A mini/micro PC alternative...
Hey self host friends, not sure if anyone has ever done the same thing but I wanted to share my experience.
Recently I had two of my Beelink SER5 computers go down. They died due to an internal power supply failure. A good amount of my critical home services lived on those boxes and luckily I had backups of the VMs. But what I decided to do was look into a more robust solution.
I landed on the Mac Pro 6,1... the 2013-2019 trashcan version. I was fortunate to find two of them with the top of the line processors and 128gigs of DDR3 Ram for under $1000. Both also had 2TB of SSD.
Not trying to brag but just trying to let people know that this does work using Proxmox. So for I have loaded my entire lab onto both of them (43 vms total) on both with 0 issue.
If you have any questions I will do my best to answer.
https://redd.it/1qm6r0n
@r_SelfHosted
who told journalists about self hosting?
https://redd.it/1qlzjs5
@r_SelfHosted
SelfHosted voicemail with AI spam filter
https://redd.it/1qln2ys
@r_SelfHosted
D-Dash: A self hosted dashboard with Caddy integration.
https://redd.it/1qlc8b8
@r_SelfHosted
Ignidash - An open source & self-hosted alternative to ProjectionLab for simulating your long-term personal finances
https://redd.it/1ql7q71
@r_SelfHosted
Demonstration of how serviceable a self hosted & entirely local (no external API's) voice assistant can be (homeassistant voice + local LLM + jabra 410) - have entirely replaced my Alexa devices and handles both simple and complex commands (detailed within)
https://streamable.com/jsc46s
https://redd.it/1ql1429
@r_SelfHosted
Pangolin 1.15: iOS and Android apps, device approvals and posture, stability, and more
Hello everyone,
One year ago, in January 2025, we unleashed the very first beta of Pangolin and today, we are thrilled to release Pangolin 1.15.0. This update officially takes Private Access out of beta and introduces some heavy hitters: iOS and Android apps, device fingerprinting, posture tracking, and more. We can't believe it has been 1 year!
For those who don’t know, Pangolin is an identity-aware VPN and proxy for remote access to anything, anywhere. It’s like an open-source alternative to Cloudflare Tunnels and Twingate.
* Github: [https://github.com/fosrl/pangolin](https://github.com/fosrl/pangolin)
* Blog and video: [https://pangolin.net/blog/posts/1-15-0-release](https://pangolin.net/blog/posts/1-15-0-release)
# iOS/iPadOS and Android
[iOS app screenshots](https://preview.redd.it/b4mzuhswo5fg1.png?width=3780&format=png&auto=webp&s=a2d8ca4c9dbdc269d445de495e210ca090f83990)
Developing for mobile is a journey through the seven circles of... well, let’s just call it "challenging." Beyond the technical hurdles, there’s the arduous dance with Apple and Google to get through the App Store gates.
After weeks of refreshing our developer dashboards, the wait is over. You can now take your zero-trust network on the road:
* **iPhone and iPad**: Download on the [Apple App Store](https://apps.apple.com/kz/app/pangolin-client/id6757407406).
* **Android**: Download on the [Google Play Store](https://play.google.com/store/apps/details?id=net.pangolin.Pangolin).
# Device Fingerprint and Posture Collection
[Screenshot of dashboard showing device fingerprint and posture info with pending approval](https://preview.redd.it/vecygwt6m5fg1.png?width=4520&format=png&auto=webp&s=6eecc6978a27650ce0ce694d8f9a0ec442a5bc79)
Long-time users likely remember Olm, our Go-based client (named after the small, cave-dwelling salamander). Olm is the workhorse under the hood, handling all of the networking like holepunching and NAT traversal to websocket enforcement.
We architected Olm to be as headless and portable as possible, which allowed us to use it as the "brain" for all of our clients across Mac, Windows, Linux, and iOS and Android. In addition to the Olm core, now each client can collect specific device data.
**What is fingerprinting?** It’s like a digital ID card for your hardware. We collect identifying info like serial numbers, OS versions, and hostnames. This helps you distinguish between "My Work Laptop" and "My 4th Replacement Laptop," and it ensures that if you block a device, it stays blocked.
What are posture checks? Fingerprinting tells us who the device is; posture checks tell us if the device is healthy. We look for security vitals like: Disk encryption status, firewall status, and antivirus activity.
