I've been interested in self-hosting for a while, but didn't really know where to start. I've never messed with Linux before and wanted to jump ship from Windows since Microsoft decided to start putting ads everywhere. I came across this post [https://lemmy.world/post/6542543] which was exactly what I was looking for to start, and seemed like a straight-forward guide. I have two laptops, one I want to act as my media server with Docker and the other as my everyday device. Except I've been met with setback after setback from the start. I tried installing Ubuntu Server on the media server laptop but just could not get it up and running. I was suggested to try using a more beginner-friendly distro, so I went with Mint. I also liked the idea of a GUI I can mess around with.

Docker was a success, but then I got to the Adguard part and when I try the docker-compose.yml step, grub just hangs. Decided to skip that part and go onto Jackett. Nope, more errors. Tried Prowlarr, different errors.

I don't want to give up on this because its something I really want to get going for my media, home automation, cameras, etc etc. But I feel like I'm flying blind here.

I have a lot of homework to do to learn Linux, but is there a different, beginner-friendly guide out there for me to follow for now?

-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-_.-.-~.

Edit: I appreciate everyone's comments. Although I have no Linux experience, I know my way around Windows pretty well. I understand file systems and in one of my errors that was asked, I was getting a "No File or Directory exists" error. I edited the username to fit my what I have, but was still getting the error. I even created a new user named Prowlarr when attempting the Powlarr install to follow the steps word-for-word, no luck. It got frustrating so I gave up for the day.

I admit I do have a lot of learning to do, and I am really grateful some of you have provided start-points for my Linux journey. I'm also grateful for the "Self-hosting For Dummies" recommendations, like Yunohost and YAMS. I plan on looking over all of this info today to get a solution up for now and start my path down the Linux rabbithole. Its kinda exciting to start embarking on something like this.

Anyway, thanks to everyone who gave me great feedback!

cross-posted from: https://lemmy.world/post/15565311

> It was a long running project, but I finally did it. I built what I'm calling a smart mailbox that communicates locally with Home Assistant via ESPHome. > > Parts: > - Pine plank roughly the width of my mailbox > - Treated pine plank for mounting > - Thin sheet of perspex or similar transparent plastic > - 2x VCNL4010 proximity sensor > - ESP32 dev board with antenna > - Bigger antenna > - Prototype board > - 2.54mm pitch JST connectors > - 2.54mm pitch pin header sockets > - 18650 battery > - 18650 Type-C charging module > - Battery holder > - 2x 5V 1.5W solar panels > - MCP1700-3302E LDO regulator > - 100uF electrolytic capacitor > - 100nF ceramic capacitor > - Resistors... I think I ended up using a 1 MOhm and a 330 kOhm > - Weatherproof junction box > - Nylon screw spacers > - Cable glands > - 12mm waterproof button > - Various cables and wires > - Paint and polyurethane spray to weatherproof the wood > > Tools: > - Soldering iron > - Router for cutting grooves in wood > - Drill and hole saw bits > - Various files and sandpaper > > For a start, I followed this guide to get me started on the power delivery portion, but I ended up using much higher valued resistors since I found that I was losing more battery charge through the voltage divider than I was from the ESP32 or proximity sensors. > > Once I'd tested the concept with the parts just laying in a jumble on the table, it was time to get to work. > > I started by cutting a plank of pine to fit my mailbox, chamfering the ends to make space for the metal joins. I routed out some spaces for the tops of the bolts that hold the mailbox down. > > ! > > Measured out where the sensors should go, along with a surrounding space to screw down some little perspex windows to cover them. The idea I wanted was for the mail to be able to slide over the sensors without getting caught on them, as well as to protect them from dust. > > ! > > Routed out the dents and cleaned them up with a chisel and sandpaper. Cut the perspex to shape for a test fit. > > ! > > On the other side, I routed out a notch for the cable to access the sensors. > > ! > > I had originally planned to just solder wires into the sensors, but then I realised JST connectors would fit perfectly into the sensors. This meant I had to widen the holes somewhat, which I did with a small chisel and file. > > ! > > I got a bit lazy with making screw holes to hold down the perspex, so they're not in as neat a place as I'd like. If I did this again I'd measure properly for their placement. Still, with countersinking they hold down the perspex well and nothing sticks up for mail to get caught on. > > ! > > I also got started on making a housing for the solar panels. I used the router to carve out a 1-2mm area for them to sit in, and a much deeper ditch linking the two terminals, which you'll see in a later picture. For now, here's how they look sitting in it. > > ! > ! > > Wiring up the prototype board was next. Again, see the article I linked above for how this works. I used pin headers to allow the ESP32 dev board to be slotted in and out, just in case I ever needed to take it out for replacement or reprogramming. Also the JSTs on the prototype board are for connecting the battery (top left), connecting the solar panels (bottom left), providing power to the sensors (bottom right) and clock and data lines for the sensors (top right). Since the sensors are both using the same I2C bus address and cannot be configured otherwise, I had to run two clock and data lines, but if I'd found sensors that could have different addresses I could have just used one of each. I didn't take a photo of the board at this stage, but I later added another header to connect a button to reset the ESP32 from the outside. > > ! > > I also made the data and power cable for the sensor board. > > ! > > The solar panel housing and 'sensor plate' were both painted and treated with polyurethane spray to protect them from rain and humidity. > > ! > ! > > I drilled holes in the weatherproof box to fix the cable glands and the weatherproof button. In the case of the solar panel wire, I had opted to buy speaker wire since I figured it would be easier to run in the channel between the two solar panels, being flat. But that also made it not really fit the cable glands that great. I ended up stripping some of the outer sheath off some 2 wire power cable I had, and wrapping that around the part of the speaker wire that gets clamped in the glands, just to make a reasonable seal. These all were on the side I decided I would mount at the bottom, so water wouldn't be able to easily fall into the box. > > ! > > Final test fit. I later used epoxy glue to glue down the nylon headers and the battery holder inside the box. > > ! > > The mailbox itself also needed a hole in the bottom for the sensor cable to come out. After drilling a hole and filing it into a square shape, I cut some rubber grommet strip to size and fitted it around the hole, with some marine silicone adhesive to protect the sharp metal edges from water and to hold the grommet strip in place. > > ! > > I'd drilled some holes in the brick wall my mailbox sits upon for masonry anchors, and this piece of treated pine got the last of my polyurethane spray, just in case. > > ! > > Using a two pieces of the leftover perspex glued together, I made an internal mount for the antenna, figuring it would be best to not have the thing either floating around freely inside the box or sticking out the side where people could potentially break it off. > > ! > ! > > Finally, after weeks of off and on work, it was ready to install. > > ! > ! > > The ESPHome coding used my VCNL4010 component, and if anyone is interested I can share it but it's kinda a large file.

