![https://preview.redd.it/ts12w2f7dp3h1.png?width=1102&format=png&auto=webp&s=b75a60099be2619818db860f6f2fea2fb92040df](\"https://preview.redd.it/ts12w2f7dp3h1.png?width=1102&format=png&auto=webp&s=b75a60099be2619818db860f6f2fea2fb92040df\"){kind=link}
![\"image\"](\"https://rssglue.subdavis.com/media/d4/d480bf6a67a43b89eb7b48832c2ed6d14b71415e4737174bb42902df6990d433.png\")
The reason many of these... creatures... post here, and on Reddit in general is for SEO.
\n\nReddit ranks highly in search results, which humans and LLMs alike use.
\n\nI'm sure you have all seen the 'I have problem x, and have tried y and z. Curious what others are doing?' type posts. Then the promoted product is often (not always) inserted into the comments by an army of alt accounts sandwiched between actually good and established products to boost perceived authenticity further.
\n\nAnyway, it turns out you can simply comment about how bad their shit is, and since this makes their efforts backfire, they swiftly delete their own slop.
\n\nDelightful!
\n\nScreenshot below for reference
\n\n\n⬆️ 476 points | 💬 55 comments
","metadata":{"score":1170,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tp21l5","title":"Peak dashboard","link":"https://www.reddit.com/r/selfhosted/comments/1tp21l5/peak_dashboard/","author":"pasteludo","published_at":"2026-05-27T10:54:53+00:00","content":"\n\n
My dashboard after removing everything that is not important. One page, compact, all the information I need. Screenshot from last week.
\n\nThe dashboard is Dynacat, a fork of Glance.
\n⬆️ 413 points | 💬 67 comments
","metadata":{"score":413,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1toysos","title":"Google's coming change to app sideloading is threatening the Selfhosted ecosystem.","link":"https://www.reddit.com/r/selfhosted/comments/1toysos/googles_coming_change_to_app_sideloading_is/","author":"nkls","published_at":"2026-05-27T07:55:57+00:00","content":"\n\n\nAndroid has long positioned itself as the open alternative to Apple's closed ecosystem. Many people chose Android for this openness and freedom to customize and alter your software. This is again under serious threat.
\n\nGoogle's new policy will block all apps from working, unless the developers register centrally, submit government-issued ID, pay fees, and hand over signing keys. Might sound reasonable at first, but this has many consequences. What is shocking: This applies to all apps being installed, not only from the Play Store. So even F-Droid is affected by this.
\n\nThe practical consequences are bad. Any developer who doesn't comply, whether due to cost, privacy concerns, or simply being simple side project, will have their apps blocked from installation on all Android devices, including via sideloading. This means:
\n\nThis directly affects our community. It is not certain that all app developers will pay the fee and use their national ID for this hobby project. Especially some of the privacy-focused projects might be affected.
\n\nThere is technically still one way to side-load apps, but this is very tedious and includes a mandatory 24h cool down time, so you are really sure about the risks you are taking. Wtf.
\n\nThis runs counter to the core values of open source and free software distribution. If you think about it, it is a real power play by Google that amounts to a form of cencorship: A company in the USA is dictating what software can run or cannot run on a device you own.
\n\nFor more infos and what to do about it, check https://keepandroidopen.org/
\n⬆️ 463 points | 💬 206 comments
","metadata":{"score":634,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tnrwe0","title":"SparkyFitness v0.16.6.3 - A Self-Hosted MyFitnessPal alternative","link":"https://www.reddit.com/r/selfhosted/comments/1tnrwe0/sparkyfitness_v01663_a_selfhosted_myfitnesspal/","author":"ExceptionOccurred","published_at":"2026-05-26T01:15:04+00:00","content":"\n\nhttps://www.reddit.com/gallery/1tnrwe0
\n\n\nWe’ve crossed 3.6k+ users on GitHub, with 52 developers now contributing to the project — and we’re scaling faster than ever
\n\nOver the past few months, we’ve ported many of the web features directly into the native mobile app, so there’s no longer a need to switch between the PWA and mobile experience. The goal is simple: make SparkyFitness the only app you need to track your health & fitness.
\n\nIf you haven’t tried SparkyFitness yet, I’d love for you to give it a shot and share your feedback. Since day one, almost every feature has come directly from this community’s suggestions and feedback.
\n\nYour input doesn’t just help improve the app for you — it helps thousands of other SparkyFitness users as well.
\n\nSparkyFitness can sync data from multiple health and fitness platforms:
\n\n⬆️ 491 points | 💬 53 comments
","metadata":{"score":1065,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tmw11n","title":"Win 3.x inspired home screen","link":"https://www.reddit.com/r/selfhosted/comments/1tmw11n/win_3x_inspired_home_screen/","author":"evert","published_at":"2026-05-25T02:41:08+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/a5/a562c31e41e67af19bdee94cdb93bcf51879d9401d8b7ec50d5c18edf5971ab5.png\")
⬆️ 485 points | 💬 50 comments
","metadata":{"score":583,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tlmmyn","title":"Best self-hosted ebook server for a very large library (~150k books)?","link":"https://www.reddit.com/r/selfhosted/comments/1tlmmyn/best_selfhosted_ebook_server_for_a_very_large/","author":"MysteriousPizza8390","published_at":"2026-05-23T17:28:20+00:00","content":"\n\n\nHi all, looking for recommendations for a self-hosted book management app that can handle a fairly large library (~150,000 books).
\n\nI’ve already tried CWA and Booklore/Grimoire, but both struggled a bit with UI lag and fairly high system usage at that scale. Recently I came across Kavita and BookOrbit. BookOrbit’s public demo seems to handle a huge library surprisingly well, but the project also looks pretty new in comparison.
\n\nDoes anyone here run either of these with a very large collection? Mainly curious about real-world RAM/CPU usage, scan performance, and general responsiveness at scale. Any feedback would be appreciated.
\n\nKavita https://www.kavitareader.com
\nBookorbit https://bookorbit.app
⬆️ 412 points | 💬 178 comments
","metadata":{"score":420,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tlc3wn","title":"Megalodon chums the waters in 5.5K+ GitHub repo poisonings","link":"https://www.reddit.com/r/selfhosted/comments/1tlc3wn/megalodon_chums_the_waters_in_55k_github_repo/","author":"Hinin","published_at":"2026-05-23T09:50:34+00:00","content":"\n\n\n\n\n\n\"A malware-spreading scumbag swimming through GitHub pushed malicious commits to more than 5,500 repositories on Monday as part of an automated campaign called Megalodon.\"
\n\nMaybe it's time to stop updating until it's safe again ?
\n⬆️ 436 points | 💬 71 comments
","metadata":{"score":442,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tl7qhw","title":"40% less memory: Homarr v1.62.0","link":"https://www.reddit.com/r/selfhosted/comments/1tl7qhw/40_less_memory_homarr_v1620/","author":"Manicraft1001","published_at":"2026-05-23T05:47:02+00:00","content":"\n\n\nHi r/selfhosted,\nwe have great news for all Homarr users here.\nMemory usage of Homarr has always been critizied - and we've heard you.\nA few weeks ago we opened a feature bounty and thanks to that, beginning from v1.62.0, you can expect between 40-60% less memory.\nWe achieved this by merging node.js processes of the app, reducing allocations and tweaking next.js settings to save on memory.\nThe speed and performance are unchanged - but now you can run Homarr with less than half that it previously needed.\nThe new version has already been thoroughly tested, so you can update all your instances safely.
\n\nhttps://github.com/homarr-labs/homarr/releases/tag/v1.62.0
\n\nWe also got some big improvements coming for better UX, better performance, better design and we are focusing on polishing the experience overall.
\n\nNo AI was used in this post.
\n\nIf you have questions, comment below and I will reply 👇
\n⬆️ 464 points | 💬 73 comments
","metadata":{"score":489,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tkvsgq","title":"Here is my selfhosted setup. What else should I add?","link":"https://www.reddit.com/r/selfhosted/comments/1tkvsgq/here_is_my_selfhosted_setup_what_else_should_i_add/","author":"ChitsaJason","published_at":"2026-05-22T21:00:07+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/01/01a6a28226daef6b532b1a09788b8fdae4acce4dd79d98956f86789fb44d972a.png\")
Im running it on Mini PC with: AMD Ryzen 7 H255; 32Gb RAM; 2Tb main SSD, 1TB cache SSD, 18TB HDD attached externally via USB-C. OS: Zorin OS
\n\nRight now I'm mostly using it for Jellyfin; Immich and hosting personal website. Took me almost few months of tinkering to understand how everything works and actually make it work. Especially the Jellyfin stack. Was really fun journey.
