She may come to regret asking.
\n \n \n\n\n\n\n
\n ![\"image\"](\"https://rssglue.subdavis.com/media/79/79880dd17191763e9e69044d72c9b88177bb7c0cdcc2e180be41c9fd1d91b509.png\")
Buckle up sis, that's just the top 10% of the iceberg.
\n⬆️ 997 points | 💬 65 comments
\n
Buckle up sis, that's just the top 10% of the iceberg.
\n⬆️ 997 points | 💬 65 comments
CopyFail just dropped, it's a new Linux kernel vulnerability that gives attackers root privileges. https://arstechnica.com/security/2026/04/as-the-most-severe-linux-threat-in-years-surfaces-the-world-scrambles/
\n\nDebian has an updated kernel, Proxmox too. Looks like Raspberry Pi hasn't released an updated version yet.
\n⬆️ 366 points | 💬 162 comments
![\"image\"](\"https://rssglue.subdavis.com/media/2e/2e1a52b678394224281d0e59044fbae204aef8a07e8dd378bc5c612fdd0f3233.png\")
⬆️ 399 points | 💬 42 comments
https://github.com/dani-garcia/vaultwarden/releases/tag/1.36.0
\n\n\n\nSecurity fixes
\n\nThis release contains security fixes for the following advisories. We strongly advice to update as soon as possible.
\n\nSSO Login CSRF - GHSA-pfp2-jhgq-6hg5, GHSA-w6h6-8r66-hcv7
\nUser/Organization Enumeration - GHSA-hxqh-ff5p-wfr3
\nSSO existing-user binding - GHSA-j4j8-gpvj-7fqr
\nGHSA-6x5c-84vm-5j56
\nSSRF via Icon Endpoint - GHSA-72vh-x5jq-m82g
\nSome crate's updated and other minor security enhancements
These are private for now, pending CVE assignment.
\n\nhttps://github.com/dani-garcia/vaultwarden/releases/tag/1.36.0
\n⬆️ 254 points | 💬 14 comments
So my nas is getting big now slowly with around 8tb of data.
\n\nI run it on raid 1, but I wonder in the worst case scenario, I wanted to also have a off site backup. But obviously 8tb + on cloud is going to be expensive no?
\n\nHow are you guys storing your offline backup? And where do you guys store it?
\n⬆️ 264 points | 💬 196 comments
The Point: Holy shit LXCs are so cool and felt like black magic getting \"free\" RAM back. If you're newer, like me, and have just been using VMs instead of LXCs, you should look at changing that.
\n\nI started my server back in November knowing absolutely nothing about using Linux, using CLI, or Docker. At the same time, I also went in raw, jumping straight into Proxmox on three nodes. As a result, I ended up using a lot of the Proxmox VE Helper Scripts for initial setup and have since gone back and learned how to do a lot of things myself. One of the hugely inefficient decisions I made at the time was to use a VM for Docker instead of an LXC.
\n\nFor context, two of my nodes are running an i3-5005U and 8gb of soldered DDR3 RAM. One of those machines was exclusively running a VM to run Docker containers largely centered around downloads. On average, I was hitting ~30-50% CPU on the PVE host and ~7GB RAM usage.
\n\nSwitching to an LXC has brought that down to 10-25% CPU and ~2-2.5GB RAM usage. A machine that felt like it was at its limit suddenly gained immense amounts of headroom.
\n\nJust wanted to put this out there for anyone procrastinating switching some VMs to LXCs. In my case, it was worth the relatively low amount of effort to free up such a significant amount of resources.
\n⬆️ 251 points | 💬 83 comments
These two are the most incredible technologies on the modern Internet. The Web is finally free and open again, just as Tim Berners-Lee intended it so many decades ago at CERN. People are finally taking the Web back from corporations, and it is amazing to see. Tailscale is going to be the biggest tech company in the world by the next decade, and the GTA will overtake the Bay Area as the world's tech capital.
\n⬆️ 232 points | 💬 75 comments
https://www.reddit.com/gallery/1swsb7o
\n\n\nAfter a lot of trial & error (and a few docker restart moments 😅), I finally got my dashboard where I want it:
All running on a Raspberry Pi 5 with a clean and optimized Docker stack.
\n\nStill a work in progress (because let’s be honest… a homelab is never “finished”), but it’s already my daily control center.
\n\nWhat would you add next? Any ideas for the next upgrade?
\n⬆️ 333 points | 💬 37 comments
![\"image\"](\"https://rssglue.subdavis.com/media/67/67879ef8aa4e2df4e3cb19c108371e5def78035f3fa018cb4985c352d5b7beea.png\")
What is Hound?
\n\nHound is a self-hosted, open-source media server, like Plex/Jellyfin, but with the extra ability to stream content through P2P (torrent) or HTTP/Debrid without downloading first. With Hound, you have the flexibility of fully controlling your media like Jellyfin, but can also stream instantly ala streaming services. It's the best of both worlds.
\n\nI posted about Hound in this sub years ago, when it was originally built as a simple movie/tvshow tracker. Since then Hound has evolved into a full media server. Link.
\n\nLinks
\n\nFeatures
\n\nDemo
\n\nNote that the web portal isn't optimized for mobile yet:
\n\nAccess the demo here.
\n\nusername: selfhosted\npassword: password\nThis is just the web portal, for actually watching content you'll want to use the apps
\n\nPlatforms
\n\nAndroid and Android TV apps are available, you'll need to sideload the APKs. iOS and tvOS require a bit more time for testing and to distribute through TestFlight. They share the same code (built on React Native TVOS) so most of the effort is done.
\n\n\n\nInstallation
\n\nDocker compose is the recommended way to install Hound:
\n\nservices:\n hound-postgres:\n container_name: hound-postgres\n image: postgres:18\n environment:\n POSTGRES_DB: hound_db\n POSTGRES_USER: hound\n POSTGRES_PASSWORD: super-strong-password\n volumes:\n - ./Hound Data/postgres_data:/var/lib/postgresql\n healthcheck:\n test: [\"CMD-SHELL\", \"pg_isready -U hound -d hound_db\"]\n interval: 5s\n timeout: 5s\n retries: 5\n\n hound-server:\n container_name: hound-server\n image: houndmediaserver/hound:latest\n depends_on:\n hound-postgres:\n condition: service_healthy\n ports:\n - \"2323:2323\"\n environment:\n - POSTGRES_DB=hound_db\n - POSTGRES_USER=hound\n - POSTGRES_PASSWORD=super-strong-password\n - HOUND_SECRET=super-strong-secret\n volumes:\n - ./Hound Data:/app/Hound Data\n # (Optional) attach your media library\n # IMPORTANT: Please read the docs before doing this\n # - /path/to/movies:/app/External Library/Movies\n # - /path/to/shows:/app/External Library/TV Shows\nPOSTGRES_PASSWORD on both hound-postgres and hound-server servicesHOUND_SECRETThen run docker compose up -d
Access the web portal at port 2323:
http://<ip-address>:2323\nusername: admin\npassword: password\nMake sure you change your password immediately.
\n\nNext, you'll want to set up a provider next to start watching content, refer to the guides below:
\n\n\n\nWhy Hound?
\n\nWhen I set up Jellyfin for my friends and family, I found that they kept switching back to Netflix/Prime when it was more convenient. Today, the Plex/Jellyfin ecosystem is quite mature. But for some (especially older) people, using a separate app, requesting content first, and waiting a couple minutes (or even longer) can be unintuitive/inconvenient. It's much nicer to be able to scroll and discover content, and watch immediately in seconds.
\n\nFrom an admin perspective, drives are getting increasingly expensive, and larger libraries drive electricity costs even more.
\n\nMy vision for Hound was to have all the advantages of self-hosting media, with the flexibility of streaming. You can still curate a library with whatever content you like, but for content not yet downloaded in your library, Hound switches automatically to P2P/Debrid streaming, so it's a seamless experience for users.
\n\nHound is in Beta + Pricing
\n\nHound is in Beta, so please expect bugs and run backups often. Although Hound is completely self-hosted and open source (AGPLv3), there will be a paid tier when Hound leaves beta:
\n\nUnfortunately, unlike the amazing maintainers at Jellyfin, I can't keep Hound free. I thought long and hard about pricing that respects self-hosting and open source philosophies. I settled on this model so anyone can try Hound and all its features for free, and have an informed choice on whether or not to purchase.
\n\nSince Hound is completely open-source, I can't stop you from forking and removing the license checks. Instead of doing this, if you contribute to Hound's development actively, I'll give you keys upon release.
\n\nYou can't actually purchase yet since we're in Beta, but I wanted you to know in advance.
\n\nPlease try the demo and leave feedback! If you like the project, please consider adding Hound to your stack, and even contributing!
\n⬆️ 228 points | 💬 96 comments
![\"image\"](\"https://rssglue.subdavis.com/media/4d/4d70c0de1e8217986c645dcfb10dac7a67de76949d1a8232ca18f1330cf09f5c.png\")
Just learned about S3-style object storage and was looking into self-hosted options for my homelab. Came across MinIO and got pretty excited because it seemed like exactly the kind of thing I’d want to learn and maybe use.
\n\nThen I noticed the repo is archived, which was a bit discouraging.
\n\nI know that doesn’t necessarily mean the software is dead, but it made me pause before building around it.
\n\nFor those using MinIO, would you still adopt it today for a homelab? Or would you look at alternatives instead?
\n\nCurious what people here are doing.
\n⬆️ 310 points | 💬 62 comments
The title took me a while to land on, but the thoughts behind it have been sitting in my head for months. I've been into homelabing since early 2020 with my first build, then a second, then a third, then whatever my bank account allowed after that. It's been a lot of fun and tears. But lately browsing this community has had a edge to it, a lot of AI negativity that I mostly understand, and that's what I want to write about.
\n\nI'm a programmer by trade, actually army before, but released and went back to school. The usage of AI at work has increased and I don't see that trend stopping quite yet, AI is useful as a companion to handle tedious tasks like documentation, reviewing SQL, tedious front-end markup, one shot scripts etc.. But using it to one-shot a whole application is risky and if published downright irresponsible and this is where I think most of the friction is happening, at least for me.
\n\nWhen I see the AI projects posted here, with my experience, I think I can separate the wholly vibe coded ones from those that AI was used to assist, the latter I don't mind, despite what some Luddites say, that's what the industry is like now. When you code something for your own use, the blast radius is limited, thing could run horribly and it won't matter, you are the only one that suffers the consequences, but if you publish this code you need to take ownership of it and ownership brings responsibilities that you need to shoulder. Even as a programmer I don't take this lightly, this is not something people should dismiss with the command git push origin main.
It's one of the reasons I don't publish my stuff, or at the very least don't advertise it, not because it's vibe coded, it isn't, it's because I still need to take responsibility for it, that's time, effort and commitment that shouldn't be underestimated (many seems to). Maintenance is not a trivial affair, thinking about current and future users, how you approach breaking changes, how you architect things to avoid breaking changes as much as possible. Continuity of the project is also important, if you take your project seriously and your user base seriously you should have this in mind : \"What if I can't continue the project?\", archiving the repo and disappearing is not the right way to do things.
\n\nSo, before publishing and parading your project, you just need to ask yourself a simple question : \"Can I take ownership and responsibility for this code\". The answers will depend on your definitions of these concepts, but if you think about it for more than 5 minute, you might just realise your project should stay private.
\n\nPS: Here I am talking more about the moral/ethical implications when I talk about responsibilities and ownership, you are obviously responsible for what run in your machine. Excuse some awkward syntax or phrases, non native English speaker.
\n⬆️ 230 points | 💬 87 comments
![\"image\"](\"https://rssglue.subdavis.com/media/67/678baf07a849739bf087dd505d71551d91d4ed7b9e76691b009b07e5a22b5106.jpg\")
So I have been working on my personal portfolio website for some time now, I had since forgot about it and had no motivation to expand it. I have been looking for the perfect usecase for my Pi Zero 2W, after moving my Pi-hole server from it onto my new Pi 5.
\n\nI then saw this post: https://www.reddit.com/r/selfhosted/comments/1sqvujn/selfhosted_public_website_running_on_a_10_esp32/
\n\nAnd it honestly got me excited to update my site, and move everything over the Pi. It is certainly much easier to run my site, from a measly 512KB of ram to just about 512MB.
\n\nThe site is finally in a state where I feel comfortable sharing it, and I hope you guys like the aesthetic. There is a guestbook to sign as well :)
\n\nSite:
\nhttps://spellbound.sh
⬆️ 220 points | 💬 19 comments
Hey, here's the HortusFox dev again.
\n\nI got inspired by Dan Brown's decision to abandon discord for a hosted zulip instance. And then it hit me...
\n\nBack in the day, software projects had a website, documentation and forum. Some had, in addition, an IRC channel somewhere. This just worked. It was an amazing way to foster community and keep control over your data.
\n\nSo, today I was very unhappy regarding enshittification again. I mean, we used to have soooo many platforms and sites back in the day. Now everything takes place on a handful of platforms. Internet monopolization by corporations. I know, this is no recent news. We all know that.
\n\nI believe forums may be a key aspect to regain digital sovereignty again. That's why I've decided to setup a forum infrastructure for HortusFox. When tinkering around, I eventually decided to go with Flarum. Simply because it's easy to install, uses the well-established Laravel framework and I like it's style from the ground without any additional extensions installed.
\n\nThe selfhosted community is one of the most aware communities when it comes to data protection and digital sovereignty. I love that! That's why I once again decided to post here. ❤️
\n\nAs for me, I am now going into the process of migrating from discord to flarum. I mean, discord feels great, it offers many features, but it's eventually centralized, it only has closed communities in terms of SEO and recent decisions in terms of age verification are concerning. The latter one is also a reason why I finally abandoned publishing play store apps three years ago, and went fully PWA. Microsoft Store does the same now (removed sign-up fee in favor of ID verification).
\n\nMaybe I'm a bit carried away, but imagine, if even the reddit communities such as r/opensource or r/selfhosted would abandon reddit in favor of a forum-based communities run by volunteers? Reddit is not our friend. And various decisions to wipe out third-party apps and pushing echo chambers aren't really something I consider \"the heart of the internet\". By the way, did you notice Reddit now tests forcing people to use the mobile app when they browse reddit via a mobile browser? Pretty sure, they will eventually rollout this \"feature\".
\n\nWhat do you think? Both developers and selfhosters, would you like the idea that we turn back to forums again?
\n\nPS: HortusFox now also officially backs the open-source petition to have the german government acknowledge opensource work as volunteering by law. A big thanks to Boris Hinzer for launching the campaign.
\n⬆️ 203 points | 💬 43 comments
Hi there, I’m iSponsorblockTV’s maintainer.
\n\nIf you’re running iSponsorblockTV, you’ll need to pair your devices again since YouTube have changed the screenId format and are on the process of revoking all older codes.
\n\nFor those of you that don’t know, iSponsorblockTV allows you to use SponsorBlock on all YouTube TV devices (TVs, sticks and consoles). It can also click the skip button for you and mute native YouTube ads.
\n\nSadly there’s nothing that can be done on my part other than pairing devices again.
\n\nEDIT: the new screen id will be 64 hex digits long, compared to the old 26 characters
\n⬆️ 197 points | 💬 18 comments
![\"image\"](\"https://rssglue.subdavis.com/media/3d/3d3c51fe9cc03cf8492482fe96407195480a2cda8b74ece8dc6c05bde6bf4d1d.jpg\")
This is my setup. Image made by AI but overall looks like this. There is no connection between proxmost host and media but proxmox uses my truenas storage (16TB). I removed everything. Nginx isn’t connected anymore. Everything is LAN. Started homelabbing in Feb with no background.
