Selfhosted

Is it feasible to self host websites for small businesses? I'm trying to do some research on the amount of infrastructure and stuff you have to know from a security standpoint... I'm fine with building and hosting stuff locally for me but I'm tempted to move to hosting some of my business sites as well.

Does anyone have experience and can give me some advice one way or the other?

How to easily run a Webdav server in a Docker container

A lot of open source software lets you synchronise data via webdav, but how do you get a #webdav server?
Using Apache with the dav module is a common approach, but I couldn't bother to set it up that way.
My way is different: Rclone can act as a webdav server and is easy to configure.
I've been using it for 3 years and it's very reliable.
Have a look at the compose file in the picture.
@selfhosted

I want to create a NAS for my family at home. I am already pretty sure about using TrueNAS as software, but the hardware is still open.

What hardware do you recommend for 2TB of usable Storage (+a second drive for mirroring the first one) that is used by 3 people for pictures, videos, and documents?

Hi all, this is my first post on Lemmy so I apologize if I get the formatting wrong. I am a tech nerd with just enough knowledge to follow YouTube tutorials but never truly understand what I’m doing. I recently created my own truenas scale server using an Aoostar R7 case. I am becoming a dad very soon and my wife and I are looking for ways to share photos of our baby without selling her and biometrics to the big cloud in the sky. The idea of my future daughter being tracked without her consent since birth is really gross to me.

I am wondering if there is a good, relatively simple and friendly way to share photo albums with relatives (normies) that is private and perhaps temporary. Ideally, I could share a private/unlisted link of sorts. I do have an instance of Immich and tunneled it to a web url but I don’t know if it can share with outside users easily.

There are a few public iOS apps that I believe do this but I don’t trust their servers/privacy policies. Any ideas that aren’t a massive headache or require command line guru-status to run?

I am finally making the push to self host everything I possibly can and leave as many cloud services as I can.

I have years of linux server admin experience so this is not a technical post, more of an attempt to get some crowd wisdom on a complex migration.

I have a plan and have identified services i would like to implement. Take it as given that the hardware I have can handle all this. But it is a lot so it won’t happen at once.

I would appreciate thoughts about the order in which to implement services. Install is only phase one, migration of existing data and shaking everything down to test stability is also time consuming. So any insights, especially on services that might present extra challenges when I start to add my own data, or dependencies I haven’t thought of.

The list order is not significant yet, but I would like to have an incremental plan. Those marked with * are already running and hosting my data locally with no issues.

Thanks in advance.

Base system

• Proxmox VE 8.3
  • ZFS for a time-machine like backup to a local hdd
  • Docker VM with containers
    • Home Assistant *
    • Esphome *
    • Paperless-ngx *
    • Photo Prism
    • Firefly III
    • Jellyfin
    • Gitea
    • Authelia
    • Vaultwarden
    • Radicale
    • Prometheus
    • Grafana

I just remembered I started self hosting due to the old HAK5 youtube show, which I dearly miss.

What media do you enjoy regarding this topic?

Hi all, I'm so confused about what I'm doing wrong and couldn't find any guides/troubleshooting for my specific problem, so hoping someone here can help.

I'm setting up a new Proxmox server and trying to share a folder between 2 Ubuntu VMs - a "Fileserver" VM running the SMB server and a VM that I will be running docker on ("docker VM")

my smb.conf on the fileserver:

[pool]
     path=/mnt/mergerfs
     read only = no
     browsable = yes

my fstab entry on the VM running docker:

//192.168.0.20/pool     /mnt/pool       cifs    _netdev,credentials=/etc/.smbcredentials,uid=1000,gid=1000      0       0

On the Docker VM, I can see that the folder is mounted properly with the correct permissions for the uid/gid specified (dockeruser) and with 755 permissions, but I am unable to write to it with either dockeruser or root. Interestingly, I am able to DELETE files on the share, which is confusing the hell out of me.

If I mount is as root (no uid/gid arguments in fstab), I am able to write to it, but for "best practices" I'd like to get it working with a non-root user. Any ideas?

I previously posted about an issue where the nginx container for the Collabora application logs a GET to /robots.txt every 10 seconds. I tried modifying the files in the container, but they were reset on restart. I also tried to run the container with --log-driver=none, but was unsuccessful. Despite being a software dev, I'm new to the homelab world and trunas.

