I'm a happy user of Inoreader. I like it so much I'm considering buying a premium plan. However, I'm looking for an alternative I wouldn't have to pay for. I came across FreshRSS. The only thing that's keeps me from moving is the sync. I don't want to expose it to the internet but I want to be able to access it on a move. My first idea was to use Syncthing. Is there a way to use Syncthing to sync feeds, settings (read articles, subscriptions, etc.) across different devices? By different devices I mean Linux, macOS (optional) and GrapheneOS (Android) phone.

I am currently using an old laptop (circa 2015) with a 250GB SSD in it, and 4GB of RAM. It runs Fedora 39 Server, and only hosts a Jellyfin instance through Docker right now (though I want to use Nextcloud later too). There is only 15GB of storage left on it, and the CPU is constantly overloaded (due to forced transcoding). I happen to have a lot of 500GB 3.5" HDDs laying around, and I want to use them in RAID 5. What hardware would be good for having 4 HDDs, and running Jellyfin and Nextcloud in Docker? I'm okay with either having just a 4-bay NAS (as long as it can handle transcoding (MKV 480p -> MP4)), or having a 4-bay NAS and a server/computer/NUC. I only have a budget of CAD$900 (USD$658 as of writing), but I am willing to go to CAD$1000 if absolutely necessary.

Hey hello, self-hosting noob here. I just want to know if anyone would know a good way to host my writing. Something akin to those webcomic sites, except for writing. Multiple stories with their own "sections" (?) and a chapter selection for each. Maybe a home page or profile page to just briefly detail myself or whatever, I don't know. It doesn't have to be fancy, and I apologize for not knowing how to describe this well. I've just been searching and searching and I don't know what to look up to find what I want, it's extremely frustrating. Any help is greatly appreciated.

Take a skim through the link for full details (especially the breaking changes), but I have included some parts that I thought were important:

This release has been over two years in the making, so we're really glad to finally get it out to you. The long cycle does mean quite an extensive changelog however, with well over 1100 pull requests merged into our master branch since 10.8.0 first dropped back in 2022.

General

• We now support "trickplay" a.k.a. live video scrubbing. When scrubbing through a video with this enabled, you will be able to see a live preview of the video at that timestamp. Note that this requires explicit client support, which may require some time to become available depending on your client.

• [...]

• We now support AVIF and WEBP images for Pictures libraries.

• Tags are now accounted for during searches, allowing one to search by tag.

• We now support multiple simultaneous subtitle tracks (maximum of two, a primary and secondary) in the web player.

• We've revamped the administrative dashboard UI to help improve usability and ease of finding options.

API & Security

• All API endpoints now return proper return codes, ensuring that API endpoint results can be reliably interpreted without additional parsing.

• Parental ratings are significantly improved, with better enforcement, inheritable ratings, and more.

• LiveTV and Collection permissions are now discrete and configurable per-user.

• The EasyPassword (PIN) feature has been removed as this was a big security risk especially for administrator accounts; QuickConnect login is still supported however.

• User permission handling has been unified and numerous bugs fixed, ensuring a more secure server from untrusted users.

Core Server & Networking

• [...]
• The server now supports in-process restarting, and removes the old hacky restart.sh method. This should make things like installing plugins much more robust and ensure a consistent restart experience regardless of platform or install method.
• [...]
• The backend SQLite database now supports connection pooling, which should improve performance for database operations.
• [...]

Also sections on Packaging, Transcoding & FFmpeg improvements/support, Scanning, Library & Playlist Management, and Casting

The Next Version

With our continuous integrations improvements outlined previously, we're quite confident that this will be our last "very long" release cycle. Our plan is for the next major version (10.10.0) to be released at most 6 months from now, some time in October. We hope this increased cadence will help alleviate the problems with large releases such as a very long time-to-stable for new features, translations, etc. and help lower the number of major bugs at each major release, streamlining the upgrade process. But this needs everyone's help. Back in October 2023, we made a call for developers, and we've gotten a lot of interest, but this is not a one-and-done event. We need contributions now more than ever, especially around the web frontend to help implement our planned design changes. If this interests you, please reach out and we can help get you set up.