\n\nWatched a lot of videos and read too many posts on here. I run apps I vibe code for personal use.
\n⬆️ 200 points | 💬 42 comments
![\"image\"](\"https://rssglue.subdavis.com/media/54/544976dea98930eea084b0cb51139de1d176355b8b22b5dcc5d469c4f435bf30.jpg\")
My homelab does have the usual rack of stuff (Dell Poweredge R730s and ECU servers), but this one ESP32 sits separately on the wall and serves a public website entirely by itself. No nginx or apache, no Pi, no container... just a $10 microcontroller holding an outbound WebSocket to a Cloudflare Worker that fronts the traffic.
\n\nThe original launch of this back in 2022 ran for ~500 days before the original board burned out in 2023. The site sat as a read-only archive until now. I relaunched it after rebuilding it from the ground up with a lot of redundancy in mind such as a Worker relay, daily off-site backups to R2, and more, check out the project's README.
\n\nSite: https://helloesp.com
\n\nCode: https://github.com/Tech1k/helloesp
\n\n---
\n\nUpdate: So slight miscalculation on how popular this was going to get, this was a good stress test of the ESP to say the least. The hug of death hit way harder than I anticipated lol
\n\nI believe the ESP32 has fully crashed or it's exhausting heap in a loop. It's not even showing up on my router now. The Cloudflare Worker is still serving the offline page in the meantime which is expected. Probably not the best idea to have made this post while I was at work and away from it. I will reboot and investigate this when I'm home and make adequate changes to get it back online and stable!
\n\nUpdate to the update: it has risen from the cold grasp of offline darkness and reconnected as the WiFi watchdog kicked in and rebooted it automatically. Requests are getting served again and I managed to regain access to it on LAN. Cloudflare is back to showing timeouts for some while others get through (expected behavior). I may lower the SSE cap and raise the min heap threshold. It's back to just getting overloaded at the moment. I will investigate further and see what I can make changes on later to help keep it afloat and serve more requests on 520KB of ram lol
\n⬆️ 467 points | 💬 35 comments
https://socket.dev/blog/bitwarden-cli-compromised
\n\n\n\nSame as the title. The Bitwarden CLI has been compromised and it would be good to check your stuff. I know how popular Bitwarden is around here.
\n⬆️ 723 points | 💬 152 comments
so i've been telling this client for 2 years their site was slow because of shared hosting
\nthey finally listened after a competitor started ranking above them on google
moved them to a KVM VPS, same wordpress stack, nothing else changed
\npage load went from 3.2 seconds to 0.9 seconds. that's it. that's the whole story
the amount of money they lost over 2 years because they didn't want to spend an extra 15€ a month is genuinely painful to think about
\n\nif your site is on shared hosting and you're wondering why it feels slow, it's that. it's always that
\n⬆️ 338 points | 💬 32 comments
Something that’s really bothering in the last years is how much we’ve allowed information to be gatekept by Discord, especially in the selfhosting scene.
\n10 years ago if you ran into a problem installing software, you could just go to the devs forums and look for someone who already had this problem solved.
\nNowadays you have to join a discord server, use their shitty search bar, don’t find what you want, and ask a burnt out dev who already gave out the same answer a million times.
From this observation I’m wondering the following question: would you use an open-source forums solution you can deploy in seconds, ready to use out of the box?
\n\nI already built an MVP of something like that mainly as an addition to my portfolio, but I’m now wondering if I should bother packaging it into a “one-click” deployment to be used by other people.
\n\nThe concept is a minimalist & modern app to be used for small communities, events, or even friends & family. It is completely usable out of the box, yet still really customizable, with a nice search bar to actually find the stuff you want.
\n\nI’m not selling anything, I genuinely want to know if the data gatekeeping is a concern for you too, and if you would be interested in a solution like this for your own needs.
\n\n(also there is no vibecoding here, it’s a legit project for me to learn and develop my dev career)
\n⬆️ 351 points | 💬 204 comments
Most of us start by slapping a reverse proxy (like Nginx Proxy Manager or Traefik) and maybe Tailscale or Wireguard on our setups. But for those of you exposing specific services directly to the web, how far do you take your server hardening?
\n\nI usually stick to a strict baseline (Fail2Ban/Crowdsec, UFW, disabling root SSH, key-only auth, and isolating apps in Docker containers), but I’m curious about the more advanced layers. Are any of you actively running SOC-level monitoring, Wazuh, or strict SELinux/AppArmor profiles on your homelabs?
\n\nWhat is the one security measure you think the average self-hoster overlooks until it's too late?
\n⬆️ 364 points | 💬 187 comments
Hi all, it's been a few months and we've made some incremental updates to LubeLogger over that time.
\n\nIn case you've never heard of LubeLogger, it's a self-hosted vehicle maintenance and fuel mileage tracker, you can log your service records and fillups in here and it will tell you exactly how much you've spent your vehicles.
\n\n\n\n\n\n\n\nFirst, as stated in our previous post here with the big UI update, we were going to start converting the grids in mobile views to cards, which makes it a lot easier to see all data without horizontal scrolling on small vertical screens, and that's finally delivered. If you prefer the older grid view in mobile, there is an option to revert in the Settings page.
\n\n\n\nSecond, there are now real-time notifications built within the app, if you follow us on the r/lubelogger subreddit, you might have heard of a daemon service that needed to be deployed separately, well that's no longer the case as we have integrated the daemon features into the LubeLogger app itself. Real-time notifications will allow you to immediately be notified when a reminder has its urgency changed to an urgency that you're tracking(i.e.: a reminder went from Not Urgent to Urgent), and it can be integrated with nearly every notification service out there as long as they take a HTTP POST request(there are samples for NTFY, Gotify, and Discord in the Documentation), if you don't wish to use an external notification service, it can also be configured to use the pre-existing SMTP settings.
\n\n\n\n\n\nAs part of this, there are also Automated Events that you can now configure, some examples of what you can do with Automated Events:
\n\nHere's what the automated backup email looks like:
\n\n\n\nThird, there is now a smoother way to onboard OIDC users with SSO-specific registration options
\n\n\n\nMisc. Improvements:
\n\nCSV's are now validated before any imports are performed, and it will tell you what went wrong/was formatted wrong:
\n\n\n\nYou can now add multiple recurring reminders to Plan Records and you can modify which reminders are tied to these plan records all the way up until the plan is marked as done
\n\n\n\nOn that note, there are now QR Codes that you can generate that can either take you to a specific record or to add a new record:
\n\n\n\nIf you want realtime events coming from LubeLogger but you don't want a webhook integration, you can now use web sockets which works on a pub-sub model.
\n\n\n\nAnyways, that's it from us for this update, have a great Summer and we'll see you in Fall.
\n⬆️ 339 points | 💬 47 comments
I setup the hagezi ultimate adblock list in pihole a few months ago and didnt think much of it after that. Today I am chilling and trying to avoid working too much on a Friday afternoon when I get an alert from uptime kuma that my nginx-proxy-manager stopped responding.
\n\nI check the docker container first, everything is green and logs look fine, weird but lets restart it just to be sure. No change, hmmm well I can access the demo page at the direct IP so maybe its not this, lets check the DNS resolve.
\n\n > nslookup proxy.homelab.com\nServer: 10.0.1.66\nAddress: 10.0.1.66#53\n\nName: proxy.homelab.com\nAddress: 0.0.0.0\nName: proxy.homelab.com\nAddress: ::\nOdd that should be resolving to the 10.0.1.66 server not 0.0.0.0 I wonder what changed. I dig around in the Pihole logs for a bit and discover that my domain was actually added to the offical blacklist. I am not really sure how since my public footprint is minimal, gets virtually zero traffic except for some bots to the root domain, and definitely doesn't serve ads. Either way I was able too lookup the commands to white list my domain in Pihole and bam everything was back to normal.
\n\nJust some friday fun.
\n⬆️ 333 points | 💬 54 comments
Sharing something I've been running for a few months that's become one of the most useful things on my homelab.
\n\nThe stack:
\n\nWhat it does:
\n\nSix n8n workflows that run on schedules and replace what I used to do manually every week:
\n\nArchitecture notes:
\n\nThe stack runs entirely on self-hosted n8n. No recurring SaaS costs beyond SimpleFIN (~$15/year) and Anthropic API calls (~$0.01/100 transactions). Everything else runs on your own infrastructure.
\n\n\n⬆️ 307 points | 💬 106 comments
![\"image\"](\"https://rssglue.subdavis.com/media/10/10b071d14acc82d1f85384dff40031dd8b5a1acf73493bd3e75681ff35ac1d02.png\")
⬆️ 1,167 points | 💬 29 comments
![\"image\"](\"https://rssglue.subdavis.com/media/03/037c239523c5612e144a01689f8803db0e5c7081415cb0aca9e7653e40b91fc7.jpg\")
⬆️ 417 points | 💬 75 comments
https://www.reddit.com/gallery/1sie9qy
\n\n\nWhen I started Borg UI, it was a personal problem. I needed a reliable way to back up my Immich photo library. I knew how critical backups were, and I wanted something I could actually trust. Four months, 1,100 stars, and 150k Docker pulls later, here we are.
\n\nThank you. Genuinely. Every star, issue, and kind word kept this going. ❤️
\n\nWhat's been happening under the hood
\n\nOver the past few months I've closed 250+ issues, pushed combined test coverage to 64% (backend 58%, frontend 81%), and built out smoke tests, integration tests, and unit tests across the stack.
\nI have 10+ years of software development experience and code quality matters deeply to me. AI helped me move faster on glue code and boilerplate, but every critical path has been manually tested and reviewed. This tool runs on production data. I treat it that way.
Introducing Borg UI 2.0
\n\nWebsite: borgui.com
\nDocs: docs.borgui.com
\nGithub: https://github.com/karanhudia/borg-ui
\nOld Post: https://www.reddit.com/r/selfhosted/comments/1p5fg68/borg_ui_web_interface_for_borgbackup_for_your/
If Borg UI has been useful to you, a star ⭐ on GitHub goes a long way. And if you have feedback, ideas, or just want to say hi, I'm here.
\n\nThanks for being part of this.
\n\nCONTEXT (FROM OLD POST): I had been using BorgBackup via command line for a while to create backups of my Immich library (self-hosted photo management tool). It felt very tedious to continuously monitor, and maintain while creating a backup, scheduling or restoring, especially via SSH. I have docker containers for everything else, so I thought why don't I put together a Web UI that makes it easier to manage.
\n\nIt runs as a Docker container (no config needed).
\n⬆️ 433 points | 💬 104 comments
https://www.reddit.com/gallery/1sitp0y
\n\n\nHi. So... a little while back I lost my job and then shortly after had a pretty serious injury that required surgery and months of recovery.
\n\nDuring that time, a family member asked if I could help go through decades worth of old hardware they had lying around and figure out what to keep, what to donate, and what to get rid of. It gave me something to focus on.
\n\nWhat started as simple inventory work slowly turned into something else.
\n\nI began trying to revive old machines - figuring out what each one was still capable of, what its \"best use\" might be, and how far I could realistically push it. Along the way I found a bunch of Raspberry Pis doing nothing, old laptops collecting dust, old hard drives that were either dead, decaying or somehow in perfect working condition despite having 50k+ power-on hours (made sure to stress test them with `badblocks`) and all sorts of forgotten gear that still had some life left in it.
\n\nI realized I actually really enjoy working within constraints - taking modest, mismatched hardware and trying to squeeze something meaningful out of it.
\n\nSo... this is the result of about 4–5 months of that process.
\n\nIt’s not the most powerful homelab by any stretch. I'm sure many of you are running far more capable setups and the Macbook Air that I'm posting this from can run circles around the hardware in the setup, but that wasn’t really the goal. This was more about experimentation, iteration, and seeing what I could build with what I had.
\n\nAnd with that, here’s the current state of my humble homelab. I'd love to hear your thoughts, roasts, advice or questions if you have any.
\n\nThis setup is by no means in it's final state. For instance, I've been working on moving some of my infrastructure over to being managed by Kubernetes, such as my project \"x\", which will one day live in the cloud. This homelab is already far more cohesive than anything I’ve built before - mostly because in the past I was always prioritized work-related needs rather than my own setup. While my body has healed, I am still looking for work in this challenging tech job market and, therefore, have the time to continue iterating and refining.
\n\nPS: There are some things I didn't cover, because it was getting too detailed. For example, on every machine that has a hard drive, I also have a docker stack that monitors SMART, does drive health analysis and routine scheduling of drive tests and more - a tool I plan to release as OSS, because I wanted something a little different (more advanced) than Scrutiny (Python/Flask + JS front-end... maybe rewritten in Go some day). Stuff like that, but I might post some more detail in the comments if anyone is interested.
\n\nAlso, for context on the “physical infrastructure”: everything is running in a basement workshop inside a converted storage closet.
\n\nTo deal with heat, I ended up improvising an extraction system using an old workshop fan mounted inside a cut-up plant pot, wired to a switch. It’s very much a MacGyver solution, but surprisingly effective at keeping air moving and temperatures under control (all hard drives stay at a comfortable 40-45°C / 104-113°F under normal load and stays in the safe zone when under heavy load).
\n\nAnyways, thanks! Have a great day!
\n⬆️ 442 points | 💬 48 comments
![\"image\"](\"https://rssglue.subdavis.com/media/0b/0b5109896e0587a608304b8a157d8fe27d582e0fe637e0ffae273bb4782f9eee.jpg\")
Sorry for a such a depressing title and the post. I just wanted a space to air out my frustrations and my sadness.
\n\nFirst before I get to my depressing part, I want to talk about my journey. I got intrested in self hosting during my undergraduate studies, graduated at 2024 and started this journey, initially I did not want to spend any money on this and used the really old laptop as my NAS for my services and had it accessible only through private network.
\n\nLast month i decided to have proper setup, bought a thermal paste, new cmos battery cleaned up my laptop and also bought a domain and setup cloudflare tunnel(I don't have a static IP).
\n\nThings were going good for a month but then issues started to occurred, the system heats to 71C, before fresh paste it heats up to 90C, found the problem to the exhaust fan. Then it was the failing harddisk and ram problems and system generally being extremely slow due to aging hardware.
\n\nWith the current RAM prices and Storage generally being extremely costly. It is massive investment and my current salary cannot even afford it.
\n\nAgain sorry for such a depressing post and I wanted to thank this community for all the help and resources it provided me to even start this journey learnt alot guys. Looks like my journey ends here.
\n\nThank you.
\n⬆️ 369 points | 💬 88 comments
Free tier users bumped from 3 to 6. Smart move because the difference between 3 and 5 was why I started on Netbird for my household.
\n\nOfficial Annoucement: https://tailscale.com/blog/pricing-v4
\n⬆️ 376 points | 💬 65 comments
I’m still pretty new to self hosting and I thought this could be a useful question for people like me too. What mistake taught you the most once you got into self hosting?
\n\nEdit: Thanks a lot to everyone here, I really appreciate all your advice!
\n⬆️ 346 points | 💬 356 comments
https://www.reddit.com/gallery/1smsed9
\n\n\nSo I've been using karanhudia/borg-ui for a few months now, very happy about it.
\n\nI recently upgraded to the newly announced v 2.0 and all I get is spam about upgrading to a Pro version, and how seemingly now I have a limited trial left.
