What are
/r/selfhosted's
favorite Products & Services?
From 3.5 billion Reddit comments
The most popular Products mentioned in /r/selfhosted:
![SABRENT 2.5 Inch SATA to USB 3.0 Tool Free External Hard Drive Enclosure [Optimized for SSD, Support UASP SATA III] Black (EC-UASP)](https://m.media-amazon.com/images/I/316DDlbE6HL._SL500_.jpg)
The most popular Services mentioned in /r/selfhosted:
Nextcloud
Matrix.org
Cloudflare
Trilium Notes
AlternativeTo
Let's Encrypt
Rocket.Chat
Huginn
Hetzner
BookStack
Syncthing
Grafana
Mail-in-a-box
Joplin
YunoHost
The most popular Android Apps mentioned in /r/selfhosted:
FolderSync
DSub for Subsonic
PhotoSync – transfer and backup photos & videos
IP Webcam
UltraSonic
SqueezePlayer
Tiny Tiny RSS (TRIAL)
Keepass2Android Offline
Keepass2Android Password Safe
Join by joaoapps
Yatse: Kodi remote control and cast
Simpletask Cloudless
Synchronize Ultimate
Syncthing
Password Store
The most popular VPNs mentioned in /r/selfhosted:
The most popular reviews in /r/selfhosted:
I am working as a freelance support person for a company which provides newsletter component for Joomla and WordPress so I can tell you from direct experience
Users want and need a WYSIWYG kind of editor. They won't agree to have a newsletter sending solution if they have to use Markdown or any similar editor
​
If you want to include a WYSIWYG editor I suggest you try this one
​
As far as I can see, it is free and I believe you could easily integrate it in your solution
​
BTW, since I have experience with newsletter systems (handling over 40000 different users of mentioned component, and if you want some help (consultation help I mean because I am not a code developer), please fell free to send me a message here
Matrix is great! Its a chat protocol that has many front ends your users can choose from. The most popular front end is Element.
Why use matrix?
At its core, the protocol is just for routing messages between clients and servers. This means you can join multiple servers (hosted by other matrix users). There's also bridges between other chat services so you can do all your communication in one place.
Also, with Jitsi integration you can do video calls directly in the app.
There was some drama and I think the general consensus is to use nextcloud. I've been running it for a while now and I love it.
https://www.ionos.com/digitalguide/server/tools/owncloud-vs-nextcloud-a-comparison/
I personally use BookStack (http://bookstackapp.com) as my knowledge base. It has many features like third party authentication and draw.io (now diagrams.net). Maybe HedgeDoc is more (https://hedgedoc.org/) what you are looking for.
Every company will fuck up. How they respond to the fuckup tells you more about a company than the fact that a fuckup happened.
And GitLab responded with exceeding transparency and grace.
Here's their blog post - https://matrix.org/blog/2019/04/11/security-incident/
I spun up a matrix VM about 1-2 weeks ago to give it a try because I was losing faith in discord. Not gonna lie I was a little concerned at the timing of this but I'm still going to go ahead and set it up when I get some free time. This wasn't a fault of the matrix software - just lazy sysadmin work.
Traefik supports LetsEncrypt's DNS-01 challenge, which allows you to generate real valid certificates without any hassle (no port forwarding, no CA management). You do need a real domain, but they're only a couple dollars a year.
- https://doc.traefik.io/traefik/https/acme/#dnschallenge
- https://letsencrypt.org/docs/challenge-types/#dns-01-challenge
TBH, I think the complexity of creating (and trusting) my own selfhosted CA on every single device I own just isn't worth it.
> Are selfhosters so commited to being selfhosters that they don't mind the extra work?
By definition, yes. Nothing whatsoever about selfhosting is easier than using the Cloud (except for "please delete all of my data and prove that you did it"). And that ultimately is why I self-host: it is worth the extra effort for me to know what is going on with my shit.
Recently I got on Jamendo. You're not going to find anything there from a big-name artist. But it's all Creative Commons stuff, and I'm actually finding some things I really like. And since it's CC, you can download whatever you enjoy legally.
All that popular music is produced by the same damn companies that want to restrict your Internet access, so fuck them, and fuck artists that work with them.
i feel like this shit should be at the top of their webpage instead of the bottom.