Edit: Thanks for the help, issue was solved! Had Traefik's loadbalancer set to route to port 8081, not the internal port of 80. Whoops.

Intro

HI everyone. I've been busy configuring my homelab and have run into issues with Traefik and Vaultwarden running within Podman. I've already successfully set up Home Assistant and Homepage but for the life of me cannot get things working. I'm hoping a fresh pair of eyes would be able to spot something I missed or provide some advice. I've tried to provide all the information and logs relevant to the situation.

Expected Behavior:

1. Requests for *.fenndev.network are sent to my Traefik server.
2. Incoming HTTPS requests to vault.fenndev.network are forwarded to Vaultwarden
   • HTTP requests are upgraded to HTTPS
3. Vaultwarden is accessible via https://vault.fenndev.network and utilizes the wildcard certificates generated by Traefik.

Quick Facts

Overview

• I'm running Traefik and Vaultwarden in Podman, using Quadlet
• Traefik and Vaultwarden, along with all of my other services, are part of the same fenndev_default network
• Traefik is working correctly with Home assistant, Adguard Home, and Homepage, but returns a 502 Bad Gateway error with Vaultwarden
• I've verified that port 8081 is open on my firewall and my service is reachable at {SERVER_IP}:8081.
• 10.89.0.132 is the internal Podman IP address of the Vaultwarden container

Versions

Server: AlmaLinux 9.4

Podman: 4.9.4-rhel

Traefik: v3

Vaultwarden: alpine-latest (1.30.5-alpine I believe)

Error Logs

Traefik Log:

2024-05-11T22:09:53Z DBG github.com/traefik/traefik/v3/pkg/server/service/proxy.go:100 > 502 Bad Gateway error="dial tcp 10.89.0.132:8081: connect: connection refused"

cURL to URL:

[fenndev@bastion ~]$ curl -v https://vault.fenndev.network
*   Trying 192.168.1.169:443...
* Connected to vault.fenndev.network (192.168.1.169) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
* TLSv1.0 (OUT), TLS header, Certificate Status (22):

Config Files

vaultwarden.container file:

[Unit]
Description=Password 
After=network-online.target
[Service]
Restart=always
RestartSec=3

[Install]
# Start by default on boot
WantedBy=multi-user.target default.target

[Container]
Image=ghcr.io/dani-garcia/vaultwarden:latest-alpine
Exec=/start.sh
EnvironmentFile=%h/.config/vault/vault.env
ContainerName=vault
Network=fenndev_default

# Security Options
SecurityLabelType=container_runtime_t
NoNewPrivileges=true                                    
# Volumes
Volume=%h/.config/vault/data:/data:Z

# Ports
PublishPort=8081:80

# Labels
Label=traefik.enable=true
Label=traefik.http.routers.vault.entrypoints=web
Label=traefik.http.routers.vault-websecure.entrypoints=websecure
Label=traefik.http.routers.vault.rule=Host(`vault.fenndev.network`)
Label=traefik.http.routers.vault-websecure.rule=Host(`vault.fenndev.network`)
Label=traefik.http.routers.vault-websecure.tls=true
Label=traefik.http.routers.vault.service=vault
Label=traefik.http.routers.vault-websecure.service=vault

Label=traefik.http.services.vault.loadbalancer.server.port=8081

Label=homepage.group="Services"
Label=homepage.name="Vaultwarden"
Label=homepage.icon=vaultwarden.svg
Label=homepage.description="Password Manager"
Label=homepage.href=https://vault.fenndev.network

vault.env file:

LOG_LEVEL=debug
DOMAIN=https://vault.fenndev.network 

I am currently setting up a Proxmox box that has the usual selfhosted stuff (Nextcloud, Jellyfin, etc) and I want all of these services in different containers/VMs. I am planning to start sharing this with family/friends who are not tech savvy, so I want excellent security.

I was thinking of restricting certain services to certain VLANs, and only plugging those VLANs into the CT/VMs that need them.

Currently, each CT/VM has a network interface (for example eth0) which gives them internet access (for updates and whatnot) and an interface that I use for SSH and management (for example eth1). These interfaces are both on different VLANs and I must use Wireguard to get onto the management network.