\n\nWhat useful things would you suggest to add I might not know? I am a bit out of ideas, now that I reached this state.
\n⬆️ 396 points | 💬 215 comments
","metadata":{"score":397,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tkfr7q","title":"Do any of you self host a family encyclopedia?","link":"https://www.reddit.com/r/selfhosted/comments/1tkfr7q/do_any_of_you_self_host_a_family_encyclopedia/","author":"spcbfr","published_at":"2026-05-22T11:08:36+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/10/10094b2a24a3fccfd9e831fcde134cfb748914b9d9f4cb9ab163c3a1a6719c2d.png\")
I saw this article a few weeks ago about someone building a wikipedia style encyclopedia for their family, and it got me really intrigued. are any of you already doing this, if so what's your experience like with it? would you be interested in hosting one?
\n\nI see people posting about general purpose note taking apps quite often but this application in particular is very interesting.
\n⬆️ 521 points | 💬 69 comments
","metadata":{"score":593,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tkerv9","title":"Plex's Lifetime Pass is (basically) dead. Here's how to switch to Jellyfin.","link":"https://www.reddit.com/r/selfhosted/comments/1tkerv9/plexs_lifetime_pass_is_basically_dead_heres_how/","author":"InvestigatorSoft5764","published_at":"2026-05-22T10:19:24+00:00","content":"\n\nhttps://gardinerbryant.com/plexs-lifetime-pass-is-basically-dead-heres-how-to-switch-to-jellyfin/
\n\n\n\n\n\n⬆️ 551 points | 💬 241 comments
","metadata":{"score":1946,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tjp5ou","title":"(OPINION) Now's the Perfect Time To Move Away from Plex","link":"https://www.reddit.com/r/selfhosted/comments/1tjp5ou/opinion_nows_the_perfect_time_to_move_away_from/","author":"NearbyYak7156","published_at":"2026-05-21T16:07:00+00:00","content":"\n\n\n(WRITTEN BY A HUMAN THAT LIKES BULLET POINTS)
\n\nMost people here have probably heard about Plex hiking the lifetime pass to 750USD, effective July 1.
\n\nIf you're still on the subscription and considering buying the lifetime pass before the deadline, here are some reasons not to:
\n\nIf you're already on the lifetime pass, you're probably good for some time, but you should still consider moving for privacy and self-hosting reasons.
\n\nThe main advantage of Plex for most users cite is their clients, but these days, Jellyfin has great clients (shout out to streamyfin) and many different options for every platform, actively developed by members of the community. Full disclaimer, I'm the dev of Hound Media Server, so I also have skin in the game. Special shoutout to Kyoo, which is very active and a project I feel is underloved in this sub.
\n\nI really don't blame Plex, they've been good and they need to pay their employees. But from a self-hosting standpoint, I think it's a good time to move on.
\n\nTLDR; Support actually self-hosting, support open-source
\n⬆️ 1,692 points | 💬 852 comments
","metadata":{"score":2015,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tjcfe6","title":"Found an unauthorized device in my rack - 8 cores, no MAC address, won't respond to ping","link":"https://www.reddit.com/r/selfhosted/comments/1tjcfe6/found_an_unauthorized_device_in_my_rack_8_cores/","author":"MrMax314","published_at":"2026-05-21T06:52:20+00:00","content":"\n\nhttps://www.reddit.com/gallery/1tjcfe6
\n\n\nNo idea how it bypassed perimeter security. Not in my DHCP leases either.
\n\nRack is semi-open so I assume it came in through an air gap.
\n\nIs this a known issue? First time dealing with a physical layer intrusion of this kind.
\n⬆️ 2,794 points | 💬 237 comments
","metadata":{"score":3318,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tjalq8","title":"My Spotify Replacement Setup (navidrome + lidarr with tubifarry + slskd + explo + aurral + musicbrainz/listenbrainz)","link":"https://www.reddit.com/r/selfhosted/comments/1tjalq8/my_spotify_replacement_setup_navidrome_lidarr/","author":"KnifinLTD2","published_at":"2026-05-21T05:16:48+00:00","content":"\n\n\nNote: This post was not created using AI, nor was AI involved in the process. Just a lot of trial and error until I found something that was relatively easy, and worked nicely. So my apologies if this isn't formatted so cleanly, or clearly, but happy to take on any advice!
\n\nI recommend doing this on a Thursday or a Friday because ListenBrainz creates your custom playlist on the Monday for the \"Spotify\" recommendation like experience.
\n\nMusicBrainz -> The metadata for songs.
\n\nListenBrainz -> Creates your recommended playlists
\n\nNavidrome -> Music streaming server
\n\nLidarr (NIGHTLY required for plugins) -> Automates and orchestrates downloading and managing metadata.
\n\nTubifarry -> Plugin for connecting Lidarr with slskd for automated downloading, and fetching lyrics.
\n\nslskd -> Soulseek P2P client for downloading music.
\n\nexplo -> Creates the weekly, monthly, daily playlists and also fetches the songs.
\n\naurral -> Similar to Seerr where you can request songs or create users to request songs.
\n\nCreate an account on MusicBrainz: https://musicbrainz.org/
Sign in using MusicBrainz account in ListenBrainz: https://listenbrainz.org/
slskd: You will need to make an account on Soulseek by downloading a MacOS / Windows / Linux client https://www.slsknet.org/news/node/1 and then on app startup it asks to create a username / password. You can feel free to uninstall afterwards. Use the docker-compose from https://github.com/slskd/slskd#with-docker-compose and be sure to open ports 50300 for sharing, OR alternatively, use hotio's version: https://hotio.dev/containers/slskd/ and have built in VPN.
Lidarr: Use the docker-compose from https://hub.docker.com/r/linuxserver/lidarr#docker-compose-recommended-click-here-for-more-info IMPORTANT: use the following image -> image: lscr.io/linuxserver/lidarr:nightly
Tubifarry Plugin: Once Lidarr is up and running install the Tubifarry plugin: https://github.com/TypNull/Tubifarry#installation- and then follow the instructions to add soulseek (https://github.com/TypNull/Tubifarry#soulseek-slskd-setup-), lyrics fetcher (https://github.com/TypNull/Tubifarry#lyrics-fetcher-), and search sniper (https://github.com/TypNull/Tubifarry#search-sniper-). NOTE: Lyrics Fetcher is called Lyrics Enhancer.
aurral: Use the docker-compose from https://github.com/lklynet/aurral#quick-start and start up and it will guide you through connecting the difference services. I highly recommend in the settings to click: Apply Davo's Recommended Settings.
Navidrome: Use the docker-compose from https://www.navidrome.org/docs/installation/docker/#using-docker-compose- and start it up. Be sure to go to your profile / settings and enable scrobbling to ListenBrainz.
Start adding some Artists to Lidarr and downloading their albums, and listening to them on a Navidrome client: https://www.navidrome.org/apps/ or the Navidrome web app.
When I add an artist into Lidarr or through Aurral I do the following:
\n\nhttps://www.reddit.com/r/selfhosted/comments/1tjalq8/comment/on067oz/
\n\nI'm unsure if I should add my docker-compose.yml and .env in here as an example. I think it might be hurtful in case any of the above adjusts their parameters or setup, people might have the wrong docker-compose.yml... but let me know. Am happy to add both in to give an example.
\n\nHere's is an example of my docker-compose.yml please as a heavy note, this is relevant as of only today. This might not be true in future when some things change. Do go to the pages to pull their docker-composes.
\n\nExample of docker-compose.yml: https://pastebin.com/AR3J9YiY
\n⬆️ 497 points | 💬 116 comments
","metadata":{"score":548,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tior0l","title":"just observing","link":"https://www.reddit.com/r/selfhosted/comments/1tior0l/just_observing/","author":"Flying-T","published_at":"2026-05-20T15:16:00+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/3f/3f1cecbdc7d797d5ac7118ca3b3083066e6322892346630f9437d7852409cd7d.jpg\")
⬆️ 2,519 points | 💬 500 comments
","metadata":{"score":2635,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1thn6kw","title":"New Lifetime Plex Pass Pricing","link":"https://www.reddit.com/r/selfhosted/comments/1thn6kw/new_lifetime_plex_pass_pricing/","author":"pheexio","published_at":"2026-05-19T13:34:49+00:00","content":"\n\nhttps://www.plex.tv/blog/new-lifetime-plex-pass-pricing/
\n\n\n\n\n\n⬆️ 531 points | 💬 888 comments
","metadata":{"score":886,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1th0rai","title":"Terminator: a terminal with sync (like Termius but free)","link":"https://www.reddit.com/r/selfhosted/comments/1th0rai/terminator_a_terminal_with_sync_like_termius_but/","author":"Deeplerg","published_at":"2026-05-18T20:48:12+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/b3/b3f20d1730021c89cd843d921f5373802f3118518a44cd4133b316f73f6e4d9f.png\")
Discord: https://discord.gg/x7K9BRrQJE
\n\nWebsite: terminator.sh
\n\nHey! We're launching Terminator, an open-source SSH client with a self-hostable sync server.