Social network integration Use diaspora* as your home base to post to your profiles on other major social services. This way your friends will still be able to keep in touch with what you’re up to, even if they’re not yet on diaspora*. diaspora* currently supports cross-posting to your Twitter, Tumblr, and WordPress accounts, with more to come.
got to it in under 30 seconds. but really had to dig. still no fucking clue what this service does.
git page: wtf. blank ass shit.
from git page: got to here: https://diasporafoundation.org/
ok... a little better. still uttterly useless. the OP description of this post is more useful a than anything on the git or web page splash.
knowing that and going in, i still am not sure it's even useful for the point i made at the top. who is the target audience? neck beards with bromances?
Here you go. https://www.gns3.com/
This is everything you'll need. You can create full networks, use any switch or router you want, and it actually works. Pretty neat stuff. It's all emulated but you can actually connect to the things and it's as if all the devices are real lol
Making a contribution to any project and expecting to be able to claw it back is a bit unreasonable, if that were a common expectation and carried out with regularity, it would have significantly stunted the development of Linux, BSD, LibreOffice, Firefox and numerous other libre and open source projects.
Mozilla is building a public speech corpus, as far as I have been able to discern this is the side project of two employees at Mozilla. That clause in the terms isn't great, but Mozilla is up front with what is going on with Common Voice and what happens with the data (it is CC-0 licensed).
Jellyfin is never going to add paid features like this. It's directly against all of our wishes for the project. We do hope to get intro skipping implemented in the future, but it's a big task and the current state of the database makes it nearly impossible. I would expect more big features like this to start coming down the pipeline after we hit version 11.
We're all volunteers, and none of us ever see a dime from the project, therefore it makes no sense to try to monetize things like this. The only way contributors get paid is if somebody donates directly to them via patreon/github sponsors. All funds for Jellyfin as a project go through OpenCollective and are used strictly for project related costs (hosting, API subscriptions, test devices, etc).
Depends on what functionality you want, for strictly text chat and voice chat TeamSpeak or Mumble work great. If you want a more Discord/Skype like alternative I think Matrix using Riot as the frontend is your best bet
- Only allow key based authentication with SSH (disable password authentication)
- Ensure that updates for your applications as well as the OS are applied quickly/automatically
- There is a package called unattended-upgrades that automatically installs security updates
- Configuration management like ansible/salt/puppet can also do this
- Enable two factor authentication where possible
- Make sure all passwords or passphrases are unique to this server
- I would recommend a password manager, like KeePass, for this
- Use HTTPS wherever possible
- Let's Encrypt offers free HTTPS certificates
- Run backups frequently and store a copy of them offline
- If your server does get compromised, it is often easier and safer to wipe it and restore from a known clean backup rather than attempting to remove the virus
You can't set up a self-hosted solution that works like Clouldflare, at least not without spending a boatload of money.
Cloudflare has 151 locations spread around the world and incredibly complex infrastructure in place.
Cloudflare offers a free tier that includes world class distributed DNS combined with free CDN service. It's unbeatable.
Answer: Just use Cloudflare.
Minio (https://minio.io) is an AWS S3 compatible object storage service. I moved my objects from AWS to a locally running minio server and hosted the data on my own.
The minio client makes those kinda of migrations easy.
Being the author of a self-hosted app, I'm acutely aware of how many people, both technically adept and technically naive, are suspicious or outright hostile to the idea of self hosting.
Perhaps they've never done devops, or have had poor experiences, or are conflating inexperience and fear with loathing: in any event, don't let it bother you. I also wouldn't invest a lot of time trying to convince others. Just keep on keeping on.
It would help to know a bit more about your setup.
- Is your IP address residential or otherwise blacklisted?
- Does your ISP/VPS have any restrictions or warnings about email hosting on their platform?
- Do you have your PTR records set up?
- Do you have DKIM keys/records set up?
- Do you have DMARC records set?
- Do you have SPF records set?
- Do your MX records point to an A or AAAA record as opposed to a CNAME?
- Which email applications did you end up using and/or guides did you follow?
- Have you used mxtoolbox.com to check for issues with your configuration?
I have been quite pleased with Poste.io on Scaleway. If you'd like to give that a shot, its very cheap.