\n\nWhat the heck? this app is built entirely using open source technology, and now the author is deciding to charge for it?
\n\nHas anyone considered forking? Or is there a truly FOSS community alternative?
\n\nI'm tired of using borgmatic, I need a decent solution to schedule borg backups in my NAS. I can't possibly be the only one in this situation. Any thoughts?
\n\nedit: alternatives found in this comment
\n\nedit2: author answered here
\n⬆️ 372 points | 💬 172 comments
I was thinking about the NSA scandals from years ago, the wiretapping, the underwater cables, the backdoors in datacenters. It was a massive international drama.
\n\nBut then you look at Cloudflare. By design, they are a massive, legal Man-in-the-Middle. They decrypt, inspect, and re-encrypt the traffic of millions of websites. We’ve reached a point where \"privacy\" means \"hidden from everyone EXCEPT Cloudflare.\"
\n\nIt’s the ultimate irony: developers are so obsessed with \"security\" that they put their entire stack behind a single US-based entity that holds the private keys to half the internet. We basically did the NSA's job for them, and we did it voluntarily because the dashboard is pretty and the CDN is free.
\n\nAm I the only one who finds this centralization terrifying, or have we just accepted that true end-to-end privacy is dead in the name of DDoS protection?
\n⬆️ 1,149 points | 💬 249 comments
![\"image\"](\"https://rssglue.subdavis.com/media/1a/1a99af608c60fe5bce2e310b62027906ff4d63c07572f9b01861a467485f7136.png\")
⬆️ 893 points | 💬 60 comments
![\"image\"](\"https://rssglue.subdavis.com/media/55/55099a6c8ca6012b7b5e7e19322930662b7fd48830d896b06f007bcbfa676d89.jpg\")
Hello all! Three weeks ago I asked a friend of mine to help me set up a Plex media server, I purchased a mini PC on the cheap (not pictured), an enclosure (not pictured), some hard drives, and while we were grabbing the supplies I saw this adorable little Pironman and grabbed it + a Pi5 as well. Setting up the Plex server with the arr stack was so fun and easy that I looked into what else I could host, wound up switching all of my music, e-books, audiobooks, podcasts, etc over to my new server. I have my Kobo e-reader working with Grimmory (huge shout out to those devs).
\n\nIn the process of implementing the 3, 2, 1 method for backup and eventually will switch my cloud storage over too!
\n\nThese selfhosted projects have been such a joy to do, I am so grateful to the community who has created such amazing software (and I’ve made sure to tip the devs when possible). Also, I’ve love doing these so much that I’ve begun writing my own project, inspired by Homarr as a sort of home management dashboard (tons of these exist but none have the features I’m looking for so I’m writing it and will release it in the future).
\n\nAnyway! This is my cute little setup, I had to get a mini monitor for the adorable lil Pironman. I have a mini keyboard too but can’t remember where I put it lol.
\n⬆️ 636 points | 💬 78 comments
https://www.reddit.com/gallery/1sbgjxk
\n\n\nOpen Source. One Docker container. Browser-based. Everything local.
\n\nYour files never leave your machine.
\n\n30+ tools. Resize, crop, rotate, compress, convert, strip metadata, watermarks, reusable pipelines, full REST API, background removal, object eraser, OCR, face/license plate blur, up-scaling and more.
\n\nI'm building this to be genuinely useful, not another AI-wrapped gimmick or subscription trap. No cloud lock-in, no \"sign up to continue,\" no features paywalled behind a pro tier. Just a tool that does what it says.
\n\nI'm actively looking for feedback from people who would actually use this. What tools would you want? What's missing? What's annoying? What would make you switch from whatever you're using now?
\n\nGitHub: https://github.com/stirling-image/stirling-image
\nDocumentation: https://stirling-image.github.io/stirling-image/
⬆️ 396 points | 💬 81 comments
I have a VPS that I use to reverse proxy incoming web requests to my self-hosted services at home over wireguard. I got an alert recently that CPU usage was spiking, so I logged in to see a newly-created user running masscan.
\n\nThe VPS runs 3 publicly-exposed services: nginx, ssh, and wireguard.
\n\nIt was hardened as follows:
\n\nI checked, and I can't find any relevant CVEs for nginx, ssh, or wireguard.
\n\nThe logs show the following.
\n\nAt 07:38, I see an authentication failure on, followed by systemd unexpectedly rebooting:
\n\nMar 30 07:38:20 login[695]: pam_unix(login:auth): check pass; user unknown\nMar 30 07:38:20 login[695]: pam_unix(login:auth): authentication failure; logname= uid=0 euid=0 tty=/dev/tty1 ruser= rhost=\nMar 30 07:38:22 systemd[1]: Received SIGINT.\nMar 30 07:38:22 systemd[1]: Activating special unit reboot.target...\nShortly after the reboot (07:40), I can see a login session for \"userb\":
\n\nMar 30 07:40:22 login[696]: pam_unix(login:session): session opened for user userb(uid=1001) by userb(uid=0)\nMar 30 07:40:22 systemd[1]: Created slice user-1001.slice - User Slice of UID 1001.\nMar 30 07:40:22 systemd[1]: Starting user-runtime-dir@1001.service - User Runtime Directory /run/user/1001...\nMar 30 07:40:22 systemd-logind[602]: New session 1 of user userb.\nMar 30 07:40:22 systemd[1]: Finished user-runtime-dir@1001.service - User Runtime Directory /run/user/1001.\nMar 30 07:40:22 systemd[1]: Starting user@1001.service - User Manager for UID 1001...\nMar 30 07:40:22 (systemd)[1085]: pam_unix(systemd-user:session): session opened for user userb(uid=1001) by userb(uid=0)\nMar 30 07:40:22 systemd-logind[602]: New session 2 of user userb.Mar 30 07:40:22 login[696]: pam_unix(login:session): session opened for user userb(uid=1001) by userb(uid=0)\nMar 30 07:40:22 systemd[1]: Created slice user-1001.slice - User Slice of UID 1001.\nMar 30 07:40:22 systemd[1]: Starting user-runtime-dir@1001.service - User Runtime Directory /run/user/1001...\nMar 30 07:40:22 systemd-logind[602]: New session 1 of user userb.\nMar 30 07:40:22 systemd[1]: Finished user-runtime-dir@1001.service - User Runtime Directory /run/user/1001.\nMar 30 07:40:22 systemd[1]: Starting user@1001.service - User Manager for UID 1001...\nMar 30 07:40:22 (systemd)[1085]: pam_unix(systemd-user:session): session opened for user userb(uid=1001) by userb(uid=0)\nMar 30 07:40:22 systemd-logind[602]: New session 2 of user userb.\nNotably, there's no accompanying ssh login entry!! The user is in the sudo group, and starts running commands via sudo at 07:41. They install curl, update sshd_config to allow password login, reload sshd, then ssh in. Weirdly, the home directory isn't created until 07:43, which is when they ssh in.
The shell is changed to bash, then their bash history shows the following, where they bypass ufw, set up screen, and run masscan.
\n\nsudo touch vnc.txt && sudo chmod 777 vnc.txt\nsudo iptables -I INPUT -j ACCEPT\nsudo apt-get install screen libpcap-dev iptables masscan -y\nsudo iptables -A INPUT -p tcp --dport 61000 -j DROP\nscreen\nsudo touch res.txt && sudo chmod 777 res.txt\nsudo masscan 0.0.0.0/0 -p22 --banners --source-port 61000 --rate 50000 --exclude 255.255.255.255 -oL res.txt\nsudo masscan 0.0.0.0/0 -p22 --banners --source-port 61000 --rate 500000 --exclude 255.255.255.255 -oL res.txtsudo touch vnc.txt && sudo chmod 777 vnc.txt\nsudo iptables -I INPUT -j ACCEPT\nsudo apt-get install screen libpcap-dev iptables masscan -y\nsudo iptables -A INPUT -p tcp --dport 61000 -j DROP\nscreen\nsudo touch res.txt && sudo chmod 777 res.txt\nsudo masscan 0.0.0.0/0 -p22 --banners --source-port 61000 --rate 50000 --exclude 255.255.255.255 -oL res.txt\nsudo masscan 0.0.0.0/0 -p22 --banners --source-port 61000 --rate 500000 --exclude 255.255.255.255 -oL res.txt\nFor now, I've killed the user, fixed all the hardening, and disconnected wireguard, leaving it as a honeypot of sorts. I've put the full logs here: https://pastebin.com/2M3esRg2
\n\nAm I missing something? How did someone get access to a non-ssh login? Is there some unknown vuln here? I was suspicious of the login so I checked with my VPS provider, and they said they're not seeing anything unusual in terms of their backend or the VNC to the VM console, though I'm not sure how hard they checked...
\n\nThanks!
\n⬆️ 546 points | 💬 100 comments
![\"image\"](\"https://rssglue.subdavis.com/media/df/df6a96e50117c7a047b6eecef66a8e27dac0b9424eb83f2826f67945eb46341f.png\")
Howdy!
\n\nI’m back with Nomad Mk3, a pocket-sized, fully self-hosted media server that runs on an ESP32-S3. The goal is simple: a super cheap, ultra low-power way to host your own media without needing the internet, cloud services, or a full server setup.
\n\nOnce configured, Nomad creates its own Wi-Fi network and serves movies, shows, music, books, images, and files directly to any device with a browser. Multiple users can connect at the same time and stream independently, all completely offline.
\n\nMk3 focuses on making everything smoother and more reliable. This includes a new native video player, Improved music page with queue building, and much more reliable indexing / backend handling.
\n\nThe main idea behind this project is to go below the typical self-hosted stack. No Raspberry Pi, no Docker, no maintenance. Just flash it, load your media onto an SD card, and it works. The initial setup is more manual, but the system allows for a more flexable and portable hosting option for your media.
\n\nThe entire project is open source, both the firmware and the web interface. I strongly recommend the DIY route since I’ve tried to make setup as straightforward as possible. If you can plug in a USB cable and follow instructions, you can build one in under an hour.
\n\nGitHub:
\nhttps://github.com/Jstudner/jcorp-nomad
Build guide (Instructables):
\nhttps://www.instructables.com/Jcorp-Nomad-Mini-WIFI-Media-Server/
If you really do not want to build one, I also offer prebuilt units here:
\nhttps://nomad.jcorptech.net
If you’re into self-hosting and like the idea of small, offline-first systems, I’d love to hear what you think or what you’d want to see next!
\n\nThx for reading!
\n\n-Jackson
\n⬆️ 523 points | 💬 69 comments
![\"image\"](\"https://rssglue.subdavis.com/media/40/409486eb9f03d930a1e63c1d165221a3064d390eb08d07726801bccd09f8aa9e.png\")
After months of tinkering, this is the setup I actually stuck with. Media on Jellyfin, photos on Immich, files on Nextcloud, passwords on Vaultwarden, ads blocked with AdGuard Home, and everything routed through NSL.SH.. Happy to answer questions about any part of the stack
\n⬆️ 516 points | 💬 114 comments
![\"image\"](\"https://rssglue.subdavis.com/media/b1/b11c054eb1f5b1a4863cff790ffd8bf28e0ae6266c7c4639a574d176f2522108.jpg\")
⬆️ 869 points | 💬 95 comments
https://www.reddit.com/gallery/1s9jz4f
\n\n\nI built a thermal printer appliance that runs entirely on your local network. No cloud, no accounts, no subscriptions. Turn a dial, press a button, and it prints weather, news, RSS feeds, email, or whatever you need on 58mm receipt paper.
\n\nSelf-hosted details:
\n\nThe enclosure is hand-built from walnut and brass - I spent six years as a furniture maker, so the hardware side matters to me as much as the software.
\n\nThe whole thing is open source: https://github.com/travmiller/paper-console
\n\nIf you have a Pi and a 58mm thermal printer you can run the software yourself. Happy to answer questions.
\n\nMore info and build photos: https://travismiller.design/paper-console/
\n⬆️ 850 points | 💬 60 comments
Using AI as a help for coding is one thing, okay I do that too for private projects, but its extremely disrespectful to even generate the advertisement post with AI. If you don’t take your time to TELL ME what your tool even does and need an AI agent for it, I will not take my time to read through the generated text and click on your github. There are so many blatantly AI generated text posts here full of the same nonsense phrases. Someone who audited their tool and knows what it does doesn‘t need AI to write the text for him. Hate me all you want for that.
\n⬆️ 491 points | 💬 127 comments
The Jellyfin team just dropped v10.11.7 and the patch notes contain a pretty heavy warning. It’s listed as a minor release, but the devs have explicitly stated:
\n\n\"WARNING: This release contains several extremely important security fixes. These vulnerabilities will be disclosed in 14 days as per our security policy. Users of all versions prior to 10.11.7 are advised to upgrade immediately.\"
\n⬆️ 415 points | 💬 152 comments
![\"image\"](\"https://rssglue.subdavis.com/media/54/54883eb9c4f8e6b700354640669a17a5404b78d5bb87295a13e5b675a804be83.jpg\")
Hello,
\n\nI built an open-source Plex client called Plezy and figured this community would appreciate it.
\n\nIt uses mpv for playback, so codec support is excellent - HEVC, AV1, VP9, DTS, TrueHD, ASS/SSA subtitles, you name it. No Plex Pass required for remote streaming.
\n\nHighlights:
\n\n- HDR & Dolby Vision support (Android, iOS, macOS, Windows)
\n\n- Offline downloads - save media for offline viewing
\n\n- Watch Together - synced playback with friends via WebSocket relay
\n\n- Live TV - EPG guide, channel tuning
\n\n- Cross-platform - Windows, macOS, Linux, iOS, Android, Android TV
\n\n- Gamepad & keyboard navigation - works for couch setups
\n\n- Wide codec support - mpv-based, plays practically everything
\n\nIt's built with Flutter, fully open-source on GitHub. Desktop and sideloaded mobile builds are free. App Store / Play Store versions are a one-time purchase (no subscriptions, no IAP).
\n\nLinux users: .deb, .rpm, .pkg.tar.zst, portable tar.gz, NixOS package, and Homebrew on macOS are all available.
\n\nGitHub: https://github.com/edde746/plezy
\n\nHappy to answer any questions. AI used in the development.
\n⬆️ 437 points | 💬 271 comments
Hello everyone! Google just released their new open-source model family: Gemma 4. This means you can now run a ChatGPT like model at home.
\n\nThere are four models and they all have thinking and multimodal capabilities. There's two small ones: E2B and E4B, and two large ones: 26B-A4B and 31B. The 31B model is the smartest but 26B-A4B is much faster due to it's MoE arch. E2B and E4B are great for phones and laptops.
\n\nTo run the models locally (laptop, Mac, desktop etc), we at Unsloth converted these models so it can fit on your device. You can now run and train the Gemma 4 models via Unsloth Studio: https://github.com/unslothai/unsloth
\n\nRecommended setups:
\n\nNo is GPU required, especially for the smaller models, but having one will increase inference speeds (~80 tokens/s). With an RTX 5090 you can get 140 tokens/s throughput which is way faster than ChatGPT.
\nEven if you don't meet the requirements, you can still run the models (e.g. 3GB CPU), but inference will be much slower. Link to Gemma 4 GGUFs to run.