I am thinking of adding another interface just for “consumption” which my users would get onto via a separate Wireguard server, and they would use this to actually use the services.

I could also add another network just to connect to an internal NFS server to share files between CT/VMs, and this would have its own VLAN and require an additional interface per host that connects to it.

I have lots of other ideas for networks which would require additional interfaces per CT/VM that uses them.

From my experience, using a “VLAN-Aware” bridge and assigning VLANs per interface via the GUI is best practice. However, Proxmox does not support multiple VLANs per interface using this method.

I have an IPv6-only network, so I could theoretically assign multiple IPs per interface. Then I would use Linux VLANs from within the guest OS. However, this is a huge pain and I do not want to do this. And it is less secure because a compromised VM/CT could change its VLAN tag itself.

I am asking if adding many virtual interfaces per CT/VM is good practice, or if there is a better way to separate internal networks. Or maybe I should rethink the whole thing and not use one network per use-case.

I am especially curious about performance impacts of multiple interfaces.

Mostly I'm curious what people's setups are. Are you using docker or a VM? Which tools are you using to stream and play your roms or steam games?

Looking for suggestions for myself as well... I'm on unraid and looking to support multiple users.

Is anyone currently self hosting an Anytype backup node? In case you don't know, Anytype is a privacy focused, local first note app. Can be found in anytype.io. Their docs give informartion on how to self host. I only have a laptop, so I'm trying to create a node in a VirtualBox VM, using Vagrant to automate box creation and provision. Sorry if the post is messed up, first timer here.

I have a trusty UnRaid server that has been running great for almost 3 years now, with some kinks and headaches here and there, but mostly very stable. Now I'm entertaining the idea of setting that box up with ProxMox, and running UnRaid virtualized. The reason being that I want to use UnRaid exclusively as a NAS and then run all dockers and VMs on ProxMox (at least that's how I'm picturing it). I would like to know your opinion on this idea. All I have is Nextcloud, Immich, Vaultwarden, Jellyfin, Calibre, Kavita and a Windows VM I use to update some hardware every now and then. I mainly want to do that for the backup capabilities in ProxMox for each instance. Storage is not a concern, and I have 64GB of ECC Ram running in that box. What are the Pros and Cons, or is it even worth it to move all this to ProxMox?

My server (fedora) stops all podman containers after 2-3 hours since 3 days. I can start all containers again, and the same happens after a while. I do not know where to look for the problem.

In top, I found a oom message. I assume that the system runs out of memory and stops all services. How can I find the problem? I can’t find anything in the container logs.

I can see that systemctl status is always starting. It doesn’t become “running”. But I do not know how to proceed.

So I'm just getting started with selfhosting things, and I have a minor problem which I'm having some trouble solving, as I keep getting a connection refused error when trying to connect:

send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53

I run a jellyfin server on a NUC - it works well and is accessible on the private network. I want to have a public URL for this server - and other stuff, eventually.

Here's my setup

• I have a subdomain - jellyfin.mydomain.com - pointed to the external IP for my router
• I have the router set up to allow remote access, and port forwarding directing all port 80 traffic to my public ip > port 80 on the server
• On my server - running ubuntu - I installed nginx
• I used the official jellyfin nginx config for access from a subdomain
• I edited the server_name variable to match my subdomain

Now, whenever I access the subdomain in a browser I get a 502 Bad Gateway error. The /var/lof/nginx/error.logshows:

2024/05/10 08:26:37 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53
2024/05/10 08:26:37 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53
2024/05/10 08:26:42 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53
2024/05/10 08:26:47 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53
2024/05/10 08:26:52 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53
2024/05/10 08:26:57 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53
2024/05/10 08:27:02 [error] 95335#95335: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.1:53
2024/05/10 08:27:07 [error] 95335#95335: *69 jellyfin could not be resolved (110: Operation timed out), client: 193.29.107.173, server: jellyfin.mysubdomain.com, request: "GET /web/ HTTP/1.1", host: "jellyfin.mysubdomain.com"

I have almost no experience with networking, linux, or nginx :D So I am sure the problem is obvious to someone else....

Can you help?

Hey all!

