Introducing ShareTOTP - Easy 2FA Code Sharing for Teams!
Hey everyone!
I'm excited to share a project I've been working on called ShareTOTP. It's a handy tool for sharing 2FA codes within teams, making security easier for everyone.
You can find ShareTOTP on GitHub here. It's free and you can host it yourself, which means you have full control over your data.
No need to pay hefty fees for similar services. With ShareTOTP, you get all the features without spending a dime.
I'd love for you to check it out, give it a star ⭐️ on GitHub, and maybe even contribute if you're up for it. Whether you're a developer or just interested in open-source projects, your help is super valuable.
Check out ShareTOTP on GitHub
Thanks
https://redd.it/1apxclf
@r_SelfHosted
Tutorial for creating a USB-key backup
Hello folks,
I recently have decided to backup my system on a USB-key in order to benefit from a backup in case of a fire or whatever should destroy my whole homelab. It is the last part of my backup strategy. I keep the USB key in my pocket with my keys, protected by a 32-character password, itself protected by vaultwarden. I wanted to share that experience here. I am no technical guru, so there might be better ways to achieve that result.
In order to protect the key, I have installed `gocryptfs`, which permits to create encrypted disks. I have mounted the key on `/mnt` and encrypted it : `sudo gocryptfs -init -xchacha /mnt`. I keep the password in a file `/home/eric/sauvegarde/.pass`.
When running that last command, two files are created on the key : `gocryptfs.diriv` and `gocryptfs.conf`. The last one includes a password-encrypted master key, so I prefer to move it from the key to the directory on the host where I keep the backup scripts : `sudo mv /mnt/gocryptfs.conf /home/eric/sauvegarde`. The support key is now ready. I can run the first backup. I have created the following script :
#!/bin/bash
mount -U <UUID> /mnt
mkdir /srv/copie-ext
gocryptfs -config /home/eric/sauvegarde/gocryptfs.conf -passfile /home/eric/sauvegarde/.pass /mnt /srv/copie-ext
rsync -artucv --delete-during --progress /srv/hdd/nas /srv/copie-ext
fusermount -u /srv/copie-ext
rm -r /srv/copie-ext
umount /mnt
In that script, the first line declares that the script is written in bash (shebang).
The second line mounts the key as an unencrypted support.
The third line creates a directory where I will map the key as an encrypted support and the fourth maps it. Let's dig down that line :
* `-config /home/eric/sauvegarde/gocryptfs.conf` indicates to `gocryptfs` the path to the initial configuration file of the key,
* `-passfile /home/eric/sauvegarde/.pass` gives the password to `gocryptfs`,
* `/mnt /srv/copie-ext` indicate the paths of the key and where the encrypted directory will be mapped.
Now I just have to run `rsync` as usual (fifth line) in order to copy the content of `/srv/hdd/nas` (the data I want to backup) to `/srv/copie-ext`, our target repository.
When the `rsync` process is over, I can unmount the encrypted directory with command `fusermount -u`. Then the directory `/srv/copie-ext` is empty and I can supress it, and unmount the USB key, to carry it with my keys.
I have my backup with me.
Feel free to improve that tutorial.
https://redd.it/1apw2k8
@r_SelfHosted
need secure hosting setup for external contractor
hello,
I am looking to setup a server for a contractor (joe) for software work. So that he can work on our software but cannot copy or share the code and files.
This seems to me to be a very standard use case so I was wondering if there is something like this prebuilt (aws/gcloud/any other provider or vm template, etc.)? or do I need to set it up from scratch?, is there any guide for this?
I guess the requirements for the server would look like below:
\- no outgoing internet allowed. joe cannot access github or so from the server.
\- a shared folder on the server which can be read/write from outside by anyone/joe, but joe has only has read access to this folder from within the server, so joe cannot copy files there.
\- only admin can copy any files out of the server
\- joe cannot change these rules.
https://redd.it/1aprksj
@r_SelfHosted
End Of General Availability of the free vSphere Hypervisor (ESXi 7.x and 8.x) (2107518)
https://kb.vmware.com/s/article/2107518
https://redd.it/1apoef1
@r_SelfHosted
Advice for setting up server/NAS for Jellyfin
I'm looking for advice on setting up a home server or NAS to host Jellyfin. I'm not planning on doing anything other than streaming around the home, 99% of the time only 1 stream but never more than 2. I also don't want to have anything on my main PC as I don't want to leave it running all the time.
