Hey guys. I’ve been considering maybe moving to another OS for my home lab. Do you have have any suggestions? Especially former Unraid users? Mostly just for arrs though I would like to run reverse proxy/file hosting as well. Proxmox seems pretty trendy can I use it for arrs as well as backups?

Rant/extra info:

I often see people mention the Portainer project and how it's useful, but I never hear any reason to use it other than as a more user friendly front end to service management.

So is there any particular feature or reason to use portainer over docker's CLI? Or is it simply a method of convenience?

This isn't only strictly for self hosting, but I figure people here would know better.

At the moment I have my NAS setup as a Proxmox VM with a hardware RAID card handling 6 2TB disks. My VMs are running on NVMEs with the NAS VM handling the data storage with the RAIDed volume passed through to the VM direct in Proxmox. I am running it as a large ext4 partition. Mostly photos, personal docs and a few films. Only I really use it. My desktop and laptop mount it over NFS. I have restic backups running weekly to two external HDDs. It all works pretty well and has for years.

I am now getting ZFS curious. I know I'll need to IT flash the HBA, or get another. I'm guessing it's best to create the zpool in Proxmox and pass that through to the NAS VM? Or would it be better to pass the individual disks through to the VM and manage the zpool from there?

I would like to make some of my self-hosted services externally accessible. Currently I use a VPN to access stuff externally, however this doesn't work on all use-cases. I also use Tailscale for some things.

I would love to use cloudflare tunnels and another auth solution (like keycloak) to replace Tailscale and the VPN.

Is this feasible?

My end goal would be to setup Immich for my family, and have them not have to worry about Tailscale, a VPN or anything other than some initial login to keycloak (for example)

I know this is more hardware related, so please let me know if I should move this post elsewhere.

I built my first server earlier this year, and put buying a UPS on the back burner. Unfortunately for me, this might have already been my biggest mistake since going down this rabbit hole. The rental I’ll be in for at least another 10 months has some questionable wiring (a lot of rooms/outlets wired to the same breaker), which I believe has created some electrical anomalies and possibly killed some of my computer components. The memory on my PC went first, and now the 7-month-old PSU on my server is toast.

Bear in mind, I am not an electrician, so I could be entirely wrong on why this has happened. Regardless, it's time I invest in a UPS. I have searched forums, blogs, YouTube, and cannot find consistent pros and cons for any of the big manufacturers. It seems like APC and CyberPower are the two big consumer grade manufacturers, which is probably what I should be looking at.

Here is what my server currently consists of:

Any recommendations would be greatly appreciated!

I want to selfhost my own personal website. This is just for fun, as a hobby and to show off my skills to others. nothing big.

I have my own server home but I want to have something that's separate from my personal stuff.

I do not need any support, meaning it can be as cheap as possible. I do not yet know how much RAM or CPU or storage I need. I guess CPU > 2GHz and 2GB RAM should be enough to start.

daily/weekly backup with rsync in case the hoster goes out of business.

I do not need a domain, I will use a dynamic dns hoster.

Hey there!

I'm thinking about starting a blog about privacy guides, security, self-hosting, and other shenanigans, just for my own pleasure. I have my own server running Unraid and have been looking at self-hosting Ghost as the blog platform. However, I am wondering how "safe" it is to use one's own homelab for this. If you have any experience regarding this topic, I would gladly appreciate some tips.

I understand that it's relatively cheap to get a VPS, and that is always an option, but it is always more fun to self-host on one's own bare metal! :)

So, I'm trying to set up gluetun. I linked a Firefox container to it and apparently every check of DNS leaks shows that it's leaking. Cloudflare and quad9 are the servers, the same names that I've set to dot providers. So I am gathering from all of this that these leaks are to be expected? And non of the DNS servers show my real IP, always one of mullvad IPS. Am I getting this right?

The problem:

I manage computers for some loved ones from whom I now live several states away. All devices are linux environments and basically serve as home theater and light duty SOHO.

They have been running for several years without incident, but do require intervention for the "hard" stuff like major release upgrades. (And perhaps I like to slip some entertainment media onto their shared drive from time to time).

And I'd like to have an avenue to do this that doesn't necessarily involve planning a road trip.

