[{"id":"1tbrkcv","title":"Found some strange GET requests in my Traefik access logs. Anyone else saw this poor kid trying to escape from Belarus ?","link":"https://www.reddit.com/r/selfhosted/comments/1tbrkcv/found_some_strange_get_requests_in_my_traefik/","author":"Worldly_Topic","published_at":"2026-05-13T06:39:20+00:00","content":"\n\n

\"image\"

\n\n\n\n\n\n

⬆️ 380 points | 💬 56 comments

","metadata":{"score":380,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tbjmet","title":"Because we are a self hosting family that's why.","link":"https://www.reddit.com/r/selfhosted/comments/1tbjmet/because_we_are_a_self_hosting_family_thats_why/","author":"BobButtwhiskers","published_at":"2026-05-13T00:21:24+00:00","content":"\n\n

\"image\"

\n\n\n\n

Found this and want to share it.

\n
\n\n

⬆️ 1,191 points | 💬 46 comments

","metadata":{"score":4453,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1tajo1n","title":"Accidentally exposed publicly my entire LAN for 2 weeks","link":"https://www.reddit.com/r/selfhosted/comments/1tajo1n/accidentally_exposed_publicly_my_entire_lan_for_2/","author":"ldkv","published_at":"2026-05-11T23:08:38+00:00","content":"\n\n\n

Posting this as a PSA / confession because I almost had a heart attack last night and I figure if I got bit, someone else will too.

\n\n

TL;DR: Replaced pangolin + NPMplus with a double-Caddy + WireGuard setup. Put a \"clever\" config on the local Caddy to minimize maintenance. Tested it once and called it a day. Two weeks later realized my entire LAN was reachable from the public internet via the wildcard tunnel.

\n\n

The setup (or: how I outsmarted myself)

\n\n

I used to run pangolin (VPS) + NPMplus (local proxy for split DNS) to selectively expose my services. The setup worked fine, but having to click through two different web UIs every time I added a new service was offending my inner lazy engineer. So a few weeks ago I decided to replace them both with a double Caddy setup linked by a WireGuard tunnel.

\n\n

The Caddyfile on the VPS side is a dumb catch-all that punts everything down the tunnel (first mistake):

\n\n
*.mydomain.com {\n  route {\n        reverse_proxy http://10.0.0.2:9999\n    }\n}\n
\n\n

And the local Caddyfile:

\n\n
# Listen on both the Tunnel (Port 9999) and LAN (Port 80/443)\nhttp://:9999, *.mydomain.com {\n    map {host} {vars.is_public} {\n        public1.mydomain.com true\n    public2.mydomain.com true\n        default false\n    }\n\n    @vps_unauthorized {\n        expression \"{local_port} == '9999' && {vars.is_public} == 'false'\"\n    }\n    handle @vps_unauthorized {\n        abort\n    }\n\n    @public1 host public1.mydomain.com\n    handle @public1 {\n        reverse_proxy 192.168.1.100:8000\n    }\n\n  @local1 host local1.mydomain.com\n    handle @local1 {\n        reverse_proxy 192.168.1.101:8001\n    }\n}\n
\n\n

The \"clever\" bit is the matcher in the middle (second mistake). The idea: \"if the request came in via the tunnel (port 9999) AND the host isn't on my public allowlist, kill it.\" This way I get split-horizon DNS while only having to maintain one single local Caddyfile.

\n\n

I did a SINGLE (third mistake) quick test from my phone on cellular: public1.mydomain.com loaded, local1.mydomain.com returned a connection error. I went to bed feeling like a genius.

\n\n

The heart attack moment

\n\n

Fast forward about two weeks. I was out and accidentally tapped local1.mydomain.com on my phone. It loaded instantly.

\n\n

I aged five years in about ten seconds. For the past two weeks, anyone who had bothered to enumerate subdomains on the VPS could have walked straight into my LAN, including services with zero authentication (you know which). So much for the elegant solution.

\n\n

The cleanup afterwards was time consuming. I yanked the VPS tunnel, rotated every credential I could think of, scoured Caddy access logs (thank god I had them on) for anything suspicious, and spent a solid hour combing through logs of my unprotected services.

\n\n

In the end I think I got away with it because nobody bothered to brute force my VPS (which was also protected by crowdsec), but \"security through nobody-bothered\" is not a posture I want to be in.