# Device Approvals
[Screenshot of dashboard showing pending device approvals feed](https://preview.redd.it/kp6cm5zbm5fg1.png?width=4524&format=png&auto=webp&s=601f22bf7a68a5777ac0631d5c3c515892882af2)
Previously by default, a user could connect any number of devices as long as they could log in with an approved account. With version 1.15, we are extending zero-trust to the hardware layer by introducing Device Approvals.
When enabled on a user’s role, Pangolin shifts to a "deny by default" stance for new hardware. Even with valid credentials, a new device is entirely blocked until an admin decisively approves the connection. We’ve also added an Approvals Feed to the sidebar where you can see a running log of pending requests.
# Device Blocking and Archiving
Have a device that’s gone rogue or been lost? You can now officially Block it via the Action Menu (three dots). This moves the device to a restricted list and kills its access immediately.
You’ll also notice you can’t "delete" a device; you can only Archive it so that Pangolin can keep a permanent record of every device that has touched your resources.
# Give it a try!
* Try for for free on [Pangolin Cloud](https://app.pangolin.net/auth/login).
* Self-host the [Open Source
Self-hosting Weatherstar 4000 as Plex channel, can't get Plex to load the channel
Hi all, I figured I would ask this here as Plex is a bit of a dumpster fire these days but I'm sticking with it because my family likes it.
I have a single Docker host that runs my Plex server, and I also set up a local instance of Weatherstar 4000 and WS4Channels so I could add the m3u stream from WS4Channels as a tuner in Plex (under Settings > Manage > Live TV and DVR). The WS4Channels are pretty simple in that you go into the Live TV and DVR settings in Plex, click the link to add a manual device, and enter the URL of your stream, which is http://<my LAN docker host IP>:9798/playlist.m3u. I have tested this URL in my own web browser and successfully played it with VLC, and I also docker exec'd into the Plex container and verified I could cURL the URL successfully. Nevertheless, whenever I add that same URL in the Live TV settings in Plex it just says "There was a problem adding the device: http://<my docker host IP address>:9798/playlist.m3u".
I noticed that the Plex docker compose instructions have network_mode: host, so I set that in WS4Channels, but I have the same issue.
What's really weird is I accidentally pasted the GitHub URL of Weatherstar 4000 in the Live TV setup once and it actually added a tuner. I attempted to proceed and it just got into some crazy loop between two of the setup steps.
Has anyone gotten this working? Here's some relevant docker-compose.yml snippets.
plex:
image: `lscr.io/linuxserver/plex:latest`
container_name: plex
network_mode: host
environment: - PUID=1000 - PGID=1000 - TZ=America/New_York - VERSION=docker - PLEX_CLAIM= #optional
weatherstar4000:
container_name: weatherstar4000
image: `ghcr.io/netbymatt/ws4kp`
ports: - 8080:8080
environment: - KIOSK=true - WSQS_latLonQuery="Mytown MyState USA" - WSQS_hazards_checkbox=true - WSQS_current_weather_checkbox=true
ws4channels:
container_name: ws4channels
image: `ghcr.io/rice9797/ws4channels`
environment: - WS4KP_HOST=<my docker host IP> - WS4KP_PORT=8080 - ZIP_CODE=90210 - CHANNEL_NUMBER=275
network_mode: host
https://redd.it/1qks8ek
@r_SelfHosted
Introducing Urocissa 2.0 - A lightweight open-source photo gallery that handles 1M+ photos smoothly on limited hardware
https://redd.it/1qkpuz3
@r_SelfHosted
TrustTunnel - Adguard VPN now opensource !
Hi everyone !
I just saw that AdGuard is open our VPN Protocol (based on HTTP 2/3 & QUIC) TrustTunnel !
See : https://github.com/TrustTunnel/TrustTunnel
and : https://www.reddit.com/r/Adguard/comments/1qj3j4v/we\_kept\_our\_word\_trusttunnel\_vpn\_protocol\_is/?utm\_source=share&utm\_medium=web3x&utm\_name=web3xcss&utm\_term=1&utm\_content=share\_button
https://redd.it/1qklwt3
@r_SelfHosted
Eliminate All Sorts of Spam with RspamD
So,
For a longer while i had websites being targeted with obvious trustpilot/seo/optimize email scams that just kept going and going and going. Even on one hour freshly raised domains they where able to find the email alias just like that to bombard with spam.
I was using RspamD but the lack of proper blocking kind of made me wonder, if i could customize it the way i want it. This trick will actively block any future of these BULLSHIT emails for you, your clients and much more.
