Selfhosted

I see so many posts and people who run NGINX as their reverse proxy. Why though? There's HAProxy and Apache, with Caddy being a simpler option.

If you're starting from scratch, why did you pick/are you picking NGINX over the others?

Thx in advice.

Hello

I'm looking for a NAS OS, the hardware is 2bay Intel n100 machine (AOOSTAR R1), I want to run a RAID1 with few containers (syncthing, immich, jellyfin etc.) all of it to be configurable by web interface, tried some systems in a VM (hardware didn't arrive yet), casaos has nice 'app store', it's a nice docker wrapper, but it doesn't let me manage any kind of RAID (md, brfs, etc), openmediavault is ok for raid, but the containers aren't one click wonder like in other NAS OSes, TrueNAS SCALE seems to be an obvious choice, zfs is cool and everything but it uses kubernetes and it failed to deploy immich for example (100% CPU), i know its called SCALE but kube is a bit too complicated to me (IMO I'm 100% competent but i don't want to tinker), and there's... xpenology, this thing let's me install Synology's DSM and it's a breeze, it deployed immich right away though i had to do it with docker-compose.yml, but in web UI. Also let's say im in favor of xpenology... should i go bare metal or use it inside of proxmox? any pros and cons of both solutions?

Hey guys, version 2.4.0 of Tasks.md was just released. The biggest change is the improved drag-and-drop experience, which feels much better to use. For touch devices it was fully overhauled, since it was not really working before (which is embarrassing tbh). You can see below a comparison between the previous version and the current release.

Previous:

!

New release:

!

Tasks.md is a self-hosted, Markdown file based task management board. It's like a kanban board that uses your filesystem as a database, so you can manipulate all cards within the app or change them directly through a text editor, changing them in one place will reflect on the other one.

You can see below the main changes included in the new release.

• Feature: Greatly improves drag and drop experience: New swap animations, visual indications and better interactions for touch and mobile devices;
• Feature: Adds autoscroll when you drag cards and lanes partially out their container;
• Bugfix: Fix touch and navigation on touch devices;
• Bugfix: Fix issue where navigation bar outgrows lanes;
• Bugfix: Prevents saving card name with invalid characters;
• Bugfix: Fix some smaller issues;
• Documentation: Remind user to hard-reload the browser after changing a theme.

Im using Ollama on my server with the WebUI. It has no GPU so its not quick to reply but not too slow either.

Im thinking about removing the VM as i just dont use it, are there any good uses or integrations into other apps that might convince me to keep it?

Hi guys quick question say you run a a application on your localhost (example lets say couchdb runing directly on localhost:3434 not in docker).

Now you have a docker container (say caddy, ngnix, etc). Is there a way to allow docker container to acess localhost:3434 WITHOUT using the Host network driver (--net=host)

Its new homelab time. And with that, potentially a new OS time too.

I currently am very happy with Debian and Docker. The only issue is I am brand new to using data redundancy. I have a 2 bay NAS I'll use, and I want the two HDDs to be in raid 1.

Now I could definitely just use ZFS or BTRFS with Debian, and be able to use Docker just like I do currently.

Or I could use a dedicated NAS OS. That would help me with the raid part of this, but a requirement is Docker.

Any recommendations?

This was posted on the other site. It can be found below on this post.

They talk about how even Jellyfin & Jitsi were valuable for dealing with government's actions in shutting down the internet. Does anything else come to mind? In addition to giving advice, can we host anything to help people in this kind of situation?

> Suddenly our Self Hosted application became more than just hobby.

> If you already don't know, Bangladesh was disconnected from the internet for majority of the last week due to government order. It was shut down without any warning. We were put under curfew 24/7, so no leaving home. > > On the second day of curfew, me, with nothing to do, figured the intranet in our country still worked. So I opened my Jellyfin service up and gave access to my immediate family and friends. Then we had people stepping up. One opened a simple chat application. Believe me, I never felt happier reading messages from a bunch of random people on the internet. Once people started communicating it only got better. We had a jitsi meet up and running within a few hours. People opened up their media library. Last couple of days, I almost didn't miss the traditional internet. > > I have to thank you guys for all the encouragement. Also I do have a few questions for you guys. > > I'm fearing this will not be the last time we will be blocked from the world. What can we do to make things even better next time? One major problem was TLS CERTS stopped working. So the communication was in http using IP address > > What are some apps to host if the same situation to arise again? > > Sorry for the bad English, not my first language.