I’d recommend OPNsense over Pfsense. The owners of Pfsense (Netgate) do not seem to understand the open source process at all, to put it lightly.
There was a family who set up a huge house wide automation that had its own blockchain currency for chores, etc. that could be spent to watch Plex, game console time, or gift cards I believe. Hugely overkill but the father was interested in learning blockchain.
Yes! I gave up my Ring.com Pro and switched to an RCA HSDB2 doorbell. Been working great as part of my BlueIris set-up. This forum at IPTalk helped a lot with getting things working.
lol well I did sort of automate listening.
If I am working in my home office Home Assistant will turn my stereo on and start streaming whatever music has been newly added. Using the Logitech Media Server component to manage the music playback https://home-assistant.io/
I would be wary of technical workarounds. Now that OP's friend has been busted, the authorities might be monitoring him for exactly that kind of thing, and a long-lived session is probably not the only thing they can detect. Is it worth the risk?
As long as we're linking tools, though, I came across sshuttle recently. Looks pretty handy, and since it tunnels through ssh, it probably looks to traffic monitors slightly less like a VPN than algo's IPSEC.
I really like shaarli. I use too many machines and browsers to keep track of my bookmarks, and shaarli allows me to keep them all in one place. It gives you a bookmark you add to your bookmark bar, that once clicked, brings up your standard save a new bookmark, along with the option to tag it, and give a description.
Look into matrix.org. It has bridges to Telegram, Discord, IRC, SMS, Slack and a bunch of other. I only use the bridges to IRC and Discord and they work pretty well, but they are to my knowledge also the most polished so your mileage may vary. The most popular client for matrix is Riot.
KeePass can perform synchronization between different versions of a single database.
Syncthing keeps all of the conflicting versions accessible, so you just sync them all on any device and you're good.
I would be interested in a self hosted alternative too. I was researching a while ago, but no results. Till then, check out Anydesk. Some guys who left TeamViewer started this a while ago and it looks promising. Its still a german company owned by the founders, unlike TeamViewer that got bought by an UK based venture group.
Calibre is basically the standard at the moment. I personally find it very frustrating and a perfect example of giving the user too much control. There are so many tweaks that it is nearly impossible to set up the same way twice. And some settings are super buried. I count at least three settings panes that are completely separate.
I am all for power-users, etc but there is a line where it is just too much!
What's worse is that the developer is quite opinionated on how things should work. The best example in my mind is that the default is to store your last read position in the epub. While I see the benefit, it means that any syncing program now has to sync the entire file every time it is viewed. That is problematic for things like cookbooks which are (a) big and (b) usually read non-sequentially. You can, of course, change it but that settings is buried in the settings for the reader.
With that said, I use the app since it has features I just haven't found elsewhere. And it is super powerful!
Calibre-web is also really nice and polished but lacks a feature I really want! When you open an epub in the web-viewer, it downloads the entire epub into your browser. Again, this is miserable for large books like a cookbook. See #1647. (epubs are zip-based but there are ample server-side tools that can read into the file).
Huh, I was trying similar solutions in the past to free myself and my personal office from paper and thought I had tried open-paperless already but then noticed that your first commits where about half an hour ago.
Then I noticed: there are similar projects with really similar names: paperless (selfhosted) and open-paperwork (desktop).
I'm gonna give open-paperless a try, allthough I'm trying to build a personal document management system app that integrates with nextcloud.
Thank you!
I am a huge fan of Trilium, which is a Personal Knowledge Manager. It can be run stand alone, but the server is great for syncing across devices, or accessing from the web.
I am a big fan of Cloudflare. I would recommend using an Argo Tunnel to expose the service to Cloudflare. Set up basic rules to block non-US traffic, block bots, and then configure Access, which is a zero trust identity aware proxy. All of these are free from Cloudflare.
git-ipfs-rehost
A way to statically host your git repos in ipfs. For now, these are read only.
https://github.com/whyrusleeping/git-ipfs-rehost
​
[Users like you provide all of the content and decide, through voting, what's good and what's junk.]
I'll mention doku wiki, its free, open source, easy to use, built in access lists, version control, and has lots of extensions. Dead simple to install too, doesn't need backend database or anything - only a web server with PHP.