Hey selfhosters!

I recently discovered Tribler - anonymity focus torrent client. It made some rounds on hackernews and I'd never heard of it before.

I installed gui and was not impressed - it ran terribly on macos. However, I was able to test download and its anonymity features - it uses TOR inspired onion routing. I saw they had API available - and thought it would be perfect for my selfhosted *arr stack usage. However, *arr apps did not integrate tribler API (understandably, it's a niche client)

I dug in a bit and thought it would not be so difficult to create a shim that pretends to be some better integrated torrent client.

I picked qbittorrent.

You can check the link. I run it in docker. Add it to sonarr / radarr as qbittorrent client (username and password is irrelevant, as tribler shim integrates with tribler through API key) It's not the most secure approach - but managing torrents wihout authentication in my home network is an acceptable risk.

I was not able to download anything with more than 1 hops in between - ie it does hide your real IP address, but only uses one relay in between. It's not perfect, but seems to work as designed. I run my services mostly in Kubernetes, so there's likely something in my networking that. I will poke around more to see what could be the issue.

For now, the torrent management works through arr apps using the shim, however, the category is not implemented. Therefore, you can only use one category for both sonarr and radarr for example, and you will see downloads of both of those.

Hey everyone,

My personal server of choice is a DiskStation right now, and I'm using the default reverse proxy for all my subdomains. I went through a few stages to secure them, and now that I'm finally finished (famous last words heh?!) I thought I'd document my approach and provide some configs and code. I've seen a few unanswered questions here and there about how to do this on Synology, so hopefully this helps a few people.

The guide covers limiting access to local IPs, as well as adding Basic or SSO authentication. The main goal is to integrate well with the GUI and access control profiles, and to leave all existing and autogenerated files untouched, so updates and changes via the GUI still work as expected.

Here is the basic idea:

> The nginx server config is located in /etc/nginx/, and the reverse proxies are defined in the sites-available/server.ReverseProxy.conf file inside that folder. There's one server directive for every proxied site, and the DSM config adds a include .acl.<random string>.conf* directive if you set up an access control profile for a site. That * at the end there is crucial, because it means we can manually add more configuration files with the same prefix, and they will automatically be included and applied to all sites using this access control profile. > > There are also include directives for the main and http scopes, as well as for the default DSM server directives. This means we can inject configurations in these places, just by adding correctly named files to the conf.d folder. > > For Single Sign-On (SSO) authentication we run a Vouch-Proxy instance to handle the communication between nginx and the OIDC server. We also need to spin up another nginx reverse proxy and forward requests to it, because the built-in one doesn't support the required auth_request directive. Its container script just copies the default reverse proxy configuration with some modifications, and it is set up to reload whenenver the original file changes.

Link

Hello.

I have home server with Home Assistant and small VPSes. I want to monitor one of the VPS in Home Assistant. I know that Glances could be the best choice here, but I cannot connect Glances wuth Home Assistant (I can access to web interface hosted directly on VPS, but I cannot connect it to Home Assistant). Is there a light alternative that I can quickly install on VPS server (ubuntu) and connect it with Home Assistant? I don't need a lot of metrics - only CPU, RAM, Load and maybe net traffic. I am open to standards like MQTT.

I have been backing up the photos folder for my immich. Something weird happened with one of my hard drives so i had to restore. It has a folder for each year and inside there is a folder for each day. immich doesnt support the ability to drag and drop the year folder into the UI. What's the best way to get all my media back into immich?

Hello everyone,

I am running some services like Jellyfin, Radarr, QBittorrent, Jellyseerr and some others on my Raspberry Pi 4. The problem is that it is already struggling to run those, since it has only 2GB of RAM. I wish it was possible to do a RAM upgrade to the Raspberry Pi but the RAM is soldered to the motherboard. I don't want to buy another Raspberry Pi with more RAM because they are quite expensive and I don't want to have two of them. So can you recommend something for around or under 100€?

Thanks in advance.

I torrent to a seedbox, and said seedbox has great access tools and you can install plenty of useful applications like Resilio Sync, Syncthing, etc.