First, you need RspamD. If it's setup and working, good. Here's the installation requirements through SSH:
mkdir -p /etc/rspamd/mapsnano /etc/rspamd/maps/blocked_keywords.mapInsert:/you won (a|one) million/i/work from home and earn/i/crypto( )?giveaway/i/urgent( )?invoice/i
# 2) Add multimap rules (subject + body)
Create or edit:
nano /etc/rspamd/local.d/multimap.conf
Add rules like these:
# Block by SUBJECT
BLOCKSUBJECTKEYWORDS {
type = "header";
header = "Subject";
map = "regexp;/etc/rspamd/maps/blockedkeywords.map";
prefilter = true;
action = "reject";
message = "Rejected: blocked subject keyword";
}
# Block by BODY (text parts)
BLOCKBODYKEYWORDS {
type = "content";
filter = "body"; # body/text extraction
map = "regexp;/etc/rspamd/maps/blockedkeywords.map";
prefilter = true;
action = "reject";
message = "Rejected: blocked body keyword";
}
Test/reload the stuff:
rspamadm configtest
systemctl reload rspamd 2>/dev/null || systemctl restart rspamd
Now start adding regex entries like these into, /etc/rspamd/maps/blocked_keywords.map:/SEO-audit/i/Website SEO/i/mobile app/i/Boost Brand Credibility/i/google rankings/i/SEO- en Google/i/india/i/positive response/i/premium websites/i/web development/i/Send Proposal/i/social media strategies/i/service provider company/i/buy reviews/i/missing Google traffic/i/𝐫𝐚𝐧𝐤/i/free analysis report/i/your details on Google/i/page #1/i/increase daily traffic/i/business on Google/i/customer inquiries/i/Medical Apps/i/Finance Apps/i/Full Proposal/i/Search Engine Optimization Service/i/Google Submissions/i/SEO Strategy/i/seo\s+campaign/i/graphic\s+design/i/welcome\s+discount/i/seo\s+work\s+scope/i/on\s+sale/i/hire\s+web\s+expert\.?/i/(boost[\s\-_.]*engagement)/i/(re:\s*forward)/i/(free[\s\-_.]*analysis[\s\-_.]*report)/i/(remove|delete|take\s*down|neutralize)\s+(unfair|misleading|harmful|negative)\s+reviews?/i/(policy\s+violations?|violat(e|ing)\s+polic(y|ies))\s+.*\breviews?\b/i/\bgenuine\b.*\bpositive\s+reviews?\b/i/\bwell[-\s]*written\b.*\bpositive\s+reviews?\b/i/\bstrengthen\b.*\b(profile|listing)\b.*\bpositive\s+reviews?\b/i/\bprotect\b.*\b(reputation|business\s+image)\b.*\breviews?\b/i/\breview\s+specialist\b/i/\breputation\s+management\b.*\breviews?\b/i/\boutsource\s+(your|the)\s+work\b/i/\binterested\s+to\s+outsource\b/i/\bwork\s+with\s+us\b.*\boutsource\b/i/\bshare\s+your\s+(site|website)\b.*\b(requirements|requirement)\b/i/\bso\s+that\s+we\s+can\s+discuss\s+further\b/i/\bdigital\s+marketing\s+agency\b/i/\b(website|web)\s+(design|development)\b.*\b(seo|smo|ppc)\b/i/\bseo\b.*\bsmo\b.*\bppc\b/i/\b(smo|ppc)\b.*\bseo\b/i/\bproviding\s+services\s+like\b/i#You can harden it through this for example:/(graphic[\s\-_.]*design)/i/(seo[\s\-_.]*campaign)/i/(on[\s\-_.]*sale)/i
Restart, and watch the glory happen. You can finetune accordingly and watch the logs of what actually is being rejected. Spamassassin and such barely work because with newly created domains you can copy it all over the place which is not a ideal thing. Above works and instantly after they got Blocked messages they start to adept using AI. I'm actively blocking this through the use of such
Thanks
Hey all, first time poster long time lurker. I just set up a sizable unraid server at home, and I’ve been learning so much and getting so much out of the posts on this sub. I really just wanted to say thank you for all the folks who post and moderate on here. This has been such a valuable resource as I’ve waded into self hosting, and I’m having such a blast. Really, thanks yall.
https://redd.it/1qki6ko
@r_SelfHosted
I’m very new to this… is this a good mini pc to use for hosting a Jellyfin server for 3 users?
https://redd.it/1qkhcyy
@r_SelfHosted
Open source products for visualizing docker networks
Hi Community,
Like many others I have over time build many networks, private vpns, third party vpns, tunnels, etc. I there any open source solution to visualize the traffic flows in these bandwidth used, etc.
eg. quickly check which containers are connected to which network, how much is the traffic flowing between these containers, open ports internal/external, etc
https://redd.it/1qkbexn
@r_SelfHosted
Self-hosted alternative to Gmail's soon-to-be deprecated External Accounts and Gmailify features?