I was looking into a NAS to do this as I've read that a NAS can host Jellyfin, but the cheapest new options I could find were around $500 CAD (I'd like at least 4 bays). I also read some concerns online about the performance of a standalone NAS setup when streaming 4k, but not sure how true that is.
Then I started looking into just building my own NAS, but at that point figured I might as well build a small server, but was a little put off by how large the case would be in order to get multiple drive bays.
Then I started looking into hosting off something like an NUC, but they seemed kinda pricey and I'd still need a storage solution like a NAS anyway so that blows my budget out of the water.
Anyway, needless to say I'm a little lost as to which route I should go. Ideally I want something small and expandable without costing a fortune. Anyone have any tips/suggestions here? Thanks in advance!
https://redd.it/1apkazv
@r_SelfHosted
My Overkill In-Depth Settup
https://redd.it/1apfcas
@r_SelfHosted
Question what is the best configuration of a DDNS?
Hi self-hosters
I am a networking noob, but I want to expose my self-hosted application to be remotely accessible. I am aware there are multiple options, but I am considering DDNS and wondering how to best configure it? Meaning which device to place the DDNS on? The router with ports’ forwarding configurations? the application server? and what is the pros and cons for each?
Any guidance or pointer would help.
Thanks
https://redd.it/1ap8k6j
@r_SelfHosted
Self-hosted Python news sender script to Kindle
Hi everyone !
As the title suggests, I have developed a Python script that will read a list of RSS news that is given by user as input, package them as a MOBI/EPUB file, and then send it to kindle via it's mail address. It does so using Amazon's whispersync with the desired custom frequency (for example at the same time everyday). The script was initially developed by model-map and posted in this subreddit, however he removed the repo and the code was limited to MOBI and hard to use.
Given that Amazon discontinued sending MOBI files via mail, I have altered the script and bundled it as a docker image such that other users may use it via simple docker CLI. For emailing, it uses SMTP. I have added support both SSL (gmail for example) and TLS (gmx for example).
Repo link with more details: https://github.com/gabrielconstantin02/news-sender-kindle
If you are interested in using it/contributing, check out the readme file or feel free to contact me. Hope it helps :)
https://redd.it/1aoz6pv
@r_SelfHosted
Introducing Teemii 😸 - A Reader, A Downloader, and A Manga Management Tool!
​
https://preview.redd.it/mt010yb7j3ac1.jpg?width=2991&format=pjpg&auto=webp&s=1b249efb09f6483725103cda3bdc8f7083e53a67
Hello Reddit! First of all, my best wishes to you all!
I don't know about you, but I've always found it hard to adapt to the different applications/sites for managing and reading manga. That’s why I crafted Teemii, envisioning a more functional, simple, yet comprehensive solution. I wanted Teemii to be more than just a tool, I wanted it to be a truly personal, visually appealing and comprehensive platform for manga fans.
What Makes Teemii Unique?
Of course, there is still a lot of work to be done, and Teemii is far from perfect. But it seamlessly integrates library management, reading, download and metadata into a single experience. It's designed to be both easy to use and aesthetically pleasing.
Key Features of Teemii
All-in-One Platform: Manage your library, read, and download manga all from one place.
Elegant User Interface: Enjoy a visually appealing platform that makes manga management a delight.
Powerful Suggestions: Discover new titles with Teemii's focus on suggesting fresh content, tailored to your preferences
Download Teemii
Teemii is open-source and can be build from Github
The Docker images are available here: [docker hub](https://hub.docker.com/repositories/dokkaner)
You can find some help here: https://docs.teemii.io/
​
Join the Teemii Community
Have thoughts or feedback? Don't hesitate to ask here or at: https://github.com/dokkaner/teemii/discussions
​
A Final Word
This launch is an important step for me. It's a side project that I've been working on for a long time, initially out of curiosity, but in which I've invested a lot. What's more, I'm preparing a lot of features in the next releases. In the meantime, I would love some feedback, so let me know if you have any concerns so I can fix and/or improve this project.
