poor attention to security.
I want the service to be free so that as many people can secure their Home Assistant remote access. However, the service does cost money to operate, so users can opt into an option supporter role for $2.49/month, which helps fund the project. If you get the supporter role, you get higher limits on your data usage as a thank-you.
I'm looking for beta testers to run the project through its paces and send feedback. I'm an open book and would love to communicate with anyone on their thoughts, concerns, bugs, or whatever. For this initial set of beta testers, if you contribute feedback, as a thank you, I will give all beta testers "Supporter Perks" for life, essentially meaning unlimited free remote access forever.
If you're interested, follow this link to get set up in about 20 seconds. All you have to do is install the Homeway add-on and link your account.
I'm excited to get some users into my project and see what you all think! I'm more than happy to answer any questions, fire away!
https://redd.it/18lj36i
@r_SelfHosted
New open source self-hosted cloud storage: Voltaserve
Voltaserve is a new open source self-hosted cloud storage, check it out: https://voltaserve.com
GitHub repository: https://github.com/kouprlabs/voltaserve
https://redd.it/18lc8qc
@r_SelfHosted
Question about Portzilla (Cloudflare)
Hi, I just installed portzilla on my website in cloudflare. When Portzilla sent me a verification email, it redirected me to some scam/advertisement website? I'm really confused and I'm wondering if Portzilla is even legit.
​
The website it sends me to.
https://redd.it/18lewe3
@r_SelfHosted
Anyone ever thought of installing self host stuff into other people's house ?
Anyone ever did that as a side hustle ? I'm curious.
I've been playing with a lot of open source lately, immich, vaultwarden and the like. Feels like other people may be interested into self hosting but probably don't have the time or the skills.
https://redd.it/18lbcqi
@r_SelfHosted
Cloudron free tier "bypass" ?
I own a cloudron free tier with 2 apps : Nextcloud + n8n. The limit is 2 apps, but i want to add a Lamp server for hosting a mysql database and a website. And i don't want to pay 15$/m just for an extra app. Can i do this on my Ubuntu without breaking everything ?
https://redd.it/18l9b6v
@r_SelfHosted
Ubuntu server hardening on Racknerd
Hi folks,
Long story short, I have a VPS on racknerd running Ubuntu 22.04 server which I discovered was hacked and used to scan IP and port (I found masscan and ntpscan running which I did not install).
I was running docker behind traefik proxy with docker-socket-proxy and I did enable UFW and crowdsec.
It looks I did something wrong when I tried to protect my VPS against unauthorized access.
Any good source / walkthrough / script to begin learning Ubuntu hardening in order to not be hacked again?
Happy holidays
https://redd.it/18ryvip
@r_SelfHosted
Software recommendations for my first home media server:
I have some old PC parts (i7, 32GB ram, 400w PSU) that I'm going to turn into my first ever home media server. Here's my plan...let me know if I'm missing anything:
- OS - Ubuntu Server - Wanted to run a lightweight OS that I could SSH into.
- Network drives - Samba - Was planning on mounting the drives as network drives on my local network so I could add files from my Windows machine file explorer if needed.
- Docker - Dockge - clean GUI to manage all my containers
- Server Dashboard - Homarr - was also considering casaOS but I think I prefer the flexibility of homarr
- Media Server - Jellyfin - I like that it's FOSS
- Jellyfin audio iOS client - Finamp
- Jellyfin audio Windows client - Feishin
- Jellyfin video iOS client - Jellyfin Mobile iOS
- Jellyfin video Windows client - Jellyfin Media Player
- VPN - Tailscale - This is what I'm the most torn on. I want to be able to stream media on the road. I also want to provide friends/family with credentials so they could easily access media on the server. I wanted to go the VPN route because I didn't want to expose the server publicly. I want a VPN that is easy setup, free, good performance and secure. I was also considering wg-easy as a self hosted option but I think this requires you to open a port on your router right? Or I'd have to host the container in the cloud on a VPS which I don't really want to pay the monthly server cost for
- VPN for downloading torrents on server - NordVPN - I wanted to be on a VPN to be secure for downloading torrents so figured Nord would be good, any other suggestions?
- Arr stack for torrents - prowlarr, sonarr, radarr, lidarr, and qBittorrent
- Route arr through VPN - Gluetun - Was going to run this container with Nord credentials and then route all of the torrent traffic through it.
Anything I missed?
https://redd.it/18rbw9c
@r_SelfHosted
Every time I try a new self-hosted ebook manager/viewer, I end up back with Calibre-web
I've tried several ebook manager/viewers including Kavita (bottom of the list) to Calibre's own web portal, and I end up back at Calibre, because it still runs circles around the competition in speed, memory footprint and features. It's reader is pretty ugly, however.