Example of Gemma 4-26B-4AB running
\n\nYou can run or train Gemma 4 via Unsloth Studio:
\n\nWe've now made installation take only 1-2mins:
\n\nmacOS, Linux, WSL:
\n\ncurl -fsSL https://unsloth.ai/install.sh | sh\nWindows:
\n\nirm https://unsloth.ai/install.ps1 | iex\nWe recommend reading our step-by-step guide which covers everything: https://unsloth.ai/docs/models/gemma-4
\n\nThanks so much once again for reading and let me know if you have any questions.
\n⬆️ 414 points | 💬 107 comments
I know it is very difficult to stop people using a VPN, but if the individual VPN companies fold I want to make sure I have a safe backup.
\n\nCan anyone tell me a step by step guide to make my own VPN for privacy and to access sites that the UK considers bad (which probably includes half the internet by next year), plus a shopping list of items if needed.
\n\nI am not a tech genius, nor do I want to do anything heinous on the internet, so a fairly simple VPN will do me just fine. any help towards this would be very much appreciated!
\n⬆️ 408 points | 💬 183 comments
https://github.com/dmksnnk/star
\n\n\n\nMy girlfriend wanted to play Stardew Valley multiplayer with her sister, who lives in another country. Well, heck, I'm a programmer, so I could hack something together quickly and learn something new along the way. QUIC sounded cool. It all seemed easy until I realized this would involve NAT traversal. Half a year and 3 different versions after: I have a basic working version that can establish a P2P connection between users using NAT hole-punching) and, if that fails, forwards UDP traffic via a relay.
\n\nBuild with Go, quic-go, and HTML templates.
\nHope this can be useful to someone else :)
⬆️ 399 points | 💬 81 comments
![\"image\"](\"https://rssglue.subdavis.com/media/04/04068b143dfca85183403a8e5b5edc4b6d206a60f811e754184880648986a1d6.png\")
⬆️ 408 points | 💬 25 comments
![\"image\"](\"https://rssglue.subdavis.com/media/46/4683449a6f4d931467dd661a986bc921c79742e3b8ddfbcb4fe99398e66ed522.png\")
Took me way too long to realize the hard part was never Immich itself
\n⬆️ 576 points | 💬 155 comments
https://www.reddit.com/gallery/1s23o6n
\n\n\nBudget case with great airflow
\n⬆️ 505 points | 💬 40 comments
![\"image\"](\"https://rssglue.subdavis.com/media/b8/b8babdec3a2bf376ea2723c6a9c47a72be57a461bf8821d3fce5a891827b115e.png\")
Microsoft has just submitted this e-mail which says your data will be used to train their AI unless you explicitly opt-out.
\n\nThey supposedly explain how to do it, but conveniently \"forget\" to include the actual link, forcing you to navigate a maze of pages to find it. It is a cheap move and totally intentional.
\n\nTo save you all the hassle, here is the direct link to opt-out: https://github.com/settings/copilot/features and search for \"Allow GitHub to use my data for AI model training\".
\n⬆️ 345 points | 💬 66 comments
Microsoft seemingly don't care that they've black listed the IPs of a fairly large and well-respected UK ISP. If they can't get help, what chance does an individual have?
\n\nEmail does feel like a cartel in many respects. I look forward to the flurry of stories of you hosting your own email since the 90s without issue. But, the truth comes from those who have had issues and how painful it was to resolve.
\n⬆️ 637 points | 💬 271 comments
![\"image\"](\"https://rssglue.subdavis.com/media/a0/a016e6a2c7ab25b40f307a92adf951b0985423dae45aac4efd9a869fce222fac.png\")
Sharing so others may avoid this hassle.
\n\nI was excited to set up a new NAS for my homelab, but the hard drives were shipped without any padding. I'm just shocked someone could be this careless.
\n\nWill update once/if they resolve this.
\n\nEdit:
\nYes, I understand the retail boxes have padding. For the corner to be smashed like that, the box would need to be hit pretty hard. Also, the inside of the shipping box is scraped up from the drives bouncing around.
Since they are charging retail++ for these drives, I think it's fair to want them neither shaken nor stirred.
\n⬆️ 387 points | 💬 73 comments
Hi all,
\n\nI just like to to share a finding of mine, which may be helpful for some of you:
\n\nI am currently traveling and was very nervous when I realized that all my Proxmox VMs were down for unknown reasons. No access to Home Assistant, no Frigate (cameras), no Paperless ngx nor any other local app, which I usually access via VPN (self-hosted wg-easy). Of course, the VPN did not work either. This was quite frustrating.
\n\nThen I realized that (1) my home server is plugged into a Meross Smart Plug, mainly for the reason to track the power consumption, and (2) I had set up a second VPN (WireGuard) directly in my router. Luckily, although I usually control it with HA, I was able to use my WireGuard VPN and remotely switch the plug off and on with the help of the of Meross App. And voila: All VM were up again.
\n\nSo, the moral of the story: Using a smart plug for your server that can be controlled outside of the Home Assistant setup can avoid some pain!
\n\n**EDIT:**
\n\nSince you asked: Claude thankfully helped me identifying the problem: My Proxmox server (Dell OptiPlex 3090) went offline due to an Intel e1000e NIC driver hang – the onboard network card froze and couldn't recover on its own. Fixed it by reducing the TX ring buffer from 4096 to 256 (ethtool -G nic0 tx 256) and adding a small watchdog script that automatically resets the NIC if it hangs again.
\n⬆️ 354 points | 💬 108 comments
![\"image\"](\"https://rssglue.subdavis.com/media/dd/dda3cb613c99ebb257ce18dcacad4949ee6bf6f91360f0a593ed3b36ad61b61a.png\")
I've been working on NOMAD, a self-hosted trip planner that lets you organize trips either solo or together with friends and family in real time.
\n\nYou can try the demo at https://demo-nomad.pakulat.org (resets hourly) or check out the repo: https://github.com/mauriceboe/NOMAD
\n\nI built it because every time my friends and I planned a trip, we ended up with a mess of Google Docs, WhatsApp groups, and shared spreadsheets. I wanted one place where we could plan everything together without relying on cloud services that harvest our data.
\n\nWhat it does:
\n\nAll the collaboration features are optional.. works perfectly fine as a solo planner too. The addon system lets you enable/disable features like packing lists, budgets, and documents so you can keep it as lean or full-featured as you want.
\n⬆️ 427 points | 💬 71 comments
https://www.reddit.com/gallery/1ruhgeq
\n\n\nHad some old Chinese NVRs from 2016. Spent 2 years on and off trying to connect them to Frigate. Every protocol, every URL format, every Google result. Nothing. All ports closed except 80.
\n\nSniffed the traffic from their Android app. They speak something called BUBBLE - a protocol so obscure it doesn't exist on Google.
\n\nGot so fed up with this that I built a tool that does those 2 years of searching in 30 seconds. Built specifically for the kind of crap that's nearly impossible to connect to Frigate manually.
\n\nYou enter the camera IP and model. It grabs ALL known URLs for that device - and there can be a LOT of them - tests every single one and gives you only the working streams. Then you paste your existing frigate.yml - even with 500 cameras - and it adds camera #501 with main and sub streams through go2rtc without breaking anything.
\n\n67K camera models, 3.6K brands.
\n\nGitHub: https://github.com/eduard256/Strix
\n\ndocker run -d --name strix --restart unless-stopped eduard256/strix
\n\nEdit: Yes, AI tools were actively used during development, like pretty much everywhere in 2026. Screenshots show mock data showing all stream types the tool supports - including RTSP. It would be stupid to skip the biggest chunk of the market. If you're interested in the actual camera from my story there's a demo gif in the GitHub repo showing the discovery process on one of the NVRs I mentioned.
\n⬆️ 955 points | 💬 123 comments
This is not about vibe-coded apps. It's about the literal posts. It looks like every other post on here is written by some AI chatbot. Of course, they have been for a while, but is it just me or has it been getting even worse?
\n\nI just can't understand it. Why on earth would you generate a /Reddit post/ with AI?
\n\nRecently I've been thinking about looking for private communities, but I keep realizing I wouldn't want to join one in the first place. There's tremendous value in having new people be able to participate whenever they want and having a space to ask questions. That's something that needs to be preserved and protected. Especially from the likes of ChatGPT.
\n\nThis sucks. I know how to make it better and I'm afraid that no-one really does.
\n\nEdit: To the people who think there are too many posts complaining about AI: Try sorting this sub by New. Those of us who do filter all the most egregious slop out, that's why you're not seeing it.
\n⬆️ 617 points | 💬 169 comments
![\"image\"](\"https://rssglue.subdavis.com/media/99/99c52dddf02121b254424f3df13d3088193377afd2cafc463651d2c67951d4ac.png\")
⬆️ 826 points | 💬 140 comments
![\"image\"](\"https://rssglue.subdavis.com/media/b2/b2d82e840665884734dd7cdb084e539d51698e74298f13a1c5b5b8b4c1155652.png\")
I built a small open source tool that shows where your computer connects on a world map.
\n\nIt reads local socket connections, resolves IP addresses using MaxMind GeoLite2, and visualizes them with Plotly.
\n\nRuns locally. No telemetry.
\n\nWindows build available.
\n\nGitHub:
\n\n\n⬆️ 665 points | 💬 48 comments
Hey r/selfhosted,
\n\nWe've been building Lightpanda for the past 3 years
\n\nIt's a headless browser written from scratch in u/Zig, designed purely for automation and AI agents. No graphical rendering, just the DOM, JavaScript (v8), and a CDP server.
\n\nWe recently benchmarked against 933 real web pages over the network (not localhost) on an AWS EC2 m5.large. At 25 parallel tasks:
\n\nEven at 100 parallel tasks, Lightpanda used 696MB where Chrome hit 4.2GB. Chrome's performance actually degraded at that level while Lightpanda stayed stable.
\n\nFull benchmark with methodology: https://lightpanda.io/blog/posts/from-local-to-real-world-benchmarks
\n\nIt's compatible with Puppeteer and Playwright through CDP, so if you're already running headless Chrome for scraping or automation, you can swap it in with a one-line config change:
\n\ndocker run -d --name lightpanda -p 9222:9222 lightpanda/browser:nightly\nThen point your script at ws://127.0.0.1:9222 instead of launching Chrome.
It's in active dev and not every site works perfectly yet. But for self-hosted automation workflows, the resource savings are significant. We're AGPL-3.0 licensed.
\n\nGitHub: https://github.com/lightpanda-io/browser
\n\nHappy to answer any questions about the architecture or how it compares to other headless options.
\n⬆️ 894 points | 💬 76 comments
I was checking their Discord for some announcement and it vanished.
\n\nGitHub repo is gone too: https://github.com/booklore-app/booklore
\n\nRemember, love AI-made apps… they disappear faster than they launch.
\n⬆️ 852 points | 💬 469 comments
As a self-hosted project creator (homarr) I’ve observed the space grow in the past few years and now it feels like every day there is a new shiny selfhosted container you could add to your stack.
\n\nThe rise of AI coding tools has enabled anyone to make something work for themselves and share it with the community.
\n\nWhilst this is fundamentally great, I’ve also seen a bunch of PSAs on the sub warning about low-quality projects with insane vulnerabilities.
\n\nNow, I am scared that this community could become an attack vector.
\n\nA whole GitHub project, discord server, Reddit announcement could be made with/by an AI agent.
\n\nNow, imagine this new project has a docker integration and asks you to mount your docker socket. Suddenly your whole server could be compromised by running malicious code (exit docker by mounting system files)
\n\nSome replies would be “read the code, it’s open source” but if the docker image differs from the repo’s source you’d never know unless manually checking the hash (or manually opening the image)
\n\nA takeaway from this would be to setup usage limits and disable auto-refill on every 3rd party API you use, isolate what you don’t trust.
\n\nTLDR:
\n\nRunning an un-trusted docker container on your server is not experimentation — it’s remote code execution with extra steps (manual AI slop /s)
\n\nps: reference this post whenever someone finds out they’re part of a botnet they joined through a malicious vibe-coded project
\n⬆️ 743 points | 💬 113 comments
![\"image\"](\"https://rssglue.subdavis.com/media/2c/2cec3cef1a58beffb0e77527ec476a7a3252ff41a65b049d144fef0bd5902bbd.jpg\")
In September of last year I started my homelab/self-hosted journey. I bought the following around that time (except the Pi + case, purchased just last month):
\n\nBeelink mini PC (N150+16GB RAM) - $175
\n\n2x WD Elements 14 TB external HDD - $170/ea
\n\nLG external Bluray drive - $130
\n\nRaspberry Pi Zero 2W - $15
\n\nCase for Raspberry Pi printed at my library - $0.59
\n\nThe mini PC runs Ubuntu primarily for Jellyfin but also Pihole and Tunarr (for creating custom TV channels). My Raspberry Pi is my backup DNS for Pihole. The Bluray drive is for ripping our DVD/Bluray/UHD collection (mostly picked up cheap at second hand stores). My Windows PC handles the ripping and any encoding info via Handbrake. I save a backup of all my videos on one of the external HDDs and the other HDD is permanently attached directly via USB to my mini PC and serves as my Jellyfin storage drive. I use WinSCP to send the ripped videos from my Windows PC to my Jellyfin server.
\n\nThere are some things I can definitely improve e.g. replacing the external USB drive someday with a server grade drive. I also may switch to AdGuard from Pihole per a recommendation from a friend but haven't gotten that far yet.
\n\nI've learned a ton about using CLI as well as troubleshooting in all senses of the word. I recently figured out how to get audio dramas/podcasts working properly in Jellyfin which has been a huge hurdle for me and seemingly hasn't really worked for other folks, so I'm looking forward to sharing that in the Jellyfin subreddit soon. But anyway, this has just been a fun hobby and given me ample opportunities to scratch my brain a bit.
\n\nThere's nothing really glamorous about my setup but I now have a really functional, easy to use, and easy to maintain home media server that doubles as a broad ad blocker. My family and I have gotten a ton of value out of having our movies digitized and also cut all streaming services as we've taken the opportunity to pick up a bunch of cheap second hand discs. I also pull some videos from YouTube to host locally; the benefit at this point is that my kids are basically 100% shielded from advertisements yet we still have access to virtually everything we all enjoy at home or on the go (thanks, Tailscale). We also take advantage of our local library for books, Blurays, and audiobooks to supplement my self hosting.
\n\nI've seen some really elaborate and very cool self-hosted setups on this subreddit, but I felt like sharing mine as an example of a simple setup that just does a few things that improve my family's quality of like without much extra effort.
\n⬆️ 854 points | 💬 80 comments
No posts in this digest period.
\n"},{"id":"digest:digest-selfhosted:79","title":"Digest: r/selfhosted: Mar 06 - Mar 13, 2026","link":"https://rssglue.subdavis.com/feed/digest-selfhosted/rss","author":"System","published_at":"2026-03-13T10:30:00+00:00","content":"\n\n\n![\"image\"](\"https://rssglue.subdavis.com/media/6b/6bfdd50c74caec12061ba2eba00051380e6d489ab31bba298e12b0db53ef917f.jpg\")
Seems like a bad direction to take the selfhosted community. Looks like the mod team is fine with this sub being bombarded with insecure, AI drivel. Like I get that it was posted on Friday but I think if you use AI to \"build an app\" you should be required to disclose to what extent AI was used which wasn't disclosed by the OP. I think as a community we need to have higher standards for what we allow to be posted as vibe-coded projects can introduce very extensive security vulnerabilities we all learned with Huntarr and when things are vibe-coded the maintainer doesn't have the capability to fix the issue.