Candidate solution(s):

Deploy a micro PC to sit on their network, whose sole purpose is as a headless SSH server. I would intend to SSH into that device, and from there SSH across the LAN to the necessary computers. The rationale is that I would only have one device answering the door, so to speak, at port 22, greatly simplifying port forwards and any need for static IPs.

With dual stack IPv4 + IPv6 internet service, would it be better that I attempt this through IPv6?

The micro PC would be scripted to retrieve the current public IP address every X hours and email it to me.

Another idea is to configure the immediate SSH box behind a Tor SSH hidden service or a I2P eepsite SSH. This way it would maintain a persistent, reachable address without requiring some cobbled together script & email IP notification.

I'm afraid this is going to attract the "why use podman when docker exists"-folks, so let me put this under the supposition that you're already sold on (considering) using podman for whatever reason. (For me, it has been the existence of pods, to be used in situations where pods make sense, but in a non-redundant, single-node setup.)

Now, I was trying to understand the purpose of quadlets and, frankly, I don't get it. It seems to me that as soon as I want a pod with more than one container, what I'll be writing is effectively a kubernetes configuration plus some systemd unit-like file, whereas with podman compose I just have the (arguably) simpler compose file and a systemd file (which works for all pod setups).

I would get that it's sort of simpler, more streamlined and possibly more stable using quadlets to let systemd manage single containers instead of putting podman run commands in systemd service files. Is that all there is to it, or do people utilise quadlets as a kind of lightweight almost-kubernetes distro which leverages systemd in a supposedly reasonable way? (Why would you want to do that if lightweight, fully compliant kubernetes distros are a thing, nowadays?)

Am I missing or misunderstanding something?

I’m happily serving a few websites and services publicly. Now I would like to host my Navidrome server, but keep the contents private on the web to stay out of trouble. I’m afraid that when I install a reverse proxy, it’ll take my other stuff ~~online~~ offline and causes me various headaches that I’m not really in the headspace for at the moment. Is there a safe way to go about doing this selectively?

Last June, fans of Comedy Central – the long-running channel behind beloved programmes such as The Daily Show and South Park – received an unwelcome surprise. Paramount Global, Comedy Central’s parent company, unceremoniously purged the vast repository of video content on the channel’s website, which dated back to the late 1990s.

cross-posted from: https://lemmy.ca/post/30126699

I created this guide on how to install Jellyfin as a Podman Quadlet on your server. Enjoy.

This is my guide for generating playlists for your local music library using ListenBrainz and the troi recommendation engine. troi is still being developed and the official documentation isn't great so I figured documenting my process might help others who are interested. I've tried this both with local folders on my Debian server and with my Navidrome library from my Macbook so I will do my best to explain both.

There are a few requirements

1. Your music must be tagged with MusicBrainz. I use beets for this but you can also use the MusicBrainz desktop client.
2. You need a ListenBrainz account. Data can be imported from Last.fm or Libre.fm if you have it.

Install troi

Install troi and nmslib with pip

pip install troi
pip install nmslib-metabrainz

If you're on a managed python install use pipx and add the virtual environment to your PATH (don't forget to reload)

pipx install troi
pipx inject troi nmslib-metabrainz
export PATH="$PATH":"$HOME/.local/bin"
source ~/.zshrc

Configure troi

Create a folder for your troi configuration files. I used ~/.config/troi. Create a file config.py in your configuration folder using the example format below. Edit DATABASE_FILE and MUSIC_DIRECTORIES to match your setup.

If you're using a Subsonic library (like Navidrome) you can fill in SUBSONIC_HOST with your instance url, SUBSONIC_USER and SUBSONIC_PASSWORD with your login and SUBSONIC_PORT with 443 (this is the only port that I could get to work with my docker setup)

# Where to find the database file
# If path is passed with -d flag, this list is ignored.
DATABASE_FILE = "/users/sillyhatsonly/.config/troi/troi-db.db"

# To connect to a Subsonic API
SUBSONIC_HOST = "https://music.myserver.dev"  # include http:// or https://
SUBSONIC_USER = "admin"
SUBSONIC_PASSWORD = "thisisnotmypassword"
SUBSONIC_PORT = 443

