Selfhosted

I'm looking for some advice or alternate perspectives on what I should do with my server.

I built it in 2018 with a Ryzen 2700X, X470 Taichi, 32GB RAM, 1080TI, and it's (now) up to around 100TB raw in storage space that I've been adding bit by bit in this Fractal Define R6 case. It hosts Plex, the *arr stack, Qbit, but also is used for my general purpose PC stuff like shitposting, 3d printing (CAD and slicers), retro gaming (roms and emulators), general NAS storage, etc and it all runs on Windows 10 (which is where the issue arises).

I knew long term that Windows would be an issue (but didn't and still don't have adequate knowledge of Linux), and it's now to the point that things are becoming a bit unstable and I would like to split the server stuff out from everything else and put it in a dedicated machine. In addition to the above services, I also have a Pi with HomeAssistant that I'd like to migrate to the new server along with setting up Frigate to gain some object recognition with my NVR camera setup

I am wanting to do this in the most efficient and economical way but I'm not sure what the best path to choose is.

Option A) Slap a Ryzen 5xxx into my current system and migrate to another OS like TrueNAS, build something small and lightweight for general PC stuff

Pros- Less stuff to buy

Cons- data migration out of Windows (SnapRAID + Drivepool) will be an issue as I'll need to have both the 'old' and 'new' server running at the same time to copy everything over

Option B) build a new server

Pros- can switch to Intel for the iGPU, newer hardware with more longevity and efficiency, data migration is easier

Cons- more cost, I'll want to reuse my case so I'll need to cobble together a solution during data migration, not sure what to do the current hardware that's leftover as I'm not big on Marketplace selling.

Option C) ??

I'm not exactly dead set on what to run on the server for an OS or hypervisor. I've briefly looked at Proxmox which would be nice for my dynamic interests but as I said I'm not exactly proficient in Linux for the media OS. I recently saw a video on TrueNAS which appeared easier to setup and manage, but it doesn't seem to be the right choice for VMs and whatnot.

And advice or suggestions are greatly appreciated!

Long story short, my VPS, which I'm forwarding my servers through Tailscale to, got hammered by thousands of requests per minute from Anthropic's Claude AI. All of which being from different AWS IPs.

The VPS has a 1TB monthly cap, but it's still kinda shitty to have huge spikes like the 13GB in just a couple of minutes today.

How do you deal with something like this?
I'm only really running a caddy reverse proxy on the VPS which forwards my home server's services through Tailscale. "

I'd really like to avoid solutions like Cloudflare, since they f over CGNAT users very frequently and all that. Don't think a WAF would help with this at all(?), but rate limiting on the reverse proxy might work.

(VPS has fail2ban and I'm using /etc/hosts.deny for manual blocking. There's a WIP website on my root domain with robots.txt that should be denying AWS bots as well...)

I'm still learning and would really appreciate any suggestions.

I set it to debug at somepoint and forgot maybe? Idk, but why the heck does the default config of the official Docker is to keep all logs, forever, in a single file woth no rotation?

Feels like 101 of log files. Anyway, this explains why my storage recipt grew slowly but unexpectedly.

Is there anyhwhere that has any kind of benchmark for different hardware when hosting minecraft servers? I'm considering migrating to my homelab from a sparkedhost instance but I dont know if it'll be worth potentially worse performance (Ryzen 7000-series x3 vCPUs versus my i5 9500 running concurrent services)

I set up Immich on a spare mini PC running Linux Mint with a spare external HDD to store the library. Used Docker compose as recommended on the website. Everything was working great last night. Then this morning I decided to move the mini PC to a more permanent location. I powered down and moved it. When everything restarted though I discovered that I was unable to c9nnect to the immich server. I went onto the mini PC and the local host and all it says is, "connection was reset." I have tried restarting docker from terminal several times and it says the immich services are running. I still cannot connect to the server though. What can I do to fix this?

Hey,

currently I am at a loss with my setup and can't figure out whats going wrong. I'm preparing a migration of my private root server to my @Home Setup. The idea was to create a DMZ for all those Server with Public Internet Access and put them into a DMZ.

Now I got a Public OPNsense, some Modem from my ISP, a Unifi Dream Machine (that manages LAN and stuff) and another OPNsense inside my DMZ.

There is a Wireguard Tunnel connecting the two OPNsense, the local one got a 0.0.0.0/0 route as Peer Network.

If I now try to access any Website, managed by the Nginx Proxy 192.168.1.1/24, it works fine as long as the Website is inside the DMZ.

My Problem now is to make the green path happen to access stuff inside my LAN over the Public OPNsense.