\n\nI like Termius, but the sync functionality is paywalled. I've had this idea for a while, and recently decided to build it as part of a team university project.
\n\nHere's how it works. When you interact with Terminator, all your host profiles, keys, etc. are encrypted (with a key derived from your password) and saved locally. When you decide to use a sync server, the client only uploads those opaque already-encrypted blobs! Of course, you don't have to use a sync server, the app is fully usable offline.
\n\nThe desktop client is built on Wails and Go: it's lightweight (~15MB) and cross-platform (🪟 🐧 🍎)
\n\nRight now it's relatively basic, but there's a bunch of stuff on the roadmap.
\n\n(we also kind of have to launch it now due to uni deadlines 🤪)
Would love to hear your feedback!! (check out our Discord)
\n\nGet it here: terminator.sh
\n⬆️ 440 points | 💬 132 comments
","metadata":{"score":498,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tgyb61","title":"Things I didn't think of when I decided to start self-hosting: Not relying on a $120 subscription to sync my academic library in grad school!","link":"https://www.reddit.com/r/selfhosted/comments/1tgyb61/things_i_didnt_think_of_when_i_decided_to_start/","author":"GreenReporter24","published_at":"2026-05-18T19:26:26+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/98/989949e880d2b93a5acf2120373eb5538f2e873e8a8bdaebda892520ed79141d.png\")
I'm a grad student, and just got an iPad for reading and annotating research papers.
\n\nI quickly realized I couldn't sync my library with it, though, because my Zotero cloud storage was full. And to solve that issue, Zotero wanted $60 a year for 6 GB, or $120 a year for unlimited capacity.
\n\nLuckily, inspired by you lot, I bought an older HP EliteDesk mini-PC a few months ago and put a 4TB SSD into it, with the goal of limiting my reliance on monthly subscriptions.
\n\nI've never used WebDAV before, but after sorting out some issues with Docker and Tailscale, I was able to make it work!
\n\nThis little thing is awesome!!
\n⬆️ 462 points | 💬 50 comments
","metadata":{"score":456,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tggftg","title":"Self-hosted a Nintendo eShop using Ownfoil","link":"https://www.reddit.com/r/selfhosted/comments/1tggftg/selfhosted_a_nintendo_eshop_using_ownfoil/","author":"ProAngelus11","published_at":"2026-05-18T08:36:18+00:00","content":"\n\nhttps://www.reddit.com/gallery/1tggftg
\n\n\nI modded my switch OLED a month ago and I couldn't resist connecting it to my server somehow. Well here it is, a game library so I can download any games I want directly from my server.
\n\nIt's pretty easy to setup, Ownfoil as a server and Cyberfoil as a client. Pretty cool projects.
\n⬆️ 311 points | 💬 58 comments
","metadata":{"score":513,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tg1sav","title":"Profilarr v2 is Out!","link":"https://www.reddit.com/r/selfhosted/comments/1tg1sav/profilarr_v2_is_out/","author":"heysantiago","published_at":"2026-05-17T21:03:49+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/a3/a3bbffa859a5a59916b1b81c23fab1102fc5935cab5c2be7368f1c5203ccf229.png\")
For those unfamiliar, Profilarr syncs quality profiles, custom formats, and media management settings from shared configuration databases into your arr Arr instances.
\n\nv2 has been in closed beta for a few months and is now publicly available!
\n\nv2 can connect to multiple databases at the same time. A few of the more popular ones:
\n\nThe Arrs are great at reacting to new releases via RSS, but they don't continuously revisit older downloads looking for something better. This is especially important when you switch or update quality profiles and are left with releases that no longer match what the new profile would have grabbed.
\n\nUpgradinatorr solved this by cycling through your library and triggering searches over time. v2 brings that idea into Profilarr, with more control and a GUI.
\n\nYou can filter by any metadata your Arr tracks: ratings, year, genre, size, release group, language, date added, and more. Filters support nested AND/OR logic, selectors let you prioritise what gets searched first, cooldowns prevent items from being repeatedly searched, and everything can run on a schedule.
\n\nv1 handled local changes through complex git-based three-way merges. v2 replaces that with a dedicated change layer: your local changes now live separately from the upstream database, which means updates can come in without overwriting your changes or forcing you through messy merge conflicts. In practice, that means fewer conflicts surface in the first place, and the ones that do can often be resolved automatically.
\n\nIn addition to those major highlights, here are some smaller improvements:
\n\nv2 is not compatible with v1. The underlying database and customisation systems changed significantly, so existing v1 databases/configs/appdata won't work directly in v2.
\n\nIf you want to try v2:
\n\nA few years ago I just wanted to share some quality profiles I thought people might be interested in. It's gotten a little out of hand since then... None of that is possible without:
\n\nYou can follow the 2.x.x roadmap here. Some highlights from that include:
For those wondering about anime, there is no profile yet, but it's on the roadmap. The approach is a bit different from our existing profiles: instead of one profile that scores releases across your whole library, we're building per-series profiles based on manual rankings of the best release in each variety for each anime; similar to what SeaDex does, but across more formats (Blu-ray encode, WEB, Remux, dual audio, subs, etc.). This ties into the advanced profile automation work above; per-series profiles only work if each anime can be routed to its own profile automatically.
\n\nIn the meantime, v2's multi-database support means you can run Dictionarry alongside any community-built anime database. TRaSH Guide's Anime profile is the most established option and what most users currently rely on. You can follow progress on our anime work here.
\n⬆️ 487 points | 💬 134 comments
","metadata":{"score":627,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tfoo9p","title":"When the wife approves the server rack in the living room, but you have toddlers.","link":"https://www.reddit.com/r/selfhosted/comments/1tfoo9p/when_the_wife_approves_the_server_rack_in_the/","author":"khem_geek","published_at":"2026-05-17T12:50:46+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/9a/9af12f1910c2e69613aeacb32d97dcf8f071b92f20e89da5c448fc1fdec7704a.jpg\")
Recently upgraded from an open rack to an enclosed rack to keep tiny hands away from the flashy lights. They seem to enjoy it. The misses enjoys the services.
\n\nCurrently running a 2 node proxmox cluster, 3 websites, Immich, Matrix, OCIS, Jellyfin, *arr stack, Home Assistant, and more to come.
\n⬆️ 328 points | 💬 58 comments
","metadata":{"score":738,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tfoh5e","title":"Has anyone used Actual Budget?","link":"https://www.reddit.com/r/selfhosted/comments/1tfoh5e/has_anyone_used_actual_budget/","author":"Abject-Belt-4746","published_at":"2026-05-17T12:41:51+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/a9/a99882979f6c7a0cddc9341c4e42acb10dec4a63605c75605d33fbdf848949a4.jpg\")
I have been looking at this since all the other apps that I have seen require a paid subscription to link banks and such. Im just curious to see how it works. I love a good budget app, yeah ive reached that stage in life. 🤣
\n⬆️ 350 points | 💬 197 comments
","metadata":{"score":525,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1te4zdn","title":"Bitwarden heading to eliminate Freemium and possibly Vaultwarden support in the near future?","link":"https://www.reddit.com/r/selfhosted/comments/1te4zdn/bitwarden_heading_to_eliminate_freemium_and/","author":"Electronic_Dream8935","published_at":"2026-05-15T18:33:25+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/3a/3a5f9e3f6bd89bd15cb027e84b258862a0a355cdcb19d7760e4dab86c671815b.png\")
\n\n\n“His replacement, Michael Sullivan, former CEO of both Acquia and Insightsoftware, touts his experience with “all facets of mergers and acquisitions” on his own LinkedIn page, including experience working with leading private equity firms.”
\n
There isn't any true evidence that Bitwarden will eliminate support for selfhosted versions and/or get rid of the options to use selfhosted servers in the apps, but it does have me a bit worried about Bitwarden in general in the long term...