Yes, SMTP and HTTPS (TLS) use the same type (x.509) of cert. You can get one cert and use it for both services at the same time, even reference the same file.
You can buy one if you really want but have you heard of our lord and savior Lets Encrypt?
It takes a bit more setup but you can get a free cert and have it auto renew for free from an awesome CA.
Using Plex violates their TOS section 2.8. Here is the link https://www.cloudflare.com/terms/
They don't limit bandwidth but I heard some people get temporary banned for serving binary content (Plex). The ban lift automatically after some period of time as far I can recall. They really don't give much attention if your traffic is not that much.
I don't think it's right to encourage people use cloudflare in their Plex setup. As it clearly violate their TOS.
> There is a file cache for our games, but some... need servers. Im working on finding the "self hosted" versions of those.
Take a look at Pterodactyl for managing your game servers. https://pterodactyl.io/
Welcome on board!
This is a journey that will require a lot of time, practice, and errors in order to get you anywhere. The Open Source project which might be closer to offer most of Google Drive services is https://nextcloud.com/ it's well documented with plenty of tutorials online on how to install it and configure it.
I would start by trying to install it on your laptop or PC and see if you can access files/photos/videos from your phone. Once you got that up and running you'll be a little bit more familiar and confident in your skills!
The obvious next step is to have some sort of always on PC because when you shut it down you'll loose the ability to see your files. Here is where a raspberry pi comes in place: low powered, always on, tiny computer.
Have fun and feel free to ask for help!
While nextcloud is awesome, it is a big overkill if you only need a calendar. Another solution might be to set up a CalDAV server and use clients on your devices to sync with it.
The first one that shows up on Google is https://radicale.org/. But I have no experience with it, so I can't say anything about it.
For clients you can use for example thunderbird on the desktop (multiplatform) and DAVDroid on Android (it's free on fdroid).
Take a look at Nextcloud. It has file versioning, online editing of LibreOffice documents (Nextcloud has a partnership with Collabora Online Office), very nice access control (read only sharing is possible, too, even public sharing), a dropbox like application for windows/mac/linux, android and ios clients, ...
A HDD should be fast enough, however I don't think the Raspberry has enough power for that. you need stronger hardware.
ZoneMinder is quite good.
Another one I heard about is Shinobi but other than looking at its page I've never seen it in action.
I've had a good experience with FastMail. It's been really reliable at a decent price.
In case you're considering self-hosting, be sure to read up on things like mail server reputation and deliverability. I'm not saying not to self-host, but you should know what you're getting yourself into.
Ghost is decent, like people have said, but there's also Hugo. I played with it once, but I'm not a huge blogger so it didn't make much sense to keep messing with it.
Edit: Never mind, can't really do the mobile thing. :P
After hunting for the same solution for the same reasons, I ended up going with paperless. A proper edms, even Mayan, is way too much for my needs. I was able to setup paperless and start scanning items in, in around two hours. Paperless does everything I need, namely, an easily searchable archive of scanned items. Let's you download (to email) a pdf afterwards. Has a web front end for search and tag/document management. This is all I needed, and I am so far happy using paperless.
I say start off using paperless, and if you find you need more, then look for additional software. I'm sure you'll be well served as a home user with paperless https://github.com/danielquinn/paperless/blob/master/README.md
> Snipe it can only manage one serial per item, so a PC wit 8 ram bars would have 8 items with 8 serial numbers instead of 1 item with 8 serials.
Those would be components, not assets. So yes, Snipe-IT can do exactly what you're asking.
- Create unique components for each item (RAM module, etc.) with serial numbers.
- Create asset for PC.
- Assign each component to the PC asset.
Try out the demo if you're unsure: https://snipeitapp.com/demo
I use Typora for any documents longer or more complex than a github readme, especially something I have math typesetting in.
Otherwise I'll just look at it raw through vscode or whatever text editor I'm using.
Hi! I'm the developer.
A bit about the app... we're the leading open source app for invoicing, expenses and tasks. The app is available either as a hosted solution or you can self host it on your own server (similar to WordPress).
This release adds support for Apple Pay and Pay with Google, enables scheduling reports to be sent by email, adds support for shipping/delivery notes and many more features.
https://github.com/invoiceninja/invoiceninja/releases/tag/v4.0.0
We're constantly working to improve the app, you can see our roadmap here:
https://trello.com/b/63BbiVVe/invoice-ninja
If you have any questions let me know...