I have a bunch of services running on my home server and was looking to expose some of them publicly via Cloudflare tunnel. This is done and working great using the origin server certificate and strict TLS.

Up until now, I've been using self-signed certs internally but now I don't want to deal with the "proceed anyway" crap on browsers. I have Traefik set up to get certs from Cloudflare using DNS challenge and that seems to be working.

So, now my problem is: how do I switch between these certificates for the same URL when I'm internal vs public? I'd rather keep that traffic local if I'm at home, which is also working, I just can't figure out how to get Traefik to use the appropriate certificate depending on if the request is coming from my LAN or Cloudflare.

Any suggestions? Is there a better way to accomplish what I want to do?

EDIT: Looks like I'm just going full Cloudflare on this one, thanks for your help everyone!

Hey, I'm always searching a home server (already post here https://lemmy.ml/post/15083947), I was thinking about a Lenovo P500, but maybe the PSU is a bit too special... My budget around $140, will buy used parts and one of the most important thing is the power efficiency (don't care about the peak wattage but want to stay around 50W idle and settling at about 70W when doing some work). Preferably I wouldn't like to buy mini PCs. 😃 Thx!

Short version of this interview is that nothing is changing, other than they're going to be asking a flat fee "$5-20" for the app, rather than relying on donations. All donation platforms have been closed. However, if you choose not to, as Louis says "that's between you and your God".

Project will remain AGPL and thus can be forked at any time. FUTO maintains the trademark of Immich name and logos.

🗃 Open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more…

Hello!

Recently started selfhosting FreshRSS - and while it is really good, i have a few hicks with some of the feeds im fetching from, for instance Its Foss. As seen in the extremely long screenshot below(Picture2), to illustrate what I mean, the feed is extremely cluttered with addtional small icons and pictures. Just to clarify, this is the default view - I have not clicked to expand it or whatnot.

While I normally dont mind this, the feeds from Its Foss are always loading in at full length, e.g. the full article - and they are quite lengthy. Even though my settings are set to not unfold by default;

Other articles who only have a title, picture and first sentence of the post, see Picture1. Is there a way to force articles not loading at full? I have a vague memory of somone linking a RSS filter tool a while back but not able to find back to it, and not sure it solves what I am looking for. Or have I just configured my settings wrong, and not able to find the setting that makes It's foss load in full?

Let me know :)

Picture1 (How I wish for all posts to be like):

Picture2 (How I do not want it to be like): External View link here

I want to create a custom dashboard web app thing for the purpose of learning and to make it avalaible for selfhosted servers.

The plan is to use existing linux cli tools as much as possible.. Which of them do you think are appropriate for that purpose?

There is a nice list in this blogpost but I dont have any experience with any of them: https://www.brendangregg.com/blog/2024-03-24/linux-crisis-tools.html

Hey everyone

I've got an old Mac Mini running Proxmox, right now all it has is a LXC for Plex and a Debian VM for Docker (OpenVPN/Transmission and Screeps server).

What is everyone's preferred monitoring solution?

I'm mostly interested in getting easy access to syslogs, seeing CPU/RAM/Disk space for the Proxmox host, VM and LXC. I have a Mac app called Daisy Disk that shows me all my data on my disk in a nice UI, something with similar capability would be great.

I randomly installed Netdata, didn't love it. Ran into issues with Cockpit and gave up, but I'd try it again if it's considered the best. But I'd love to hear options, preferably with minimal setup and maintenance (wish is probably wishful thinking). Don't hate Proxmox VE, but I feel like I can do better.

whenever I try to run a podman container, it'll through:

Error: running container create option: container has joined pod 4f[long_string]b1f and dependency container 34[long_string]9cd is not a member of the pod: invalid argument

An example of a dependent container compose file looks like this:

services:
  # https://docs.linuxserver.io/images/docker-qbittorrent
  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:latest
    container_name: qbittorrent
    environment:
      - WEBUI_PORT=8090
      - PUID=0
      - PGID=0
    volumes:
      - ./config:/config:Z
      - ./files:/media:z
    restart: always
    depends_on:
      - gluetun
    network_mode: "container:gluetun"

services:
  # https://github.com/qdm12/gluetun
  gluetun:
    image: docker.io/qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8001:8000 # gluetun
      - 8090:8090 # qbittorrent
    volumes:
      - ./config:/gluetun:Z
    environment:
      - KEYS=REDACTED
    restart: always
    privileged: true

It worked until yesterday. I updated to fedora 40. I am not sure if that is just a coincidence or if that's the reason. Should I downgrade to 39?