\n⬆️ 1,592 points | 💬 253 comments
","metadata":{"score":3194,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tdn3pz","title":"Anyone else ever look at their environment and realize how far you've come?","link":"https://www.reddit.com/r/selfhosted/comments/1tdn3pz/anyone_else_ever_look_at_their_environment_and/","author":"scarlet__panda","published_at":"2026-05-15T05:44:34+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/33/3371574733c60b21cfc5a0cb47e78d4989403c32733de522c8695e5eb73dba61.png\")
I remember when I was first starting out, I tried Proxmox as a recommendation from someone on Reddit, and I was very intimidated. This was before I started in IT, before college, certs, etc. I ended up going with a Windows Server 2022 build using hyper-V after a few botched Debian server implementations and data losses.
\n\nI went to school, got my degree, started in IT, finished my degree, and now I work as a (my title is Assistant Director, I direct the department and implement policy, but i much prefer the work I do as sysadmin there) Systems Administrator.
\n\nI looked at my stack as I threw my pi in the cluster today and was really happy with how far Ive come in the past years.
\n\nAnyone else know what I mean?
\n⬆️ 364 points | 💬 80 comments
","metadata":{"score":436,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tdkjmf","title":"Update on the \"Help Me Escape From Belarus\" Server Logs","link":"https://www.reddit.com/r/selfhosted/comments/1tdkjmf/update_on_the_help_me_escape_from_belarus_server/","author":"gurgle528","published_at":"2026-05-15T03:37:16+00:00","content":"\n\n\nNote to mods: sorry if this is disallowed, I recognize this is only loosely related to the sub, but I figured it's worth making a post as more people will see this in their logs.
\n\nA couple days ago I saw this post about strange requests hitting Traefik.
\n\nI was curious and emailed the email provided in the user agent using a junk email I haven't used in 10 years. They responded politely with a link to a site on a free web host. I (safely) went to the page. Given the nature of the situation I half expected there to be something malicious on the page, but it is just a simple HTML page with no scripts.
\n\nIf it's a scam or phishing I don't see how. Notably it does mention that his crawler bot is designed to spread itself to poorly protected servers. Based on that description, if your server is able to be compromised by the bot you likely would have already been compromised by any of the other several SSH brute force bots that already exist.
\n\nFor anyone curious, here's the text on the page:
\n\n\n\n\nTo be honest, I'm surprised that this seemingly foolish endeavor has attracted so much attention. I'm grateful to everyone for your messages—it's genuinely heartening to see. I've also seen the posts on Reddit, where people are split into two camps, and I understand both sides. From the outside, this really does come across as ambiguous. But I want to emphasize once again: the purpose of this \"project\" is not phishing, not hacking, and not an attempt to appear pitiful to the entire internet. There is no hidden agenda here; I am not interested in funding or sponsorship in any form. Please view this as a highly specific performance piece—one without parallels, as far as I've been able to find. Below, you can still get a general sense of what's going on. Also, starting from the 19th, I will be cut off from the outside world and likely unable to follow how the situation unfolds or respond to messages. In any case, if you have something to write or suggest—please feel free to do so.
\n
\n\nIf you’re reading this page, you’ve most likely found a suspicious line in your server logs containing a link and an email address.
\n
\nEnglish is not my native language. This text was originally written in Russian, so you may notice some translation quirks or slightly awkward phrasing that sounds different in English.
\nWell, hello. Here, I’ll try to explain how this happened and what you should do about it. First of all, let me reassure you: this is not an attempt to hack your server or cause any harm to your service. No phishing, no hacking—your server is safe.
\nLet me introduce myself. My name is Alex, and I’m 27 years old. I’ve spent most of my life in Belarus. To be honest, it’s not the greatest place to live. Some people speak openly about it with enthusiasm, but for whatever reason, I’ve never shared that sentiment. In many ways, I see similarities between Belarus and North Korea, especially when it comes to the military—they’re about 80% alike. Conscription is mandatory here, and even after completing your service, you’re still called up for military drills every 1 to 3 years. It’s absurd, a Soviet-era relic that disrupts and destabilizes an already fragile life in this country. I work as an engineer, mostly repairing equipment, including digital devices, but in my free time, I love programming. I’m learning Golang, I know Python, and I have basic knowledge of Delphi and PHP. I’ve also started learning Rust. It all sounds great, but I don’t see much of a future in it—at least not while working in Belarus (or the CIS) in these fields. Somehow, I never got a formal degree in IT, which could have opened the door to the programming world and helped my resume stand out. I also don’t have a solid portfolio, since most of my pet projects are just various bots and IoT device analyzers.
\nAnd that brings us to what’s actually happening here. Yes, from that last sentence, a lot should already be clear. That line in your logs is the work of a bot. It’s harmless by design but operates like a worm. The bot scans random IP addresses for open HTTP ports (TCP 80, 8000, 8080, etc.) and SSH ports (TCP 22, 2222). If it finds an open HTTP port, it simply sends a request to the server using a random method (GET, CONNECT, or HEAD). If it finds an open SSH port, it begins a password brute-force attack, but only using default combinations like admin:admin, root:root, or support:support. No exploits, no other malicious actions. The bot is also fully autonomous—it doesn’t connect to a command-and-control server and runs entirely on its own. It only reports discovered IP and login:password pairs back to a loader. Additionally, the bot has a built-in timer: six months after it starts, it self-terminates. If your device has become part of this network of spreader bots, simply reboot it. The bot doesn’t establish persistence on the system and usually runs from /tmp. Also, make sure to change any default passwords.
\nYes, it’s unfair. It’s using someone else’s resources, and it’s somewhat illegal. But… a lot of illegal things happen in my country, many of them on a state level and far more significant, about which people are expected to stay silent and are strictly forbidden from expressing dissatisfaction. Not many here are happy with local politics or the actions (and sometimes inaction) of the authorities. It’s especially upsetting and sad that the Russia-Ukraine conflict hasn’t spared us either. Our authorities have always been, and will always be, on Russia’s side. If the situation escalates further, Belarus will join Russia’s side swiftly, no matter what the rest of the world says. By the way, this conflict has also affected Belarus in everyday and housing matters. Due to international sanctions and isolation, Russians are moving to Belarus in search of a better life, renting and buying apartments in huge numbers. Because of this, it’s becoming harder and harder for locals to rent, and buying a home will likely become impossible within a decade.
\nWhat am I trying to achieve with this message?
\nI’m asking for your help. If you see any potential or opportunities in me, please point them out.
\nIf you have any job offers, I’d gladly consider them.
\nIf there’s anything you’d like to share or tell me, I’m more than happy to listen.
\nIf you have a way to help me leave Belarus (important: non-financial assistance only), I will be endlessly grateful.
\nLater on, I’ll publish the source code for both the bot and the server component here. If for any reason you think I shouldn’t do that, please email me.
\nThank you for reading this rambling monologue. I hope I haven’t caused you any inconvenience.
⬆️ 319 points | 💬 11 comments
","metadata":{"score":640,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tddmqq","title":"Built myself a tiny daily homelab monitor receipt to report on self hosted services","link":"https://www.reddit.com/r/selfhosted/comments/1tddmqq/built_myself_a_tiny_daily_homelab_monitor_receipt/","author":"sowhatidoit","published_at":"2026-05-14T22:36:01+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/6f/6f53982487eb4cb4c2538610f488f0b28aee0172e56ad1fe1288a6a02f8c0f86.jpg\")
Needed daily home lab health reports.
\n\nHad a thermal printer laying around so I put it to use.
\n\nStill a work in progress, next is weekly maintenance reports and eventually AI to handle exception reporting.
\n⬆️ 694 points | 💬 85 comments
","metadata":{"score":2159,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tcxb1b","title":"services with actually generous free tiers for open-source projects. my list, what would you add?","link":"https://www.reddit.com/r/selfhosted/comments/1tcxb1b/services_with_actually_generous_free_tiers_for/","author":"lazycodewiz","published_at":"2026-05-14T12:53:34+00:00","content":"\n\n\nBeen in the weeds shipping an OSS side project for the past few weeks (social media publishing API). Real launch post is coming, this isn't that. Along the way I kept a list of services that actually have usable free tiers for OSS, not the \"free trial\" kind. Sharing in case it helps. Happy to be told what's missing.
\n\nDocs
\n\nMintlify is the obvious one. Point at a public repo and it works. Their default theme is already better than what most teams ship paying for, which is mildly annoying.
\n\nGitBook has a Community plan. Haven't used it personally, plenty of OSS projects do.
\n\nAlgolia DocSearch is free for OSS, no asterisks. That Cmd-K search you see on every framework's docs page is them.