Opening your router to the Internet is risky. Are there any guides for the basics to keep things secure? Things like setting up fail2ban? My concern is that I'll forget something obvious.

Edit: I haven't had much of a chance to read through everything yet, but I really appreciate all these long, detailed responses. ❤️ Thanks folks!

I am an Obsidian user and quite happy. But there isn’t a good way to review and scroll daily notes in a Loqseq like fashion in Obsidian. (The plugins for that are unreliable and weak performance.) I have used Logseq but left because of mobile problems, cluttered markdown, and once losing months of data.

I don’t need most of the fancy plugin features of Obsidian aside the robust linking and snappy UI. But I would really like a Logseq like scrollable journal. So is it possible in Silverbullet or do you have another competitor that sounds what I want? Linux + iOS. Not necessarily self hosted but can be.

I have been trying to set this up for the past 2 days and I am losing my mind.

The issue I seem to be having is that synapse cannot find the necessary postgres information in the the database. I have been trying to setup a docker container for it but to no avail. The container just continues to restart. When I check docker logs it seems like it cannot find the database info it needs but its there. I deleted the sqlite3 info so it most certainly isn't still using that.

Is there possibly a casaos friendly version of matrix? Is there an easy to follow tutorial for docker matrix and duckdns? Any help would be appreciated.

Context : Immich default map tile provider (which gets sent a bunch of PII every time you use the map feature) is a company that I see no reason to trust. This is a follow-up to this post, with the permanent temporary fix I came up with. I will also summarize the general opinion from the comments, as well as some interesting piece of knowledge that commenters shared.

Hacky fix

This will use Nginx proxy module to build a caching proxy in front of Open Street Map's tileserver and to serve a custom style.json for the maps.

This works well for me, since I already proxy all my services behind a single Nginx instance. It is probably possible to achieve similar results with other reverse proxies, but this would obviously need to be adapted.

Caching proxy

Inside Nginx's http config block (usually in /etc/nginx/nginx.conf), create a cache zone (a directory that will hold cached responses from OSM) :

nginx http { # You should not need to edit existing lines in the http block, only add the line below proxy_cache_path /var/cache/nginx/osm levels=1:2 keys_zone=osm:100m max_size=5g inactive=180d; }

You may need to manually create the /var/cache/nginx/osm directory and set its owner to Nginx's user (typically www-data on Debian based distros).

Customize the max_size parameter to change the maximum amount of cached data you want to store on your server. The inactive parameter will cause Nginx to discard cached data that's not been accessed in this duration (180d ~ 6months).