The proxy is able to curl the LAN Websites and i can Ping and Trace all the IPs but something is broken. I can see the Packages arrive at the LAN website and make it back to the public OPNsense but my browser will always get a "timed out" :'(

I just got a dl380 G7 for free, with one processor. And 6 free 2.5 drive slots (2 of them are in use). I want to move my services to the new server hardware and repurpose my old media server but I'm a bit out of my depth, never worked with this type of hardware before.

1. I didn't exactly check what processor is installed. Do you think it will be able to handle transcoding?

2. I have a sata drive case with 5 3tb 3.5 HDDs which I used to use as storage for my media server. How would I go about connecting it? I'm happy with software raid.

I'm thinking about geting this HBA (sc08e), a couple of sas <-> sata cables and an external power supply. But it is clunky.

I also read about maybe using cable connectors for the drives in the dl380. Maybe like this?

I love the idea of having a DAS but don't want to spend that amount of money. Will keep my eyes open for one tho.

Thanks!!

I've feel like I've used Plex forever. I also feel like every couple years I try Jellyfin to see how it's going. Recently I tried it again because of Plex restriction on more than one user.

Well, I just tried it again and it's substantially improved! This time it actually properly detected most of my library!

Also the Android TV app is AWESOME! No more glitches, lagging, and freezing trying to play my stuff like Plex did. It is butter smooth.

Wow! I'm impressed and I just deleted Plex. Good riddance.

Apparently US bandwidth was reduced to 1TB for their base plan, though they have 20TB for the same plan in Europe. I don't use much bandwidth right now, but I could need more in the future depending on how I do backups and whatnot.

So I'm shopping around in case I need to make a switch. Here's what I use it for:

• VPN to get around CGNAT - so all traffic for my internal services goes through it
• HAProxy - forwards traffic to my various services
• small test servers - very low requirements, basically just STUN servers
• low traffic blog

Hard requirements:

• custom ISO, or at least openSUSE support
• inexpensive - shooting for ~$5/month, I don't need much
• decent bandwidth (bare minimum 50mbps, ideally 1gbps+), with high-ish caps - I won't use much data most of the time (handful of GB), but occasionally might use 2-5TB

Nice to have:

• unmetered/generous bandwidth - would like to run a Tor relay
• inexpensive storage - need to put my offsite backups somewhere
• API - I'm a nerd and like automating things :)
• location near me - I'm in the US, so anywhere in NA works

Not needed:

• fast processors
• lots of RAM
• loose policies around torrenting and processing (no crypto or piracy here)
• support features, recipes, etc - I can figure stuff out on my own

I'll probably stick with Hetzner for now because:

• pricing is still fair (transfer is in line with competitors)
• can probably move my server to Germany w/o major issues for more bandwidth
• they hit all of the other requirements, nice to haves, and many unneeded features

Anyway, thoughts? The bandwidth change pisses me off, so let me know if there's a better alternative.

"Youlag" is a theme and extension for the feed aggregator FreshRSS. It delivers a video-focused browsing experience for your YouTube RSS feeds, all within FreshRSS, with a sleek theme and extra features.

Supports video feeds from YouTube, Invidious, and Piped.

Why?

The general idea is to subscribe to YouTube channels via RSS, allowing you to follow your favorite creators without an account. With Youlag installed, you can browse and watch videos in a familiar, YouTube-like interface.

More features are planned, including video queuing (with some limitations).

Git repository for more details:

https://github.com/civilblur/youlag

Features:

• ⭐ Optimized for Video Viewing
  • Browse your YouTube, Invidious, Piped RSS subscriptions with ease.
  • Clean, familiar video platform layout.
  • Fullscreen viewing for videos and feed items.
  • Quickly exit videos with Esc key.
  • Shortcuts for external viewing: "Invidious", "YouTube", or "YouTube embed view" (for less distraction).
  • Dark mode.
• 🖥️ Desktop & Mobile
  • Reponsive design.
  • Redesigned menus for better one-handed navigation.
  • Improved readability and legibility across devices.

Since v3.0.0, and currently v3.0.2, Youlag has been refactored from a CSS theme to work more like an extension. This has improved stability and allowed me to add more features.

It's still not yet a native FreshRSS extension, but my plan is to convert it to one.

Edit 2025-02-23:

Please use the latest release, which is v3.0.4 as of writing.

AFAIK every NAS just uses unauthenticated connections to pull containers, I'm not sure how many actually allow you to log in even (raising the limit to a whopping 40 per hour).

So hopefully systems like /r/unRAID handle the throttling gracefully when clicking "update all".

Anyone have ideas on how to set up a local docker hub proxy to keep the most common containers on-site instead of hitting docker hub every time?

I'm trying to setup owncloud with single sign on using Authentik. I have it working for normal users. There is a feature that allows automatic role assignment to users so that admin users from authentik become admin users for owncloud.