PS: Teemii is actually the name of my cat. Like many of us, I sometimes worry that he might leave sooner than expected. Giving his name to this project is my way of immortalising him in some way. 🐱
https://redd.it/18x1l9p
@r_SelfHosted
Sharing some PI alternatives for those who dont want to spend a lot (VIM1S, Le Potato)
https://www.youtube.com/watch?v=aKmKo_Ua7rQ
https://redd.it/18wuhjq
@r_SelfHosted
So is Immich stable enough to use now? I've been seeing a lot of threads about breaking update changes
I currently use PhotoPrism for my last 15 years of photos/videos which I'm fairly satisfied with. I honestly just rarely look at photos older than what's also stored on my iCloud Photos (last 3 years) so my main priority is just being my main backup source.
So I used an app called PhotoSync to automatically sync photos to my Unraid server in the background, but I've been having issues with it for the last few months. I can do a work around of syncing to my desktop manually, then moving the files to my server, but it's not ideal.
Anyway, I'm thinking of switching to Immich because it has an app for backing up photos and people seem to prefer it over PhotoPrism. Plus I'm not crazy about PhotoPrism's model of paid features on a self hosted app.
However, I keep seeing threads about breaking changes in the new update so I've been avoiding trying it.
- My main question: does it seem like those changes are over and it's worth switching to now? Or should I wait?
- As an aside: I prefer to store my files as \YYYY\YYYY-MM-DD_HH-MM-SS.ext, can Immich support my existing files and continue to store in that format? I'm seeing it seems like it was added in v1.79.0 but it's still a bit unclear to me.
- Also: I'm hoping I could also move my hundred or so PhotoPrism albums to Immich, I found this tool anyone try it with any success?
https://redd.it/18wrz3k
@r_SelfHosted
Monitoring Indoor Air Quality with Prometheus, Grafana and a CO2 Sensor
https://itnext.io/monitoring-indoor-air-quality-with-prometheus-grafana-and-a-co2-sensor-6c7fb73f6048
https://redd.it/18wp6kq
@r_SelfHosted
Is this the correct way to backup with rsync?
I edited cron file on a headless Debian server, to back up my entire computer to a Synology NAS on my same network
0 2 * * * rsync -ax / --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found"} USER@LOCAL_IP:/volume1/BACKUP/SERVER>
Am i doing something wrong? I just want to have full backup of my server, in case internal disk die.
https://redd.it/18wlmw5
@r_SelfHosted
Best AM4 motherboard for home server?
I'm not sure if this is a good place to post this, but I'll give it a shot. I'm working on building a home server and I plan to repurpose some old hardware that I have laying around. Currently I have a Ryzen 3700x and 16 gb off ram, but no motherboard. I mostly plan to use the server for jelly fin and a nas with about 6 hard drives. I also want to play around with VM's and dockers. I'm trying to do the whole thing on a budget so I'd like to keep the motherboard under $150, but I'm willing to spend more if necessary. What would be a good motherboard with plenty of sata ports and pcie lanes? Also how important is a graphics card for what I'm doing? I have a 2070 super I could use, but if that would be over kill I'd rather use it for something else and get something like a gt710 just to get a video output.
https://redd.it/18wkt54
@r_SelfHosted
Sophos Free Firewall Home Edition
Anyone using it? Good? Bad? Downsides?
https://redd.it/18wezwc
@r_SelfHosted
Backblaze Drive Stats for 2023
https://www.backblaze.com/blog/backblaze-drive-stats-for-2023/
https://redd.it/1apxr1p
@r_SelfHosted
I have these 32 port GSM GOIP Gateways what to do with them?
https://redd.it/1apva4q
@r_SelfHosted
Bitwarden over cloudflare tunnel
Is it possible to set up biwarden without generating ssl certificates? Will cloudflare encrypt traffic going through a tunnel, so I wouldn't need to do it my self?
https://redd.it/1apoqr2
@r_SelfHosted
AWS SES production access for home use
Does anyone use SES for homelab and self hosted services use in a non-business environment? They keep denying my production access requests despite clearly outlining each self hosted service which would use their service and the extremely small email volume which I would give them; 90% of which would go to myself. I even sent them my documentation for my homelab. Sandbox limits would be fine except each recipient needs to be verified. I wanted to use SES since many other providers and my current one offer limited free plans then jump to a base of $10-15 per month for 10-15k emails (way overkill). Is non-business use forbidden? If not, what else do they want from me to prove I’m not going to use it for spam?
https://redd.it/1apnksy
@r_SelfHosted
What security practices would you recommend?
