Selfhosted

Hey Self Hosted!

Got a shower thought I wanna bounce off youse guys. It's half-baked but itching to become real: DIY Sonos-like surround sound using Raspberry Pis (or maybe other SBCs if Pi's not cut out for it). Need your brains to kick things off!

The Vision:

Server Pi

• Acts as the brain. Takes 5.1 audio input from the TV (SPDIF? HDMI? Still figuring that out).

Client Pis

Wireless speakers running balenaSound or similar. Each handles a specific channel (front left, rear right, etc.). I do picture each of these being connected to a amplifier board. With some fancy wiring to give Raspberry pi voltages and power required for the amplifiers. (Something like this: https://a.co/d/fwkXuCm)

The Hurdles:

5.1 Audio Input

Can a Pi even handle 5.1 audio input? Do I need a fancy sound card/HAT? Or should I ditch the Pi for something beefier?

Channel Remapping Sorcery

Wiring all speakers the same (e.g., left channel only) but using Linux wizardry to assign which channel each speaker plays. Like, plug in a "rear right" speaker, tell the Pi "yo, you’re rear right now," and boom—it works. Possible? Or am I dreaming?

Why? Swapping speakers without rewiring = less headache. Plus, modularity.

First roadblock: Getting clean 5.1 into a Pi. Second headache: Software channel routing.

Anyone tackled something like this before? Am I reinventing a wheel that’s already on fire?

I've been running my server without a firewall for quite some time now, I have a piped instance and snikket running on it. I've been meaning to get UFW on it but I've been too lazy to do so. Is it a necessary thing that I need to have or it's a huge security vulnerability? I can only SSH my server from only my local network and must use a VPN if I wanna SSH in outside so I'd say my server's pretty secure but not the furthest I could take it. Opinions please?

I'm still running a 6th-generation Intel CPU (i5-6600k) on my media server, with 64GB of RAM and a Quadro P1000 for the rare 1080p transcoding needs. Windows 10 is still my OS from when it was a gaming PC and I want to switch to Linux. I'm a casual user on my personal machine, as well as with OpenWRT on my network hardware.

Here are the few features I need:

• MergerFS with a RAID option for drive redundancy. I use multiple 12TB drives right now and have my media types separated between each. I'd like to have one pool that I can be flexible with space between each share.
• Docker for *arr/media downloaders/RSS feed reader/various FOSS tools and gizmos.
• I'd like to start working with Home Assistant. Installing with WSL hasn't worked for me, so switching to Linux seems like the best option for this.

Guides like Perfect Media Server say that Proxmox is better than a traditional distro like Debian/Ubuntu, but I'm concerned about performance on my 6600k. Will LXCs and/or a VM for Docker push my CPU to its limits? Or should I do standard Debian or even OpenMediaVault?

I'm comfortable learning Proxmox and its intricacies, especially if I can move my Windows 10 install into a VM as a failsafe while building a storage pool with new drives.

I am studying for my Network+ and my Sec+ hoping to shadow our Cyber Sec guy at work.

I want to set up a SIEM on my home network so I can be used to it's operations and how it works by the time I start messing with Pentesting stuff. Then I'm going to use it to try and track myself when I pentest myself.

I was looking into Graylog or Security Onion since they seem to have decent documentation (and I can find videos on how to set them up which is nice).

I was recommended building my own ELK stack and doing everything manually for maximum learning potential. Which I understand why this is a good idea, but I think I'd rather be as close to "baby's first SIEM" as possible or at least have a robust how-to guide.

What do you suggest?

Stunning docker ready open source status pages Host a status page for your website, api etc and give updates to your customers when things go wrong!

You can find the live demo at https://kener.ing/

cross-posted from: https://lemmy.world/post/27407351

When combined with today’s other vulnerabilities, CVE-2025-1974 means that anything on the Pod network has a good chance of taking over your Kubernetes cluster, with no credentials or administrative access required.

So I've got jellyfin all set up, but I'm having some issues with files downloading from qbittorrent and Knowing exactly how and when they get moved over, either the sonar or jellyfin repository, whichever is the final destination. This is important because my torrenting drive is separate from my media drive. I have noticed some shows and files staying on my torrenting drive while others go over to the media drive. And I'm and to figure out where the issue might be that's causing this, I think I need a refresher on exactly how and when these files are supposed to be moved over. Since I can't find any sort of documentation inside the apps.

Can anybody explain this to me like super simply? I just took an edible and it's starting to kick in, but I still want to figure this out. Thanks y'all!