Hi all,
Can anyone recommend a self-hosted alternative to Gmail's soon-to-be deprecated External Accounts and Gmailify features? FOSS preferred.
If you don't know, Gmail allowed unifying multiple accounts, even from external service providers, into a single unified interface, and it fetched emails via POP3 or API.
Forwarding won't work as not all accounts support SRS, and deliverability sucks even on a good day.
https://redd.it/1qk9jbp
@r_SelfHosted
How do you prefer to deploy services?
(I’m really not sure that is the right flair for this poll, sorry if I chose the wrong one. )
View Poll
https://redd.it/1qlw8ln
@r_SelfHosted
Booklore turns 1 year 🎂 - v1.18.5 released!
Hard to believe it’s been one full year since I started Booklore.
What began as a small personal project (just a grid of books, a basic reader, and downloads) has grown, largely thanks to feedback from this community, into a solid self-hosted book server used by thousands of people.
Over this past year, Booklore has reached:
9,200+ GitHub stars ([https://github.com/booklore-app/booklore](https://github.com/booklore-app/booklore))
\~500 forks
85+ contributors
Huge thanks to everyone here who’s tested it, opened issues, suggested features, or contributed code. The self-hosted community played a big role in shaping where the project is today.
If you’ve been running Booklore and finding it useful, I’d really appreciate a ⭐ on GitHub, let’s see if we can push it to 10k stars as a 1-year milestone.
v1.18.x highlights
This release marks one of the biggest steps forward so far:
New ebook reader (Foliate.js based**)** Clean, responsive reader with support for EPUB, AZW3, MOBI, and FB2, plus highlights, notes, and bookmarks.
Streaming ebook reading (beta) Large ebooks (cookbooks, textbooks, etc.) can now be streamed page-by-page instead of loading the entire file.
Optimized PDF & CBZ streaming PDFs and CBZ/CBX files stream pages directly without full extraction, much faster for large files.
Progressive Web App (PWA) support Install Booklore as a PWA for a cleaner, app-like reading experience.
More improvements are already in progress, but I wanted to mark the 1-year point, share the latest release, and say thanks again to everyone running Booklore at home.
Links:
Website: https://booklore.org
GitHub: [https://github.com/booklore-app/booklore](https://github.com/booklore-app/booklore)
Demo: https://demo.booklore.org (username: booklore | password: 9HC20PGGfitvWaZ1)
Discord: [https://discord.com/invite/Ee5hd458Uz](https://discord.com/invite/Ee5hd458Uz)
Support via Open Collective: https://opencollective.com/booklore
Feedback (and stars 😉) always welcome.
https://redd.it/1qluqek
@r_SelfHosted
A free and open-source tool to backup and visualize your long term Garmin data
https://redd.it/1qlhv8i
@r_SelfHosted
Thank you Mods .
This Friday thing is working out. Now we know when to come to visit our beloved selfhosted subreddit. Just ignore the Fridays . I hope for other days you will remain strict and vigilant. I know it's lot to ask, but I can only say a big thank you on behalf of real devs and the community for your hard work.
Thank you.
You guys acted like ocean clean up iniciative. ❤️
https://redd.it/1qlhbeh
@r_SelfHosted
qbitwebui v2.40.0 - now with cross seed, custom themes, file manager, RSS feeds and more
https://redd.it/1ql1v19
@r_SelfHosted
Community or Enterprise Editions](https://github.com/fosrl/pangolin).
* You can dive into the details in the [Official Documentation](https://docs.pangolin.net).
https://redd.it/1ql1b2v
@r_SelfHosted
BentoPDF … Any update?
Last week its developer posted here that they lost control of the bentopdf namespace on Docker Hub, leaving us with...
> DO NOT perform a docker pull bentopdf/
> DO NOT update your existing containers to latest
Comments in that thread indicated that such things are often quickly resolved w/Docker Hub. Yet, that post seems deleted, and the developer is silent on GitHub.
Any update?
https://redd.it/1qkxw0e
@r_SelfHosted
CLU v4.3 Release - Pull List, Weekly Releases, Auto-Downloads and Timeline
https://redd.it/1qkqm0u
@r_SelfHosted
yubal v0.2 - YouTube Music downloader now with playlists support
https://redd.it/1qknc0i
@r_SelfHosted
keywords.