\n⬆️ 1,115 points | 💬 496 comments
im hating the idea, not the person ;), also look down for a temp solution
\n\nTitle speaks for itself, almost every single post in the last few weeks is just someone promoting their vibecoded bs app that is either something simple like file transferring (there is already some well trusted ones that are faster better etc.), or something really complicated that ai cant do without security flaws... (Huntarr).
\n\nidc how this post looks, how it sounds, if vibecoders get offended, i just want the mods to actually remove this and not just try to \"prevent\" it with the rules they changed..
\n\nupvote if u think so 2 so it gets to the top, in my opinion commenting on someones post saying its slop wont do anything, wont help anyone.
\n\nshout out to u/masterio for this:
\n\nIt's a shame the Vibe Code and Built with AI labels were removed as it made it incredibly easy to filter out these posts with ublock.
\n\n! Enough Vibe Coded bullshit\nsh.reddit.com,www.reddit.com##shreddit-post:has-text(/.*Vibe Coded \\(Fridays!\\).*/)\nsh.reddit.com,www.reddit.com##shreddit-post:has-text(/.*Built With AI \\(Fridays!\\).*/)\nAnother good way of filtering out the AI generated posts is filtering out on the characters that hardly anyone actually uses in casual online postings.
\n\n! AI Slop (No you don't really \"use\" EM dashes in informal discussion online) \n! See:\n! https://www.pieceofk.fr/the-rise-of-the-em-dash-in-ecology-abstracts/\n! https://www.reddit.com/r/dataisbeautiful/comments/1kfg9b8/oc_em_dash_usage_is_surging_in_tech_startup/\nsh.reddit.com,www.reddit.com##shreddit-post:has-text(/—/i)\nsh.reddit.com,www.reddit.com##shreddit-comment:has-text(/—/i)\n⬆️ 1,202 points | 💬 302 comments
After months of planning and building, I finally have a fully self-hosted setup that replaced almost everything I was paying for or trusting to big tech. Put together a video walking through the whole build if anyone's interested.
\n\n\n\nWhat I replaced:
\n\nHardware:
\n\nThe honest take:
\nSetup time is real. This isn't a weekend project — it took weeks of configuring, breaking, and fixing. But now everything runs 24/7, I own my data, and the monthly cost is basically just electricity (~$10-15/month).
The biggest win? Immich. Having Google Photos-level search (face recognition, location, object detection) on hardware I own, with zero cloud dependency — that alone justified the build.
\n\nVideo (full build walkthrough): https://www.youtube.com/watch?v=5cET4sfqdlE&t=2s
\n\nI'm a plumber by trade who fell into self-hosting, so if I can set this up, anyone can. Happy to answer questions.
\n⬆️ 607 points | 💬 147 comments
I cant keep up with this sub, i used to love just being able to browse and find some really awesome projects that have really changed my life. Its not an overexaggeration at all, as an IT person, this place has opened my eyes and have let me discover peace in todays fast paced world where everything is about subscriptions and our private data, selfhosting allowed me to slow down and take a breath, i have built servers, deployed countless ideas and for a moment i finally felt like im free of every corporate bullshit out there.
\n\nafter all these, the reason im writing this is because the amount of posts that are influenced by ai. dont get me wrong, i can think of it like any other handy tool, but thats only my view and current trends seemingly dont align with it, because there are so much new projects popping up i cant even keep up. It seems like every day some random user reinvents the wheel with their low quality vibecoded project and spams the whole sub with it, thats not good. Its not the fault of ai sadly, its the human behind it, you can elevate your efficiency with ai and still be trusted in my opinion, its about how much you actually care. If i see someone post a fully ai generated marketing letter and then i see that the projects whole git history is basically claude vibing… that someone probably doesnt really care and just wants attention or fame. If you are that person, let me tell you if you want those meaningless github stars then create something that you feel you can put lots of effort in it, dont just vibecode something in a day since we can do that too, thats not really adding any value.
\n\ntl;dr: if your project is using ai then at least put an ai disclaimer in your posts…
\n⬆️ 824 points | 💬 266 comments
https://www.reddit.com/gallery/1roa5te
\n\n\nForgot I bought this about a decade ago. Currently don’t have a NAS so I think I’ll get it set up to see how it works. 6TB of WD red drives is like finding gold in these times!
\n⬆️ 484 points | 💬 42 comments
Readme updated today:
\n\n\n\n\nThis repository is no longer actively maintained.
\n\nThe TrueNAS build system previously hosted here has been moved to an internal infrastructure. This transition was necessary to meet new security requirements, including support for Secure Boot and related platform integrity features that require tighter control over the build and signing pipeline.
\n\nNo further updates, pull requests, or issues will be accepted. Existing content is preserved here for historical reference only.
\n
https://github.com/truenas/scale-build
\n\nWondering if this is just the first step towards doing a minio in the future.
\n⬆️ 504 points | 💬 255 comments
![\"image\"](\"https://rssglue.subdavis.com/media/02/026d069ec926ac1064bb520f92778cbe50f2615a31b081c5a866386ab79339da.png\")
⬆️ 575 points | 💬 138 comments
I've tried everything from Nextcloud, ownCloud, OpenCloud, and Pydio Cells. But I still can't seem to find exactly what I'm looking for, and I'm wondering why it doesn't already exist. File storage is (in my opinion) one of the most helpful use cases for a self-hosting setup, but I don't understand why there isn't a self hosted cloud storage platform that:
\n\nEssentially, I don't understand why a fully self-hostable and user-friendly Google Drive alternative doesn't exist. I'm a developer and I understand that it would obviously be a large undertaking to build, but it's a type of software that's very common for self-hosters and I don't see why a better option doesn't exist than the established players. NextCloud is too heavy/is trying to do too much, ownCloud is too corporate and a pain to maintain (plus the interface is crap), Pydio is good but the client apps (aside from the web app) are horrendous, Seafile is limited to blobs and is slightly proprietary, FileRun is paid, etc. Just seems to me like a major gap in the space. Anyone have any insight on why something like this doesn't exist?
\n⬆️ 458 points | 💬 422 comments
![\"image\"](\"https://rssglue.subdavis.com/media/54/54dab5006985b240ed2a1407a31ee5409eae2ad0844fe7bcc0471eeee3ffdd9e.png\")
When I bought my first GoPro (hero 8) I also bought a 256 GB micro SD card and GoPro's cloud storage subscription for $5/month. I rode my bicycle around town and to work every day, I went to family outings at the lake, had conversations with friends who I just don't talk to anymore (one is dead), and certain experiences that I just don't have anymore, I just press record and either mount my GoPro somewhere or strap it to my head and forget about it. Eventually I got the media mod that exposed the charging port, bought a 30,000 mAh battery and had a long USBC cable run from my battery in my backpack to my camera on my head/helmet, so I was able to record for literally hours.
\n\nAll that changed when I found out that GoPro uses AWS for its cloud storage. Now I'm figuring out how to get this kind of storage as fast as possible, and I need to do this preferably before GoPro collapses as a company.
\n⬆️ 681 points | 💬 198 comments
![\"image\"](\"https://rssglue.subdavis.com/media/6b/6b52a4ecd623e10dbb1887000280f31069ed7828ada82d15fea796d622a2f472.png\")
Social media is one of the most valuable data points, that is collected about us, so it's time to fundamentally reject surveilance capitalism and switch to self-hostable, open source and decentralized social media.
\n\nThat's exactly what the fediverse is. In the linked image, there is an overview of some of the networks out there, that are similar to platforms, you are already used to. If you want to learn more about how the fediverse works, look here.
\n\nThe digital indepence day is all about taking small steps and trying to switch away one service at a time. You don't have to fully commit to the service, just try it out and see if you like it. The fediverse as a whole is constantly growing and especially the stuff you find on piefed / lemmy theese days is often really interresting. You will find some nieche communities if you look around a bit. If you wanna learn more about the digital independence day, look at di.day .
\n\nEdit: If you are interrested in some niche fun and chill piefed / lemmy communities, here are some examples, you could look at: https://lemmy.ca/c/shittyfoodporn, https://europe.pub/c/HorseMemes, https://lemmy.world/c/superbowl, https://lemmy.ca/c/trippinthroughtime, https://lemmy.world/c/animalswithjobs, https://lemmy.world/c/comicstrips .
\n⬆️ 663 points | 💬 137 comments
![\"image\"](\"https://rssglue.subdavis.com/media/07/073826867440d5601788dc0d512408b6237f6f4915ab279d3c29538b621dd78c.png\")
Over the last couple of months I have used Claude Code extensively to build out a robust Kubernetes cluster on the Proxmox servers in my rack. I had it set up a nice logging and observability stack with Loki, Prometheus, and Grafana.
\n\nRecently I had the bright idea to have Claude create a dashboard showing the power usage stats for the 3 Dell servers and my 2 UPS units. I gave it a screenshot of my power bill and it calculated the per-kilowatt-hour cost to give me daily and month-to-date cost estimates.
\n\nAnd yes, I have a new set of batteries on the way for the SU1500.
\n⬆️ 624 points | 💬 80 comments
first off, thank you. legitimately. i work i finance. i have zero technical expertise in this area, but y'all have made this so fucking simple that even a dumbass like me can selfhost a server with a bunch of rad life-improving tools. and this community has been really great, both to follow, and for help/support.
\n\nbut why the hell do you all just give these things away for free? i ask this as a genuine question. i don't really understand how this works.
\n\n-is it career development? does writing/maintaining/contributing to open source projects help pad resumes?
\n\n-i know a lot of projects have a small group of dedicated maintainers, but there are a lot of projects where thousands of people have made contributions. is contributing actually easy for someone with your skill set? i understand building something from the ground up is a significant investment. and i understand that everyone has competencies and proficiencies in their respective fields. but all of this is greek to me. how difficult is it for those of you who are technically skilled in this area to make bug fixes or other contributions?
\n\n-separately, what motivates you to do that for free? or are there a lot of people who are employed by companies that rely on open source projects that pay their devs and engineers to maintain upstream products as well?
\n\n-how much of this is companies getting people to try their product at home and then advocate for it in the office when they see its benefits?
\n\ni live near the trailhead of an awesome group of hiking/mtb trails. i will go out occasionally with a group once or twice a year to do some trail maintenance. is it anything like that?
\n\nall of this to say, i have no idea why you all do this, but i am sincerely grateful. i've tried to buy a coffee for almost every major project i use, but that feels like small gratitude for what i've got in return. this is such a fun hobby, one i never would've guessed would even be possible for someone with my background and limited capability, but its captured me like nothing else really. so thank you to everyone!
\n⬆️ 713 points | 💬 343 comments
So I've been hosting stuff for about 4 months now. I've been very generous with allowing folks to have access to my Audiobookshelf specifically (probably made about 20 users). I haven't heard much from anyone and figured it was kind of a fake enthusiasm for my new hobby.
\n\nFast forward to today: I start and OS update and it goes squirrelly on me (TrueNAS 25.04.1 -> 25.04.2. 6). Portainer breaks. All my docker containers break. I start trying to rebuild things and pick through logs.
\n\nMy server is down less than 10 minutes and I get my first text. Then a few minutes later I get my second text, then third... turns out this outage disrupted a total of 5 of my friend's from listening to some books!
\n\nI felt overjoyed that other people are actually using what I'm hosting! It was a moment of validation with all that I'm doing. It felt awesome.
\n\nEverything is back up and running now and I have happy users, but it was just very validating because I thought I was the only person using any of my self-hosted services and it turns out I wasn't! Anyone else have a happy little accident like this?
\n⬆️ 562 points | 💬 43 comments
posting this here because my post on the simplelogin sub wasn't approved by their mods (shocker).
\n\nwtf is going on with proton/simplelogin? I’m a paying pro user. my custom domain's destination inbox is hosted on forwardemail.net (i pay for their encrypted IMAP storage).
\n\nsupport recently refused to let me update my mailbox, claiming forward email is a \"temporary/burner\" relay service that causes mail loops. I explained to them that i OWN the domain, and it's my permanent inbox, not a relay. just because my provider offers aliases doesn't make my personal domain a burner. by that logic, they should ban gmail too.
\n\ninstead of actually reading my ticket, their \"anti-abuse\" team just DISABLED my account completely. locked me out of my own data.
\n\nnow my yearly subscription billing just bounced, and I literally cannot log in to update my payment or export my aliases so i can migrate to addy.io. password resets do nothing. my account is basically held hostage.
\n\nthis is ridiculous. they are punishing power users for using alternative/open-source email infrastructure just because it's not a mainstream giant like gmail or protonmail. their job is literally to route email, and they're banning my inbox provider.
\n\nif you use a niche provider or self-host your destination inbox behind simplelogin, make sure you have regular backups of your aliases. they will just lock you out if their lazy automated filters decide they don't like your MX records. fuck this vendor lock-in bs.
\n⬆️ 519 points | 💬 81 comments
Hey r/selfhosted,
\n\nI've been building The AltStack - an open-source directory of 450+ tools across 28 categories that you can self-host. Every tool is vetted for quality and activity.
\n\nWhat makes it different from other lists:
\n\ndocker compose upCategories include: BaaS, Analytics, Project Management, CRM, Communication, DevOps, Monitoring, AI Models, and 20 more.
\n\nThe entire dataset is open source under Apache 2.0: https://github.com/altstackHQ/altstack-data
\n\nLive site: https://thealtstack.com
\n\nWould love feedback from the community. What tools or categories are we missing?
\n⬆️ 584 points | 💬 96 comments
BookLore 2.0 is here.
\n\nFor the unfamiliar, BookLore is a self-hosted digital library for ebooks, comics, and now audiobooks, with multi-user support, smart shelves, metadata fetching, Kobo/KOReader sync, OPDS, and built-in readers.
\n\nAlso, we just hit 10K stars on GitHub, which is wild. Huge thanks to everyone who's contributed code, bug reports, and feedback over the past year. If you want to support the project, you can sponsor on Open Collective or Ko-fi.
\n\nHere's what's new:
\n\nMulti-Format & Audiobook Support
\n\nReader Upgrades
\n\nAnd a lot more:
\n\n.metadata.json)A note on the v2 launch
\n\nApologies to those who ran into issues during the initial v2.0.0 rollout. Some setups broke due to file permission problems, especially for Portainer, Unraid, and Proxmox users. In v1.x the Docker container ran as root because the embedded nginx required it. In v2 I removed nginx to pave the way for a rootless container, but I overlooked some edge cases in that transition. With 200+ commits and just me doing all the manual regression testing, I missed some critical areas. That's on me.
\n\nThings are in a much better place now with v2.0.4. If you're upgrading and still hit permission issues, make sure your data, bookdrop, and book folder permissions match the user/group set in your Docker Compose file. You can also check GitHub Issues and Discord where others have posted fixes. I'd also really appreciate help with testing before future major releases, so if you're interested, hop over to Discord.
\n\nTry it out: demo.booklore.org (user: booklore, pass: 9HC20PGGfitvWaZ1)
If you're enjoying BookLore, a star on GitHub helps more people find it.
\n\nFAQ
\n\nQ: You use a lot of emojis and ship features fast. Is this vibe coded? No, I just like emojis 😄. BookLore is AI-assisted, not vibe coded. I've been building software for years, going back to early Android (anyone remember Cupcake, Donut, Eclair?) and late Symbian. The project started before AI tooling went mainstream, so all the architecture you see was built by hand. You're in good hands.
\n\nQ: Any plans for mobile apps? Yes! I've been prototyping iOS and Android apps for a few months and they're getting close. No ETA yet, but actively in the works.