I solved it by changing the docker image and then committing those changes. The change I made was to set access_log off; in the nginx config. I did it at the server root because I don't really care about those logs for this app, but it could be done on the location level.

Here's how I did it: Here's the reference SO post that I used: https://stackoverflow.com/a/74515438

What I did was I shelled into the image:

• sudo docker exec -it ix-collabora-nginx-1 bash
• apt update && apt install vim
• vi /etc/nginx/nginx.conf and add the access_log off;
  • if you're not familiar with vim, arrow key to the line you want then press 'a' to enter "append mode". Make your change, then esc, :wq!. You need the ! because the file is read only
• apt remove vim
• exit
• sudo docker commit <image id>
• sudo docker restart ix-collabora-nginx-1

https://github.com/wg-easy/wg-easy

Plus

https://github.com/qdm12/gluetun

The idea being; I can use a normal wireguard VPN from anywhere in the world to connect back to my homelab, all while being able to access stuff on my network, but also have my public IP address set by the gluetun container?

Anyone done this? Or have a docker conpose?

I'm not sure the best way to ask or if there is a better community to post...

I'm hoping to use my home server to control my home thermostat but not sure where to start.

Does anyone use Home Assistant for this? Another software?

I'm not sure if I'm allowed to ask about hardware here, but are there things to be aware of in making sure that a wifi thermostat is best suited for the job?

I had to restore my homelab and took the opportunity to move from docker to rootless podman quadlets. Well almost full rootless, I kept pi-hole and caddy at the root level because I did not want to deal with sysctl.

I have everything running but for now I have to disable my firewall. With docker I was using this script: https://github.com/chaifeng/ufw-docker But I’m having a hard time finding an alternative for podman.

Do you know how any scripts that would magically fix podman and ufw? Would it be a better solution for me to manage iptables manually?

My needs are pretty simple as I do not really care if the ports are visible on my private network, I just want to allow specific IPs on port 80 and 443.

Edit: the issue I’m facing is that I’m allowing some specific IPs to access my network, but when I enable ufw the traffic is blocked. I had the same rules using docker and everything was working fine. I can notice that sometimes the traffic goes through and other time it is blocked. Much like with docker when you don’t use the script and the traffic will be blocked or not depending on what wrote the iptables rules last.

Edit2: So actually the issue was with some routing. Running this command fixes everything: ufw route allow in on wlan0 out on cni-podman0

cross-posted from: https://lemmy.selfhostcat.com/post/93395

I've gone handwritten, obsidian, onenote, and now Trilium. Considering switching to something else because there is no offline mobile support.

I use memos and trilium together but since neither offers mobile offline support considering switching both. No reason to run two services when I could run one.

Considering:

• Joplin
• Logseq
• SiYuan
• ?

I'm looking for a bookmark manager with offline capabilities. I want to host it at home and don't want to expose any ports so I should cache the links when it can't reach the server and also keep newly added links in cache and upload them when the server is reachable again (i.e., I am at home).

Is anyone aware if Linkwarden, Hoarder, Linkding (or something else) has this feature?

I'm running TruNas Scale with a docker image for NextCloud and Collabora. Under Collabora, the nginx application is logging a GET to robots.txt about every second and I'm having a hard time filtering this out because it looks like the conf files for nginx get replaced on every restart. I also tried mounting my own version of the nginx.conf file, but that didn't reflect any changes.

It was easy enough to do it with self hosted mastodon, cant seem to login to any of the Lemmy apps with my selfhosted website? Lemmy.rip

UPDATE: I had to renew through a setting in yunohost, not automatic, porkbun was showing it as valid and I I'm used to them grabbing it automatically or having me paste it in during setup.

For some time, I've hidden my nextclould behind CF zero trust. When refreshing certificates via letsencrypt I would manually disable the tunnel, refresh and re-enable the tunnel. Now that letsencrypt will no longer notify me via email I need a more robust (read automated) way of refreshing certs. Do I have any options other than disabling zero trust? (the advantage would be I no longer need vpn to have the mobile app working).

I thought of a weekly thread to post about what you set up lately, what kind of problems you currently think about or are running into, what new device you added to your homelab or what interesting service or article you read.