Don't get me wrong, Kavita has a pretty UI, but its features leave a lot to be desired. The ebook viewer is definitely one of the poorest I've seen/used. Eventually it starts internally failing and can't scale fonts or font sizes, and you have to bounce the container running it to wake it back up again.
The oqurum reader looked nice, but is still in rough shape/development. It might surpass the others, with a little more attention and love.
Komga looked nice, but has limited customizations/features (font sizes, columns, text to speech), so it was off the list for ebooks. Great for comics, not so much for other document formats (mobi, epub, pdf).
Jellybook, part of the Jellyfin suite, looked sharp as well, but suffers the same problems as Komga (lack of features) and oqurum (lack of active development), so it stagnated.
Mango was another from the recommended list, but it suffers a greater problem. You have to restructure your entire ebook hierarchy in order for Mango to even ingest it and present those back to you for reading. For collections of thousands of ebooks, that's a non-starter.
What are others using that supports the rich features that something like Calibre-web ships with by default, but in a more modern framework and cleaner UI?
https://redd.it/18rpmyt
@r_SelfHosted
Sometimes the best SBC is the one already gathering dust in your desk drawer • Debian APK installer, fully deployed in 5 minutes [root]
[Project page](https://github.com/DesktopECHO/Pi-hole-for-Android) on GitHub
[Up and running on a Amazon Fire HD 8 \(2017\)](https://preview.redd.it/jm8psiazlp8c1.png?width=912&format=png&auto=webp&s=0dcbbdd64c212cfdeeb046e1d08194b43f3901f8)
Pi Deploy is a fork of Linux Deploy and disk image tuned for server duty on Android devices. It can be used on **any** rooted Android device with an **ARMv7 or AArch64 CPU** running Android 5.0 (Lolipop) or newer. Form factor is not important; it could be a phone, tablet, HDMI stick or **any device running Android**. For very old devices running Android 4.x, see the [Legacy branch](https://github.com/DesktopECHO/Pi-hole-for-Android/tree/legacy)
# [Installer walk-thru](https://www.youtube.com/watch?v=sdDkKvaRvOs) on YouTube
## What's New (December 2023)
* Updated image to Debian 12 (Bookworm)
* Pi Deploy image is now **64 bit** by default. To deploy a **32 bit** image, tap **Properties** and change the last bit of the **Source Path** URL from `/raspbian.tgz` to `/raspbian32.tgz`
* The [Pi-Hole ad-blocking DNS server](https://docs.pi-hole.net/) is installed by default.
* To install **PIXEL Desktop**, run `pideploy-gui-install`. Next time you login via RDP you will have a full desktop session with audio support.
* To install **Nextcloud 27**, run `pideploy-nextcloud-install` to launch the Nextcloudpi installer patched for Android. Consult the official NextCloud documentation for administration of this powerful collaboration tool.
## Requirements:
* Any ARM-based Android 5.0+ device (Jellybean or newer) that has been rooted
## Download/Install the latest [Pi Deploy APK](https://github.com/DesktopECHO/Pi-hole-for-Android/releases/latest/download/pideploy.apk) and open the app.
* Tap **Allow** if asked for permission to access files or run as root.
* Tap **More Options** (**Three dots** at the top right of screen)
[More Options](https://preview.redd.it/toxm3pe9zp8c1.png?width=1020&format=png&auto=webp&s=45b26ae18996ad8200ea5080cb4de978aeea4cc6)
* Tap **New Deployment**
[New Deployment](https://preview.redd.it/v0e496kbzp8c1.png?width=1020&format=png&auto=webp&s=c0a7cf45f203cf36406f0b67309ca762760d837b)
* In a few minutes, the container image will be downloaded and installed on your device.
* When deployment is complete, tap **\[ ▷ START \]** to launch the instance.
* The instance will provide you with a password to login to Pi-hole webadmin or via SSH/RDP (Username: *android*)
* **Note**: The password appears only once when the image is deployed, make sure you record this information. You can also copy the password text to your clipboard for easier management.