\n\nHosting
\n\nCloudflare Pages. Static hosting, unlimited bandwidth, unlimited builds. Nothing else matches it. Workers free tier is also a lot if you don't need a VM.
\n\nVercel Hobby works for most OSS. They also run a \"Vercel for Open Source\" program that upgrades select projects to Pro.
\n\nFly.io still has a free tier for small VMs. Sponsorship for some maintainers if you ask.
\n\nRender: free static + small Web Service tier. Always lagging the others on features.
\n\nDatabases
\n\nNeon: Postgres with scale-to-zero. The free tier is real, not a 7-day countdown.
\n\nSupabase: Postgres + auth + storage + edge functions on free. Heavier than Neon if you only want a DB.
\n\nTurso: SQLite at the edge. Free tier is generous, takes getting used to.
\n\nUpstash: serverless Redis, free covers most hobby use.
\n\nAuth
\n\nClerk: 10k MAUs free, OSS-friendly. They sponsor select projects too.
\n\nWorkOS: 1M MAU free for SSO/AuthKit. The catch is the product is enterprise-shaped, so only useful if you're chasing those customers.
\n\nBetter-Auth or Auth.js if you'd rather skip the vendor.
\n\nResend: 3k emails/mo, nicest API in the space.
\n\nPostmark: small free dev tier, reliable if you outgrow Resend.
\n\nMonitoring
\n\nSentry: decent free tier and they have an OSS sponsorship program if you write to them.
\n\nPostHog: 1M events/mo free. OSS itself so worst case you self-host.
\n\nBetterStack: uptime + log management on free.
\n\nCI
\n\nGitHub Actions: unlimited for public repos. You already knew.
\n\nCircleCI: also free for OSS if you prefer.
\n\nMisc
\n\nLinear: free for small teams. Not strictly OSS-targeted but a 1-3 person project doesn't hit limits.
\n\nCloudflare in general. Workers, R2, DNS, SSL. All generous. Almost not fair.
\n\nThings I'm not sure about, would love opinions on:
\n\nWhat would you swap?
\n\nEDIT: solid suggestion from the comments, adding here to make it more accessible. thanks to everyone who contributed
\n\nNetworking
\n\nTailscale - 6 users, unlimited devices on free. Effectively unlimited for a self-hosted setup. Pangolin - self-hosted reverse proxy / tunnel. Enterprise license is free for homelabbers; you just swap the docker image tag.
\n\nHosting (extra)
\n\nOracle Cloud Always Free - 4 ARM (Ampere A1) vCPUs, 24 GiB RAM, 200 GB SSD. Caveat: trial accounts get capacity-blocked these days; you may have to flip to pay-as-you-go (still $0 if you stay within Always Free). Orkestr - EU-focused, free tier includes Postgres or Redis bundled.
\n\nGit hosting
\n\nCodeberg - Forgejo-based, OSS-friendly alternative to GitHub.
\n\nObject storage
\n\nBackblaze B2 + Cloudflare - they're in the Bandwidth Alliance, so egress through Cloudflare is free. Cheaper than R2 once you're past hobby scale. DO Spaces - not free, but $5/mo for 250 GB + 1 TB outbound is the cheapest no-surprise option if you outgrow R2's free.
\n\nSecurity
\n\nSnyk Open Source - free + unlimited for public repos. GitGuardian - free secrets monitoring for public repos.
\n\nAuth
\n\nLogTo - OSS-friendly auth, recommended over Clerk by someone in the thread.
\n\nSMTP2GO - need your own domain. Brevo - transactional email API.
\n\nDocs & translation
\n\nWeblate - 160k translatable keys free for OSS projects.
\n\nMonitoring
\n\nWebGazer.io - pro bono uptime monitoring for free/open source projects.
\n\nML / AI compute
\n\nHugging Face Spaces - free hardware for ML demos. Google Colab - free GPU/TPU notebooks if you can work within their session model.
\n\nCustomer feedback / support
\n\nFeatureOS - free OSS plan for product feedback management. SupportWire - free mid-tier OSS plan for live chat.
\n\nCurated lists
\n\n⬆️ 248 points | 💬 89 comments
","metadata":{"score":253,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tbrkcv","title":"Found some strange GET requests in my Traefik access logs. Anyone else saw this poor kid trying to escape from Belarus ?","link":"https://www.reddit.com/r/selfhosted/comments/1tbrkcv/found_some_strange_get_requests_in_my_traefik/","author":"Worldly_Topic","published_at":"2026-05-13T06:39:20+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/ff/ff51e1d8285414b1113db92e5fa1cd82bb8a7ac822c43f967610aa763ee52ce4.png\")
⬆️ 380 points | 💬 56 comments
","metadata":{"score":629,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tbjmet","title":"Because we are a self hosting family that's why.","link":"https://www.reddit.com/r/selfhosted/comments/1tbjmet/because_we_are_a_self_hosting_family_thats_why/","author":"BobButtwhiskers","published_at":"2026-05-13T00:21:24+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/08/08bb0f1d01a36f2ca97397b107939d71fd2b29738cb418fab57122a5df6b181e.jpg\")
Found this and want to share it.
\n⬆️ 1,191 points | 💬 46 comments
","metadata":{"score":7251,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tb7i88","title":"Does my pihole not work or are smart TV's just impenetrable 2026","link":"https://www.reddit.com/r/selfhosted/comments/1tb7i88/does_my_pihole_not_work_or_are_smart_tvs_just/","author":"Cloud-Existence","published_at":"2026-05-12T16:55:04+00:00","content":"\n\n\nI'm running PiHole container on ZimaOS. On an HP Office PC.
\n\nI have run it with the default block list, and with numerous other lists.
\n\nI have also turned off IPV6.
\n\nBut it just seems like my PiHole is not working on my smart tv. It is literally the only device I care about my PiHole blocking ads on, because I don't use a smartphone, and PC's already have great adblocking. Am I doing something wrong, or is it just streaming services imbed their ads and I theres nothing that can stop them.
\n⬆️ 238 points | 💬 99 comments
","metadata":{"score":238,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tajo1n","title":"Accidentally exposed publicly my entire LAN for 2 weeks","link":"https://www.reddit.com/r/selfhosted/comments/1tajo1n/accidentally_exposed_publicly_my_entire_lan_for_2/","author":"ldkv","published_at":"2026-05-11T23:08:38+00:00","content":"\n\n\nPosting this as a PSA / confession because I almost had a heart attack last night and I figure if I got bit, someone else will too.
\n\nTL;DR: Replaced pangolin + NPMplus with a double-Caddy + WireGuard setup. Put a \"clever\" config on the local Caddy to minimize maintenance. Tested it once and called it a day. Two weeks later realized my entire LAN was reachable from the public internet via the wildcard tunnel.
\n\nI used to run pangolin (VPS) + NPMplus (local proxy for split DNS) to selectively expose my services. The setup worked fine, but having to click through two different web UIs every time I added a new service was offending my inner lazy engineer. So a few weeks ago I decided to replace them both with a double Caddy setup linked by a WireGuard tunnel.
\n\nThe Caddyfile on the VPS side is a dumb catch-all that punts everything down the tunnel (first mistake):
\n\n*.mydomain.com {\n route {\n reverse_proxy http://10.0.0.2:9999\n }\n}\nAnd the local Caddyfile:
\n\n# Listen on both the Tunnel (Port 9999) and LAN (Port 80/443)\nhttp://:9999, *.mydomain.com {\n map {host} {vars.is_public} {\n public1.mydomain.com true\n public2.mydomain.com true\n default false\n }\n\n @vps_unauthorized {\n expression \"{local_port} == '9999' && {vars.is_public} == 'false'\"\n }\n handle @vps_unauthorized {\n abort\n }\n\n @public1 host public1.mydomain.com\n handle @public1 {\n reverse_proxy 192.168.1.100:8000\n }\n\n @local1 host local1.mydomain.com\n handle @local1 {\n reverse_proxy 192.168.1.101:8001\n }\n}\nThe \"clever\" bit is the matcher in the middle (second mistake). The idea: \"if the request came in via the tunnel (port 9999) AND the host isn't on my public allowlist, kill it.\" This way I get split-horizon DNS while only having to maintain one single local Caddyfile.
\n\nI did a SINGLE (third mistake) quick test from my phone on cellular: public1.mydomain.com loaded, local1.mydomain.com returned a connection error. I went to bed feeling like a genius.
Fast forward about two weeks. I was out and accidentally tapped local1.mydomain.com on my phone. It loaded instantly.