Hi, I'm very new to this and a few days ago I was watching a Youtube video about someone's server and he mentioned how a lot of people don't know how to secure their home servers. I currently only have a Pi-hole with Unbound on my Ubuntu server, but want to keep adding stuff. The thing is, I don't want to have sensitive information/files in an unprotected server because of my own negligence, so, as the title says: what are some basics about server security you would mention to someone new to the world of self hosting? Thanks!
https://redd.it/1apdsx2
@r_SelfHosted
Getting reported as dangerous site in google
Hi all,
Long time lurket, first poster. I have been home labbing for years, first as all round computer engineer and later getting more into development and private and public cloud. These days working as a solution architect/enterpris architect but I just can't stay away from tinkering with stuff and running my own setup (as a background). I like to learn new stuff and test new software to keep up with the fast development.
Current setup:
On bare metal hosted servet externally at a famous local hoster.
One local bigass Linux box with docker.
Traefik setup with *.host. myvanityname.ext per host and then some *.myvanityname.ext. Users are my family and couple of close friends and family. Usual stuff like emby, grocy and some other stuff i host for them. I use Let's encrypt DNS wildcard SSL for it and a friend gets *.sub.myvanityname.ext.
In recent months, several of those dns names have been picked up by google as dangerous site (big ass red worning if you try to access it, with emby really standing out (also most used to be honest). Has anyone has experience with that happening and possible reasons? I secured the setup further for as much as I could and was monitoring to check if maybe one of the community plugins was dodgy but nothing stands out and I am a bit at loss to be honest 😬 Any good ideas?
https://redd.it/1apdqnc
@r_SelfHosted
Netmaker quietly killing their free tier. Go figure
I got an email today stating they'll be killing the free tier. Not certain it means they're killing self hosting but I doubt there'll be resources put towards it in the future.
No blog post or update on the website about either.
https://redd.it/1ap3gp6
@r_SelfHosted
My dashboard, now with descriptions
https://redd.it/18xgcsu
@r_SelfHosted
Introducing Recipya: The Clean Recipe Manager
Hello everyone! I am pleased to finally show the world Recipya, the recipe manager software I have been working hard on since my first commit in May 2021. You might wonder why another recipes manager when we've got Tandoor, Mealie, Paprika, Grocy, Cooklist, Grossr, and a *whole lot more*? The answer is simple: none of them satisfied my needs. Either they weren't free and opensource, had too many features I did not need, their frontend was slow, or they were too hard to install. Although I do have to admit Tandoor recipes is the king after having discovered it a few months back.
And thus I started this ambitious project in Go. The goal was to create a simple, clean and powerful recipe manager my whole family can enjoy. As with every other such solution, you can add recipes to your ever-growing collection of recipes, create cookbooks, view and print recipes. One big feature that Recipya from the others is its measurement systems module. Essentially, the software can convert all new recipes to your preferred measurement system, either the insatiable imperial or the mighty metric. Gone are the times when you convert all your teaspoons and cups to grams. Another powerful feature is the website scraper. Most other solutions are written in Python and thus use the hhursev/recipe-scrapers package to import recipes from around the web. As there are none written in Go, I decided to create my own from scratch. It is extensively-tested and fully supports 264 websites at the time of this writing. Another cool feature of Recipya is the automatic calculation of the nutrition facts per 100g when adding a recipe. Check out the feature tour to learn everything the software can do.
Please give it a try! No worries if this software isn't for you :) The easiest way is to try the demo. Other ways include installing the v1.0.0 release locally or with Docker. You can follow the installation instructions.