My local server is running Fedora Server OS. I'd like to get an automated 1-way sync up and running, but I'm having a lot of trouble. I was using Syncthing in the past, but it's really not meant for one way syncs and caused some issues. I've been trying to set up Resilio Sync, but on Linux I cannot figure out how to get access to the web UI. Resilio's own documentation is frustratingly obtuse - it's great for setting up the service under systemd but then basically has nothing about how to actually get webui access from another machine on the local network, excrot for a reference to a command that doesn't actually exist.

If anyone either 1) knows how to set up Resilio Sync on a Linux machine such that I can hit the web UI from another machine on my local network or 2) had a better way to set up 1-way sync between my seedbox and my local server, I would love to learn!

I try to follow the docs but somehow it doesn't work as expected. How does your compose file look and what to choose in the settings?

My current setup: (Not working)

```` services:

original source: https://jellyfin.org/docs/general/installation/container/

jellyfin: image: docker.io/jellyfin/jellyfin:latest container_name: jellyfin environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - JELLYFIN_PublishedServerUrl=https://my.url volumes: - ./config:/config:Z - ./cache:/cache:Z - ./media:/media:rw ports: - 8096:8096

no need for https since reverse proxy and no local discovery

restart: always device: - /dev/dri/:/dev/dri/:Z - /dev/dri/renderD128:/dev/dri/renderD128:Z group-add: - 105 privileged: true ````

I do not want a privileged container but I'm experimenting.

• VAAPI is selected
• VA-API device: is set to /dev/dri/renderD128
• enable hardware decoding for : H264, HEVC, HEVC 10bit and VP9 10 bit
• enable hardware encoding
• allow encoding in HEVC

to get the group I ran getent group render | cut -d: -f3 on the host which returned 105.

$ podman exec -it jellyfin /usr/lib/jellyfin-ffmpeg/vainfo Trying display: drm libva info: VA-API version 1.21.0 libva info: Trying to open /usr/lib/jellyfin-ffmpeg/lib/dri/iHD_drv_video.so libva info: Found init function __vaDriverInit_1_21 libva info: va_openDriver() returns 0 vainfo: VA-API version: 1.21 (libva 2.21.0) vainfo: Driver version: Intel iHD driver for Intel(R) Gen Graphics - 24.2.1 (0593864) vainfo: Supported profile and entrypoints

This command returns VA-API does that mean I can only (or I should) select this method? Or is QSV also possible? What's better?

podman exec -it jellyfin /usr/lib/jellyfin-ffmpeg/ffmpeg -v verbose -init_hw_device vaapi=va -init_hw_device opencl@va ffmpeg version 6.0.1-Jellyfin Copyright (c) 2000-2023 the FFmpeg developers built with gcc 12 (Debian 12.2.0-14) configuration: --prefix=/usr/lib/jellyfin-ffmpeg --target-os=linux --extra-version=Jellyfin --disable-doc --disable-ffplay --disable-ptx-compression --disable-static --disable-libxcb --disable-sdl2 --disable-xlib --enable-lto --enable-gpl --enable-version3 --enable-shared --enable-gmp --enable-gnutls --enable-chromaprint --enable-opencl --enable-libdrm --enable-libass --enable-libfreetype --enable-libfribidi --enable-libfontconfig --enable-libbluray --enable-libmp3lame --enable-libopus --enable-libtheora --enable-libvorbis --enable-libopenmpt --enable-libdav1d --enable-libsvtav1 --enable-libwebp --enable-libvpx --enable-libx264 --enable-libx265 --enable-libzvbi --enable-libzimg --enable-libfdk-aac --arch=amd64 --enable-libshaderc --enable-libplacebo --enable-vulkan --enable-vaapi --enable-amf --enable-libvpl --enable-ffnvcodec --enable-cuda --enable-cuda-llvm --enable-cuvid --enable-nvdec --enable-nvenc libavutil 58. 2.100 / 58. 2.100 libavcodec 60. 3.100 / 60. 3.100 libavformat 60. 3.100 / 60. 3.100 libavdevice 60. 1.100 / 60. 1.100 libavfilter 9. 3.100 / 9. 3.100 libswscale 7. 1.100 / 7. 1.100 libswresample 4. 10.100 / 4. 10.100 libpostproc 57. 1.100 / 57. 1.100 [AVHWDeviceContext @ 0x55ef07507480] Trying to use DRM render node for device 0. [AVHWDeviceContext @ 0x55ef07507480] libva: VA-API version 1.21.0 [AVHWDeviceContext @ 0x55ef07507480] libva: Trying to open /usr/lib/jellyfin-ffmpeg/lib/dri/iHD_drv_video.so [AVHWDeviceContext @ 0x55ef07507480] libva: Found init function __vaDriverInit_1_21 [AVHWDeviceContext @ 0x55ef07507480] libva: va_openDriver() returns 0 [AVHWDeviceContext @ 0x55ef07507480] Initialised VAAPI connection: version 1.21 [AVHWDeviceContext @ 0x55ef07507480] VAAPI driver: Intel iHD driver for Intel(R) Gen Graphics - 24.2.1 (0593864). [AVHWDeviceContext @ 0x55ef07507480] Driver not found in known nonstandard list, using standard behaviour. [AVHWDeviceContext @ 0x55ef07538b40] Failed to get number of OpenCL platforms: -1001. Device creation failed: -19. Failed to set value 'opencl@va' for option 'init_hw_device': No such device Error parsing global options: No such device

within the container: ````

ls -l /dev/dri

total 0 crw-rw----+ 1 nobody nogroup 226, 1 May 17 13:22 card1 crw-rw-rw-. 1 nobody nogroup 226, 128 May 17 13:22 renderD128

whoami

root