## INSTALL COMPLETE · Your Android device is a Debian server running Pi-Hole!
[Android browser accessing Pi hole Web Admin](https://preview.redd.it/2ww7dmcezp8c1.png?width=1280&format=png&auto=webp&s=cbe190e130b7e054cd4addc5acf8e89e465f84b6)
The Android device's IP is shown at the top of the Pi Deploy main window. You can interact with the Linux instance in several ways, the examples below use IP ***10.73.0.31***
* Connect via RDP in Windows using `mstsc.exe /v:10.73.0.31` or in Linux using `xfreerdp /v:10.73.0.31`
* Connect via SSH **->** `ssh android@10.73.0.31`
* Pi-hole administration is accessible from any browser on your network **->** `http://10.73.0.31/admin`
* If your Android device has a display, you can RDP into the Pi-hole instance (as localhost) by installing the [Microsoft Remote Desktop](https://play.google.com/store/apps/details?id=com.microsoft.rdc.androidx) client or [aRDP](https://play.google.com/store/apps/details?id=com.iiordanov.freeaRDP&hl=en&gl=US).
**Additional Info:**
RDP Sessions launch the Openbox window manager with QTerminal in fullscreen mode. To open a new tab hit **\[Ctrl-Shift-T\]** and to un-hide the menubar hit **\[Ctrl-Shift-M\]**
You can stop the Pi-hole instance by pressing **\[ ■ STOP \]** and waiting a few seconds for all
Meta: Why do you selfhost? (The psychological aspect)
Anyone else selfhosting, at least partially, because they like the feeling of control that comes with it?
I'm not talking about "I don't want anyone to see my data!" or "I don't trust GoogleDropboxWhatever!" I mean: You figure out how to make something work, get it to work, and feel good when it works.
I've been selfhosting for years and the lightbulb just sort of clicked over the holidays -- that's why I do it. And it's also why I get irrationally frustrated when things I think I should be able to figure out (:::cough:::kubernetes:::cough:::) don't work like they should.
Personal or work life a dumpster fire? Known and unknown unknowns everywhere you look? Fuckit -- I can make this lil' docker-compose.yml file do what I want.
https://redd.it/18rgqkb
@r_SelfHosted
Lightweight, Self-Hosted Catalog Manager for B2B Electronics Business
I'm in search of a self-hosted catalog manager for my small B2B electronics business. I've tried integrating WooCommerce into my website, but found it too resource-intensive. I'm looking to separate the website from the catalog system.
The ideal solution should support custom product parameters (like SKU, electrical specs), allow for image uploads, downloadable assets, and detailed product descriptions. A user-friendly frontend filter is also essential.
Any suggestions for a tool adept at handling technical products would be hugely appreciated!
https://redd.it/18qy4qv
@r_SelfHosted
Thoughts on my new Potential Proxmox Server Build?
I'm wanting to build a new Proxmox build around the Fractal Node 304 and was just wanting feedback on the potential components I'd like to use:
Intel Core i5 13500 13th Generation: https://www.ebuyer.com/1545013-intel-core-i5-13500-13th-generation-14-core-processor-bx8071513500
Gigabyte H610I mITX Motherboard: https://www.ebuyer.com/1883287-gigabyte-h610i-ddr4-mitx-motherboard-h610i-ddr4
Corsair Vengeance 64GB RAM: https://www.ebuyer.com/974330-corsair-vengeance-lpx-64gb-ddr4-3200mhz-cl16-desktop-memory-black-cmk64gx4m2e3200c16
Corsair RM650 80+ Power Supply: https://www.ebuyer.com/1904167-corsair-rm-series-rm650-fully-modular-80plus-gold-atx-power-supply-cp-9020280-uk
Coolermaster Hyper 212 LGA1700 CPU Cooler: https://www.ebuyer.com/1597312-coolermaster-hyper-212-rgb-black-edition-with-lga1700-rr-212s-20pc-r2
Kinston 1TB NVMe M.2: https://www.ebuyer.com/1539954-kingston-1tb-nv2-pcie-4-0-nvme-ssd-snv2s-1000g
Seagate Ironwolf 6TB NAS Hard Drive: https://www.ebuyer.com/950863-seagate-ironwolf-6tb-nas-hard-drive-3-5-5400rpm-256mb-cache-st6000vn001
I'm limited by some components due to the Case's size. Any Thoughts?
https://redd.it/18qvfgr
@r_SelfHosted
100% ping packet loss, and unable to ping or access internet, but can still resolve host names
Hello,
My Debian 12 server has weirdly decided that it can't access the internet, can't ping domain names, but can ping IP address, able to update apt and even pull docker containers. When I ping a domain name, instead of saying it failed domain name resolution, it just says 100% packet loss, even when pinging gnu or google. I can also ping 1.1.1.1 and local IPs just fine. Traceroute and dig commands also work and are able to resolve the domains.
I'm not able to find anything online outside of domain name resolution failures, any and all help is greatly appreciated.
Thank you.
https://redd.it/18llg01
@r_SelfHosted
Best practices for creating Virtual Machines in different VLANs?