Then, inside the server block that serves your Immich instance, create a new location block :

```nginx server { listen 443 ssl; server_name immich.your-domain.tld;

# You should not need to change your existing config, only add the location block below

location /map_proxy/ { proxy_pass https://tile.openstreetmap.org/; proxy_cache osm; proxy_cache_valid 180d; proxy_ignore_headers Cache-Control Expires; proxy_ssl_server_name on; proxy_ssl_name tile.openstreetmap.org; proxy_set_header Host tile.openstreetmap.org; proxy_set_header User-Agent "Nginx Caching Tile Proxy for self-hosters"; proxy_set_header Cookie ""; proxy_set_header Referer ""; } } ```

Reload Nginx (sudo systemctl reload nginx). Confirm this works by visiting https://immich.your-domain.tld/map_proxy/0/0/0.png, which should now return a world map PNG (the one from https://tile.openstreetmap.org/0/0/0.png )

This config ignores cache control headers from OSM and sets its own cache validity duration (proxy_cache_valid parameter). After the specified duration, the proxy will re-fetch the tiles. 6 months seem reasonable to me for the use case, and it can probably be set to a few years without it causing issues.

Besides being lighter on OSM's servers, the caching proxy will improve privacy by only requesting tiles from upstream when loaded for the first time. This config also strips cookies and referrer before forwarding the queries to OSM, as well as set a user agent for the proxy following OSM foundation's guidelines (according to these guidelines, you should add a contact information to this user agent)

This can probably be made to work on a different domain than the one serving your Immich instance, but this probably requires to add the appropriate headers for CORS.

Custom style.json

I came up with the following mapstyle :

json { "version": 8, "name": "Immich Map", "sources": { "immich-map": { "type": "raster", "tileSize": 256, "tiles": [ "https://immich.your-domain.tld/map_proxy/{z}/{x}/{y}.png" ] } }, "sprite": "https://maputnik.github.io/osm-liberty/sprites/osm-liberty", "glyphs": "https://fonts.openmaptiles.org/{fontstack}/{range}.pbf", "layers": [ { "id": "raster-tiles", "type": "raster", "source": "immich-map", "minzoom": 0, "maxzoom": 22 } ], "id": "immich-map-dark" }

Replace immich.your-domain.tld with your actual Immich domain, and remember the absolute path you save this at.

One last update to nginx's config

Since Immich currently does not provide a way to manually edit style.json, we need to serve it from http(s). Add one more location block below the previous one :

nginx location /map_style.json { alias /srv/immich/mapstyle.json; }

Replace the alias parameter with the location where you saved the json mapstyle. After reloading nginx, your json style will be available at https://immich.your-domain.tld/map_style.json

Configure Immich to use this

For this last part, follow steps 8, 9, 10 from this guide (use the link to map_style.json for both light and dark themes). After clearing the browser or app's cache, the map should now be loaded from your caching proxy. You can confirm this by tailing Nginx's logs while you zoom and move around the map in Immich

Summary of comments from previous post

Self-hosting a tile server is not realistic in most cases

People who have previously worked with maps seem to confirm that there are no tile server solution lightweight enough to be self hosted by hobbyists. There is maybe some hope with generating tiles on demand, but someone with deep knowledge of the file formats involved in the process should confirm this.

Some interesting links were shared, which seem to confirm this is not realistically self-hostable with the available software :

• OSM Foundation's policy on using their tile server
• Switch2OSM
• https://wiki.openstreetmap.org/wiki/Sequentially-generate-planet-mbtiles

General sentiment about this issue

In all this part, I want to emphasize that while there seems to be a consensus, this is only based on the few comments from the previous post and may be biased by the fact that we're discussing it on a non-mainstream platform. If you disagree with anything below, please comment this post and explain your point of view.

• Nobody declared that they had noticed the requests to a third-party server before
• A non-negligible fraction of Immich users are interested in the privacy benefits over other solutions such as Google photos. These users do not like their self-hosted services to send requests to third-party servers without warning them first
• The fix should consist of the following :
  • Clearly document the implications of enabling the map, and any feature that sends requests to third parties
  • Disable by default features that send requests to third parties (especially if it contains any form of geolocated data)