So I decided to just try it. Maybe we find a format that works! It doesn't have to be me, feel free to create this post on Sunday if it's not up already.

What are the pros and cons of using Named vs Anonymous volumes in Docker for self-hosting?

I've always used "regular" Anonymous volumes, and that's what is usually in official docker-compose.yml examples for various apps:

volumes:
  - ./myAppDataFolder:/data

where myAppDataFolder/ is in the same folder as the docker-compose.yml file.

As a self-hoster I find this neat and tidy; my docker folder has a subfolder for each app. Each app folder has a docker-compose.yml, .env and one or more data-folders. I version-control the compose files, and back up the data folders.

However some apps have docker-compose.yml examples using named volumes:

services:
  mealie:
    volumes:
      - mealie-data:/app/data/
volumes:
  mealie-data:

I had to google documentation https://docs.docker.com/engine/storage/volumes/ to find that the volume is actually called mealie_mealie-data

$ docker volume ls
DRIVER    VOLUME NAME
...
local     mealie_mealie-data

and it is stored in /var/lib/docker/volumes/mealie_mealie-data/_data

$ docker volume inspect mealie_mealie-data
...
  "Mountpoint": "/var/lib/docker/volumes/mealie_mealie-data/_data",
...

I tried googling the why of named volumes, but most answers were talking about things that sounded very enterprise'y, docker swarms, and how all state information should be stored in "the database" so you shouldnt need to ever touch the actual files backing the volume for any container.

So to summarize: Named volumes, why? Or why not? What are your preferences? Given the context that we are self-hosting, and not running huge enterprise clusters.

Hi everyone!

I have been using Grisbi for at least 15 years now to get around personal finances/expense tracking.

It is a very basic tool that tracks expenses, clearances, etc… Nothing crazy but it helps a lot to follow your budget, keep things on track. Everything is backed up through a file that I sync with Nextcloud.

For some reasons, I won’t be able to use it as easily in the coming months (new restrictions on my work laptop) so I’m looking for a Web-based selfhost-friendly alternative. I’ve already narrowed it down to 3:

• Firefly III which looks pretty nice (and PHP is kind of a plus in my case)
• Actual Budget which looks pretty cool too
• Kresus much more barebone but might get the job done eventually

Do you have some feedback on any of those applications? Do you know any other alternatives worth looking at? Have you had the same kind of experience going from Gnucash/Grisbi/other to Web-based app?

Since 2016, I've had a fileserver mostly just for backups. System is on 1 drive, RAID6 for files, and semi-annual cold backup.

I was playing with Photoprism, and their docs say "we recommend placing the storage folder on a local SSD drive for best performance." In this case, the storage folder holds basically everything but the pictures themselves such as the database files.

Up until now, if I lost any database files, it was just a matter of rebuilding them by re-indexing my photos or whatever, but I'm looking for something more robust since I'll have some friends/family using Pixelfed, Matrix, etc.

So my question is: Is it a valid strategy to keep database files on the SSD with some kind of nightly backup to RAID, or should I just store the whole lot on the RAID from the get go? Or does it even matter if all of these databases can fit in RAM anyway?

edit: I'm just now learning of ZFS caching which might be my answer.

I didn't copy in the updates this time because there are so many, and I can't tell what's important since I haven't tried this one out yet. See the link above for the changes :)

More info for those that aren't familiar

Calibre, while a fantastic tool for its age, has several problems when containerised, including its reliance on a KasmVNC server instance for the UI, which is near impossible to use on mobile and is relatively resource-heavy if you're running a small, lower power server like I am.

For many, Calibre-Web has really swooped in to save the day, offering an alternative to a containerised Calibre instance that's resource-light and with a much more modern UI to boot.

However, when compared to full-fat Calibre, it unfortunately lacks a few core features leading many to run both services in parallel, each serving to fill in where the other lacks, resulting in an often clunky, imperfect solution.

Goal of the Project 🎯 Calibre-Web Automated aims to be an all-in-one solution, combining the modern lightweight web UI from Calibre-Web with the robust, versatile feature set of Calibre, with a slew of extra features and automations thrown in on top.

I think it's a good idea, everyone should be automating this anyway.