I've tried a few jellyfin plugins that are supposed to sync metadata and thumbnails from tube archivist, but it's just not working right.

I can see some thumbnails, but then the titles are just random gibberish. Or the titles somewhat work, but no thumbnails.

Any secret I'm missing?

Both are running in docker containers on a synology nas.

I would like to have a central Calendar that I could sync everything to it, from my email calendars and my to do list, is there something like that selfhosted or not, that is FOSS?

I have two cameras in Frigate.

One is a Raspberry Pi 3 running Monocle server, and this stopped working in Frigate some time back (driveway). The second is a Galayou G7 (nursery). The nursery camera is the one I am concerned about with this post.

Problem: Up until a month or two ago (I must have ran an update but I don't know) the audio from the Galayou camera worked in Home Assistant. I'd like to get that working again. Some searching led me to try setting up go2rtc in my config.

Here is my config before making any changes:

mqtt:
  host: 192.168.1.10
cameras:
  nursery:
    ffmpeg:
      inputs:
        - path: rtsp://redacted:redacted@192.168.1.241:554/live/ch1
          roles:
            - detect
    detect:
      width: 1280
      height: 720
  driveway:
    ffmpeg:
      inputs:
        - path: rtsp://192.168.1.240:554/recording/7824851880350319106/replay?trackid=8836591
          roles:
            - detect
    detect:
      width: 1920
      height: 1080

This currently provides only jsmpeg video in Frigate. If I add something like this to the end:

go2rtc:
  streams:
    nursery:
      - rtsp://redacted:redacted@192.168.1.241:554/live/ch1

this adds mse and webrtc as options in Frigate. But, mse plays only video, no audio. And webrtc loads neither audio nor video. I have tried adding lines like - "ffmpeg:nursery#video=h264#audio=aac" and also with opus but to no avail.

Finally, if I ffplay rtsp://redacted:redacted@192.168.1.241:554/live/ch1 it loads audio/video without a problem. I'm also able to connect via ONVIF at onvif://192.168.1.241:8899 from onvif-gui.

So, something is wrong in my Frigate config, and I don't know what. I'm hoping someone here is a little more familiar and can give me a pointer or two here?

Interesting problem here. So I self host jellyfin, happy to share my (owned) movies with my family. Well, my mother has asked me to digitize her collection too and have me host it. Originally, fine, you give your movies to me, I host them, same thing.

However, what I didn't bet on was the amount of garbage, terrible movies she would give me. There's a few that are fine, but the vast majority are, well I'll just put it bluntly, christian propaganda. I don't think any of them are as terrible as some of the worst case, but think "My life was horrible until I found god now look and see how fulfilled I am" type propaganda - and they make for horrible plots. Left Behind with Kirk Cameron is a good example. Even removing the blatent boring christian plots - it's just a horribly made movie. Cheap, not thought out well, and honestly I read the book decades ago, it's a horrible adaptation too.

Not that I keep only top tier movies in my libraries, but these are, well they just bring a pit to my stomach.

What would you do in my situation? (And I'm going to go ahead and say the pure atheist comments aren't needed, yes of course I could burn them, or dance around them, but I'm not looking to just burn the bridge between my mother and myself over a lifetime of her indoctrination and bad taste in movies). I'm more looking for generic, how do you handle your users asking you to put content you don't find appealing on your server?

6 servers were decomissioned, Iwas able to only get the disks, RAM, CPUs and Network Card.

The total of this is : 88 x 8TB SAS disks 44 x 16GB RAM sticks (half 2133, half 2400) 6 x v3 Xeon e3 2630 6 x v4 Xeon e5 2640 3 x 10 GB PCIe dual port cards 12 x 1U heatsink

I'm really lucky to have all of these, even if I don't have a use for all of that for now (except some of the disks)

EDIT: Forgot to mention: All of this for free, I work in a datacenter!