This is described here: https://doc.owncloud.com/ocis/next/deployment/services/s-list/proxy.html#automatic-role-assignments.

In this document, they describe having attributes like

- role_name: admin
  claim_value: ocisAdmin

The problem I have is I don't know how to input this information into an Authentik user. As a result, owncloud is giving me this error:

ERR Error mapping role names to role ids error="no roles in user claims" line=github.com/owncloud/ocis/v2/services/proxy/pkg/userroles/oidcroles.go:84 request-id=5a6d0e69-ad1b-4479-b2d9-30d4b4afb8f2 service=proxy userid=05b283cd-606c-424f-ae67-5d0016f2152c

Any authentik experts out there?

I tried putting this under the attributes section of the user profile in authentik:

role_name: admin
claim_value: ocisAdmin

It doesn't work and it won't let me format YAML like the documentation where the claim_value is a child of the role_name.

I just spent 2 hours trying to figure out why fail2ban didn't increment the ban count.

***
a/fail2ban/etc/fail2ban/jail.local
+++ b/fail2ban/etc/fail2ban/jail.local
@@ -1,6 +1,6 @@
 [DEFAULT]

-bantime.incremet     = true
+bantime.increment    = true
 bantime.rndtime      =
 bantime.maxtime      =
 bantime.factor       = 1

After I found that I seriously considered becoming a goose farmer.

Nextcloud, Qbittorrent, Truenas and loads of other svcs take optional email credentials for sending alerts and other features (eg. password recovery for nextcloud).

What email providers do people usually use to make this process simple to set up? For example, Microsoft doesn't allow basic auth anymore so it's supposedly not possible to use via most of these setups, and some other services seem like they have a low inbox size (does this matter?)

This can be used to create a virtual GPU that you pass to hosts. This is applicable to pretty much any Linux system like Proxmox. I do wish it supported newer hardware.

I've tried GetHomepage and while I've configured most of it I've had a few troubles due to the instructions being very incomplete and confusing.

The one problem that eluded me was setting paperlessngx widget. Worth nothing that, unlike the other services, paperlessngx is running on docker-compose on my server. While the widget detects the service, it never gets any information

Eventually it just gives an API error

# services.yaml (just the relevant part)
   
     - Paperless-ngx:
        href: http://<myserverhost:port>
        description: Document Management System
        icon: https://static-00.iconduck.com/assets.00/paperless-icon-426x512-eoik3emb.png
        server: paperless
        widget:
          type: paperlessngx
          url: http://<local-ip:port>
          token: <token-configured-inside-paperless>


    #docker.yaml

    paperless:
      host: <local-ip>
      port: <port>    

I'm out of ideas. Unfortunately the only instructions are on the site and they aren't easy to follow if you're not already familiarized with docker.

So way back when I used to use Mint.com to help me manage my finances. It worked great until Intuit bought them, ended the app, and redirected their customers to CreditKarma. I hated getting spam messages and haven't used a personal finance app for years. I finally set up ActualBudget and it great for budgeting but I want to keep track of investments, retirement holdings, property, and things outside of the monthly budget. I don't think ActualBudget does that. Are there any self hosted projects that helps me keep track of stocks, property, and other assets?

Edit: nevermind. Turns out my email host is already running spamassassin and I can configure it how I wish.

My email is hosted at mxroute. I'm happy with their pricing and service and don't want to selfhost my email. However, their spam management isn't great.

I just realised that it might be possible to run spamassassin myself, which will set spam headers on the emails which my email client (thunderbird) can then use to decide what to do.

There seems to be a bunch of poorly maintained / abandoned ways in which to do this. I thought I'd ask here just in case any one else is doing this and can help me skip to the end.

I was hoping for a docker container (or compose stack) that provides an IMAP proxy and runs spamassassin.

Any ideas and insights welcome. My email juggling could use some improvement.

I run a small server with Proxmox, and I'm wondering what are your opinions on running Docker in separate LXC containers vs. running a specific VM for all Docker containers?

I started with LXC containers because I was more familiar with installing services the classic Linux way. I later added a VM specifically for running Docker containers. I'm thinking if I should continue this strategy and just add some more resources to the docker VM.

On one hand, backups seem to be easier with individual LXCs (I've had situations where I tried to update a Docker container but the new container broke the existing configuration and found it easiest just to restore the entire VM from backup). On the otherhand, it seems like more overhead to install Docker in each individual LXC.

cross-posted from: https://lemmy.blackeco.com/post/1434522

To re-enable them, you have to set misc.etc_dnsmasq_d to true either by editing /etc/pihole/pihole.toml or using the pihole-FTL command:

sudo pihole-FTL --config misc.etc_dnsmasq_d true

Source