I aged five years in about ten seconds. For the past two weeks, anyone who had bothered to enumerate subdomains on the VPS could have walked straight into my LAN, including services with zero authentication (you know which). So much for the elegant solution.
\n\nThe cleanup afterwards was time consuming. I yanked the VPS tunnel, rotated every credential I could think of, scoured Caddy access logs (thank god I had them on) for anything suspicious, and spent a solid hour combing through logs of my unprotected services.
\n\nIn the end I think I got away with it because nobody bothered to brute force my VPS (which was also protected by crowdsec), but \"security through nobody-bothered\" is not a posture I want to be in.
\n\nExplicit blocking on the VPS side is non-negotiable. The little maintenance overhead is worth it for the security benefits. Another benefit is that it minimize useless traffic hitting my local server. I wasn't able to pinpoint what was wrong with my \"clever\" expression, so just ended up scrapping it and added the following line to the VPS Caddyfile: @public header_regexp Host ^(public1|public2)\\.mydomain\\.com$. Yes I'm still very lazy here with the concise regex, but this time I made sure to test it correctly 😅
\"It worked when I tested it\" is not the same as \"it's doing what I think it's doing.\" Test both the happy path AND the path that's supposed to fail, from outside, more than once. One green light is not a security audit.
Protect local services with authentication. Even a simple HTTP auth layer would have saved me a lot of stress here, and it's not like I don't have the tools to set it up. I was just too lazy and thought nothing could ever happen.
This incident has been a wake-up call to my complacency and lack of rigor when it comes to security. Post the story and the broken config above as the cautionary tale. Don't be me 💀.
\n⬆️ 341 points | 💬 76 comments
","metadata":{"score":531,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1taacxr","title":"Puter 26.05: Open-source, self-hosted, Internet OS! 2 years, 370 contributors, 400K downloads, and 40K stars later, we're out of beta!","link":"https://www.reddit.com/r/selfhosted/comments/1taacxr/puter_2605_opensource_selfhosted_internet_os_2/","author":"mitousa","published_at":"2026-05-11T17:34:54+00:00","content":"\n\nhttps://github.com/heyPuter/puter/
\n\n\n\n\n\n⬆️ 242 points | 💬 61 comments
","metadata":{"score":478,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t9mdul","title":"AirPipe v4: my self-hosted file transfer is now true peer-to-peer","link":"https://www.reddit.com/r/selfhosted/comments/1t9mdul/airpipe_v4_my_selfhosted_file_transfer_is_now/","author":"Frag_O_Fobia","published_at":"2026-05-10T23:30:42+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/23/2346508d869c86996011edb3d6097bd70607f86a6ad24b54c00df432587418a8.gif\")
I posted about AirPipe here a few months back. Been working on it pretty much non-stop since. v4 just shipped.
\n\nHeads up, video editing isn't my strong suit, sorry for the artifacts and quality. Hope it conveys what the thing does.
\n\nThe big change: files go peer-to-peer over WebRTC. Sender picks how the relay helps. Either as a signaling relay (your bytes flow directly between the two devices), or as an encrypted 10-minute mailbox (relay holds the ciphertext if the receiver isn't online yet).
\n\nEither way, the relay only sees ciphertext.
\n\nSender picks the mode. Receiver types the passphrase anywhere. Homepage, CLI with airpipe download <PHRASE>, or scan the QR. One code, three ways in.
Try it: open airpipe.sanyamgarg.com in two browsers and share a passphrase between them.
\n\nSelf-host the relay in one container, or use mine:
\n\ndocker run -p 8080:8080 ghcr.io/sanyam-g/airpipe-relay\nCLI for headless boxes:
\n\ncurl -sSL https://airpipe.sanyamgarg.com/install.sh | sh\nairpipe send report.pdf\nSource: github.com/Sanyam-G/Airpipe (MIT)
\n⬆️ 227 points | 💬 32 comments
","metadata":{"score":279,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t95c4m","title":"Girls come and go, Docker Servers stay","link":"https://www.reddit.com/r/selfhosted/comments/1t95c4m/girls_come_and_go_docker_servers_stay/","author":"Matletic","published_at":"2026-05-10T12:14:33+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/11/11a4805d4f87cb0aca9a5950d2ed23afe3d27a96548e2af5b5f4c08f0be20080.png\")
⬆️ 715 points | 💬 58 comments
","metadata":{"score":1588,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t92807","title":"Docker bypasses UFW and exposed my database. Again. Writing this down so I stop forgetting","link":"https://www.reddit.com/r/selfhosted/comments/1t92807/docker_bypasses_ufw_and_exposed_my_database_again/","author":"Substantial_Word4652","published_at":"2026-05-10T09:28:19+00:00","content":"\n\n\nDocker bypasses UFW and exposed my database. Again. Writing this down so I stop forgetting.
\n\nSelf-hosters, this one is for you.
\n\nI finish setting up a new app on my VPS, everything looks good, then I run a security check and boom. Same mistake again. Docker silently bypassing my firewall and exposing my database to the internet.
\n\nThis has happened to me more than once. I keep forgetting it, so I'm writing it here as a reminder for myself and hopefully useful for someone else running their own server.
\n\nWhen you're using docker compose in production on a VPS, remember:
\n\nDon't expose database ports unless you absolutely need to. And if you do, don't do this:
\n\nports:\n - \"5432:5432\"\nDo this instead:
\n\nports:\n - \"127.0.0.1:5432:5432\"\nWhy does this matter?
\n\nDocker manages network rules at a very low level on Linux. When you publish a port, it sets up routing rules directly in the system networking stack. So if you don't explicitly bind it to localhost, you're effectively exposing that service on the machine's public network interface.
\n\nAnd if you're thinking \"it's fine, I have UFW enabled\", not necessarily. UFW is just a frontend for Linux firewall rules, and Docker bypasses it by manipulating those rules directly. Your database might still be exposed even with the firewall on.
\n\nHas anyone else been caught by this?
\n⬆️ 321 points | 💬 194 comments
","metadata":{"score":621,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t8iohb","title":"You guys are begging people to start lying on AI disclosures","link":"https://www.reddit.com/r/selfhosted/comments/1t8iohb/you_guys_are_begging_people_to_start_lying_on_ai/","author":"EmergencyRadiant8038","published_at":"2026-05-09T20:01:45+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/68/68bc30f8247bb512dbd3cc988133eb5a2f56d4e157efbe54f523f20b6d2f3fd9.png\")
I understand and am against using AI without any idea of what is going on, but when the community pulls of things like this, the next time this person posts -- or if someone about to posts sees this -- what do you think they will be? Honest? No, and I won't blame them if I start to see false claims.
\n⬆️ 614 points | 💬 222 comments
","metadata":{"score":2354,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t7qfjf","title":"After years of using Heimdall ... I've finally moved to Dashy","link":"https://www.reddit.com/r/selfhosted/comments/1t7qfjf/after_years_of_using_heimdall_ive_finally_moved/","author":"swake88","published_at":"2026-05-09T01:06:40+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/5b/5bd1c49088bf1263f20c7da33b14cdd668b013e35ad90a7f9221452d0081344d.png\")
⬆️ 259 points | 💬 46 comments
","metadata":{"score":408,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t6iuyd","title":"Which services are you exposing to the internet, and how are you securing them?","link":"https://www.reddit.com/r/selfhosted/comments/1t6iuyd/which_services_are_you_exposing_to_the_internet/","author":"sysadmin_light","published_at":"2026-05-07T18:20:56+00:00","content":"\n\n\nI keep thinking about things like SSO and it's got me curious, how are all of you locking down your public-facing services?
\n\nCurrently, I've got only a select few - primarily Seerr, Immich, Mealie, and FoundryVTT - publicly exposed via SWAG (with geo-ip blocks) so that friends and family can access them without needing extra apps like Tailscale on their devices.
\n\nI know all of the services I make available have their own login prompts, but knowing how some projects can be, I figure things could always be more secure, so I'm curious to hear how everyone else does it.
\n⬆️ 230 points | 💬 166 comments
","metadata":{"score":246,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t63vxr","title":"How do you monitor your self-hosted servers?","link":"https://www.reddit.com/r/selfhosted/comments/1t63vxr/how_do_you_monitor_your_selfhosted_servers/","author":"vdorru","published_at":"2026-05-07T07:58:36+00:00","content":"\n\n\nI’m curious how people here handle server monitoring.
\n\nRight now I’m thinking about things like:
\n\nBut I’m not sure what the “normal” setup looks like for self-hosting.