And this marks the beginning of Recipya's journey. Contributions are encouraged and welcome. The roadmap is available here. Thank you!
https://redd.it/18wy55c
@r_SelfHosted
Vultr or DO or Linode
I want to use appwrite selfhosted as my app backed.
Based on your experience what is the best between these to host my server(Vultr ,Digitalocean, Linode)?
Im expecting a high load and requests from my app.
https://redd.it/18wud3b
@r_SelfHosted
eBook reader/server with note taking?
I've been using Kavita to read some ebooks recently, but the bookmark feature doesn't work like I thought it would. I'd like to highlight certain lines and store them with links back to said lines for use as quotes or reference later. Like dogearing a page with highlighted sentences in it.
https://redd.it/18wnm6c
@r_SelfHosted
VPN kill switch: how to do it on Linux
I wanted to implement a 100% reliable VPN kill switch for my IoT devices: prohibit any outgoing traffic when a VPN is not active. After doing quite a bit of research I found a solution that uses Linux policy-based routing. This works for OpenVPN and Wireguard, and should also work for any VPN that uses exactly one port for the communication. The local traffic is not affected by
the switch.
Hope this helps someone configure a VPN kill switch for apps/IoT devices/etc. There is also a section about Linux policy-based routing which is useful on its own.
If you plan to try this on the router, please make sure to test it first and then enable on boot :-)
https://staex.io/blog/vpn-kill-switch-how-to-do-it-on-linux
https://redd.it/18wnu2r
@r_SelfHosted
UPDATE: OneUptime - Self Hosted StatusPage.io + Incident.io + Loggly alternative.
OneUptime (https://github.com/oneuptime/oneuptime) is the open-source alternative to StausPage.io + UptimeRobot + PagerDuty. It's 100% free and you can self-host it on your VM / server.
NEW UPDATES: Here are some of the updates since I last posted on this subreddit.
\- Log Management is launched! You can now use OpenTelemetry to store logs in OneUptime. We're also adding fluentd support soon so you can ingest logs from anywhere.
\- We're now working on Traces and Metrics more APM features coming soon.
\- After hearing feedback from this community, we're in the process of merging all of 20 different oneuptime containers into one so it's easier for people to self host and takes a lot less resources. This is already midway and should be complete by end of Feb.
\- Docker Compose file is in the repo and Its now on ArtifactHub: https://artifacthub.io/packages/helm/oneuptime/oneuptime and you can try it out on your K8s clusters.Looking forward to hearing what you all think!
\- We hear you! Please let us know what features you're looking for and we will build it for you.
https://redd.it/18wmx16
@r_SelfHosted
Visualize Data from any source?
Hello,
my first post here. I am pretty new to selfhosting stuff, despite beeing in IT (systemadministration) for almost 10 years now.
Currently I have a small proxmox server (Intel N6000 based mini PC) and have a new goal:
I want to host a platform/dashboard where i can visualize and play around with data from various sources like APIs, Databases or simple csv/txt files.
My project: I am wearing a garmin fitnesstracker for around 5 years now and i want to show the changes of metrics over the last years in a Dashboard (i.e. steps / week, kilometers run / weeks etc)
I am thankful for any kind of input i get from you guys.
Have a great 2024 and thanks a lot!
https://redd.it/18wkwuo
@r_SelfHosted
Files on demand Android to SMB shares (or webdav)
I currently sync select folders to and from my home nas over Tailscale via the (awesome) FolderSync android app. Great solution to push new DCIM content to my NAS automatically and also 2-way sync my Documents folder for easy access from mobile.
FolderSync is great for setting up folder pairs in simple relationships like this.
However I'm curious if any SMB sync apps also include a browser functionality with the ability to cache recently access or pinned files (like Files On Demand in OneDrive / SharePoint / Google Drive).
I believe SeaFile and Nextcloud both offer functionality like this but would love to keep the server side drop dead simple as it is with pure SMB shares accessed over Tailscale. I'm not opposed to switching to a webdav client if that makes this easier.
Any thoughts or other simple alternatives here?
https://redd.it/18wj1dc
@r_SelfHosted