NOTICE: Installation of above is risky, as misconfiguration can lead to email globally being blocked. Yes this will block globally on one specific server and all incoming email boxes emails like the above. But it's needed since the ever growing spam of trustpilot nonsense just keeps growing. Enjoy.
https://redd.it/1qklab6
@r_SelfHosted
What are your favorite “invisible” self-hosted services?
Curious to find more stuff that just quietly runs in the background while being really useful.
For me having an always up syncthing node has been a huge quality of life boost, as well as SMB shares that act as time machine locations for the family. restic on the server backing up to backblaze and pihole for the home network are also things that i don't think about every day but bring a bit of joy every time i remember they're still there doing their job :).
https://redd.it/1qkk8ld
@r_SelfHosted
Not enough people are talking about Storyteller
https://storyteller-platform.gitlab.io/storyteller/
This thing has changed how I read. I'm surprised I don't see it mentioned often on here.
For those that don't know, Storyteller creates epub 3 files (.epub) that syncs your drm-free audiobooks and ebooks. You can listen and read along at the same time as it highlights each sentence. You can listen as an audiobook or read as an ebook and wherever you leave off is synced to the other. It's essentially Amazon's whispersync but for your own files.
There's 2 parts - the self hosted server you upload your drm-free ebooks and audiobooks to. It then creates a new epub 3 file (.epub) that has both the audio and ebook in one. You can then open that file in the Storyteller Android or iPhone app. There's other apps out there that can read these files with both audiobook and ebook but I've found the Android Storyteller app has worked the best for me. I also like it since when I'm home, it'll connect to the server so I can see my entire library and can download new epub 3's I've already created without switching apps.
I could never find where I left off when doing audiobooks and ebooks but this solves that problem for me. I have ADHD so I can sometimes struggle to sit down and read for long periods but I've found that listening to the audiobook while I read is a game changer.
Currently read and listen on my phone but am considering something like a Boox Palma which is an ereader but also runs Android.
https://redd.it/1qkhzzs
@r_SelfHosted
What's the one self-hosted service you'd never go back to the cloud version of?
Been self-hosting for a couple years now and curious what services have become completely irreplaceable for everyone here.
For me it's my password manager (Vaultwarden). The peace of mind knowing my credentials are on my own hardware is something I can't give up anymore.
What about you? What's the one thing you'd refuse to go back to a cloud service for?
https://redd.it/1qkdiyq
@r_SelfHosted
Setting up self-hosted Obsidian, need some assistance.
TL;DR: I'm trying to set up a self-hosted Obsidian page/bault as a gaming wiki for the systems we play that can be accessed outside of my home network by going to my domain. I also want to block any bots or malicious actors from accessing my server.
I know the easy solution is to use Tailscale, and if it comes to that I'll go that route.
What I really want to do is configure things so friends can go to "gaming-dot-mydomain-dot-com" and access the wiki. I own the domain and have a Cloudflare account, but I'm having some difficulties understanding some of the nuances. This isn't my wheelhouse, and right now work stuff is absolutely melting my brain for learning.
I'm using this Obsidian container in Docker. I can get that to load fine on my local network.
That same page suggests using Sealskin and SWAG.
I thought I had Cloudflare pointed at my IP address, but when I try to access with a device not on my home network I can't get it to load. I went over the configurations a few times, and thought I had things such as the API token properly configured, but I'm clearly messing something up.
May be relevant I have Proton VPN Plus. Can I use that (tunneling, wireguard) to grant access outside my home network?
Tailscale
I have used this, and most of my friends would be fine installing the app, but I'd rather they not have to go through extra steps. I've set Tailscale up for access to my Komga library remotely, and I've given a couple friends access. With this gaming wiki, not everyone would be amenable to downloading and setting up Tailscale, viewing it as extra work.
I'm willing to accept that this is outside my area of expertise and that I should give up on self-hosting, but I want to give it a fair shot.
Thanks!
https://redd.it/1qk3hoa
@r_SelfHosted
The Self-Hosted University!
There is plenty of high-quality, self-hosted–related learning material on the internet, created by some really smart people. I was thinking about a well-structured curriculum or roadmap that recommends a learning path using these open-source resources, covering the necessary fields to achieve a master-level self-hosting skill set.
Do we have something like that, fellow self-hosted bros?
edit: skills like shell scripting, networking,etc
https://redd.it/1qk7iji
@r_SelfHosted