​
I have a new switch I want to setup a homelab with. I want to create 4 VLANs. Where would I deploy a web server to? Or it it recommended to have a separate VLAN for web server traffic?
https://redd.it/18lo76o
@r_SelfHosted
Which services do you Port Forward?
For all the talk about using VPNs/Tailscale/Cloudflare Tunnels/SSH tunnels over port forwarding, I'm curious which ones are the services that you do actually port forward and why?
For me it's just ResilioSync and Plex.
https://redd.it/18li0ts
@r_SelfHosted
Broke NPM after trying to setup AdGuard on macvlan
Hello!
The other day, as the title says, I was trying to setup AdGuard on a macvlan to avoid the port conflicts with NPM, so I could use it as a DHCP server (I know it's possible to change the port after the initial configuration but for some reason my system didn't like that trick). Things worked half-good, meaning that adguard was accessible via its own ip and the whole network was using it as dns and dhcp server BUT I could no longer access the other services hosted on that server, big no.
So I peacefully gave up only to find, to my horror, that nothing worked after deleting the container and its macvlan. I can access my services via ip:port but I can't make it work with reverse-proxy.
I tried re-installing NPM from scratch but it still didn't work: even if NPM and ServiceX are in the same network, I can't setup a proxy host with its container hostname (but I found out that using the ip of said network works for some reason).
My guess is that the problem lies in some docker name-resolving mechanism that got fucked up (but I could easily be wrong).
Can anyone help me? Please don't let me go maniac and reinstall the whole system under Christmas.
My setup:
Ubuntu server 22.04, CasaOS, Portainer, NPM, services in containers (Immich, Changedetection, etc.).
Not very informative, I know 🥺
https://redd.it/18lia1x
@r_SelfHosted
Infrastructure as a Code
Hello everyone.
I have about 15 or 20 self-hosted Docker containers on my Raspberry Pi 4 and now I want to move them to a mini PC. I use Portainer to spin up the containers, but manual management is boring and not easy to restore when something goes wrong or when moving to different hardware.
So I decided to declare in code what I want to achieve. I'm a Java developer with some Docker experience, and have recently become familiar with Ansible. I'm currently considering two options:
\- Docker Compose
So I decided to declare in code what I want to achieve. I'm a Java developer with some Docker experience and have recently become familiar with Ansible. I'm currently considering two options:
The first option is the easiest and most intuitive. In one (or more) Docker Compose files I can declare the configuration of each of my services and their dependencies.
At the same time, I can also use Ansible to do this. However, it is not clear to me how to do this.
The questions are
\- What tools do you use to maintain the configuration of your homelab?
\- Which do you prefer: docker-compose or Ansible?
\- What else would you suggest to consider in my case?
​
Thank you all for your answers, suggestions, attention and time!
https://redd.it/18leeto
@r_SelfHosted
How to solve the catch 22 of storing my rclone password/salt in vaultwarden, and my vaultwarden backups being encrypted by my rclone password/salt?
Title says it all mostly.
I use vaultwarden for all my passwords, etc. I have rclone set up to store my entire vaultwarden config/db/etc. every night in B2. But that rclone remote is also encrypted.
Any thoughts / strategies on how to handle complete worst case scenario, where my primary goes down, my phone that has the latest cache of passwords becomes inacesssible, and all I have left is my encrypted rclone remote? haha. I recognize this is a contrived example, but I am interested in how folks handle this kind of thing, even if just for the sake of the conversation.
https://redd.it/18lcl69
@r_SelfHosted
Can I circumvent a port 25 block by proxying my mailserver through a cloud VM?
The ISP that my server is behind blocks port 25 (I think it's Comcast/Xfinity but I'm not sure; this server is a collaborative project so it's not hosted at my home). This is a problem because I wanted to set up a mailserver to provide mail sending for all my other services. Would it be possible to set up a cloud VM (I'm thinking a free tier Oracle Cloud VM) and have it act as a traffic proxy? In other words, I'd set it up so that DNS pointed at the cloud VM, which would have a simple caddyfile installed to proxy all email traffic to my actual server. My main concern is that this might mess up SMTP TLS, since the certificates would be issued to the main server but might appear to be coming from the cloud VM.
If nothing else works, I'll probably just create a Protonmail email address that I use for my services, but I'd prefer to be able to host my own email server.
https://redd.it/18law8y
@r_SelfHosted
Calendar that integrates with Discord
I want to set a few calendar dates and get notified via Discord channel. What can I use that can do this?
https://redd.it/18l6stw
@r_SelfHosted