# List of music directories to scan by default
# If paths are passed to scan command, this list is ignored.
# Invalid directories are skipped.
MUSIC_DIRECTORIES = [
    'My/Music/Directory 1',
    'My/Music/Directory 2',
]

Create your music database

Now create the database, scan the local directories specified in config.py and pull ListenBrainz tag/popularity metadata for all files. If you're using a Subsonic library run troi db subsonic instead of troi db scan

# create database
troi db create
# scan music directories
troi db scan
# pull music metadata
troi db metadata

Generate playlists

Generate playlists for your local library using ListenBrainz Radio Local. Specify a mode which sets how closely the resulting playlist will meet the prompt (easy/medium/hard from closest to furthest) and an entity reference either artist or tag. More details in the docs: LB Prompt Radio Reference

# tracks by Thou and similar artists
troi lb-radio easy 'artist:(thou)' -m <playlist-name>.m3u

# tracks tagged 'jazz' and tracks tagged 'hip-hop'
troi lb-radio medium 'tag:(jazz)::or tag:(hip-hop)'

# tracks tagged both 'indie rock' and 'experimental'
troi lb-radio medium 'tag:(indie rock, experimental)'

Another option is to generate weekly recommendations playlists for your ListenBrainz account

# -m flag saves to the specified m3u playlist
troi weekly-jams <username> -m <playlist-name>.m3u

# -u flag uploads the playlist via Subsonic API
troi weekly-jams <username> -u

Automate weekly playlists

You can automate weekly playlists with a script. I wrote a script that scans my music directory, removes missing files, generates a playlist, and saves it locally as an m3u

#!/bin/sh

# scan music directory and pull metadata using the database in our troi config folder
troi db scan 'My/Music/Directory 1' -q -d '/users/sillyhatsonly/.config/troi/troi-db.db'
troi db metadata 'My/Music/Directory 1' -q -d '/users/sillyhatsonly/.config/troi/troi-db.db'
# clean up the database and remove any missing files
troi db cleanup --remove -q -d '/users/sillyhatsonly/.config/troi/troi-db.db'
# generate weekly playlist and save locally to m3u
troi weekly-jams <username> -d '/users/sillyhatsonly/.config/troi/troi-db.db' -y -q -m /users/sillyhatsonly/music/playlists/weekly-$(date +%Y%m%d).m3u

Then set it up to run weekly as a cron job.

That's all I've done so far. Hopefully this makes sense. I welcome comments or questions. If anyone else has been using troi with their local music libraries I'd love to hear about your experience. Playlist generation was the one feature I really missed when I stopped using streaming platforms so I'm excited about this tool!

Recently I bought vps which have only ipv6. It's obviously that I don't have ipv6 home. So, here is question: how do you interact with such servers?

Over time I've been on the lookout for social media for family to use. I haven't really found anything suitable, key thing is that posting photos and videos needs to be user friendly. For example, Friendica all but requiring you to upload your video to YouTube and post the embedded video is just not gonna fly.

I've seen Zusam in the past, which looks like it could become something but I don't think it's ready for me to try to get extended family into. (It's worth mentioning here that certain extended family have shown interest in using something like this)

Recently I've had a look around at some Enterprise social solutions, and have had a play with HumHub. It has a much more familiar look, things are separated into spaces that are similar to Facebook groups, and while media uploads aren't perfect I think they will work well enough.

HumHub has modules, many of which cost a decent amount of money, because they target the enterprise market. However, the community version is open source and the base features and free modules seem to work well.

Does anyone have experience using it? Any warnings I should know about? Any similar software that does a better job?

Background

Hello fellow self-hosters and homelabbers, A few weeks ago I was able to fill my new NAS with the proper hardware I needed to expand on my earlier setup.
Due to the new capabilities I also wanted a fresh restart. But the more I think about doing one thing, the more I hit other road blocks amd think about doing Y.
So I wanted to ask how you would solve my goal.

