Selfhosted

Is there any service that will speak LDAP but just respond with the local UNIX users?

Right now I have good management for local UNIX users but every service wants to do its own auth. This means that it is a pain of remembering different passwords, configuring passwords on setting up a new service and whatnot.

I noticed that a lot of services support LDAP auth, but I don't want to make my UNIX user accounts depend on LDAP for simplicity. So I was wondering if there was some sort of shim that will talk the LDAP protocol but just do authentication against the regular user database (PAM).

The closest I have seen is the services.openldap.declarativeContents NixOS option which I can probably use by transforming my regular UNIX settings into an LDAP config at build time, but I was wondering if there was anything simpler.

(Related note: I really wish that services would let you specify the user via HTTP header, then I could just manage auth at the reverse-proxy without worrying about bugs in the service)

This is a decent writeup on applying "Zero Tust" principles to a home lab using mostly open source tools. I'm not the author, but thought it was worth sharing.

I'm looking at getting a gateway device to replace the ISP router that sits between the internet connection and the mesh WiFi.

I am running pi-hole on a (very old) raspberry pi, but I know some gateways get quite fancy so I'm wondering if it's possible to have pi-hole on the gateway itself, to run as DNS and DHCP servers?

Other things I'm looking for in a gateway are VPN as a client (preferably Wireguard) and PoE ports for cameras.

If it's possible to host something like pi-hole directly on the gateway then hardware recommendations are appreciated!

So, I'm selfhosting immich, the issue is we tend to take a lot of pictures of the same scene/thing to later pick the best, and well, we can have 5~10 photos which are basically duplicates but not quite.
Some duplicate finding programs put those images at 95% or more similarity.

I'm wondering if there's any way, probably at file system level, for the same images to be compressed together.
Maybe deduplication?
Have any of you guys handled a similar situation?

This seems like a solid choice for those of use looking for a obsidian-like replacement. Personally tried all editors out there, but nothing is able to defeat my love for obsidian. However, i look forwards to trying out Haptic when it comes to Linux. Currently it only supports Web and Mac. But state Linux and Windows support is on-the-way.

Kudos to selfh.st that provides consistent updates within this community and who shared this among other cool projects this week -> https://selfh.st/newsletter/2024-09-06/?ref=this-week-in-self-hosted-newsletter

Looking for recommendations for a versatile USB stick with Ventoy. I'm trying to create the "perfect, all-in-all" USB stick using Ventoy to store various ISOs and rescue tools. So far, I have the following ISOs:

• Arch
• OpenSuse TW
• NixOS
• Bazzite + AuroraDX
• Win10 ISO
• Clonezilla

I'm looking for suggestions on additional ISOs or tools that are compatible with Ventoy. What do you recommend adding to make my USB stick to make it more useful?

So we're starting a general contractor company and i I'm wondering if anyone else did that and had general advice? Its with someone else that is not really technology savy.

Currently we're using:

• WordPress for website
• OpenProject for project related task
• InvoiceNinja for invoice purposes

Any advice and comments would be appreciated!

I've been playing around with self hosting for file sharing, backups, and a handful of other ideas I might one day get round to. I like the idea of a mesh VPN and being able to, for example, connect a travelling laptop to a 'host' laptop nearby, though my only public ip is a VPS in another country.

Of all the options I found, I liked the look of Nebula most. Fiddly in some places, but it's working nicely for me, and I appreciate some of the simplicity of design.

I'm wondering if people here have much experience of it, though? My biggest concern is over its future. With,

1. The Defined Networking site focusing on making money off it, and
2. The Android app doesn't allow full configuration (including the firewall, so I can't host a website from a phone) but - I heard - does if you use Defined Networking's paid service for configuration,

makes me worry they might be essentially trying to deprecate viable FOSS Nebula in favour of a paid or controlled service.

Any thoughts? Insight?

Hi there self-hosted community.

I hope it's not out of line to cross post this type of question, but I thought that people here might also have some unique advice on this topic. I'm not sure if cross posting immediately after the first post is against lemmy-ediquet or not.

cross-posted from: https://lemmy.zip/post/22291879

I was curious if anyone has any advice on the following:

I have a home server that is always accessed by my main computer for various reasons. I would love to make it so that my locally hosted Gitea could run actions to build local forks of certain applications, and then, on success, trigger Flatpak to build my local fork(s) of certain programs once a month and host those applications (for local use only) on my home server for other computers on my home network to install. I'm thinking mostly like development branches of certain applications, experimental applications, and miscellaneous GUI applications that I've made but infrequently update and want a runnable instance available in case I redo it.

Anybody have any advice or ideas on how to achieve this? Is there a way to make a flatpak repository via a docker image that tries to build certain flatpak repositories on request via a local network? Additionally, if that isn't a known thing, does anyone have any experience hosting flatpak repositories on a local-network server? Or is there a good reason to not do this?

Hi!

I have setup ScanServJS which is an awesome web page that access your scanner and let you scan and download the scanned pages from your self hosted web server. I have the scanner configured via sane locally on the server and now I can scan via web from whatever device (phone, laptop, tablet, whatever) with the same consistent web interface for everyone. No need to configure drivers anywhere else.

I want to do the same with printing. On my server, the printer is already configured using CUPS, and I can print from Linux laptops via shared cups printer. But that require a setup anyway, and while I could make it work for phones and tablets, I want to avoid that

I would like to setup a nice web page, like for the scanner, where the users no matter the device they use, can upload files and print them. Without installing nor configuring anything on their devices.

Is there anything that I can self-host to this end?