I used to run my entire home server on RPi4 4GB and it working well for me. Everything in docker container (Jellyfin, HomeAssistant, AdguardHome, etc. but no Nextcloud)
A few notes: 1. For Jellyfin, hardware acceleration is not working in 64bit OS . So I would recommend 32bit OS. 2. Ubuntu server reserved port 53 for systemd-resolved, so if you want to run Pihole/adguard, make sure to disable it. 3. Another OS to consider: DietPi. It provides tools to install common software including docker & docker-compose. And it write logs to ram by default, so it help to prolong your SD card life.
As far as useful self-hosted products, I think a self-hosted wiki is the first thing you should setup. I use mine all the time and document my self-hosted setup on it (e.g., useful commands, IP addresses, etc..)
Check out this page for more ideas
https://github.com/Kickball/awesome-selfhosted
As mentioned, if these services are going to be exposed to the outside internet, security will be your #1 concern.
I am having a very good experience with goatcounter.
Self-hosted, minimal (single binary in go + reverse proxy), very privacy conscious (so GDPR management it's a breeze).
I'm going to have to disagree with this, especially in regards to small businesses.
A firewall is typically used as a perimeter security device, and should remain separate from any other systems hosting content, especially when said content is available to the internet.
It doesn't take much hardware to build a pfSense based security appliance (software is free), and run your hosting services on another system.
I am currently exploring Trilium Notes, extremly powerful, endless opportunities https://github.com/zadam/trilium incl interesting thoughts https://github.com/zadam/trilium/wiki/Patterns-of-personal-knowledge-base
"Not a sysadmin, use linux as a hobby"
Please don't jump into this lightly. A lot can go wrong.
I built my own docker image to run my email, syseng for a living, but https://mailinabox.email/ is highly reviewed
It depends on the service you're using. Authelia can be set up to provide a header to your proxy that includes the logged in username. If your service supports it, you can then request that header to track your user.
If it's supported, your service (for instance calibre-web, which supports it), will ignore the need for a password, assuming the username header is provided.
Just make sure that you are only allowing users to access the page through your reverse proxy, and when authenticated, since otherwise they could conceivably just forge those request headers.
Offering a different approach: have you tried Firefly III?
It is a self hosted financial planning tool that has just enough complexity to be helpful without requiring an accounting background to use. It will probably offer more value than a generic spreadsheet too by making it easier to view how your finances move around over time.
Link: https://firefly-iii.org/
Firefly 3 is pretty good.
One design decision that might not be everybody's cup of tea is that it strongly discourages automatic data filing and instead promotes daily manual logging of expenses to help keep you mindful of your spending.
Also-there's fail2ban where you can set up jails to temporarily (or permanently if you wish) ban ips after failed repeated logins. fail2ban for apache info General Fail2ban info
May I ask why you went with CollectD instead of Telegraf? You already have the repository setup since it's the same as InfluxDB's. It would also probably be a good idea to set up the repository for Grafana to enable easy updates instead of manually installing the dpkg. https://grafana.com/docs/grafana/latest/installation/debian/
I'm replying here because it'll probably stay at the top of this thread... The Element team has published a blog post explaining the situation: https://element.io/blog/element-on-google-play-store/
Nextcloud can be hosted on your own server at home or on a server you rent from a hosting provider. There are also providers offering nextcloud as a service directly. See: https://nextcloud.com/providers/
If you know nothing about hosting a server, this last option is probably best for you. I cannot recommend any of the providers listed there, as I host Nextcloud on my home server, but maybe others can, perhaps on /r/nextcloud, as /u/Dev1nius suggests.
Caprover is one of my favorite things ever. It's a fabric to manage server apps and containers with dead simple built-in nginx with lets encrypt for one-click ssl, shitton of built-in apps like nextcloud (the only nextcloud instance i've had not shit the bed as well), wordpress, ghost, adguard, k8s, the usual fare. if you decide to stop using caprover your apps deployed with it will still function.
Unlike some tools of this sort, i find it does a good job of helping you understand the underlying infrastructure of what's going on with your tools too.