My current (main) setup:

• Hardware: 11th Gen i5 Nuc with a 8TB HDD attached via USB
• OS: Debian 11
• Software: OMV6 for management and Docker for a diverse set of containers
• Current containers: HortusFox + MongoDB, *arrs-stack, Jellyfin, uptime kuma, unifi network application + mariaDB, traefik, wallos

Current available hardware for use:

1x 13th gen i3 NUC running Proxmox 8.2
1x 11th gen i5 NUC
1x uGreen DXP4800+ NAS with 4x15TB HDDs in Raidz2. The OS is TrueNAS scale

My plans:

• NAS storage made accessible via NFS to the proxmox VE.
• NAS storage mainly planned as mass-storage for Jellyfin.
• Reimage my 11th gen NUC with a bare-metal Debian install for Docker.
  (I will not virtualize on the 11th Gen NUC because I can't pass the iGPU to the VM and not really interested in LXC containers)

Problems and questions I have at this moment:

1: Should I do a media-storage VM only utilized for serving media and do the computing on another VM or do a general VM for both?

• Upside to an all-in-one VM: Less problems with serving storage between many different nodes and keeping it organized.
  Upside to specialized VMs (storage & compute VM): Better focus on ressources like CPU and RAM.
  2: Should I place my whole docker stack again on the 11th Gen NUC or place the stacks in their own VM(s)? Example:
  service stack in service-focused VM
  media-focused stack in media VM (which also serves the files for jellyfin)
  Jellyfin bare-metal/dockerized on NUC 11th Gen

I hope someone can maybe help me untangle my grown mess and plans. My skills with Linux are not very deep and very beginner level. If you are willing to help please be patient with stupid questions.

If you have any better solutions, pointers to research, (blog) articles on architecting such solutions, examples how you solved storage/management or just willing to help me, I'd be very grateful :)

Hi folks,

Just set up Nginx Proxy Manager + Pihole and a new domain with Porkbun. All is working and I have all my services service.mydomain.com, however some services such as pihole seem to be strictly reachable with /admin at the end. This means with my current setup it only directs me to pihole.mydomain.com which leads to a 403 Forbidden.

This is what I have tried, but with no prevail. Not really getting the hang of this so would really appriciate a pinpoint on this :)

Hello everyone! I was thinking about starting a website where to dump some guides on stuff Iearn about selfhosting and general IT stuff.

I don't want a WordPress or similar. I want static pages (but I'm ok with some JavaScript for navigation maybe, or for proper display on different kind of devices). Ideally I'd like to host it on an AWS S3 bucket since it has the built-in option for static hosting.

I could even go back to the '90s and do it myself from scratch in textedit and html by hand, but I'm pretty sure there are better options out there.

I took a look at Hugo but even that it seems overly complicated for what I need.

Any ideas or suggestions?

Thanks!

Hi. I've installed Filestash in a Docker container, which included passing a previously generated Dropbox access token to Filestash, as per the yaml file on the gihub page.

• DROPBOX_CLIENT_ID=<dropbox_key>

When I connect to Filestash (just set up locally for now), and then click to connect to Dropbox, I get the following error from the Dropbox webpage that opens:

**Error (400) It seems the app you were using submitted a bad request. If you would like to report this error to the app's developer, include the information below.

More details for developers

Invalid client_id: .**

There's nothing that looks like an error in the Filestash logs. I've generated new tokens and tried again, same result.

Has anyone managed to add Dropbox to Filestash, and if so, would you mind explaining the steps you took?

(I've since set it up for external access via my domain, and npm, same error).

Thanks Rob

In the last couple of weeks, I've started getting this error ~1/5 times when I try to open one of my own locally hosted services.

I've never used ECH, and have always explicitly restricted nginx to TLS1.2 which doesn't support it. Why am I suddenly getting this, why is it randomly erroring, then working just fine again 2min later, and how can I prevent it altogether? Is anyone else experiencing this?

I'm primarily noticing it with Ombi. I'm also mainly using Chrome Android for this. But, checking just now; DuckDuckGo loads the page just fine everytime, and Firefox is flat out refusing to load it at all.

Firefox refuses to show the cert it claims is invalid, and 'accept and continue' just re-loads this error page. Chrome will show the cert; and it's the correct, valid cert from LE.

There's 20+ services going through the same nginx proxy, all using the same wildcard cert and identical ssl configurations; but Ombi is the only one suddenly giving me this issue regularly.

The vast majority of my services are accessed via lan/vpn; I don't need or want ECH, though I'd like to keep a basic https setup at least.

Solution: replace local A/AAAA records with a CNAME record pointing to a local only domain with its own local A/AAAA records. See below comments for clarification.