\n\nQ: BookLore uses a lot of RAM, any way to reduce it? That's a tradeoff of running on the JVM, but I think the benefits outweigh it. Java has also been making strides in memory efficiency lately. In v2 I added a flag that should bring RAM down by roughly 10-15%.
\n\nQ: Any plans to move to PostgreSQL? Not at this time. BookLore is deeply tied to MariaDB and migrating would be extremely disruptive given the user base we have now.
\n\nQ: What are your future plans for BookLore? Short term, stabilizing the v2 release. After that, maybe some social features? I'd love to hear what you all want. Come hang out on Discord or drop suggestions in GitHub Issues.
\n\n\n\n\n\n\n⬆️ 459 points | 💬 105 comments
Today, after raising security concerns in a post on r/huntarr regarding the lack of development standards in what looks like a 100% vibe-coded project, I was banned. This made my spidey senses tingle, so I decided to do a security review of the codebase. What I found was... not good. TLDR: If you have Huntarr exposed on your stack, anyone can pull your API keys for Sonarr, Radarr, Prowlarr, and every other connected app without logging in, gaining full control over your media stack.
\n\nI did a security review of Huntarr.io (v9.4.2) and found critical auth bypass vulnerabilities. I'm posting this here because Huntarr sits on top of (and is now trying to replace them as well!) Sonarr, Radarr, Prowlarr, and other *arr apps that have years of security hardening behind them. If you install Huntarr, you're adding an app with zero authentication on its most sensitive endpoints, and that punches a hole through whatever network security you've set up for the rest of your stack.
\n\nThe worst one: POST /api/settings/general requires no login, no session, no API key. Nothing. Anyone who can reach your Huntarr instance can rewrite your entire configuration and the response comes back with every setting for every integrated application in cleartext. Not just Huntarr's own proxy credentials - the response includes API keys and instance URLs for Sonarr, Radarr, Prowlarr, Lidarr, Readarr, Whisparr, and every other connected app. One curl command and an attacker has direct API access to your entire media stack:
\ncurl -X POST http://your-huntarr:9705/api/settings/general \\\n -H \"Content-Type: application/json\" \\\n -d '{\"proxy_enabled\": true}'\n
Full config dump with passwords and API keys for every connected application. If your instance is internet-facing - and it often is, Huntarr incorporates features like Requestarr designed for external access - anyone on the internet can pull your credentials without logging in.
\n\nOther findings (21 total across critical/high/medium):
\n\nPOST /api/user/2fa/setup with no session returned the actual TOTP secret and QR code for the owner account. An attacker generates a code, calls /api/user/2fa/verify, enrolls their own authenticator. Full account takeover, no password needed.POST /api/setup/clear requires no auth. Returns 200 \"Setup progress cleared.\" An attacker re-arms the setup flow, creates a new owner account, replaces the legitimate owner entirely.POST /auth/recovery-key/generate with {\"setup_mode\": true} reaches business logic with no auth check (returns 400, not 401/403). The endpoint is unauthenticated.setup_mode flag - the server skips session checks if you send {\"setup_mode\": true}zipfile.extractall() on user-uploaded ZIPs without filename sanitization. The container runs as root.backup_id from user input goes straight into filesystem paths. shutil.rmtree() makes it a directory deletion primitive.local_access_bypass trusts X-Forwarded-For headers, which are trivially spoofable - combine with the unauth settings write and you get full access to protected endpointsHow I found this: Basic code review and standard automated tools (bandit, pip-audit). The kind of stuff any maintainer should be running. The auth bypass isn't a subtle bug - auth.py has an explicit whitelist that skips auth for /api/settings/general. It's just not there.
About the maintainer and the codebase:
\n\nThe maintainer says they have \"a series of steering documents I generated that does cybersecurity checks and provides additional hardening\" and \"Note I also work in cybersecurity.\" They say they've put in \"120+ hours in the last 4 weeks\" using \"steering documents to advise along the way from cybersecurity, to hardening, and standards\". If that's true, it's not showing in the code.
\n\nIf you work in cybersecurity, you should know not to whitelist your most sensitive endpoint as unauthenticated. You should know that returning TOTP secrets to unauthenticated callers is account takeover. You should know zipfile.extractall() on untrusted input is textbook Zip Slip. This is introductory stuff. The \"cybersecurity steering documents\" aren't catching what a basic security scan flags in seconds.
Look at the commit history: dozens of commits with messages like \"Update\", \"update\", \"Patch\", \"change\", \"Bug Patch\" - hundreds of changed files in commits separated by a few minutes. No PR process, no code review, no second pair of eyes - just raw trunk-based development where 50 features get pushed in a day with zero review. Normal OSS projects are slower for a reason: multiple people look at changes before they go in. Huntarr has none of that.
\n\nWhen called out on this, the maintainer said budget constraints: \"With a limited budget, you can only go so far unless you want to spend $1000+. I allot $40 a month in the heaviest of tasks.\" That's just not true - you can use AI-assisted development 8 hours a day for $20/month. The real problem isn't the budget. It's that the maintainer doesn't understand the security architecture they're building and doesn't understand the tools they're using to build it. You can't guide an AI to implement auth if you don't recognize what's wrong when it doesn't.
\n\nThey also censor security reports and ban people who raise concerns. A user posted security concerns on r/huntarr and it was removed by the moderator - the maintainer controls the subreddit. I was banned from r/huntarr after pointing out these issues in this thread where the maintainer was claiming to work in cybersecurity (which they now deleted).
\n\nOne more thing - the project's README has a \"Support - Building My Daughter's Future\" section soliciting donations. That's a red flag for me. You're asking people to fund your development while shipping code with 21 unpatched security vulnerabilities, no code review process, and banning people who point out the problems, while doing an appeal to emotion about your daughter. If you need money, that's fine - but you should be transparent about what you're spending it on and you should be shipping code that doesn't put your users at risk.
\n\nProof repo with automated CI: https://github.com/rfsbraz/huntarr-security-review
\n\nDocker Compose setup that pulls the published Huntarr image and runs a Python script proving each vulnerability. GitHub Actions runs it on every push - check the workflow results yourself or run it locally with docker compose up -d && python3 scripts/prove_vulns.py.
For what it's worth, and to prove I'm not an AI hater, the prove_vulns script itself was vibe coded - I identified the vulnerabilities through code review, wrote up the repro steps, and had AI generate the proof script.
Full security review (21 findings): https://github.com/rfsbraz/huntarr-security-review/blob/main/Huntarr.io_SECURITY_REVIEW.md
\n\nWhat happens next: The maintainer will most likely prompt these problems away - feed the findings to an AI and ship a patch. But fixing 21 specific findings doesn't fix the process that created them. No code review, no PR process, no automated testing, no one who understands security reviewing what ships. The next batch of features will have the next batch of vulnerabilities. This is only the start. If the community doesn't push for better coding standards, controlled development, and a sensible roadmap, people will keep running code that nobody has reviewed.
\n\nIf you're running Huntarr, keep it off any network you don't fully trust until this is sorted. The *arr apps it wraps have their own API key auth - Huntarr bypasses that entirely.
\n\nPlease let others know about this. If you have a Huntarr instance, share this with your community. If you know someone who runs one, share it with them. The more people know about the risks, the more pressure there will be on the maintainer to fix them and improve their development process.
\n⬆️ 974 points | 💬 123 comments
![\"image\"](\"https://rssglue.subdavis.com/media/d1/d11878a3de6d23574c209aa982ebcc42a734f7103c8d002129128ca14763af15.jpg\")
⬆️ 2,883 points | 💬 150 comments
TL;DR: I made an open-source, local-first dashboard for drone flight logs because the biggest corporate player in the space locks your older data behind a paywall. They found my GitHub, tracked my Reddit posts, and hit me with a legal notice for \"unfair competition\" and trademark infringement.
\n\nLong version: I maintain a few small open-source projects. About two weeks ago, I released a free, self-hostable tool that lets drone pilots collect, map, and analyze their flight logs locally. I didn't think much of it, just a passion project with a few hundred users.
\n\nI can’t name the company (let's call them \"Company A\") because their legal team is actively monitoring my Reddit account and cited my past posts in their notice. Company A is the giant in this space. Their business model goes like this:
\n\nTo help people transition to my open-source tool, I wrote a simple web-based script that allowed users to log into their own Company A accounts and automate the bulk download of their own files. Company A did not like this. They served me with a highly aggressive, 4-page legal demand (CEASE and DESIST notice). They forced me to:
\n\nI'm just a solo dev, so I complied with the core of their demands to stay out of trouble. I scrubbed their name, took down the downloader, and sanitized my website. My main open-source logbook lives independent of them.
\n\nI admit I was naive about the legal aspects of comparison marketing and using trademarked names. But the irony is that they probably spent thousands of dollars on lawyer fees to draft a threat against my small project that makes close to zero money (I got a few small donations from happy users).
\n\nHas anyone else here ever dealt with corporate lawyers coming after your self-hosted/FOSS projects? It’s a crazy initiation :)
\n⬆️ 1,426 points | 💬 234 comments
This is a follow up to my previous post regarding the C&D notice I received. I have some incredible news for the community: the matter is officially resolved in favor of the entire drone community.
\n\nTLDR: AirData UAV has complied with community concerns, implemented a robust data takeout solution, and we have settled the matter gracefully.
\n\nThe free OSS project in question : www.opendronelog.com
\n\n---------------
\n\nSince the legal threat is no longer active, I can finally name the company. It was AirData UAV, a US based drone log analysis and reporting service. Eran said it's my choice to name them or not name them here in this update post, I choose to name, because I don't have anything bad to say anymore.
\n\nDespite the first approach was a C&D, the final outcome was actually better than I hoped for (surprised actually!). A massive thank you goes to u/Archiver_test4, who acted as my legal representative pro bono (for free!! and denied donations). He prepared a powerful response and helped me pass this with confidence. He has even started a new subreddit, r/Opensource_legalAid, to help other indie devs in similar situations.
\n\nIn response to the traction the original post gained, AirData CEO Eran Steiner reached out for a face to face meeting via email within 6 hours of the post going live. He expressed regret over the legal route they initially took (he took the responsibility for that as well as CEO) and personally saw to it that the following changes were made before we even spoke:
\n\nI am just a solo dev working in my free time, and I have no intention of competing with an established company. I am just thrilled that the community now has true data portability as I hoped for, and they are free to choose as they please based on what features/interface they like. Thank you Eran for making this happen so quick without any drama/delay or missed promise. AirData no longer \"holds your data\" to keep you on their platform. To be fair, they do have a functional and data rich toolset that many in the community still enjoy (including myself!) - They also have a very robust data sync solution which works very well. I am not paid or bribed or sponsored by them, I am just giving credit where it's due.
\n\nThank you r/selfhosted for all for the support. It made all the difference! Open Source for the WIN!
\n⬆️ 1,413 points | 💬 62 comments
![\"image\"](\"https://rssglue.subdavis.com/media/51/51e09bf73f26edf8f808c065c373912dacfc0fcfbf0e4402d60e0739200a37d0.png\")
⬆️ 609 points | 💬 71 comments
Edit TLDR: Tracking the fallout from https://www.reddit.com/r/selfhosted/comments/1rckopd/huntarr_your_passwords_and_your_entire_arr_stacks/
\n\nMaybe a temporary thing due to likely brigading, but quite concerning:
\n\nhttps://github.com/plexguide/Huntarr.io (https://archive.ph/fohW5)
\n\nSame with docs:
\n\nhttps://plexguide.github.io/Huntarr.io/index.html (https://archive.ph/UYgBc)
\n\nAdditionally the subreddit has been set to private:
\n\nhttps://www.reddit.com/r/huntarr/ (https://archive.ph/d2TR2)
\n\nEdit: Also, the maintainer has deleted their reddit account:
\n\nhttps://www.reddit.com/user/user9705/ (https://archive.ph/u2c7u)
\n\nThe docker images still exist for now:
\n\nhttps://hub.docker.com/r/huntarr/huntarr/tags (https://archive.ph/L1wmW)
\n\nWasn't a member, but looks like the discord invite link from inside the app is invalid:
\n\nhttps://discord.com/invite/PGJJjR5Cww (https://archive.ph/M4bnD)
\n\nEdit: adding archive links for posterity
\n\nThe GitHub Org https://github.com/orgs/plexguide/ (https://archive.ph/D5FGh) has been renamed to 'Farewell101' https://github.com/Farewell101 (https://archive.ph/4LE6k) - ty u/SaltyThoughts (https://www.reddit.com/r/selfhosted/comments/1rcmgnn/comment/o6zape9/)
\n\nAnd now the renamed 'Farewell101' https://github.com/Farewell101 github org is also now down and 404ing per u/basketcase91
\n\nMaintainer's github account it still up for now https://github.com/Admin9705 (https://archive.ph/lUR4E), but he's actively deleting or privating other repos.
\n\nEdit: And, the main maintainer's github account is removed/renamed and 404ing now
\n\nGithub account just renamed to https://github.com/RandomGuy12555555 (https://archive.ph/MOh9L) - you can follow the journey with `gh api user/24727006` also to follow the org `gh api orgs/62731045` - jfuu_
\n\nEdit: Removed from the Proxmox Community Helper scripts, https://github.com/community-scripts/ProxmoxVE/discussions/12225, https://github.com/community-scripts/ProxmoxVE/pull/12226 - Pseudo_Idol
\n⬆️ 978 points | 💬 298 comments
![\"image\"](\"https://rssglue.subdavis.com/media/5a/5a10612d338d84008b7024a148897e8ed7d3606091f00e7828a3feda6532f90b.png\")
Hello guys, i wanted to show my project here because it might interest some people and i think it solve a real problem. Naming scanned documents is a real job now days and it's painful both at home and at office.
\n\nSo basically, it receives documents via FTP from your network scanner, then processes them using Vision AI to analyze the contents. It generates smart filenames using AI, and automatically uploads everything to cloud storage via WebDAV. (Going to add more protocols in the future)
\n\nIt also supports Docker, so you can deploy it easily with just a few commands. I’ve been using it myself, and it’s saved a lot of time in organizing scanned documents. The project us fully open-source, there is no paid plan or whatever and you have to self-host it. Feel free to open issues if you find any problem and don't hesitate ton contribute
\n\nEDIT: Forgot to mention it's fully offline
\nEDIT2: The AI part is offline and the cloud is offline too if you self-host it 💀
\nEDIT3: Forgot to add the link (i'm tired sorry guys) : https://github.com/SystemVll/Montscan
\nEDIT4: Thank you for all your replies and everything, didn't thought didn't though i will get that much engagement 😭
⬆️ 604 points | 💬 75 comments
I have recently started my self hosting journey. i turned my old laptop into a ubuntu home server which hosts, Nextcloud, Vaultwarden, Pihole, Jellyfin.
\n\nI hit a roadblock while trying to expose the services to the internet, because i use Jio-Fiber and they employ CGNAT. I thought of getting a Public IP (costs money + hassle), or employing a VPN (friends outside the network can't use it) or using cloudflare (privacy risk)
\n\nThen i stumbled upon using only an IPv6 address. it was a win for sure!
\n\nWhy do we keep using IPv4?
\n\nHas anyone tried using only IPv6 and come across any limitations?
\n⬆️ 567 points | 💬 504 comments
![\"image\"](\"https://rssglue.subdavis.com/media/4b/4b6829f5fa36b202cb049af0eb62976b902591c11e281f45a6c79e9408127636.png\")
context is the image, i am honestly fedup with big corporate date hoarding.