````

$ getsebool container_use_dri_devices container_use_dri_devices --> on

$ sudo lshw -c video | grep driver configuration: driver=i915 latency=0

if privileged is set to false: $ podman exec -u root -it jellyfin /usr/lib/jellyfin-ffmpeg/ffmpeg -v debug -init_hw_device Device creation failed: -2. Failed to set value 'drm=dr:/dev/dri/renderD128' for option 'init_hw_device': No such file or directory Error parsing global options: No such file or directory

if privileged is true. $ podman exec -u root -it jellyfin /usr/lib/jellyfin-ffmpeg/ffmpeg -v debug -init_hw_device drm=dr:/dev/dri/renderD128 -init_hw_device vaapi=va@dr ffmpeg version 6.0.1-Jellyfin Copyright (c) 2000-2023 the FFmpeg developers built with gcc 12 (Debian 12.2.0-14) configuration: --prefix=/usr/lib/jellyfin-ffmpeg --target-os=linux --extra-version=Jellyfin --disable-doc --disable-ffplay --disable-ptx-compression --disable-static --disable-libxcb --disable-sdl2 --disable-xlib --enable-lto --enable-gpl --enable-version3 --enable-shared --enable-gmp --enable-gnutls --enable-chromaprint --enable-opencl --enable-libdrm --enable-libass --enable-libfreetype --enable-libfribidi --enable-libfontconfig --enable-libbluray --enable-libmp3lame --enable-libopus --enable-libtheora --enable-libvorbis --enable-libopenmpt --enable-libdav1d --enable-libsvtav1 --enable-libwebp --enable-libvpx --enable-libx264 --enable-libx265 --enable-libzvbi --enable-libzimg --enable-libfdk-aac --arch=amd64 --enable-libshaderc --enable-libplacebo --enable-vulkan --enable-vaapi --enable-amf --enable-libvpl --enable-ffnvcodec --enable-cuda --enable-cuda-llvm --enable-cuvid --enable-nvdec --enable-nvenc libavutil 58. 2.100 / 58. 2.100 libavcodec 60. 3.100 / 60. 3.100 libavformat 60. 3.100 / 60. 3.100 libavdevice 60. 1.100 / 60. 1.100 libavfilter 9. 3.100 / 9. 3.100 libswscale 7. 1.100 / 7. 1.100 libswresample 4. 10.100 / 4. 10.100 libpostproc 57. 1.100 / 57. 1.100 Splitting the commandline. Reading option '-v' ... matched as option 'v' (set logging level) with argument 'debug'. Reading option '-init_hw_device' ... matched as option 'init_hw_device' (initialise hardware device) with argument 'drm=dr:/dev/dri/renderD128'. Reading option '-init_hw_device' ... matched as option 'init_hw_device' (initialise hardware device) with argument 'vaapi=va@dr'. Finished splitting the commandline. Parsing a group of options: global . Applying option v (set logging level) with argument debug. Applying option init_hw_device (initialise hardware device) with argument drm=dr:/dev/dri/renderD128. [AVHWDeviceContext @ 0x55e56e90b480] Opened DRM device /dev/dri/renderD128: driver i915 version 1.6.0. Applying option init_hw_device (initialise hardware device) with argument vaapi=va@dr. [AVHWDeviceContext @ 0x55e56e90b8c0] libva: VA-API version 1.21.0 [AVHWDeviceContext @ 0x55e56e90b8c0] libva: Trying to open /usr/lib/jellyfin-ffmpeg/lib/dri/iHD_drv_video.so [AVHWDeviceContext @ 0x55e56e90b8c0] libva: Found init function __vaDriverInit_1_21 [AVHWDeviceContext @ 0x55e56e90b8c0] libva: va_openDriver() returns 0 [AVHWDeviceContext @ 0x55e56e90b8c0] Initialised VAAPI connection: version 1.21 [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x41524742 -> bgra. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x42475241 -> argb. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x41424752 -> rgba. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x52474241 -> abgr. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x58524742 -> bgr0. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x42475258 -> 0rgb. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x58424752 -> rgb0. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x52474258 -> 0bgr. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30335241 -> unknown. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30334241 -> unknown. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30335258 -> x2rgb10le. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30334258 -> x2bgr10le. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x36314752 -> unknown. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x56555941 -> unknown. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x56555958 -> vuyx. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30303859 -> gray. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x3231564e -> nv12. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x3132564e -> unknown. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x32595559 -> yuyv422. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x59565955 -> uyvy422. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x32315659 -> yuv420p. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30323449 -> yuv420p. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x50313134 -> yuv411p. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x48323234 -> yuv422p. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x56323234 -> yuv440p. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x50343434 -> yuv444p. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x33434d49 -> unknown. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30313050 -> p010le. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x32313050 -> p012le. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x36313050 -> unknown. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30313259 -> y210le. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x32313259 -> y212le. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x36313259 -> unknown. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30313459 -> xv30le. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x32313459 -> xv36le. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x36313459 -> unknown. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x50424752 -> unknown. [AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x50524742 -> unknown. [AVHWDeviceContext @ 0x55e56e90b8c0] VAAPI driver: Intel iHD driver for Intel(R) Gen Graphics - 24.2.1 (0593864). [AVHWDeviceContext @ 0x55e56e90b8c0] Driver not found in known nonstandard list, using standard behaviour. Successfully parsed a group of options. Hyper fast Audio and Video encoder usage: ffmpeg [options] [[infile options] -i infile]... {[outfile options] outfile}...