  • Provide a way to easily change the tile provider. A select menu with a few pre-configured style.json would be nice, along with a way to manually edit style.json (or at least some of its fields) directly from the Immich config page

tldr is that you can hide the button that asks for payment and it says "purchase immich" instead of "purchase liscence"

Update : I made a follow-up post containing a Nginx-based solution to cache map tiles from OSM and limit the amount of PII you send

While monitoring the logs in Rethink DNS (awesome app BTW) today, I noticed the Immich app making requests to api-l.cofractal.com.

After reaching out on Immich's discord, the devs explained to me that it is used as a tile provider for the map feature. I can confirm it is not realistic to self-host a tile provider without heavily tuning down the level of details on the map (which would still require a lot of disk space and CPU time). I understand the need for a third-party service to provide the map tiles, but I'm concerned by this one.

Visiting cofractal.com only tells us that they're selling APIs. I did not find any details about the company, not even the country they're registered in. The website is also missing informations about what they are logging or not. Everything else seems gated behind a login page, but they "are not currently accepting new customers". The whois for the domain says they're in California. Digging a bit more, I find AS26073 which apparently is the same company.

This bothers me, because Cofractal gets sent every location you viewed (and the zoom level) on Immich's map, along with your client's IP address and a "Referrer" header pointing to your Immich instance. This sounds like a lot of PII to me. It's also behind cloudflare which gets to see the same stuff.

When asked about it, one dev (thanks to them for almost instantly replying to every concern/question I threw at them) explained that they personally know the people behind Cofractal. According to this Immich dev, Cofractal provides free access to its paid service to Immich's user base as a way to support the project, with the side benefit of load testing their platform.

This explanations seems plausible and reasonable to me. However, I do not personally know the people behind Cofractal, and by default, I do not trust for-profit companies to act in an altruistic way. Here's a summary of everything that makes me uneasy about this company :

• it does not say anything about the kind of data they are logging or not
• it requires digging through whois records to find the most basic info about the company
• it freely provides access to its normally paid service (for the whole Immich user base), but it does not communicate about it (or it is really hard to find)
• it does not communicate about anything : searching for its name only returns its home page and websites with informations on Autonomous Systems
• it is "not currently accepting new [paying] customers" while providing the service for free to a quite large user base (Immich v1.109.2 got 170k downloads in 5 days, v1.108.0 got 438k downloads in 13 days )
• It is not mentioned anywhere in the whole immich.app website (searching for site:immich.app "cofractal" gave me no result). Not even a "Thank You" or "Sponsor" note on the homepage for the free API
• (it is behind cloudflare)

The dev I talked to encouraged me to create a feature request, and seemed favorable to adding a switch for disabling maps client side. It is already possible to disable it server-wide, and the "URL to a style.json map theme" option seems to provide a way to customize the tile provider. Which leads to this post : I'm trying to collect feedback on this before creating the feature request.

• It should be made prominently clear to server admins that leaving maps enabled causes clients to send requests to a third party-server and give details about what is sent (viewed locations, zoom level, IP address, Immich instance URL). The Post Install Steps in the docs and a paragraph above the switch on the config page seem like good places to me. Are there other/more appropriate place for such a warning ?
• The "URL to a style.json map theme" option should probably be renamed to make it clearer that it allows changing tile providers. Or better yet, it could be reworked to make it easier to choose which third-party you decide to trust
• What do you think about the idea of providing instance admins with a list of choices for tile providers ? Maybe with a short pros/cons list in the docs for each provider. I'd be fine with using a more reputable provider with the extra step of configuring my own API key (which would probably require proxying requests to the tile provider to not share the API key with all clients)
• Should the Immich server proxy requests to the tile provider in any case ? Since the tile provider has access to the Referrer and Origin headers (which is probably required for CORS), they are currently able to link user IP addresses with Immich instances. Proxying requests with the Immich server should prevent that.