Hi, I've tried running samba from docker compose on ubuntu server with this resource https://hub.docker.com/r/dockurr/samba I changed the default volume from "- ./samba:/storage" to "- /mnt/my_ext_hdd/my_dir/my_subdir" The container deploys fine, but I get permission error when trying to access the shared volume from windows? Anyone with some suggestionshoew to fix? Thanks

I am quite worried about losing information and not being able to recover it from the backups, so I am trying to nail the best automated way to make sure the backups are good.

Restic comes with a check command, that according to the documentation here has this two "levels":

• Structural consistency and integrity, e.g. snapshots, trees and pack files (default)
• Integrity of the actual data that you backed up

In plain words, I understand this as: The data you uploaded to the repository is still that data.

Now my question is, do you think this is enough to trust the backups are right? I was thinking about restoring the backup in a temporary location and running diff on random files to check the files match the source, but I don't know if this is redundant now.

How do you make sure you can trust your backups?

I'm hosting a few services using docker. For something like an openstreetmap tileserver, I'd like it to remain on my SSD because high speed improves performance, and the directory is unlikely to grow and fill the drive.

For other services like NextCloud, speed isn't as important as storage size, so I might want it on a larger HDD raid.

I know it's trivial to move the volumes directory to wherever, but can I move some volumes to one directory and some volumes to another?

I'm new to netbox and as far as I can tell there are two ways to combine Netbox with ansible.

• Automate network and Netbox with ansible. A playbook would configure a switch port and then use the Netbox ansible collection to modify Netbox to reflect the change. All changes go through Ansible.
• Use Netbox as the data source for ansible. A playbook pulls the switch configuration from Netbox and applies it to the switch using ansible. All changes go through Netbox.

What would be preferred? Both solve the Problem of having to change everything twice.

I saw this article earlier:

Tesla 'going bankrupt' is endpoint of protests, says local organizer

In the spirit of right to repair, self-hosting, giving a second life to old devices, and limiting data collection by car companies:

• What are some considerations?
• Are there any projects worth keeping an eye on?

An example that came to mind was Valetudo, which is a cloud replacement for vacuum robots enabling local-only operation. Some robot vacuums are easy to install this on, and others require more invasive modifications.

What I've found so far:

• FreedomEV, a project that was presented at FOSSDEM 2019 but doesn't have recent activity
• TeslaMate, which is a popular and active selfhosted data logger for Teslas, but not necessarily a replacement for the software

Saw that tab pop up sometime after the latest update. Loaded my shares to it and fired it up and its pretty sweet!

Was I mistaken in thinking that Music Assistant had the functionality of playing directly to the browser/app viewing the interface?

Hi guys!

The same way I hold some VMs for some apps I might not trust well enough to share with the rest of my OS/partition, I'd like to be able to do the same, but with LXC instead, possibly reducing overhead (and perhaps increasing ache in the head). I was wondering if the GUI Virt-manager can do this? It seems after installing libvirt-daemon-lxc, libvirtd, libvirt-client-qemu I'm able to connect to the LXC daemon in my system. However, I'm not sure how to follow a similar process as perhaps Proxmox, to build a, say, fully blown ubuntu LXC from a template. How should I do this?

Thanks!

My ISP uses CG NAT which is stopping me from reaching my internal network, so I'm thinking about using Tailscale to allow me to connect to my server and hence to my internal network.

But I'm not very comfortable giving 100% access to Tailscale to my internal network, so I was thinking if I could limit it only to what it requires to connect to the internet and to a wireguard service running in the same container. This would in turn connect to a wireguard server in the container's host and provide me with full network access.

I know, as long as they have a service running in the server, even if inside a container, they can always be able to access the host. But even do I would feel safer if at least tried to contain it.

Does anyone know if this is possible? And can it be done through Docker Compose?

For years I've on and off looked for web archiving software that can capture most sites, including ones that are "complex" with lots of AJAX and require logins like Reddit. Which ones have worked best for you?

Ideally I want one that can be started up programatically or via command line, an opens a chromium instance (or any browser), and captures everything shown on the page. I could also open the instance myself and log into sites and install addons like UBlock Origin. (btw, archiveweb.page must be started manually).

Just taking a minute to share this podcast with y'all. I know it's already in the sidebar here, but thought Alex & Chris deserve a shout out for their great show.

They talk about the week's news and their own experiences hosting at home. Listening to them talk tech makes me more confident about my hosting.