Also supports docker swarms, repository hosting, all sorts of stuff that's beyond my paygrade!
While it doesn't support OFX, Firefly III is a really good web-based personal finance application that I've learned to love over the last few weeks. You can install it manually or using Docker.
And instead of rolling your own, you could try to bring OFX support to Firefly III which would probably save you a lot of work and would benefit others as well.
That's an interesting article, thanks for sharing! As far as I am aware, even by blocking the connections using iptables (or any software firewall), you're still getting the traffic which might hit hard your CPU, and it can bottleneck your bandwidth as well.
​
As far as I know, the most efficient and definitive way to mitigate a DDOS attack is by "blackholing" the traffic, but that requires a network infrastructure with a lot of bandwidth, that's why cloudflare is so popular when protecting from DDOS attacks - that traffic will never hit your infrastructure.
There's a bit more context on this article, if you're interested: https://www.cloudflare.com/learning/ddos/glossary/ddos-blackhole-routing/
You should check out Crowdsec.
I've been running it for about a year now. I has a great UI and centralized management via the servers built-in API.
It's become one of my favourite security addons, to date.
>If I understand this correctly, the only reason this is needed it, so that I can use Let's Encrypt, which needs to be tied to a domain, right? Or is there another reason to hide behind a domain (the IP is still visible regardless), except it being easier to type?
The domain name offers HTTPS, which is transport layer encryption. This encrypts all of your traffic over the internet to your server.
If you access something via IP rather than HTTPS://domain.name then the encryption will not work. HTTPS is tied to the domain.
​
>Despite reading like 10 articles on "reverse proxy" I still don't think I quite understand what it is
I know the feeling!
The 1 line explanation is that when you buy a domain, you usually route the domain & all subdomains to one place. A Reverse Proxy is a magic box that takes those subdomain (eg: mumble.your.domain OR otherservice.your.domain) and redirects them inside your network (both internal IP & specific ports). This means you only need port 443 & port 80 open (yes it's fine to keep port 80 open, see this: https://letsencrypt.org/docs/allow-port-80/), regardless of what port the service actually runs on.
​
This means you don't need to expose 1 port per service and that somebody actually CAN'T use your IP to get to those services as you're only exposing your reverse proxy, and that will throw out any request by IP.
I use https://darksky.net its a nice site and has no ads. As far as self hosting goes they have a API that you could hook into if you wanted to make your own site or app, i think 1000 api calls a day is free.
I've been trying out a few different options in an attempt to move away from Google Photos. So far I've come to like PhotoPrism the best. In a recent update it even does face recognition now.
What about Emby?
https://github.com/MediaBrowser/Emby
> Is Emby server fully open source? If yes, what license are you using and why did you choose it to make open source?
> Emby Server is fully open source under GPL V2.0. Anyone can run from source and be up and running in a matter of minutes. It's important to mention though that our goal is to produce the best experience we possibly can. If an agreement with a potential partner were to require us to make certain modules closed source, then we would not hesitate to do that. These situations are reserved for standalone, optional features and will not prevent running the core server from source.
I switched to jellyfin last year, and I had no idea this feature existed! Actually, it looks like it hasn't existed long. But that's great! Maybe my kids can have a pandemic-safe movie night with the grandparents.
With the exception of track position synchronization, I've found that Airsonic meets the requirements you list, and it is what I use.
For Android I use the app Ultrasonic, and have had essentially no issues.
There are two VPN technologies that are able to survive DPI.
1) ShadowSocks - https://shadowsocks.org
Shadowsocks is a free and open-source encryption protocol project, widely used in China to circumvent Internet censorship. It was created in 2012 by a Chinese programmer named "clowwindy", and multiple implementations of the protocol have been made available since.
2) Outline - https://getoutline.org
Outline VPN is a free and open-source tool that deploys Shadowsocks servers on multiple cloud service providers. The software suite also includes client software for multiple platforms. Outline was developed by Jigsaw, a technology incubator created by Google.
Why not use something like Cryptomator.
It's a online vault, the data is encrypted on your device. AES256 encryption, and only uploads changes.
Cryptomator apps are available for linux, windows, mac, android and ios.