I want to undo some of my setup on my network so I can redo it in a different configuration on the same machine. The first thing I wanted to do was disable my Adguard server, making sure I could still use the internet after.

I thought I had cleared out all of the settings in my router that made it use Adguard for DNS, but when I shut down Adguard afterward, all outside connectivity fell apart. I could still get to websites if I knew their specific IP address, but nothing that needed DNS worked. When I booted Adguard back up, everything started working again.

I have tried several options in the DNS server settings in my Asus router (TUF-AX5400). Is there something I need to do in Adguard first to make this work? Or is this maybe something I need to reset in my Asus router and then give it time and a few reboots to work?

Hello! I recently listened to a podcast that talked about how storing media files in .av1 format is very efficient and storage-friendly. I've been storing my files in .mkv format, but now I'm considering using Handbrake or a similar service to convert all my video files to .av1 if it's more compressed than .mkv. So;

• What format do you store your media?
• What is the optimal way of storing media?
• Do you use handbrake or similar services (feel free to suggest) to convert media files?

Hello, I'm relatively new to self-hosting and recently started using Unraid, which I find fantastic! I'm now considering upgrading my storage capacity by purchasing either an 8TB or 10TB hard drive. I'm exploring both new and used options to find the best deal. However, I've noticed that prices vary based on the specific category of hard drive (e.g., Seagate's IronWolf for NAS or Firecuda for gaming). I'm unsure about the significance of these different categories. Would using a gaming or surveillance hard drive impact the performance of my NAS setup?

Thanks for any tips and clarifications! 🌻

I thought I was going to use Authentik for this purpose but it just seems to redirect to an otherwise Internet accessible page. I'm looking for a way to remotely access my home network at a site like remote.mywebsite.com. I have Nginx proxy forwarding with SSL working appropriately, so I need an internal service that receives the traffic, logs me in, and passes me to services I don't want to expose to the Internet.

My issue with Authentik is if I need to access questionable internal websites I have to make an Internet accessible subdomain. I don't want authentik.mywebsite.com to redirect to totallyillegal.mywebsite.com. I want it to redirect to 10.1.1.30:8787.

Is there anything that does that?

I came across this blog today while searching and I'm finding it very detailed, human, and instructive. For a beginner like me, this kind of resource is invaluable. What does a server failure feel like at a personal level? How do you make decisions about cost or utilizing existing hardware? These kind of thoughtful reflections along with practical walkthroughs of solutions make this a very nice resource when planning both the how and the why.

Maybe someone else will find it useful too.

I've been using RealVNC for family computer help and have been wanting to setup a self hosted replaced for a while now, but haven't had the time. RealVNC has recently axed their free levels, so I'll use it as a reason to setup a self hosted solution.

Ideally it would be something like a web page (I have a domain and reverse proxy) where family can go, get a code or a software to run, which will then let me control their system securely.

I was considering guacamole on a pi at each location I'm likely to have to support, but this doesn't help when family is away from their home network on laptop.

What is out there for this? Have you used it? What are your experiences?

Thanks

*What rights do you have to the digital movies, TV shows and music you buy online? That question was on the minds of Telstra TV Box Office customers this month after the company announced it would shut down the service in June. Customers were told that unless they moved over to another service, Fetch, they would no longer be able to access the films and TV shows they had bought. *

I currently have an Odroid H4C that has two SATA with two 12TB hard drives.

It's starting to get too small, so I was thinking of taking the step and move to a 4/5 bays NAS and reuse the disks (the other option was to add disks via USB).

What NAS do you recommend me to continue being able to have my *ARR suite + torrent + nextcloud + syncthing + small services(gitea, trillium notes, etc)?

I would like to already have some redundancy, can I use the hard drives as they are or will I have to do something to them besides adding other hard drives? (my idea was to add one more disk of 12 to have redundancy and already expand space with a fourth disk)

Edit:

I wan't to buy and forget, so no to build myself.

I really don't think in any budget, but as cheat as can be, without loss any funcionality that i stated before.

I run my services mostly in docker

Currently stream in my lan without any web, in samba folders but jellyfin could be interesting (not Plex, trying to FOSS to maximum)

The redundancy is for data safe

Thanks for your answers

(I know wireguard, tailscale and so on are the preferred options. But for some reaon I can't use any vpn atm)

I'm looking for some tunneling solution which:

-is NOT Cloudflare Tunnels

-doesn't need a VPN (so wireguard or openvpn are ruled out)

-is not SSH tunnel

I need something like FRP preferably with a luci app and automatic ssl certificate for my subdomain.

Any recommendations?

Take a skim through the link for full details (especially the breaking changes), but I have included some parts that I thought were important:

> This release has been over two years in the making, so we're really glad to finally get it out to you. The long cycle does mean quite an extensive changelog however, with well over 1100 pull requests merged into our master branch since 10.8.0 first dropped back in 2022.

> General > > - We now support "trickplay" a.k.a. live video scrubbing. When scrubbing through a video with this enabled, you will be able to see a live preview of the video at that timestamp. Note that this requires explicit client support, which may require some time to become available depending on your client. > > - [...] > > - We now support AVIF and WEBP images for Pictures libraries. > > - Tags are now accounted for during searches, allowing one to search by tag. > > - We now support multiple simultaneous subtitle tracks (maximum of two, a primary and secondary) in the web player. > > - We've revamped the administrative dashboard UI to help improve usability and ease of finding options.