Hey all, I've got ZFS pool created and just create a VM drive in that pool like normal, then Jellyfin just has that drive mounted. I think I'm losing the best parts of ZFS through this manner.

How should I set this up properly? Create a media pool or something and have VMs accessing the pool directly?

Would this be useful if I wanted to setup Plex debrid on my jellyfin server? It has a couple of tmux sessions that randomly get killed. Would setting them up instead as pods work?

cross-posted from: https://lemmy.bestiver.se/post/287913

Comments

I have successfully installed (for the second time) a pi-hole on the raspberry 4B. But I also have failed to make pi-vpn works.

I would like some help or suggestions to setting up it correctly.

I also have a domain name through namecheap, and maybe it would help setting it properly, and then setting it for a jellyfin server later. Any help is appreciated. Thanks all!

cross-posted from: https://lemmy.zip/post/34733394

Snac (AKA Snac2) is a minimal microblogging ActivityPub instance written in C.

Features (from its Codeberg repo):

• Lightweight, minimal dependencies
• Extensive support of ActivityPub operations, e.g. write public notes, follow users, be followed, reply to the notes of others, admire wonderful content (like or boost), write private messages...
• Multiuser
• Mastodon API support, so Mastodon-compatible apps can be used
• Simple but effective web interface
• Easily-accessed MUTE button to silence morons
• Tested interoperability with related software
• No database needed
• Totally JavaScript-free
• No cookies either
• Not much bullshit

Edit: Thanks to everyone who commented and helped with suggestions! I moved to Debian + Docker compose only and everything went well and it's working perfectly!

TLDR: want to get rid of casaos from my home server and learn everything on my own from the beginning, am I crazy for wanting to wipe everything and reinstall the entire system?

Hi all! A few weeks ago I got a mini-pc (Beelink S12pro), a secondary internal sata ssd (thanks to those who helped me with the choice), and I slowly set up my server with quite a few services (the *arrs, jellyfin, immich, navidrome, gotify, uptime-kuma etc.) using casaos as overlay for everything (with Debian 12 as base and tailscale to access it outside my home). I like casaos interface, and it really helped me a lot in smoothing the process of approaching docker and managing a personal server.

However, I am starting to feel a bit restricted by casaos: almost immediately I was bypassing the 1-button install and customize the container to my liking, also if I need to change something deeper I always need to check if casaos has its own way of handling things. Plus, I don't really like the frequent connections to the app store (and I couldn't figure out how to change the interval), or the fact that everything casaos does is done as root, which also forced me to run some containers as root user. My server isn't exposed to the internet so I can be less worried, but I would like to know more about permissions and stuff without being forced to just run everything as root.

Removing casaos is apparently quite easy with an uninstall script, you can also keep your containers intact, however it will leave behind a lot of the dependencies installed and modification made through the install script, apparently.

I don't think these modifications will not be useful to me, but I would like to have a system when I know what I did, what is opened/installed/activated and what is not, and by just uninstalling casaos I will not have that. Note that I am also not against UIs, I think I will install dockge for easier managment of containers, but I would like the process to be learn->setup->use ui, and not the other way around.

Am I crazy for thinking about reinstalling the entire system and start from scratch? I have backups of everything: container data folders, compose files, various media. TBH, in one week of use there are not many things that are absolutely vital, moreover, most of the media are in the secondary drive which will be left untouched. Worst case scenario, I can also avoid restoring backups (except for the arrs which were the more time-consuming to set up).

In my mind these are the pros and cons

Pros: install stuff as needed and learn what does what, without having a script automagically doing that for me, probably gaining a deeper dive into docker/compose. No overlay, no mandatory root things, possibly less maintenance?

Cons: having to set things up again (system users, ssh access, tailscale, automount usb drives, mount points for the sata drive), possibly some container stuff will not just work by re-importing from a backup?

Does the selfhosted community have some advices or opinion on this? Maybe there are also easier ways I am missing, being kind of new to all this. Thanks in advance for any answer!

I've been running a docker-based linkding instance on one of my servers for a couple years now, using it with the linkding firefox extension, and it's been awesome. I'm still able to access the page and use it to go to links normally, but, as of yesterday, when I try to bookmark something with the extension it throws an "Internal Server Error" and fails to save it. Same thing happens when I try to add a bookmark "manually" via the linkding page.

I've restarted the docker instance and made sure the alpine VM it's on (via proxmox) is up to date, but to no avail. Other containers on the VM seem to be working fine. Portainer says the container is healthy. The full error message is "Error saving bookmark: Request error: Internal Server Error." Anyone had the same problem?