Vagrant has a docker provider and a switch for forcing a vm. So all you need is this Vagrantfile:
Vagrant.configure("2") do |config| config.vm.provider "docker" do |d| d.build_dir = "." end end
and this command:
vagrant up --provider=docker --force_host_vm=true
to end up with a vbox image that runs the docker container inside it.
Note that this is also building the current Dockerfile in your directory and you can repeat the command on every change.
Edit: If you want something similar to docker, that is, in fact, not docker - then you should have a look at Vagrantfiles. They work similar to docker, but are for full blown vm's.
I've heard a lot of horror stories but set it up anyway manually on a VPS with dovecot/postfix/MySQL/spamassassin + radicale for contacts and calendar. It was some learning to get started but has been ok since then. Once you get 10/10 on mail-tester Gmail will eventually accept your mails.
For setting up a pi4 as a k8s: I was able add kernel modules to Ubuntu server Arm64 version to boot from USB. I don't remember which ones, because I made an image I use to flash on my USB drives. I had to update the firmware on each new pi too. This looks close to what I did https://www.instructables.com/Raspberry-Pi-4-USB-Boot-No-SD-Card/
I recommend naming all the pi hostnames similar,
I used this guide to install k8s from kubeadm and select the recommended containerd https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
Docker swarm is a ton of fun too.
A lot of my knowledge came from doing, failing and trying again. I am sorry if my answer seemed dismissive or beneath your knowledge set. There is so much to learn and talk about and focused questions work best for me. I am very happy to answer as much as I can for you or anyone else that asks.
I think it might be best for me to make a video series that goes through my setup and explains elements of the cluster in a seflhosted solution.
> how can I prevent my personal information from being traded???
​
You can't.
​
You can however mitigate the information they have. This is more of you having a mindset that cares about your personal privacy more than the fancy data harvesting toys they offer. With that in mind, I recommend you review this extremely well done website in totality. It was generated by a community effort of privacy conscious individuals.
​
​
You will also find a wealth of information within the r/privacy and r/privacytoolsIO communities.
Joined!
While steam has a large amount of games, ive found this site to be linux friendly as well. (home: proxmox with LXCs Work: vmware esxi vm)
i use their quake and UT servers installs for a local VM lan server at work.
hetzners server auction might be interesting for you.
* Their cheapest entries are usually around 20€
* You get one IP4 for free along with a /64 IP6 subnet (additional addresses can be purchased)
* reverse DNS can be configured through their administration UI
* You can add credit to your account that is then used to pay monthly costs
I've been using Tiny Tiny RSS for half a year now and it's great. Add feedly.css as a theme and you get very modern-looking, responsive in-browser RSS feed that can also talk with regular desktop clients like Liferea or Thunderbird. There is also Android client. It rocks, hands down.
- Take that trash back to the ISP, get your own equipment. This is just the beginning of the problems it will cause.
- Since I assume you've decided not to do this, you can use the DNS-01 ACME challenge to show proof of ownership of the domain, without requiring a TCP connection to the thing that's issuing the cert. If you use certbot, click here and select your DNS provider. If you use a different ACME client, look at that client's docs on DNS auth
I use Zotero for managing my citations. At least in the past, it has been possible to self-host your own Zotero server. As it stands, you can run the client standalone, without syncing to Zotero's hosted back-end.
Though I haven't yet installed a self hosted instance of it myself, I've had PrivateBin on my list for a while now. And their Github here.
I think you are going to have trouble with this pricing. Limiting the different view types to only the paid level I think will cause a significant blocker for most people. I believe there are other self-hosted options without this limitation (seatable), and much more powerful (non-self hosted options) with much more generous free tiers in terms of functionality.
Personally, I'd keep most of the enterprise-ish integrations in the paid level. So, then someone can leverage the full functionality of the app, but would have to either develop a custom integration via the API, or opt for the paid level to avoid the cost of development. In my experience, you are likely to get most businesses to pay if they really need self-hosting.
Without supporting the views, I think it will be hard to get people in the door using it for smaller, personal needs, before deciding to adopt it more broadly.
I recently stumbled upon Vikunja.io I love how you can easily switch between a classic list view, Kanban and Gantt. It supports multiple users and teams, importing from other todo apps and can sync through Caldav. The android app is in early development but looks promising. Oh, and is has a desktop app.