\n\n

Lessons learned

\n\n\n\n

This incident has been a wake-up call to my complacency and lack of rigor when it comes to security. Post the story and the broken config above as the cautionary tale. Don't be me 💀.

\n
\n\n

⬆️ 341 points | 💬 76 comments

","metadata":{"score":498,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1taacxr","title":"Puter 26.05: Open-source, self-hosted, Internet OS! 2 years, 370 contributors, 400K downloads, and 40K stars later, we're out of beta!","link":"https://www.reddit.com/r/selfhosted/comments/1taacxr/puter_2605_opensource_selfhosted_internet_os_2/","author":"mitousa","published_at":"2026-05-11T17:34:54+00:00","content":"\n\n

https://github.com/heyPuter/puter/

\n\n\n\n\n\n

⬆️ 242 points | 💬 61 comments

","metadata":{"score":466,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t9mdul","title":"AirPipe v4: my self-hosted file transfer is now true peer-to-peer","link":"https://www.reddit.com/r/selfhosted/comments/1t9mdul/airpipe_v4_my_selfhosted_file_transfer_is_now/","author":"Frag_O_Fobia","published_at":"2026-05-10T23:30:42+00:00","content":"\n\n

\"image\"

\n\n\n\n

I posted about AirPipe here a few months back. Been working on it pretty much non-stop since. v4 just shipped.

\n\n

Heads up, video editing isn't my strong suit, sorry for the artifacts and quality. Hope it conveys what the thing does.

\n\n

The big change: files go peer-to-peer over WebRTC. Sender picks how the relay helps. Either as a signaling relay (your bytes flow directly between the two devices), or as an encrypted 10-minute mailbox (relay holds the ciphertext if the receiver isn't online yet).

\n\n

Either way, the relay only sees ciphertext.

\n\n

Sender picks the mode. Receiver types the passphrase anywhere. Homepage, CLI with airpipe download <PHRASE>, or scan the QR. One code, three ways in.

\n\n

Try it: open airpipe.sanyamgarg.com in two browsers and share a passphrase between them.

\n\n

Self-host the relay in one container, or use mine:

\n\n
docker run -p 8080:8080 ghcr.io/sanyam-g/airpipe-relay\n
\n\n

CLI for headless boxes:

\n\n
curl -sSL https://airpipe.sanyamgarg.com/install.sh | sh\nairpipe send report.pdf\n
\n\n

Source: github.com/Sanyam-G/Airpipe (MIT)

\n
\n\n

⬆️ 227 points | 💬 32 comments

","metadata":{"score":263,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t95c4m","title":"Girls come and go, Docker Servers stay","link":"https://www.reddit.com/r/selfhosted/comments/1t95c4m/girls_come_and_go_docker_servers_stay/","author":"Matletic","published_at":"2026-05-10T12:14:33+00:00","content":"\n\n

\"image\"

\n\n\n\n\n\n

⬆️ 715 points | 💬 58 comments

","metadata":{"score":1536,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t92807","title":"Docker bypasses UFW and exposed my database. Again. Writing this down so I stop forgetting","link":"https://www.reddit.com/r/selfhosted/comments/1t92807/docker_bypasses_ufw_and_exposed_my_database_again/","author":"Substantial_Word4652","published_at":"2026-05-10T09:28:19+00:00","content":"\n\n\n

Docker bypasses UFW and exposed my database. Again. Writing this down so I stop forgetting.

\n\n

Self-hosters, this one is for you.

\n\n

I finish setting up a new app on my VPS, everything looks good, then I run a security check and boom. Same mistake again. Docker silently bypassing my firewall and exposing my database to the internet.

\n\n

This has happened to me more than once. I keep forgetting it, so I'm writing it here as a reminder for myself and hopefully useful for someone else running their own server.

\n\n

When you're using docker compose in production on a VPS, remember:

\n\n

Don't expose database ports unless you absolutely need to. And if you do, don't do this:

\n\n
ports:\n  - \"5432:5432\"\n
\n\n

Do this instead:

\n\n
ports:\n  - \"127.0.0.1:5432:5432\"\n
\n\n

Why does this matter?

\n\n

Docker manages network rules at a very low level on Linux. When you publish a port, it sets up routing rules directly in the system networking stack. So if you don't explicitly bind it to localhost, you're effectively exposing that service on the machine's public network interface.