• I would go as far as making maps disabled by default for new installs. I understand that "disabling by default would be a significant downgrade for a majority of users", but I feel like there's a strong overlap between the self-hosting and privacy communities. So we should at least have some debate about it

I've also been told that I'm the first one to raise concerns about this, which leads to one more question : Did nobody complain because nobody noticed ? Or are my concerns unjustified ?

cross-posted from: https://infosec.pub/post/15386345

> Hi everyone, > > This is my CONTAINERFILE for Bind9: > > > FROM debian > > ENV LC_ALL C.UTF-8 > > # Update and upgrade system > RUN apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y > > # Install BIND 9 and sudo (for debugging if needed) > RUN apt-get install -y bind9 bind9-dnsutils bind9-libs bind9-utils sudo > > # Configure permissions for BIND directories > RUN mkdir -p /var/cache/bind /var/lib/bind /var/log/bind > RUN chown -R bind:bind /var/cache/bind /var/lib/bind /var/log/bind > RUN chmod 664 /var/cache/bind /var/lib/bind /var/log/bind > RUN chmod -R 664 /var/cache/bind /var/lib/bind /var/log/bind > > # Create and configure log files > RUN touch /var/log/bind/default.log /var/log/bind/update_debug.log /var/log/bind/security_info.log /var/log/bind/bind.log > RUN chown -R bind:bind /var/log/bind > RUN chmod 644 /var/log/bind/*.log > > # Define volumes > VOLUME ["/etc/bind", "/var/cache/bind", "/var/lib/bind", "/var/log/bind"] > > # Set the entrypoint to the named executable > ENTRYPOINT ["/usr/sbin/named"] > > # Set the default command arguments for the named executable > CMD ["-g"] > > > I keep getting this error when I run it with podman: > > > 26-Jul-2024 03:18:21.328 loading configuration from '/etc/bind/named.conf' > 26-Jul-2024 03:18:21.328 directory '/var/cache/bind' is not writable > 26-Jul-2024 03:18:21.332 /etc/bind/named.conf.options:2: parsing failed: permission denied > > > As you can see from the CONTAINERFILE, the bind user should be able to read and write to /var/cache/bind but for some reason it doesn't. > > I have been at this for a while and I'm at my wits end. Your help is appreciated!

Recently, my 10-year old drive that I pulled out of an old computer died. I want to buy another one now. The machine will run Jellyfin (I have an existing collection that I will be transferring from another drive), Immich, and the *arr stack.

I have this motherboard which has one SATA port and one PCIe x1 port. For this reason, I won't be able to add a second drive for redudancy, unless I add a PCIe to SATA card.

My biggest concern is that I want the drive to last. I don't want much capacity, I think 1-2 TB is enough. My budget is from 0€ (of course) to 65-70€.

So I have a couple of questions:

• Should I buy an SSD or an HDD?
• I live in Greece and ServerPartDeals is not an option because shipping is really high. Do you know a place where I could purchase it? (Preferably in Greece, but not necessary)
• Do you have any specific drive suggestions?
• Is there any other way (except for buying a PCIe to SATA card) to add more drives in the motherboard?

Thank you.

I love the concept of apple’s in house journal app which allows you to create dated posts that include text, videos, and photos. I hate the idea of writing anything private in a journal hosted by apple as well as the fact that apple could discontinue at any time. Any ideas on a way to achieve something similar in a clean interface (a long word document wouldn’t cut it) without the middle man? A dedicated un-networked device even?

I want to use Linkwarden to backup websites I find but I can't afford a subscription right now. What's the easiest way to selfhost it on my desktop pc (windows) that will keep it updated and working without having to mess with it or do a bunch of command line stuff?

Sorry but I can't think of another word for it right now. This is mostly just venting but also if anyone has a better way to do it I wouldn't hate to hear it.

I'm trying to set up a home server for all of our family photos. We're on our way to de-googling, and part of the impetus for the change is that our Google Drive is almost full.We have a few hundred gigs of photos between us. The problem with trying to download your data from Google is that it will only allow you to do so in a reasonable way through Google takeout. First you have to order it. Then you have to wait anywhere from a few hours to a day or two for Google to "prepare" the download. Then you have one week before the takeout "expires." That's one week to the minute from the time of the initial request.