So I have a retired but still very serviceable PC that I intend to use as my first home server. I gave two basic goals in self-hosting:

1. Host family media through Jellyfin, etc. This would include tv, music, and possibly books as well. Many of these will be managed through the Arr apps.
2. Degoogle my phone - I'm beginning by replacing Photos with Immich, but hope to also use Home Assistant, backup other phone data such as messages media, shopping lists, etc. I hope to replace Google storage/backup with Proton Drive.

So the question is what OS should I set up to run that? My proof of concept was an immich container running in xubuntu on an old laptop. I chose Xubuntu because I like the availability of documentation and community support for Ubuntu like distros, but wanted a lower powered alternative for the older device.

It seems to be working well, but I've had a few hiccups trying to update it, and I've heard that once you get into it, Linux distros like Ubuntu are not very user friendly for self-hosting as a beginner.

So is it better on the whole for a beginner to have a popular distro with lots if documentation and step by step guides, or to have a purpose-built OS like TrueNAS that might be more straightforward, but with less support?

I have been trying to setup my own newsletter for ages.

All of the platforms that I researched asked for stupid amounts of money for the services they where offering.

20$/month for 500 subscribers is not fair pricing mailchimp.

So I looked around the web for selfhosted solutions. Finally I found Listmonk, it's a selfhosted newsletter and mailing list manager, written in go and is extremely performant.

So I wrote an article on how to set that up!

I hope this helps some fellow selfhosters!

If you have any feedback please feel free to comment it bellow.

I host a website that uses mTLS for authentication. I created a client cert and installed it in Firefox on Linux, and when I visit the site for the first time, Firefox asks me to choose my cert and then I'm able to visit the site (and every subsequent visit to the site is successful without having to select the cert each time). This is all good.

But when I install that client cert into GrapheneOS (settings -> encryption & credentials -> install a certificate -> vpn & app user certificate), no browser app seems to recognize that it exists at all. Visiting the website from Vanadium, Fennec, or Mull browsers all return "ERR_BAD_SSL_CLIENT_AUTH_CERT" errors.

Does anyone have experience successfully using an mTLS cert in GrapheneOS?

[SOLVED] Thanks for the solution, @[email protected]

I'd like to get to a docker swarm sort of situation where I have 3 identical docker VMs, running 3 identical Caddy configurations, with 3 identical Apache VMs, and requests load balanced across them. And then I want a shared filesystem so the users can upload the files for their web sites to one location, and it's made available to all the web front ends.

I'm currently in a mixed environment:

• #xcpng on bare metal
  

• FreeBSD VMs running important services (bastions, email, DNS)
  

• #AlpineLinux VMs running docker for all my container-based stuff
  

So I'm trying to do the shared, highly available FS part of this design and I'd stay with FreeBSD if I could. #selfhosted

Hello,

I have a Nextcloud server installed at home that works well on my LAN network, but when I try to make the server accessible via a DynDNS service, I cannot connect to it. The request doesn't even reach my server. My question is whether the router immediately blocks the request, because when I set the router to be accessible (it has separately that option), I can connect without any issues over dyndns url. Could my ISP (O2) be blocking it? I can confirm that it's not a firewall issue, and it's also not because I'm connected to the same WiFi as the server. It's not a port forwarding issue either, as I've gone through all possible options. My router is a Fritzbox 6660, and there are no logs indicating that a request has even come through.

My second question is whether this is even allowed in Germany? Also, I've noticed that my ISP rarely changes my IP address; in fact, I haven't seen it change at all in the past few months, which is strange because in my home country, it changed every 24 hours.

Edit: First, thank you all for your help. I will try your suggestions over the course of this week or month (due to time-related issues :) and will report back with the results. Since I am clearly a noob when it comes to self-hosting and I plan to have only a Nextcloud server for personal use, what is the best way to secure the system in these situations and allow only certain devices to access it over the external network? (if I ever manage to access it at all)

I've been hosting Alexandrite as my main web UI for Lemmy because Lemmy's own UI is a bit too basic for my tastes, but Alexandrite hasn't been updated in 7 months and is still missing features like setting a default comment sort type. Can anyone recommend an alternative with a similar look and feel? I use the "list" view on smaller resolutions and the "cards" view on my ultrawide

While reading many of the blogs and posts here about self hosting, I notice that self hosters spend a lot of time searching for and migrating between VPS or backup hosting. Being a cheapskate, I have a raspberry pi with a large disk attached and leave it at a relative's house. I'll rsync my backup drive to it nightly. The problem is when something happens, I have to walk them through a reboot or do troubleshooting over the phone or worse, wait until a holiday when we all meet.

What would a solution look like for a bunch of random tech nerds who happen to live near each other to cross host each other's offsite backups? How would you secure it, support it or make it resilient to bad actors? Do you think it could work? What are the drawbacks?

I’ve been doing POSSE for a while now and it had helped me immensely by saving time and stress.

Basically every time I post something on a 3rd party site I store the content locally. Currently only in Obsidian and some locally cached videos and articles (TubeArchivist and Raindrop)

When I get dragged to the same argument or topic again, I can just grab my old comment, maybe edit/update it a bit and post it.

For some stuff I have longer blog posts I can link to, for some they are images and graphs.

I'm a beginner in networking things but due to my ISP I can only open a certain range of ports in my router to be accessible from the outside of my network (something like ports 11000-11500).

That means I can't open port 443 to access my reverse proxy from the outside. Is it possible to redirect all traffic that's coming from one of the ports in the range to port 443 of my server?

I haven't found that possibility in my router (Fritzbox 7530) so is there a way to do this on my server (running Fedora Server)?

I assume most users here have some sort of tech/IT/software background. However, I've seen some comments of people who might not have that background (no problem with that) and I wonder if you are self-hosting anything, how did you decide that you would like to self-host?