I've been using FreeOTP+ for quite some time so that i can sync between 3 devices as well as chrome extensions. /u/Dikaiarchos
DigitalOcean has a good write-up for installing UnrealIRCd. Then use Shout or The Lounge for selfhosted web clients.
i think you're overcomplicating things.
Nginx is actually a very simple tool in that you don't need to provide more than absolutely necessary to any given server block.
Try this config, as your primary nginx.conf file, as it's ONLY going to be used for rocketchat, this will at least see if you can get up and running:
https://hastebin.com/iravorejav.nginx
modify where indicated, everything else can be left the same
> The 1 line explanation is that when you buy a domain, you usually route the domain & all subdomains to one place. A Reverse Proxy is a magic box that takes those subdomain (eg: mumble.your.domain OR otherservice.your.domain) and redirects them inside your network (both internal IP & specific ports). This means you only need port 443 & port 80 open (yes it's fine to keep port 80 open, see this: https://letsencrypt.org/docs/allow-port-80/), regardless of what port the service actually runs on.
Ah, I see. This was confusing me so much. I couldn't understand why would I need ports 80 and 443 open, when I don't want to host webcontent (nginx being a webserver, but also reverse proxy really threw me off). But reality is, the communication will simply be routed trough this port wherever I want on the local network.
If anyone puts together a docker-compose yml i would be soooooooo happy and thankful.
Edit: I think I did it.
Follow the instructions for Docker per the github instructions.
git clone https://github.com/benbusby/whoogle-search.git cd whoogle-search docker build --tag whooglesearch:1.0 . docker run --publish 8888:5000 --detach --name whooglesearch whooglesearch:1.0
Then kill it
docker rm --force whooglesearch
Then make a docker-compose.yml with:
version: '3.3' services: whooglesearch: ports: - '8888:5000' container_name: whooglesearch image: 'whooglesearch:1.0'
Then start it
docker-compose up -d
I'm doing this on a QNAP (ContainerStation), so no git for me. Instead of the git command above I used
wget https://github.com/benbusby/whoogle-search/archive/master.zip unzip master.zip
Check out Meilisearch: https://www.meilisearch.com/
We were able to implement this in some of our apps within 30 minutes with extremely fast response times. 👍
Also, we’re running it on servers with less than 4GB of RAM.
Personally I have been using ShareX for the past year. I have nothing but great things to say about this application and the endless features it has. Currently, I have it tied to my personal web host FTP and website so it acts just as a Gyazo with my own domain. Additionally, I can upload files with the same results.
If you do not have a domain to use the application also allows for the use of Imgur and other image hosting websites.
https://www.passbolt.com/ - still under development, imho a very good approach. Used it for the last 4 months and still happy. You can share password but only to one user at a time and not on groups, maybe this will come as a feature. Edit: with version 1.5.0 the group feature will be ready \o/
Youtrack is a fantastic project management tool and issue tracker. So much better than Jira and best of all: Jira is no longer supporting self hosting. Youtrack does!
ELK: Elasticsearch, Logstash, Kibana
Logstash: operates like a syslog server, taking in logs from various machines or applications.
Elasticsearch: Operates like a query-able database to easily dig down into the logs stores. You can make custom queries very easily to aggregate data, even between different logs.
Kibana: A graphical web frontend for Elasticsearch that allows easy creation of charts, graphs, or outputs from custom queries into a table in order to visualize trends in your logged data.
I have to second this. Email is a nightmare to administer well. The best thing is to own your own domain, and use someone(really, anyone) else to provide the e-mail service for it. If you do self-host, it's much easier to self-host incoming email than outgoing.
On the incoming side the biggest headache is spam filters. They require regular maintenance, updates, and tweaking to work effectively as the spam world changes. Hosted services have much larger data sets to work with in training their spam filters, this lets the good ones adapt faster.
The outgoing side is where things get really rough. If your IP has ever been used for spam before, you will be punished for it. If it falls into a network block that can be used for spam, you will be punished for it. Most low barrier to entry hosts will be in IP blocks that count against you in spam filters. Unless you have your own IP block registered under your own organization, you will never be treated as an independent entity by the spam filters.
Two services I can recommend for outgoing mail are https://sendgrid.com and https://www.sparkpost.com