I don't have some kind of fancy California internet, I just have normal home internet and there is just no way to download a 50gig (or 2 gig) file in one go - there are always intrruptions that require restarting the download. But if you try to download the files too many times, Google will give you another error and you have to start over and request a new takeout. Google doesn't let you download the entire archive either, you have to select each file part individually.

I can't tell you how many weeks it's been that I've tried to download all of the files before they expire, or google gives me another error.

I'm an immich user, switching from a standard u/p login to an SSO-based login.

I've tested the SSO login successfully, it seems to work, and I'm not having any issues with that.

However, the account generated by SSO login has a different email address and identifiers from the account I created earlier. I don't want to start from scratch with my photos, as I've spent countless hours updating metadata.

I think I need one of the following:

1. a supported, tested way to merge an account with another account. I don't know if this is going to be similar to the "partner sharing" feature. I don't want to simply share the photos, I want to have full control over them; including, if I delete a photo, it's gone forever.
2. a tested way to manually update the database to change all identifiers over to the new account
3. a way to login to the existing account via my SSO portal. I can create any SSO user I want, for example.
4. a way to export the entire library with metadata and re-import it to the new SSO account, structured exactly the same way. Ideally this would also restore anything ML has done with my photos, but it's not a disaster if I have to wait for ML to recreate what it already did in the new account.

Does anyone have information on how to achieve one of the above?

Followup question:

• can anyone confirm with certainty that metadata changes I made in immich have been saved in the image files in /library/upload/*? I am already making backups (both pg_dump and the entire contents of the library), but it would be nice to know where the metadata is actually kept, in case I have to do DR.

How do i you decide whats safe to run

I recently ran Gossa on my home server using Docker, mounting it to a folder. Since I used rootless Docker, I was curious - if Gossa were to be a virus, would I have been infected? Have any of you had experience with Gossa?

Hello everybody, Daniel here!

I'm back with some huge updates for Linkwarden.

Before we start, we'd like to express our sincere thanks to all of our Cloud subscription users. Your support is crucial to our growth and allows us to continue improving. Thank you for being such an important part of our journey. 🚀

What's New?

---

📄 Full Page Copy

This new feature allows users to save a complete copy of a webpage in a HTML format. It's perfect for archiving pages in their entirety, capturing all content as it appears at a specific point in time.

!

👥 User Administration

Server administrators can now manage user addition and deletion with greater ease. This feature is especially useful for organizations that need to manage multiple users.

!

🧱 New Masonry View

View your bookmarks in a visually appealing masonry layout, where content is arranged in an optimal position based on available vertical space. This feature is perfect for users who prefer a more visual approach to browsing their bookmarks.

!

🍏 iOS and MacOS Apps (Maintained by JGeek00)

We're excited to announce the release of the new iOS and MacOS apps, developed and maintained by JGeek00. These apps provide a seamless experience for users who prefer to access Linkwarden on their Apple devices. You can download the apps directly from the App Store.

📥 Import from Wallabag

There was a high demand for this feature, and we're excited to announce that you can now import your bookmarks from Wallabag. This feature simplifies the transition process, allowing users to maintain their bookmarks without hassle.

🌐 Support for Other Languages (i18n)

Linkwarden has recently expanded to support Italian in addition to English. As this feature is quite new, there might be some bugs, and we're actively working to refine it. We're also looking for community help with translations to make Linkwarden accessible in more languages soon!

📁 Image and PDF Uploads

Users can now upload images and PDF files directly to Linkwarden. This feature is perfect for users who want to store paywalled or password-protected content.

!

🔒 Enhanced Security

This update includes several security enhancements to protect your data and ensure a secure browsing experience. We've also fixed several bugs and improved overall performance.

🔑 Support for Google OAuth

You can now use Google OAuth to sign in to Linkwarden. This feature simplifies the login process and provides a secure authentication method. Just note that we're still pending Google's approval for the OAuth consent screen and it will be available soon.