> API & Security > > - All API endpoints now return proper return codes, ensuring that API endpoint results can be reliably interpreted without additional parsing. > > - Parental ratings are significantly improved, with better enforcement, inheritable ratings, and more. > > - LiveTV and Collection permissions are now discrete and configurable per-user. > > - The EasyPassword (PIN) feature has been removed as this was a big security risk especially for administrator accounts; QuickConnect login is still supported however. > > - User permission handling has been unified and numerous bugs fixed, ensuring a more secure server from untrusted users.

> Core Server & Networking > > - [...] > - The server now supports in-process restarting, and removes the old hacky restart.sh method. This should make things like installing plugins much more robust and ensure a consistent restart experience regardless of platform or install method. > - [...] > - The backend SQLite database now supports connection pooling, which should improve performance for database operations. > - [...]

Also sections on Packaging, Transcoding & FFmpeg improvements/support, Scanning, Library & Playlist Management, and Casting

--- > The Next Version > > With our continuous integrations improvements outlined previously, we're quite confident that this will be our last "very long" release cycle. Our plan is for the next major version (10.10.0) to be released at most 6 months from now, some time in October. We hope this increased cadence will help alleviate the problems with large releases such as a very long time-to-stable for new features, translations, etc. and help lower the number of major bugs at each major release, streamlining the upgrade process. But this needs everyone's help. Back in October 2023, we made a call for developers, and we've gotten a lot of interest, but this is not a one-and-done event. We need contributions now more than ever, especially around the web frontend to help implement our planned design changes. If this interests you, please reach out and we can help get you set up.

I'm duplicating my server hardware and moving the second set off site. I want to keep the data live since the whole system will be load balanced with my on site system. I've contemplated tools like syncthing to make a 1 to 1 copy of the data to NAS B but i know there has to be a better way. What have you used successfully?

Hi everyone,

As always, every time I look at the AWS Glacier egress fee calculator I get fairly irked at how much they charge. Was wondering if anyone knew of any alternatives for cold storage in the cloud without such egregious charges. I will likely not access it ever because I have another offset backup, but just in case I do, I wouldn't want to fork over thousands, really.

I don't know how reliable Scaleway's service is, and Cloudflare's R2 doesn't have a Archive offering. I would be interested in the Azure if anyone can convince me that I won't go bankrupt trying to retrieve my data from them. I don't want to go with Google with the recent stuff they have been doing with data on their servers.

Thanks!

I started tinkering with frigate and saw the option to use a coral ai device to process the video feeds for object recognition.

So, I started checking a bit more what else could be done with the device, and everything listed in the site is related to human recognition (poses, faces, parts) or voice recognition.

In some part I read stable diffusion or LLMs are not an option since they require a lot of ram which these kind of devices lack.

What other good/interesting uses can these devices have? What are some of your deployed services using these devices for?

I am looking to buy a new mini PC home server and I want to be able to pass through my iGPU and NIC to different VMs. Where can I find a well-maintained database of IOMMU groups so that I can pick a good match for my needs?

There exists iommu.info but that barely has any entries.

I am currently using an old laptop (circa 2015) with a 250GB SSD in it, and 4GB of RAM. It runs Fedora 39 Server, and only hosts a Jellyfin instance through Docker right now (though I want to use Nextcloud later too). There is only 15GB of storage left on it, and the CPU is constantly overloaded (due to forced transcoding). I happen to have a lot of 500GB 3.5" HDDs laying around, and I want to use them in RAID 5. What hardware would be good for having 4 HDDs, and running Jellyfin and Nextcloud in Docker? I'm okay with either having just a 4-bay NAS (as long as it can handle transcoding (MKV 480p -> MP4)), or having a 4-bay NAS and a server/computer/NUC. I only have a budget of CAD$900 (USD$658 as of writing), but I am willing to go to CAD$1000 if absolutely necessary.

I am currently trying to create my own Lemmy instance and am following the join-lemmy.org docker guide. But unfortunately docker compose up doesn't work with the default config and throw's a yaml: line 32: found character that cannot start any token error. Is there something I can do to fix this?

The section in question is ```% if lemmy_env_vars is defined and lemmy_env_vars|length > 0 %} {% for item in lemmy_env_vars %} {% for key, value in item.items() %} - {{ key }}={{ value }} {% endfor %} {% endfor %} {% endif %}

Hey all,

Almost as impressive as all the LLMs these days is the voice that ChatGPT uses with its emphasis and dramatic pauses and umms, etc.

I would love to integrate that with a self-hosted Llama3 engine.

Is there a project that y'all have heard of?

Hey hello, self-hosting noob here. I just want to know if anyone would know a good way to host my writing. Something akin to those webcomic sites, except for writing. Multiple stories with their own "sections" (?) and a chapter selection for each. Maybe a home page or profile page to just briefly detail myself or whatever, I don't know. It doesn't have to be fancy, and I apologize for not knowing how to describe this well. I've just been searching and searching and I don't know what to look up to find what I want, it's extremely frustrating. Any help is greatly appreciated.

I'm a happy user of Inoreader. I like it so much I'm considering buying a premium plan. However, I'm looking for an alternative I wouldn't have to pay for. I came across FreshRSS. The only thing that's keeps me from moving is the sync. I don't want to expose it to the internet but I want to be able to access it on a move. My first idea was to use Syncthing. Is there a way to use Syncthing to sync feeds, settings (read articles, subscriptions, etc.) across different devices? By different devices I mean Linux, macOS (optional) and GrapheneOS (Android) phone.