\n⬆️ 3,317 points | 💬 446 comments
Seerr is the new unified successor to Overseerr + Jellyseerr. The two teams have merged into one project + one shared codebase, combining all existing Overseerr functionality with the latest Jellyseerr features, including Jellyfin + Emby support.
\n\nYou must follow the migration guide linked below carefully. BACKUP FIRST so you can roll back if needed Release notes: https://github.com/seerr-team/seerr/releases/tag/v3.0.0
\n\nRelease announcement: https://docs.seerr.dev/blog/seerr-release
\nMigration guide: https://docs.seerr.dev/migration-guide
If you hit any issues during upgrade/migration, please report them in our Discord (with steps/logs) and we’ll help you out!
\n⬆️ 741 points | 💬 103 comments
![\"image\"](\"https://rssglue.subdavis.com/media/a1/a164ab6f44a85efb699fdf83b87ec1c2b29d7e094f1f33ff21a5016820125aa2.jpg\")
So 2 weeks ago i posted about my risky move where I bought two dying hdd from Vinted that were still under warranty and sent them to seagate for replacement.
\n\n579 people votes and almost 50% thought I wouldn’t get a replacement.
\n\nI’m happy to say that seagate has sent two replacement HDDs in perfect Health 😎
\n⬆️ 664 points | 💬 24 comments
https://www.reddit.com/gallery/1r79gut
\n\n\nSAAS. The Warner Brothers acquisition. Ads. I'm so tired of it all.
\n\nNow it's been a month and a half since i started work on this humble home server.
\n\nIt currently consists of:
\n\n… an HP EliteDesk 800 G3
\n\n… running Arch Linux
\n\n… hosting a Jellyfin stack
\n\n... inside Docker containers
\n\n… which I, gf and family connect to through Tailscale
\n\nEdit: The Arch Linux pain is brutally overexaggerated in my limited experience. Do correct me if you've ever had a basic Docker setup break on an update.
\n⬆️ 588 points | 💬 144 comments
There is no alternative which offers:
\n\nChecked:
\n\n⬆️ 596 points | 💬 550 comments
![\"image\"](\"https://rssglue.subdavis.com/media/d0/d0475762c54238c8f61128dd894ddfe563ac04e01c2e3c3ffd06a05b86b75ae6.png\")
Hey everyone!
\n\nI’ve been working on a new mobile client for the *arr stack called ArrMatey, and I’m excited to finally share the first alpha launch with the community.
\n\nArrMatey is an all-in-one client that lets you manage your Sonarr, Radarr, and Lidarr instances from your pocket. I found myself wanting a mobile experience that felt truly native on both platforms, so I built this using Kotlin Multiplatform. It uses Jetpack Compose (Material 3 Expressive) for Android and SwiftUI (Liquid Glass) for iOS to ensure the UI feels like it belongs on your device.
\n\nCurrent Features:
\n\nThis is an alpha, so I'm just getting started. On the roadmap, I have tablet support, home screen widgets, notifications, and support for more instances like Seer, Prowlarr, and Readarr/Chaptarr.
\n\nLicensed under MIT, you can check out the code, report bugs, or contribute here: https://github.com/owenlejeune/ArrMatey
\n\nSince we are in Alpha, you'll need to build from source or check the Releases page on GitHub for the latest APK. For iOS, you can build the iosApp target via Xcode.
\n\nI’d love to get some feedback on the UI/UX and any features you feel are missing from your current mobile setup, please feel free to open an issue with any requests!
\n⬆️ 580 points | 💬 92 comments
![\"image\"](\"https://rssglue.subdavis.com/media/94/94869096422f568b03f3fb3f9df4293bdd9a682c35c084843702e3d002832e3a.png\")
I often hear people say that matrix isnt a great replacement for Discord because it lacks group video and voice chat... Then I saw this...
\n⬆️ 605 points | 💬 205 comments
We've all seen the big news: Discord is introducing facial ID as a requirement to actually use the app starting next month. Which means one thing: people are about to dig through dozens of ancient \"what's the best self-hosted Discord alternative?\" threads on here and find antiquated opinions and advice.
\n\nWhat are we actually using? What are the clients that work well? What are options that pass the \"wife test\" of actually being something you could convince your not-techy friends and family to install on their phones?
\n\nLet's get into it. I know I'm already anticipating self-hosting something to replace Discord for communities/friend groups who'll naturally slough off when face ID comes along.
\n⬆️ 653 points | 💬 263 comments
A while back, I got fed up with password managers gatekeeping 2FA and passkeys behind paywalls.
\n\nAlso, Bitwarden started forcing email 2FA, which created this annoying chicken-and-egg loop: if I ever lost my logged-in devices, I wouldn't be able to log in to Bitwarden because I'd need the email OTP... but my email password was inside Bitwarden. I just wanted to avoid that mess entirely.
\n\nI didn't want to pay for a VPS to host Vaultwarden, but honestly, the main reason was that I don't trust myself. Managing a Linux server means one bad command or missed backup and my passwords are gone forever. I wanted something maintenance-free where I couldn't accidentally nuke my own vault.
\n\nSo, I hacked together a Bitwarden-compatible server that runs entirely on Cloudflare Workers + D1 for free. Deploy once, forget forever.
\n\nI called it warden-worker. It worked \"good enough\" for me, so I pushed it to GitHub, thought \"maybe I'll post this later,\" and then immediately forgot about it.
Fast forward to this week. I was doing some repo cleanup and realized I had turned off my GitHub notifications. I checked the repo and... what??
\n\nThe best part is that a user named qaz741wsd856 apparently took my abandoned skeleton and turned it into a full-blown project with KV support and the actual Vaultwarden frontend. Their fork is objectively better than mine in every way.
\n\nI'm still using my original \"good enough\" version because it’s stable and I’m lazy, but it's wild to see an entire community spin up around a project I thought was dead.
\n\nIf you want the original (don't use this): https://github.com/deep-gaurav/warden-worker
\n\nIf you want the one that actually works (use this): https://github.com/qaz741wsd856/warden-worker
\n\nJust wanted to share because I'm still processing how weird open source can be sometimes.
\n⬆️ 596 points | 💬 46 comments
![\"image\"](\"https://rssglue.subdavis.com/media/0f/0f4b277d8c74d29bd72dfe80ff5e551fde11e0f2d1705ad0085956d37d331c69.png\")
Then I redesigned one to fit my needs. Now my wife has her own dashboard with only her apps and can see if they are offline. As a bonus, I can too!
\n⬆️ 436 points | 💬 104 comments
I returned home from work today, powered on the TV and loaded jellyfin, \"server not found\"
\nmissus mentioned a power outage today, so i checked on the server, no disks in truenas.
\nI swapped the HBA as I keep a spare handy, still no disks
\nI removed a disk from the array and attached to another PC, dead as a dodo, same with all 8 HDDs in the array, i mourn the loss of my linux ISOs
\nStangely the SSDs survived
⬆️ 429 points | 💬 140 comments
![\"image\"](\"https://rssglue.subdavis.com/media/57/57cea22b095d0e868eb54cc9c93f40fbb2899b99b0d287bb75fc324b718adb4d.jpg\")
I designed this stack while using the handicapped stall in a Walmart bathroom. I'm quite proud of it! No Ai was used but still 100% vibbing.
\n⬆️ 537 points | 💬 91 comments
It all started with my printer dropping off the network. My Brother laser printer, which only cost $75 in 2008 but has worked like a champ and survived four houses, three time zones, two kids, a university degree, and my entire career to date.
\n\nLately however, its struggling. It won't hold a network connection for much longer than 15 minutes, and once it loses it, only a power cycle will bring it back online.
\n\nI've tried everything. Wifi, ethernet, dedicated VLAN, static IP, DHCP changes, RTSP on, RTSP off, scripts to ping the printer every 5 minutes.
\n\nA normal person would have bought a new printer. A sane person would just decide to turn the printer on when they need it.
\n\nI am apparently too stubborn to be a normal person
\n\nWhy would I spend money on a new printer when I have time I can waste on the problem instead? And why would I resign myself to walking across the room when I can build something to do it for me instead?
\n\nSo I built a \"Legacy Hardware Integration Bridge\":
\n\nMy wife thinks I could have just turned the printer on whenever I needed it and spent my Sunday doing something more productive.
\n\nI'm not a caveman though. I have technology.
\n⬆️ 577 points | 💬 70 comments
EDIT: Some of you think this post was written by an AI/LLM... Thank you, but it's not. I replied this to an earlier comment that got buried because of the downvotes, so I'm gonna paste this here for clarity as I'm pretty self-conscious about my writing and I'm not about to reply to every single negative comment.
\n\n\n\n\nI wrote every single letter of this post myself. You can check the edit history to see how many typos and poorly worded sentences I had in the initial post and how many times I've edited it since then. If you want to expose me for being an LLM, I can give you some consolation and tell you that I have LanguageTools extension installed, but apparently using commas and periods correctly makes me a robot now. Beep boop.
\n
Now I realize that reddit doesn't allow for checking the edit history but fuck it. Next time I write a post (probably never), I'll go out of my way to make it unpolished I guess.
\n\nAs for the \"you must have a lot of time\" folks, well, yeah, this post took me 20-25 minutes? It was like 2am, I had time, I bust out my laptop and just started writing it. The initial post had a lot of embarrassing typos, I edited the post a few times.
\n\nIf you're about to say \"jesus christ this guy is crashing out over a reddit post\", well, you're right, you won, congrats. I'm an LLM, being enthusiastic is bad, and I should write like an illiterate degenerate. I didn't think I would wake up to a bunch of \"get a load of this guy\" comments... serves me right for thinking I could express my honest feelings on reddit.
\n\n-- ORIGINAL POST BELOW --
\n\nSo a few weeks ago, one of my close friends got into homelabbing and naturally started talking to me about it. I've always wanted to try similar things but never got around to it, so this time I just said what the hell and after some research, I ordered NanoPi R6S. I found it to be a solid upper mid-range device that could satisfy my thirst for knowledge and help me learn the niche.
\n\nNow, I'm pretty good with tech, and I'm very enthusiastic about it, but I'm a total noob when it comes to networking. I know what LAN stands for, and I know how to set up a Cloudflare DNS on an ISP modem, but apart from that, I might as well be a boomer. I'm kinda nervous about setting up a new router, messing with its firmware, opening ports, configuring firewall, and so on.
\n\nNR6S arrives and I start researching firmware options. OpenWrt just calls my name because I have used it once years ago, and I didn't really find anything wrong with it.
\n\nAfter some trial and error, I managed to flash OpenWrt on the eMMC storage of NR6S, thanks to this absolute chad.
\n\nOkay, I now have NR6S powered by OpenWrt standing between my ISP modem and my Wi-Fi AP. I find a lot of people mentioning bridging the router on forums, so I start looking into what bridging is. OF COURSE, it makes sense, for years both my ISP modem and my Wi-Fi AP have been doing routing, but both are terribly underpowered for that task, so I can now have a dedicated ROUTER for that. I bridge the ISP modem, set my Wi-Fi unit as Dumb AP, and I already feel better about myself. But, I need some more ports... I find Netgear GS308 locally for dirt cheap and for the first time in my life, I have a dedicated network switch. Pretty cool... I guess? WAIT, you're telling me that connecting 2 of my PCs to a single switch allows me to transfer Steam games over LAN? I don't have to wait twice as long for game downloads to play something with my brother? I can just send him game files at gigabit speeds instead of my ISPs shitty 100Mbps? W switch, W Valve, W whoever's reddit comment I came upon about Steam's LAN feature.
\n\nOkay, now that I have stable internet, let's Google \"self-hosted projects reddit.\" I find tons of threads, and I find some project names coming up in every single one of these threads. AdGuard Home sounds interesting, it can block ads, trackers, AND help me monitor who and what is using my bandwidth? Let's fucking go. How can I deploy it? Docker, huh? Well hello old friend, you've saved me countless hours deploying my clients' websites on VPSes, let's see how I can set you up on an OpenWrt. Well, that took less than 20 minutes, nice.
\n\nI now have Docker, but do I want to ssh into my router every time I want to change a config, see the status of my containers, or restart them? There has to be a solution for that. Huh, there is, and it's called Dockge, cool. Wait, Dockge developer also has this pretty cool project called Uptime Kuma, which will give me a fancy interface for monitoring the status for all of my services. Both of them deployed in less than 10 minutes, just following the official instructions.
\n\nOkay, back to AdGuard Home, what can I do here? Holy shit I can just delegate AdGuard Home to be my DNS resolver and configure a bunch of options for it? Count me in. 20 minutes of brokering peace between AGH and OpenWrt over port 80, and now I have redundant DNS resolvers, resolving all of my domain needs using parallel requests to get me to websites ASAP. Oh, and I can see AGH blocking all the TikTok and Google trackers from my family's devices, so I already want to buy a coffee for the developers.
\n\nI'm fucking hooked. Let's Google some more interesting projects. Immich? I can take my data back from Google? The app looks just as fancy, and I don't care for some of the features it lacks. What could I use for storage? Maybe this spare Samsung T7 Shield I have lying around? Let's go. Export the whole data from Google Photos, mount my T7 to NR6S with a USB cable, permanently mounted it in OpenWrt, used Immich-Go to upload it to Immich, and bob's your uncle. So. fucking. cool.
\n\nWait, now I have anxiety about losing years of my photos and videos if I fully migrate to Immich. How can I fix that? Immich recommends 3-2-1 backup strategy, and they link this article from Backblaze. Hmm, I've heard that name before. Wait, these guys will give me terabyte of storage for $6/month? Wtf do I pay Google for? But wait, how can I upload there? God bless rclone. Let's also clone to my Windows PC to fully complete the 3-2-1 strategy. Let's automate cloning processes for both local and remote backups, so that all my data gets backed up every night while I'm sleeping. All that work in less than two hours.
\n\nBy the way, I thought Immich app was supposed to be inferior to Google Photos? Are you serious? I finally have a reliable search by context, file name, file extension, etc. I can set up auto-moving and archiving with CLI and so much more. Fuck Google Photos. Delete every single byte I have on there, uninstall it from all of my devices, cancel the subscription.
\n\nOkay, this post is getting terribly long, so I'll try to fast-forward.
\n\nI want to remotely turn on my stupid Samsung monitor without using a remote? Home Assistant.
\n\nI want to have a universal note-taking and link-saving solution? Linkwarden.
\n\nI want to expose my services to the internet so I can access them remotely? Cloudflared.
\n\nI want to stash my fucking porn? Stash.
\n\nThere are solutions for literally everything. My post serves two purposes. The first is to push all of you lurking in this subreddit, hesitant to pull the trigger, thinking you need to be Gilfoyle reincarnated to have any success at this stuff. My modest home lab is no Anton, but boy does it make this shitty corpo-ridden internet a much more tolerable place. All I needed to have was a bit of Googling skills, and a bit of patience reading through the official docs, forum threads, and reddit comments. I still have a LOT to learn about networking, but I already feel like this has been one of the most fulfilling hobbies I've had, and I'm already thinking about getting a NAS to host some stuff for my friends.
\n\nSecond is to say a massive thank you to the absolute legends behind all the open-source services that we all use and love. I'm sure I will find a lot more in the coming months, and I will try my absolute best to buy all of them a coffee.
\n\nI'm not sure if anyone's even going to read all of this, I just felt so good about and so passionate about my new hobby that I wanted to share it with everyone.