\n\nHow are you doing it?
\n\nAlso, what do you actually keep an eye on day to day?
\n\nHow many servers are you actually monitoring?
\n\nI assume the setup changes a lot depending on scale. One home server is probably very different from managing 10–20 machines (if anyone even has that many for self-hosting).
\n\nWould be interesting to hear how your approach changes with the number of servers.
\n\nIf you’re using dashboards, feel free to share what yours looks like or describe it!
\n⬆️ 217 points | 💬 204 comments
","metadata":{"score":234,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t5mk41","title":"My Homepage Dashboard on my RPi5","link":"https://www.reddit.com/r/selfhosted/comments/1t5mk41/my_homepage_dashboard_on_my_rpi5/","author":"Antonioxsuarez","published_at":"2026-05-06T19:06:48+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/4f/4fd78ec5f46c83d2c4358af311cec5b1f47b217de585002848474498f8c59dd8.png\")
I'm on LibreWolf (Firefox fork) and I can't save the whole page as a screenshot. Hence why I had to stitch it.
\nEdit: I only run Homepage, Gotify, Pi-hole and Nginx Proxy Manager on my RPi5. Everything else is on my main server.
⬆️ 235 points | 💬 51 comments
","metadata":{"score":267,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t5do5v","title":"how can I self host to avoid having Google blow my life up randomly?","link":"https://www.reddit.com/r/selfhosted/comments/1t5do5v/how_can_i_self_host_to_avoid_having_google_blow/","author":"fartedcum","published_at":"2026-05-06T13:55:41+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/42/4213f210dc967eac4b2b5b138821a43686d8de4cabbd01900119504f19061ed2.jpg\")
no, I'm not worried about having any offensive child related content on my device, but I have seen people be perma banned with no option to appeal for less offensive things. I'm worried about losing access to my accs with how much MFA I have set up and worse, 10s of thousands of pictures of my life and family. is there a solid way to self host these things that is reliable?
\n⬆️ 905 points | 💬 277 comments
","metadata":{"score":928,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t5cxe5","title":"A homepage dashboard I'm finally happy with.","link":"https://www.reddit.com/r/selfhosted/comments/1t5cxe5/a_homepage_dashboard_im_finally_happy_with/","author":"mwojo","published_at":"2026-05-06T13:27:27+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/9c/9ce6972044519793aceed8aafe0ce62eeddf905fd19f710953732ba519c7783d.png\")
⬆️ 436 points | 💬 51 comments
","metadata":{"score":477,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t3l3zu","title":"PSA for anyone not using LXCs on Proxmox","link":"https://www.reddit.com/r/selfhosted/comments/1t3l3zu/psa_for_anyone_not_using_lxcs_on_proxmox/","author":"HoeCage","published_at":"2026-05-04T15:31:12+00:00","content":"\n\n\nThe Point: Holy shit LXCs are so cool and felt like black magic getting \"free\" RAM back. If you're newer, like me, and have just been using VMs instead of LXCs, you should look at changing that.
\n\nI started my server back in November knowing absolutely nothing about using Linux, using CLI, or Docker. At the same time, I also went in raw, jumping straight into Proxmox on three nodes. As a result, I ended up using a lot of the Proxmox VE Helper Scripts for initial setup and have since gone back and learned how to do a lot of things myself. One of the hugely inefficient decisions I made at the time was to use a VM for Docker instead of an LXC.
\n\nFor context, two of my nodes are running an i3-5005U and 8gb of soldered DDR3 RAM. One of those machines was exclusively running a VM to run Docker containers largely centered around downloads. On average, I was hitting ~30-50% CPU on the PVE host and ~7GB RAM usage.
\n\nSwitching to an LXC has brought that down to 10-25% CPU and ~2-2.5GB RAM usage. A machine that felt like it was at its limit suddenly gained immense amounts of headroom.
\n\nJust wanted to put this out there for anyone procrastinating switching some VMs to LXCs. In my case, it was worth the relatively low amount of effort to free up such a significant amount of resources.
\n⬆️ 251 points | 💬 83 comments
","metadata":{"score":314,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t3ba9r","title":"n8n + Paperless-ngx + Paperless-GPT for adding RAG to your documents!","link":"https://www.reddit.com/r/selfhosted/comments/1t3ba9r/n8n_paperlessngx_paperlessgpt_for_adding_rag_to/","author":"hackslashX","published_at":"2026-05-04T08:06:35+00:00","content":"\n\n\nPaperless-ngx is undoubtedly one of the most important and useful containers in my self-hosted stack. I have a modest collection of documents, ranging from receipts, to pay-stubs, certificates, notices, IDs, etc. While it's great for cataloging documents, I feel like for scanned documents (especially) the in-built Tesseract based OCR is quite poor (I've worked with Tesseract professionally and it's really hard to get solid OCR performance on documents that have out of the ordinary template or styling). Secondly, there's no ability to semantically search for information within document, for example, \"What was my electricity bill for a particular month\" or \"How much income tax I paid last year\", and so on.
\n\nI wanted to keep my implementation as simple and straightforward as possible. There are 5 tools that I used to achieve this.
\n\nPaperless-GPT
\n\nAfter uploading a document to Paperless, I basically set two tags on the document, paperless-gpt-ocr-auto to perform LLM assisted OCR on the document and replace the content with AI generated text. This is not exact 1-1 OCR but it's very readable and LLM also attempts to fix OCR mistakes. The second tag is paperless-gpt which is used for automatic population of tags, title, correspondent and created-at fields for each document. The important part is \"content\" since that's what the RAG ingestion workflow uses to generate embedding.
\n\nThe n8n RAG ingestion workflow
\n\n\n\nThe workflow itself is pretty basic. I use Chat Message trigger to send a document ID to the workflow. This can be replaced with a webhook call and you can configure Paperless to automatically call this URL, although I haven't configured that yet. It also can be replaced with a scheduled job that retrieves new documents added to Paperless and ingest them automatically.
\n\nWith the document ID, I basically hit a couple of endpoints like below to get all required information.
\n\n![https://preview.redd.it/xl4utsiqs2zg1.png?width=1640&format=png&auto=webp&s=79cff39c069cde564818ba5be2a75bb70f75defc](\"https://preview.redd.it/xl4utsiqs2zg1.png?width=1640&format=png&auto=webp&s=79cff39c069cde564818ba5be2a75bb70f75defc\"){kind=link}
GET api/documents/<document_id>/\nGET api/correspondents/<correspondent_id>/\nGET api/document_types/<document_type_id>/\nGET api/tags/<tag_id>/ (loop over multiple tags)\nNow that I have all of the required information, I simply use an Embedding provider (in my case I'm using Azure since I have an Enterprise account with data sharing for model training disabled) that generates embedding for the document. The document is chunked by the splitter at every 2000 characters with 200 characters overlap. This is then pushed to Milvus collection.
\n\nMilvus Collection Schema
\n\nI created the collection manually since n8n sets varchar size for some fields quite low. You can use pymilvus or Attu to create this:
\n\n| Field Name | \nType | \nKey | \nDescription | \n
|---|---|---|---|
| langchain_primaryid | \nInt64 | \nPK | \nPrimary identifier | \n
| langchain_vector | \nFloatVector (dim=3072) | \n— | \nEmbedding vector | \n
| langchain_text | \nVarChar (65535) | \n— | \nMain text content | \n
| source | \nVarChar (65535) | \n— | \nSource of the document | \n
| blobType | \nVarChar (65535) | \n— | \nBlob type or format | \n
| loc | \nVarChar (65535) | \n— | \nLocation or path | \n
| document_id | \nFloat | \n— | \nDocument identifier | \n
| title | \nVarChar (65535) | \n— | \nDocument title | \n
| correspondent | \nVarChar (65535) | \n— | \nAssociated correspondent | \n
| document_type | \nVarChar (65535) | \n— | \nType/category of document | \n
| tags | \nVarChar (65535) | \n— | \nTags or keywords | \n
| created | \nVarChar (65535) | \n— | \nCreation timestamp | \n
| document_link | \nVarChar (1024) | \n— | \nLink to the document | \n
I also created separate users with read and write permissions and configured them in n8n accordingly.
\n\nThe MCP workflow
\n\nThis is pretty trivial. It's just an MCP Server Trigger with a Retrieve Documents tool. Make sure to update the title and description of the tool in n8n so that it populates properly in MCP tools discovery. I haven't added a re-ranker node here since n8n only supports Cohere for now :(
\n\n\n\nAlso, attach a Bearer Auth token with the MCP trigger to protect the endpoint. Publish the workflow and copy the Production MCP URL from the node settings.