✅ And More...

Check out the full changelog below.

Full Changelog: https://github.com/linkwarden/linkwarden/compare/v2.5.3...v2.6.0

--------

If you like what we're doing, you can support the project by either starring ⭐️ the repo to make it more visible to others or by subscribing to the Cloud plan (which helps the project, a lot).

Feedback is always welcome, so feel free to share your thoughts!

Website: https://linkwarden.app

GitHub: https://github.com/linkwarden/linkwarden

Read the blog: https://blog.linkwarden.app/releases/2.6

I guess this is a cautionary tale.

I was recently having issues with my Gmail account that's tied to my Epik ( a domain registrar ) account, so when I was supposed to renew my domain, I didn't receive any e-mails about it. When I decided to randomly check on my website, it seemed to be down. So I checked Epik and a domain that usually cost £15 a year to renew now cost £400 to renew as it was expired.

As a teenager who does not have £400 to spend on a domain, I decided to just wait until the domain fully expired and buy it for a cheaper price.

After some time, the domain fully expired and GoDaddy decided to buy it as soon as it did, and charged me £2,225 to renew the domain. I don't understand how a price that large is justified, considering that my website gets barely any visitors and I basically only use the domain for hosting stuff. No idea how hiking prices this much is legal

> Welcome to version v1.109.0 of Immich. This release introduces an additional way for you to support Immich financially as well as bug fixes for various issues. Some of the highlights in this release include: > - Immich licenses (and https://buy.immich.app) > - "My Immich" url forwarder (https://my.immich.app) > - Notable fix: Generate thumbnail for iOS18 HEIC > - Notable fix: Generate Motion Photos for Pixel 6, 7, and 8

Immich license pricing is $25 per user or $99 per server for a lifetime license.

Basically the title. Using the android app to sync. The photos on my phone have GPS data, but it's not read by immich. I've tried rerunning the metadata job, but that hasnt worked. Am I doing something wrong?

Update: It was DNS... its always DNS...

Hello there! I'm in a bit of a pickle.. I've recently bought the full budget Tp-link omada stack for my homelab. I got the following devices in my stack:

• ER605 Router
• OC200 Controller
• SG2008P PoE Switch
• EAP610 Wireless AP
• EAP625 Wireless AP (getting soon)

I've set it all up and it was working fine for the first few days of using it. However, last few days it's been working very much on and off randomly(?) . Basically devices will state they are connected to WiFi/Ethernet, but they are not actually getting it. (As seen in the picture). This is happening with our phones(Pixel7+S23U) and my server(NAS:Unraid), have not noticed any problems on our desktop PCs. So it is happening on both wired and wireless, as my server and desktop PC is connected to the switch.

I haven't done many configurations in the omada software yet, but am assuming it's something I have done that causes this... Would greatly appreciate any advice to solve/troubleshoot this!

I am looking for suggestions of cheap, OpenWrt compatible routers that may have Wifi 6, for future proofing. My idea was to use it as a main router, but also as a travel router so I can plug it whenever I travel somewhere else.

I also want to learn how to use OpenWrt (I have an old router at home to test it out, but it's not ideal for everyday use since it's 100Mbps and doesn't have gigabit ports).

It'd be nice to have:

• Wifi 6
• OpenVPN or WireGuard support
• Compatibility with OpenWrt
• Ideally less than 60 EUR

A small form factor is also appreciated but not a requirement.

I checked the device tables and lists on the OpenWrt wiki, but it's hard to decide. A beginner's guide to the operating system recommended some routers but most of them are too expensive for my use case.

Currently, I'm leaning towards the GL iNet Opal (1200) but it doesn't support OpenWrt, the other option is the BananaPi BPI-WIfi 6. What would be your suggestions?

Hi i just wanted to know if it is possible to host instance completely without renting anything.

if you have a video on it can you please share it here?

Hello c/Selfhosted!

Although I'm still new with truenas, I've been a happy truenas scale hoster for a year more or less and I've been increasing the reach of my self hosted server little by little.

The problem came when I decided to add jellyfin and a GPU for encoding. My server is mostly made of old parts and the GPU is not different. The GPU is recognized by truenas scale as a "Advanced Micro Devices, Inc. [AMD/ATI] Cape Verde PRO [Radeon HD 7750/8740 R7 250E", which AFAIK has hardware encoding/decoding as per Jellyfin wiki.