\n\nP.S: This subreddit desperately needs a \"Discussion\" flair.
\n⬆️ 532 points | 💬 114 comments
Alright discord wants my government ID now, that’s fun and cool. So what self hosted options are there that have a similar feature set? Multiple voice channels, text channels, media sharing. Nextcloud comes to mind but that’s overkill. I know teamspeak is popular but it’s only voice. Anything exist out there people like?
\n⬆️ 522 points | 💬 158 comments
![\"image\"](\"https://rssglue.subdavis.com/media/15/158789fc195bc41b205dcaf4791c0cec6263f891cd3f7ed1cd321b492c5c6375.png\")
hey homelab folks,
\n\nthis came from a slightly uncomfortable thought.
\n\nI’ve had a few concussions from biking accidents over the years. every time I recover fine, but every time I also think: what if next time I don’t? what if I can’t remember how to log into my own machines?
\n\nthe obvious answer is “give my 1password to my partner”. but that turns one human into the single point of failure for my whole digital life. that felt… wrong.
\n\nso I built something I call ReMemory.
\n\nit’s basically a digital safe.
\n\nyou put some files in it (password manager recovery codes, notes, whatever), and 5 friends each hold a key. any 3 of them together can open it. none of them can open it alone.
\n\nthe part I’m weirdly proud of: they don’t install anything. they just open a file in a browser and it works. no server, no account, no setup, no “install this tool first”.
\n\nlinks if you’re curious:
\n\nI’m not trying to pitch this as a product or anything. I mostly want to know:
\n\nhow are you handling this today in your lab?
\n\nsafe? lawyer? printed notes? one trusted person?
\n⬆️ 1,863 points | 💬 320 comments
![\"image\"](\"https://rssglue.subdavis.com/media/ec/ec8f9a0f8801c1e0fa4bb16d2b6e575621456fc440e6d7701f941f3dc962e1be.jpg\")
⬆️ 7,821 points | 💬 259 comments
Not sure why this hasn't been posted here yet, but Immich is trying to build a public EXIF dataset to improve their metadata parsing. They're asking people to upload photos from a variety of cameras and smartphones to build this dataset. Please participate to improve Immich!
\n\n\n\nThey mention in the video that the content of your uploaded photos will be publicly accessible (including metadata like GPS coordinates), so it's best to take more generic photos in locations you do not consider PII.
\n⬆️ 1,038 points | 💬 57 comments
Hey everyone! After lurking here for months, I finally took the plunge and set up my own home server. Thought I'd share my experience and setup.
\n\nWhat I'm Running:\n- Immich for photo backup (replacing Google Photos)\n- Navidrome for music streaming (replacing Spotify)\n- Jellyfin for movies/TV shows\n- Vaultwarden for password management\n- Paperless-ngx for document scanning\n- All running on a refurbished Dell Optiplex (i5-8500, 32GB RAM, 2TB SSD + 8TB HDD)
\n\nThe Good:\n- Complete control over my data\n- No more subscription fees (saving ~$25/month)\n- Immich's face recognition is surprisingly good\n- Remote access via Tailscale works flawlessly
\n\nThe Challenges:\n- Initial setup took longer than expected (weekend project turned into 2 weeks)\n- Had to learn Docker and docker-compose from scratch\n- Backup strategy is still WIP\n- Wife needed some convincing about "why can't we just use Google?"
\n\nUnexpected Bonus: The kids now watch our home videos on Jellyfin instead of YouTube!
\n\nTotal cost so far: ~$400 (hardware) + time. Definitely worth it for the learning experience alone.
\n\nHappy to answer questions about the setup!
\n⬆️ 790 points | 💬 124 comments
Hi everyone,
\n\nI’m living on campus and my college network is incredibly restrictive. It feels like they have an aggressive firewall with Deep Packet Inspection (DPI) set up.
\n\nThe Situation:
\n\n• Blocked: Tailscale (VPNs don't connect), Cloudflare Tunnels (cannot reach my home lab), Steam/Games (connection timeouts), and even standard remote desktop tools often fail.
\n\n• Allowed: Basic web browsing (HTTPS) works fine.
\n\nWhat I'm trying to do:
\n\nI have a home server (Linux machine) back at my parents' house that I want to access for remote dev work, and I also just want to be able to game occasionally.
\n\nWhat I suspect:
\n\nSince Tailscale and Cloudflare Tunnels are failing, I assume they are blocking UDP heavily and inspecting traffic signatures. Standard VPNs get flagged immediately.
\n\nThe Question:
\n\nHas anyone successfully bypassed a network this strict? I’m looking for "hacky" solutions or obfuscation techniques.
\n\n• Would something like Shadowsocks or V2Ray wrapping the traffic in HTTPS work here?
\n\n• Is there a way to tunnel UDP over TCP on port 443 effectively?
\n\n• Any specific tools for bypassing DPI specifically for university networks?
\n\nAny advice or keywords to research would be appreciated!
\n⬆️ 655 points | 💬 357 comments
Hello,
\n\nI'm the lead dev behind Termix (a self hosted ssh server manager for all platforms, similar to Termius).
\n\nSince October 27th, 2025, I have made $467 USD from just GitHub Sponsors donations. That works out to be about $4.5 dollars per day since the first donation. A large portion of these donations have come from the last few weeks.
\n\nThis includes a mix of one-time donations (largest ever was $50) and monthly donations. Currently, I make about $35 month due to monthly recurring donations.
\n\nIt took about 6,000 GitHub stars before I received the first donation through GitHub Sponsors. Termix now sits at just over 10,000 for reference, with ~4 million Docker pulls.
\n\nIn my case, there are no incentives to donate for any reason (no benefit other than a badge on your GitHub profile). The default and smallest donation amount that I have on my donation page is $1/month.
\n\nIn a few months (maybe a year), I'll do another post updating everyone who is curious!
\n\nThanks,
\nLuke
⬆️ 566 points | 💬 63 comments
![\"image\"](\"https://rssglue.subdavis.com/media/81/8198c4413a3caa789de5f0fd3b2993f03f9541f6f589153fc10f5e41611c8e30.png\")
I recently moved to Glance because Homarr was consuming too much RAM and makes too many DNS requests. I couldn't be more happier with my current setup!
\n\nIt took considerable time and effort to make it look and function similar to Homarr widgets but it was worth it IMO. My config is in Github link if anyone is interested.
\n⬆️ 531 points | 💬 77 comments
![\"image\"](\"https://rssglue.subdavis.com/media/ca/ca647568a32e2070cf5b4e15878ca73617e6e0e10dad650177cf586a7deaf6da.jpg\")
Equipment:
\n\nHP EliteDesk 800 G5 DM 65W Core i5-9500 3.00GHZ 256GB NVME 16GB
\n\nSeagate 8TB USB External Expansion Hard Drive 1TFAP6-500
\n\nDetails:
\n\nRunning Linux + Docker Compose (used ChatGPT for basically all of the setup)
\n\nRunning Jellyfin, Sonarr, Radarr, Prowlarr, Usenet and Tailscale
\n\nAny tips, tricks or useful information would be greatly appreciated!
\n⬆️ 549 points | 💬 71 comments
https://www.reddit.com/gallery/1qutpj8
\n\n\nIt's been two months since I first posted Tracearr here. 14 contributors and a lot of changes later, here's the update:
\n\nThe big news: iOS is sitting in App Store review right now. Android is in Google Play review for another 12 or so days. Both should go live by next week. Push notifications when someone triggers a rule, kill streams from your phone, full dashboard wherever you are.
\n\nIf you want to try it before public release, the Discord has TestFlight and Android Beta links!
\n\n- Website: tracearr.com - Launched the first pass of the website!
\n\n- Docs: docs.tracearr.com - Docs site is up with install guides, troubleshooting, and documentation around rules and what the options mean.
\n\nThe old one was rigid - you were stuck with what I had hardcoded, and could only notify and decrease trust score. The new one has 22 conditions across 6 categories, 10 operators, and 8 action types. Mix and match with AND/OR logic.
\n\nThe new interface is heavily inspired by the folks at HomeAssistant and their incredible work with Automations.
\n\nSimple stuff:
\n\n![\"image\"](\"https://rssglue.subdavis.com/media/73/730616effbd6a1cf78aa8ebe1fce85df0304afd15ecdf063c3391d461deb33cb.png\")
![https://preview.redd.it/13txlwifkkwg1.png?width=800&format=png&auto=webp&s=74c3eae6a1750460529764ff9fa047c0ceeab0b7](\"https://preview.redd.it/13txlwifkkwg1.png?width=800&format=png&auto=webp&s=74c3eae6a1750460529764ff9fa047c0ceeab0b7\"){kind=link}
![https://preview.redd.it/q4mgykzzmkwg1.png?width=1363&format=png&auto=webp&s=1175e815a0ff23837cf3ed7192087fcb83c6c39c](\"https://preview.redd.it/q4mgykzzmkwg1.png?width=1363&format=png&auto=webp&s=1175e815a0ff23837cf3ed7192087fcb83c6c39c\"){kind=link}
![https://preview.redd.it/k0okuk9unkwg1.png?width=525&format=png&auto=webp&s=ef159f8174acd22b83a9f1814127d2d16c0a5ae3](\"https://preview.redd.it/k0okuk9unkwg1.png?width=525&format=png&auto=webp&s=ef159f8174acd22b83a9f1814127d2d16c0a5ae3\"){kind=link}
![https://preview.redd.it/04ptjed3okwg1.png?width=421&format=png&auto=webp&s=6e521ee9c1226a22f44ee2426b25c59ffea8b378](\"https://preview.redd.it/04ptjed3okwg1.png?width=421&format=png&auto=webp&s=6e521ee9c1226a22f44ee2426b25c59ffea8b378\"){kind=link}
![Example of Gemma 4-26B-4AB running](\"https://i.redd.it/hanpx5et2tsg1.gif\"){kind=link}
![https://preview.redd.it/87mqpt1utfng1.jpg?width=4000&format=pjpg&auto=webp&s=943578451b7da34e1ef993b177895a85de9bde67](\"https://preview.redd.it/87mqpt1utfng1.jpg?width=4000&format=pjpg&auto=webp&s=943578451b7da34e1ef993b177895a85de9bde67\"){kind=link}
![https://preview.redd.it/wrdq62uztfng1.png?width=2605&format=png&auto=webp&s=6646b0aa7ef45cbbfe99dd104d91ce6bfa581fef](\"https://preview.redd.it/wrdq62uztfng1.png?width=2605&format=png&auto=webp&s=6646b0aa7ef45cbbfe99dd104d91ce6bfa581fef\"){kind=link}
![https://preview.redd.it/eq5eijv8ufng1.png?width=3011&format=png&auto=webp&s=05211a47456506a577ab4ceac9cdbf42b0026d1e](\"https://preview.redd.it/eq5eijv8ufng1.png?width=3011&format=png&auto=webp&s=05211a47456506a577ab4ceac9cdbf42b0026d1e\"){kind=link}
![https://preview.redd.it/hh6lb7f4m5mg1.png?width=3474&format=png&auto=webp&s=7f7e4d2a28c39baa60689f055a6ced64dc9c3265](\"https://preview.redd.it/hh6lb7f4m5mg1.png?width=3474&format=png&auto=webp&s=7f7e4d2a28c39baa60689f055a6ced64dc9c3265\"){kind=link}
![https://preview.redd.it/6ki8je45m5mg1.png?width=784&format=png&auto=webp&s=00c37f7b5bc8a72c1763ad8a86c34f9ef9ae9f28](\"https://preview.redd.it/6ki8je45m5mg1.png?width=784&format=png&auto=webp&s=00c37f7b5bc8a72c1763ad8a86c34f9ef9ae9f28\"){kind=link}
![https://preview.redd.it/1qpsri2dn5mg1.png?width=1520&format=png&auto=webp&s=c63c982cdabf1d4b600a3e839447af5e46414761](\"https://preview.redd.it/1qpsri2dn5mg1.png?width=1520&format=png&auto=webp&s=c63c982cdabf1d4b600a3e839447af5e46414761\"){kind=link}
![says](\"https://i.imgur.com/sjPAT1u.png\"){kind=link}
![say](\"https://i.imgur.com/8AkHZ27.png\"){kind=link}
![commit history](\"https://i.imgur.com/TomsJz0.png\"){kind=link}
![called out on this](\"https://i.imgur.com/dF0Oyst.png\"){kind=link}
concurrent streams > 2 → create violationtravel speed > 500 mph → notify (faster than a plane = probably something fishy..)country not in [US, Canada] → log onlyWhere it gets interesting (AND/OR):
\n\nconcurrent streams > 3 AND not local network → kill oldest with message "Limit is 3 streams"inactive days > 90 AND streaming now → notify on Discord (dormant account woke up)unique IPs in 24h > 5 AND trust score < 50 → high severity violationThe kill stream action can target the triggering session, oldest session, newest session, all except one, or all user sessions. You can add delays and custom messages ("Your account is limited to 2 streams. Oldest session will end in 30 seconds.").
\n\nSince launch we have cranked the collection and aggregation up to 11. We have added some deep library tracking which creates insights that can't be seen anywhere else!
\n\n- Binge scores - identifies consecutive watch patterns. See what users, and what media are most binged!
\n\n- Device health scores - combines direct play rate, codec support, and transcode frequency into one number.
\n\n- Stale Media - see what media is infrequently watched, or never watched. Identify how much space you can save by removing it.
\n\n- Storage Trends understand what library growth over time looks like, and what media has the highest ROI relative to watches/size on disk.
\n\n- Quality Trends watch your quality evolution over time, see how video and audio codecs are distributed across your media.
\n\n- Bandwidth Analysis see what users consume the most bandwidth, alongside hours watched by time range and average bitrates for content consumed!
\n\n- JellyStat import - finally. Import your backup including codec and transcode details. File size limit bumped to 500MB.
\n\n- Public API - REST API with Swagger docs at /api-docs. Generate your own API keys.
- Notifications - Pushover support, ntfy auth tokens for self-hosted instances, server health alerts when media servers go down.
\n\n- Live TV and music - Live TV, DVR sessions, and proper artist/album/track parsing now tracked.
\n\n- Translations - German and Portuguese thanks to contributors with more coming!
\n\n- Misc - Bulk actions for violations/users/rules, draggable server reordering, session history filters, view logs in the UI.
\n\n14 contributors have shipped code since the original post. @JamsRepos sent 11 PRs - bulk actions, account inactivity rules, Windows fixes. @ncabete did Portuguese translations then kept going with IP enrichment, bandwidth sorting, transcode tooltips. @durzo wrote the Proxmox community script which is quickly becoming a popular deployment method.
\n\nIn 9 weeks we've done 950+ commits, 8 releases, and closed 186 issues. A ton of that came from bugs you all found.
\n\nWe have come a long way - but there is still a very long way to go! Here are some of the things either in progress, or planned as upcoming work:
\n\nWebsite · GitHub · Discord · Docs
\n\nAnd for everyone: what stats would make you actually check the dashboard daily?
\n\n⬆️ 512 points | 💬 207 comments
Started as a joke to prove a point to my coworker who insisted we needed aws for everything. now its been 8 months and this little pi is routing all our internal apis, handling auth, rate limiting, the works.
\n\npower went out last month and my wife asked why I was panicking about the closet. had to explain that our entire company's internal api infrastructure lives next to the christmas decorations.
\n⬆️ 1,933 points | 💬 212 comments