Edit: Thanks for the help, issue was solved! Had Traefik's loadbalancer set to route to port 8081, not the internal port of 80. Whoops.

Intro

HI everyone. I've been busy configuring my homelab and have run into issues with Traefik and Vaultwarden running within Podman. I've already successfully set up Home Assistant and Homepage but for the life of me cannot get things working. I'm hoping a fresh pair of eyes would be able to spot something I missed or provide some advice. I've tried to provide all the information and logs relevant to the situation.

Expected Behavior:

1. Requests for *.fenndev.network are sent to my Traefik server.
2. Incoming HTTPS requests to vault.fenndev.network are forwarded to Vaultwarden
   • HTTP requests are upgraded to HTTPS
3. Vaultwarden is accessible via https://vault.fenndev.network and utilizes the wildcard certificates generated by Traefik.

Quick Facts

Overview

• I'm running Traefik and Vaultwarden in Podman, using Quadlet
• Traefik and Vaultwarden, along with all of my other services, are part of the same fenndev_default network
• Traefik is working correctly with Home assistant, Adguard Home, and Homepage, but returns a 502 Bad Gateway error with Vaultwarden
• I've verified that port 8081 is open on my firewall and my service is reachable at {SERVER_IP}:8081.
• 10.89.0.132 is the internal Podman IP address of the Vaultwarden container

Versions

Server: AlmaLinux 9.4

Podman: 4.9.4-rhel

Traefik: v3

Vaultwarden: alpine-latest (1.30.5-alpine I believe)

Error Logs

Traefik Log: 2024-05-11T22:09:53Z DBG github.com/traefik/traefik/v3/pkg/server/service/proxy.go:100 > 502 Bad Gateway error="dial tcp 10.89.0.132:8081: connect: connection refused"

cURL to URL: ``` [fenndev@bastion ~]$ curl -v https://vault.fenndev.network

• Trying 192.168.1.169:443...
• Connected to vault.fenndev.network (192.168.1.169) port 443 (#0)
• ALPN, offering h2
• ALPN, offering http/1.1
• CAfile: /etc/pki/tls/certs/ca-bundle.crt
• TLSv1.0 (OUT), TLS header, Certificate Status (22): ```

Config Files

vaultwarden.container file: ``` [Unit] Description=Password After=network-online.target [Service] Restart=always RestartSec=3

[Install]

Start by default on boot

WantedBy=multi-user.target default.target

[Container] Image=ghcr.io/dani-garcia/vaultwarden:latest-alpine Exec=/start.sh EnvironmentFile=%h/.config/vault/vault.env ContainerName=vault Network=fenndev_default

Security Options

SecurityLabelType=container_runtime_t NoNewPrivileges=true

Volumes

Volume=%h/.config/vault/data:/data:Z

Ports

PublishPort=8081:80

Labels

Label=traefik.enable=true Label=traefik.http.routers.vault.entrypoints=web Label=traefik.http.routers.vault-websecure.entrypoints=websecure Label=traefik.http.routers.vault.rule=Host(vault.fenndev.network) Label=traefik.http.routers.vault-websecure.rule=Host(vault.fenndev.network) Label=traefik.http.routers.vault-websecure.tls=true Label=traefik.http.routers.vault.service=vault Label=traefik.http.routers.vault-websecure.service=vault

Label=traefik.http.services.vault.loadbalancer.server.port=8081

Label=homepage.group="Services" Label=homepage.name="Vaultwarden" Label=homepage.icon=vaultwarden.svg Label=homepage.description="Password Manager" Label=homepage.href=https://vault.fenndev.network ```

vault.env file: LOG_LEVEL=debug DOMAIN=https://vault.fenndev.network

I am currently setting up a Proxmox box that has the usual selfhosted stuff (Nextcloud, Jellyfin, etc) and I want all of these services in different containers/VMs. I am planning to start sharing this with family/friends who are not tech savvy, so I want excellent security.

I was thinking of restricting certain services to certain VLANs, and only plugging those VLANs into the CT/VMs that need them.

Currently, each CT/VM has a network interface (for example eth0) which gives them internet access (for updates and whatnot) and an interface that I use for SSH and management (for example eth1). These interfaces are both on different VLANs and I must use Wireguard to get onto the management network.

I am thinking of adding another interface just for “consumption” which my users would get onto via a separate Wireguard server, and they would use this to actually use the services.

I could also add another network just to connect to an internal NFS server to share files between CT/VMs, and this would have its own VLAN and require an additional interface per host that connects to it.

I have lots of other ideas for networks which would require additional interfaces per CT/VM that uses them.

From my experience, using a “VLAN-Aware” bridge and assigning VLANs per interface via the GUI is best practice. However, Proxmox does not support multiple VLANs per interface using this method.

I have an IPv6-only network, so I could theoretically assign multiple IPs per interface. Then I would use Linux VLANs from within the guest OS. However, this is a huge pain and I do not want to do this. And it is less secure because a compromised VM/CT could change its VLAN tag itself.

I am asking if adding many virtual interfaces per CT/VM is good practice, or if there is a better way to separate internal networks. Or maybe I should rethink the whole thing and not use one network per use-case.

I am especially curious about performance impacts of multiple interfaces.

Mostly I'm curious what people's setups are. Are you using docker or a VM? Which tools are you using to stream and play your roms or steam games?