\n\nLobechat Integration
\n\nIn Lobechat, go to Skills Management and register a new MCP skill. It's pretty straightforward too!
\n\n\n\nI also created a new Agent in Lobechat to let it know which tool to call (even if not explicitly requested) and the output format.
\n\n![https://preview.redd.it/wjnh9fsdu2zg1.png?width=748&format=png&auto=webp&s=5833d680c8052d93363be38d6fa4f88fd09176a8](\"https://preview.redd.it/wjnh9fsdu2zg1.png?width=748&format=png&auto=webp&s=5833d680c8052d93363be38d6fa4f88fd09176a8\"){kind=link}
![https://preview.redd.it/ntpry7n4v2zg1.png?width=1882&format=png&auto=webp&s=64dcd68ded5378ff2dc01125b0b993587ae2a18a](\"https://preview.redd.it/ntpry7n4v2zg1.png?width=1882&format=png&auto=webp&s=64dcd68ded5378ff2dc01125b0b993587ae2a18a\"){kind=link}
You are an AI assistant that answers user queries using the DocumentsRAG knowledge base.\nCore Behavior\nAlways retrieve relevant information using the DocumentsRAG skill before answering.\nDo this even if the user does not explicitly request document lookup.\nBase your responses strictly on retrieved documents whenever possible.\nIf no relevant documents are found, clearly state that and provide the best possible general answer.\nResponse Format\nStructure every response in the following format:\n1. Answer Summary\nProvide a clear, concise answer to the user’s question.\n2. Supporting Details\nExpand on the answer using information from retrieved documents.\nUse bullet points or short paragraphs for readability\nHighlight key facts, definitions, or steps\n3. Sources / References\nList all relevant documents used:\nInclude document title\nProvide direct links (if available)\nOptionally include a short snippet or context\nExample:\nDocument Title 1 – <link>\nDocument Title 2 – <link>\nAdditional Guidelines\nPrefer accuracy over completeness when documents are limited\nDo not fabricate sources or links\nIf multiple documents conflict, mention the discrepancy\nKeep responses structured and easy to scan\nAvoid unnecessary verbosity\nResults
\n\nI'm pretty impressed by it. Since it has allowed me to naturally query my documents, ask questions, and get information without searching and reading the document.
\n\n\n\nAnyways, I just wanted to shared my self-hosted workflow for RAG. But I'm very much interested in what everyone else uses!
\n⬆️ 251 points | 💬 31 comments
","metadata":{"score":258,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t35sph","title":"She may come to regret asking.","link":"https://www.reddit.com/r/selfhosted/comments/1t35sph/she_may_come_to_regret_asking/","author":"RCAMuse","published_at":"2026-05-04T03:06:40+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/79/79880dd17191763e9e69044d72c9b88177bb7c0cdcc2e180be41c9fd1d91b509.png\")
Buckle up sis, that's just the top 10% of the iceberg.
\n⬆️ 997 points | 💬 65 comments
","metadata":{"score":4281,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t336f3","title":"A homepage dashboard I'm finally happy with.","link":"https://www.reddit.com/r/selfhosted/comments/1t336f3/a_homepage_dashboard_im_finally_happy_with/","author":"mwojo","published_at":"2026-05-04T01:06:58+00:00","content":"\n\n![\"image\"](\"https://rssglue.subdavis.com/media/2e/2e1a52b678394224281d0e59044fbae204aef8a07e8dd378bc5c612fdd0f3233.png\")
⬆️ 399 points | 💬 42 comments
","metadata":{"score":399,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t2qd26","title":"Vaultwarden 1.36.0 patches vulnerabilities","link":"https://www.reddit.com/r/selfhosted/comments/1t2qd26/vaultwarden_1360_patches_vulnerabilities/","author":"0x3e4","published_at":"2026-05-03T16:38:12+00:00","content":"\n\nhttps://github.com/dani-garcia/vaultwarden/releases/tag/1.36.0
\n\n\n\nSecurity fixes
\n\nThis release contains security fixes for the following advisories. We strongly advice to update as soon as possible.
\n\nSSO Login CSRF - GHSA-pfp2-jhgq-6hg5, GHSA-w6h6-8r66-hcv7
\nUser/Organization Enumeration - GHSA-hxqh-ff5p-wfr3
\nSSO existing-user binding - GHSA-j4j8-gpvj-7fqr
\nGHSA-6x5c-84vm-5j56
\nSSRF via Icon Endpoint - GHSA-72vh-x5jq-m82g
\nSome crate's updated and other minor security enhancements
These are private for now, pending CVE assignment.
\n\nhttps://github.com/dani-garcia/vaultwarden/releases/tag/1.36.0
\n⬆️ 254 points | 💬 14 comments
","metadata":{"score":367,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t2ff9c","title":"Whats the point in a VPS?","link":"https://www.reddit.com/r/selfhosted/comments/1t2ff9c/whats_the_point_in_a_vps/","author":"Unusual_Economics653","published_at":"2026-05-03T08:08:59+00:00","content":"\n\n\nSo i originally came into self hosting to get away from subscriptions, to stop renting everything/ start owning things, to not rely on external sources, etc... but now that im on reddit and looking to be a bit more active im seeing A LOT of posts on VPSs.
\n\nI had no idea what they were so i decided to look it up, and to my surprise, its renting your own self hosted work(?) It still feels wrong and i mightve been lead astray by the internet, but isnt that like everything that self hosting is meant to not be?
\n\nVPS - small subscription, relying on external sources, and not owning your own setup?
\n\nOwned machine - one time payment, easily upgradeable, not relying kn external sources, etc.
\n\nLike i get it might be more affordable in the temporary, but thats everything when owning vs subscribing...
\n\nSo i ask, is there any genuine technical reason to use a vps over your own machine? Like some reason people cant use their own machine ehile being able to use a VPS? Not like a convenience issue where it would just be annoying to work around, (self hosting isnt typically convenient to setup when starting out) but an actual reason that physically could not work in their own home, or possibly a reason to keep it out of your home? Please let me know, and sorry if this was too much of a ramble
\n\nEdit: To all those looking for the answers in the future, this is the large majority of it. I encourage everyone to dig through the comments because there is a lot of useful info. in no order:
\n\nThank you everyone for clarifying!!!
\n⬆️ 223 points | 💬 224 comments
","metadata":{"score":225,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t10cj8","title":"3-2-1 rule , how are you all doing it without breaking bank?","link":"https://www.reddit.com/r/selfhosted/comments/1t10cj8/321_rule_how_are_you_all_doing_it_without/","author":"Tasty-Picture-8331","published_at":"2026-05-01T17:40:26+00:00","content":"\n\n\nSo my nas is getting big now slowly with around 8tb of data.
\n\nI run it on raid 1, but I wonder in the worst case scenario, I wanted to also have a off site backup. But obviously 8tb + on cloud is going to be expensive no?
\n\nHow are you guys storing your offline backup? And where do you guys store it?
\n⬆️ 264 points | 💬 196 comments
","metadata":{"score":289,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t0v2so","title":"Appreciation post: Tailscale and Headscale","link":"https://www.reddit.com/r/selfhosted/comments/1t0v2so/appreciation_post_tailscale_and_headscale/","author":"Curious_Olive_5266","published_at":"2026-05-01T14:30:51+00:00","content":"\n\n\nThese two are the most incredible technologies on the modern Internet. The Web is finally free and open again, just as Tim Berners-Lee intended it so many decades ago at CERN. People are finally taking the Web back from corporations, and it is amazing to see. Tailscale is going to be the biggest tech company in the world by the next decade, and the GTA will overtake the Bay Area as the world's tech capital.
\n⬆️ 232 points | 💬 75 comments
","metadata":{"score":232,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}}]![https://preview.redd.it/5ygkyjbcv2zg1.png?width=950&format=png&auto=webp&s=1f91589f52b712f8e83ada28789d0adb6f0dec5c](\"https://preview.redd.it/5ygkyjbcv2zg1.png?width=950&format=png&auto=webp&s=1f91589f52b712f8e83ada28789d0adb6f0dec5c\"){kind=link}
![https://preview.redd.it/mahwfp9nv2zg1.png?width=991&format=png&auto=webp&s=eb6b866c392962ab6e89c33d2819423c8a8416af](\"https://preview.redd.it/mahwfp9nv2zg1.png?width=991&format=png&auto=webp&s=eb6b866c392962ab6e89c33d2819423c8a8416af\"){kind=link}