But the only place I can see the GPU is in lspci and in System Settings/Isolated GPU PCI Ids (and it's not isolated). Whenever I try to change the configuration of an app to allocate the GPU I can only select "Allocate 0 amd.com/gpu GPU", there are no more options.

I've searched for this a lot but I found very little info about AMD GPUs and how to debug this issue.

I'am missing something? Could anybody point me in the right direction? Any commands I can run to diagnose?

Thanks for reading!

I want to share a self-hosted tool I developed. It's a NUT monitoring tool similar to webNUT but it has some additional features like:

• UPS command support to remotely tell your UPS beeper to shut up.
• Supports some uncommon and old devices like ARMv6, ARMv7 and RISC-V64.
• It's actually light-weight, ~7MiB image size and very low memory footprint.

If anyone looking a tool like this, repo is available at https://github.com/SuperioOne/nut_webgui

I'm trying to get networkd to connect to a wireguard endpoint, specifically ProtonVPN, in case it matters. I just can't get it to connect. Has anyone had success with that? Specifically without using wg-quick.

Hi guys!

When I saw this tiny little guy, I had to go in and get it. And so I received it today. My first experience is...the software is a bit rough at the moment. And now I'm having trouble with the keyboard detection. It's no longer working, and I"m not sure what's wrong. Basically, it worked initially, but after I unplugged it to dump some isos onto it*, the USB keyboard emulation seems to no longer work.

And since I'm one of the very first users...I think have no documentation (yay). I see there's a Chinese forum where more people mention a USB keyboard issue, but I don't think this is sorted.

Anyone else tried it? How's your experiences so far? Any ideas how to fix the keyboard issues? Still, for all its initial wonkiness, I clearly see this as the future for a KVM device, instead of a full blown Raspberry Pi board, which I think is a bit overkill.

*: The 'full' version comes with an embedded 32GB microSD, of which 8GB is for the OS, but the remainder is a separate partition for ISOs...you connect it as a USB storage to a PC and drop your ISOs there. At the moment you don't seem to be able to mount a random file from your PC via the browser UI. Only ISO files it already has in its own storage.

I have nginx up and working with pihole and its great. I can get to: https://dashy.homelab.duckdns.org/ On my PC but not my phone. On my phone, pfsense blocks it and says "Potential DNS Rebind attack detected, see https://en.wikipedia.org/wiki/DNS_rebinding Try accessing the router by IP address instead of by hostname."

Why? I've disconnected and reconnected to WiFi, and waited a day.

Hello fellow self-hosters,

I'm fairly new to hosting my own services and have been learning as I go, but have run into an issue and am not sure where to look for answers. Hoping you all can help a confused soul out.

Up until now, I've been running the .arr services (Sonarr, Radarr, Overseerr, etc.) on my Windows machine with minimal issue, but I've been working on setting up a separate Debian machine to get it off my main PC.

I'm following this guide to get everything setup, and at this point I have all my services setup and running, but I can't seem to get Radarr and Sonarr to work correctly. My indexers work, Radarr will grab the wanted file and Deluge will download it, but when the download finishes it just stays in limbo; Radarr is unable to import it into the library due to invalid permissions (It doesn't have Write permissions).

I've done sudo chown -R $USER:$USER /path/to/ROOT/directory and sudo chown -R $USER:$USER /path/to/HDDSTORAGE/directory as the guide instructs under 'Folder Structure' (of course replacing the paths with my actual paths), but to no avail.

Where I think the problem is is my actual Media Library. All the services are running on their own laptop, but my 10TB HDD is still in my main Windows PC. Until I build a new rig specifically for the server, I can't put the HDD into the laptop. In Windows, the TV and Movie folders are network shared and I have them mounted on my server in the respective locations where Radarr and Sonarr should be looking. At this point, the .arr services can definitely read the mounted directories, but can't make new ones for new shows and movies.

My take on location history timeline . Hope some one could sanitize and beutify it.

https://github.com/ippocratis/location-history

Just wonder what if my mail server went offline for some periods, and the sending party couldn't deliver.

Will there be any consequences except I don't get the mail? I tried searching but they all in the perspective of a sender and get a bounce, rather the other way around.

Saw they have promotion £1/mo without setup when paid for a 12mo contract for the lowest end VPS. Anyone use it before?

Just planning to run frp on it. https://github.com/fatedier/frp