Looking for suggestions for myself as well... I'm on unraid and looking to support multiple users.

Is anyone currently self hosting an Anytype backup node? In case you don't know, Anytype is a privacy focused, local first note app. Can be found in anytype.io. Their docs give informartion on how to self host. I only have a laptop, so I'm trying to create a node in a VirtualBox VM, using Vagrant to automate box creation and provision. Sorry if the post is messed up, first timer here.

I have a trusty UnRaid server that has been running great for almost 3 years now, with some kinks and headaches here and there, but mostly very stable. Now I'm entertaining the idea of setting that box up with ProxMox, and running UnRaid virtualized. The reason being that I want to use UnRaid exclusively as a NAS and then run all dockers and VMs on ProxMox (at least that's how I'm picturing it). I would like to know your opinion on this idea. All I have is Nextcloud, Immich, Vaultwarden, Jellyfin, Calibre, Kavita and a Windows VM I use to update some hardware every now and then. I mainly want to do that for the backup capabilities in ProxMox for each instance. Storage is not a concern, and I have 64GB of ECC Ram running in that box. What are the Pros and Cons, or is it even worth it to move all this to ProxMox?

My server (fedora) stops all podman containers after 2-3 hours since 3 days. I can start all containers again, and the same happens after a while. I do not know where to look for the problem.

In top, I found a oom message. I assume that the system runs out of memory and stops all services. How can I find the problem? I can’t find anything in the container logs.

I can see that systemctl status is always starting. It doesn’t become “running”. But I do not know how to proceed.

So I'm just getting started with selfhosting things, and I have a minor problem which I'm having some trouble solving, as I keep getting a connection refused error when trying to connect:

send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53

I run a jellyfin server on a NUC - it works well and is accessible on the private network. I want to have a public URL for this server - and other stuff, eventually.

Here's my setup

• I have a subdomain - jellyfin.mydomain.com - pointed to the external IP for my router
• I have the router set up to allow remote access, and port forwarding directing all port 80 traffic to my public ip > port 80 on the server
• On my server - running ubuntu - I installed nginx
• I used the official jellyfin nginx config for access from a subdomain
• I edited the server_name variable to match my subdomain

Now, whenever I access the subdomain in a browser I get a 502 Bad Gateway error. The /var/lof/nginx/error.logshows:

2024/05/10 08:26:37 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53 2024/05/10 08:26:37 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53 2024/05/10 08:26:42 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53 2024/05/10 08:26:47 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53 2024/05/10 08:26:52 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53 2024/05/10 08:26:57 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53 2024/05/10 08:27:02 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53 2024/05/10 08:27:07 [error] 95335#95335: *69 jellyfin could not be resolved (110: Operation timed out), client: 193.29.107.173, server: jellyfin.mysubdomain.com, request: "GET /web/ HTTP/1.1", host: "jellyfin.mysubdomain.com"

I have almost no experience with networking, linux, or nginx :D So I am sure the problem is obvious to someone else....

Can you help?

Hey all!

I have a bunch of services running on my home server and was looking to expose some of them publicly via Cloudflare tunnel. This is done and working great using the origin server certificate and strict TLS.

Up until now, I've been using self-signed certs internally but now I don't want to deal with the "proceed anyway" crap on browsers. I have Traefik set up to get certs from Cloudflare using DNS challenge and that seems to be working.

So, now my problem is: how do I switch between these certificates for the same URL when I'm internal vs public? I'd rather keep that traffic local if I'm at home, which is also working, I just can't figure out how to get Traefik to use the appropriate certificate depending on if the request is coming from my LAN or Cloudflare.

Any suggestions? Is there a better way to accomplish what I want to do?

EDIT: Looks like I'm just going full Cloudflare on this one, thanks for your help everyone!

Hey, I'm always searching a home server (already post here https://lemmy.ml/post/15083947), I was thinking about a Lenovo P500, but maybe the PSU is a bit too special... My budget around $140, will buy used parts and one of the most important thing is the power efficiency (don't care about the peak wattage but want to stay around 50W idle and settling at about 70W when doing some work). Preferably I wouldn't like to buy mini PCs. 😃 Thx!

Short version of this interview is that nothing is changing, other than they're going to be asking a flat fee "$5-20" for the app, rather than relying on donations. All donation platforms have been closed. However, if you choose not to, as Louis says "that's between you and your God".

Project will remain AGPL and thus can be forked at any time. FUTO maintains the trademark of Immich name and logos.

> 🗃 Open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more…

Hello!

Recently started selfhosting FreshRSS - and while it is really good, i have a few hicks with some of the feeds im fetching from, for instance Its Foss. As seen in the extremely long screenshot below(Picture2), to illustrate what I mean, the feed is extremely cluttered with addtional small icons and pictures. Just to clarify, this is the default view - I have not clicked to expand it or whatnot.

While I normally dont mind this, the feeds from Its Foss are always loading in at full length, e.g. the full article - and they are quite lengthy. Even though my settings are set to not unfold by default; !

Other articles who only have a title, picture and first sentence of the post, see Picture1. Is there a way to force articles not loading at full? I have a vague memory of somone linking a RSS filter tool a while back but not able to find back to it, and not sure it solves what I am looking for. Or have I just configured my settings wrong, and not able to find the setting that makes It's foss load in full?

Let me know :)

Picture1 (How I wish for all posts to be like): !

Picture2 (How I do not want it to be like): External View link here !