\n\n

And if you're thinking \"it's fine, I have UFW enabled\", not necessarily. UFW is just a frontend for Linux firewall rules, and Docker bypasses it by manipulating those rules directly. Your database might still be exposed even with the firewall on.

\n\n

Has anyone else been caught by this?

\n
\n\n

⬆️ 321 points | 💬 194 comments

","metadata":{"score":610,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t8iohb","title":"You guys are begging people to start lying on AI disclosures","link":"https://www.reddit.com/r/selfhosted/comments/1t8iohb/you_guys_are_begging_people_to_start_lying_on_ai/","author":"EmergencyRadiant8038","published_at":"2026-05-09T20:01:45+00:00","content":"\n\n

\"image\"

\n\n\n\n

I understand and am against using AI without any idea of what is going on, but when the community pulls of things like this, the next time this person posts -- or if someone about to posts sees this -- what do you think they will be? Honest? No, and I won't blame them if I start to see false claims.

\n
\n\n

⬆️ 614 points | 💬 222 comments

","metadata":{"score":2329,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t7qfjf","title":"After years of using Heimdall ... I've finally moved to Dashy","link":"https://www.reddit.com/r/selfhosted/comments/1t7qfjf/after_years_of_using_heimdall_ive_finally_moved/","author":"swake88","published_at":"2026-05-09T01:06:40+00:00","content":"\n\n

\"image\"

\n\n\n\n\n\n

⬆️ 259 points | 💬 46 comments

","metadata":{"score":397,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t6iuyd","title":"Which services are you exposing to the internet, and how are you securing them?","link":"https://www.reddit.com/r/selfhosted/comments/1t6iuyd/which_services_are_you_exposing_to_the_internet/","author":"sysadmin_light","published_at":"2026-05-07T18:20:56+00:00","content":"\n\n\n

I keep thinking about things like SSO and it's got me curious, how are all of you locking down your public-facing services?

\n\n

Currently, I've got only a select few - primarily Seerr, Immich, Mealie, and FoundryVTT - publicly exposed via SWAG (with geo-ip blocks) so that friends and family can access them without needing extra apps like Tailscale on their devices.

\n\n

I know all of the services I make available have their own login prompts, but knowing how some projects can be, I figure things could always be more secure, so I'm curious to hear how everyone else does it.

\n
\n\n

⬆️ 230 points | 💬 166 comments

","metadata":{"score":246,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t63vxr","title":"How do you monitor your self-hosted servers?","link":"https://www.reddit.com/r/selfhosted/comments/1t63vxr/how_do_you_monitor_your_selfhosted_servers/","author":"vdorru","published_at":"2026-05-07T07:58:36+00:00","content":"\n\n\n

I’m curious how people here handle server monitoring.

\n\n

Right now I’m thinking about things like:

\n\n\n\n

But I’m not sure what the “normal” setup looks like for self-hosting.

\n\n

How are you doing it?

\n\n\n\n

Also, what do you actually keep an eye on day to day?

\n\n\n\n

How many servers are you actually monitoring?

\n\n

I assume the setup changes a lot depending on scale. One home server is probably very different from managing 10–20 machines (if anyone even has that many for self-hosting).

\n\n

Would be interesting to hear how your approach changes with the number of servers.

\n\n

If you’re using dashboards, feel free to share what yours looks like or describe it!

\n
\n\n

⬆️ 217 points | 💬 204 comments

","metadata":{"score":234,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t5mk41","title":"My Homepage Dashboard on my RPi5","link":"https://www.reddit.com/r/selfhosted/comments/1t5mk41/my_homepage_dashboard_on_my_rpi5/","author":"Antonioxsuarez","published_at":"2026-05-06T19:06:48+00:00","content":"\n\n

\"image\"

\n\n\n\n

I'm on LibreWolf (Firefox fork) and I can't save the whole page as a screenshot. Hence why I had to stitch it.
\nEdit: I only run Homepage, Gotify, Pi-hole and Nginx Proxy Manager on my RPi5. Everything else is on my main server.

\n
\n\n

⬆️ 235 points | 💬 51 comments

","metadata":{"score":267,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t5do5v","title":"how can I self host to avoid having Google blow my life up randomly?","link":"https://www.reddit.com/r/selfhosted/comments/1t5do5v/how_can_i_self_host_to_avoid_having_google_blow/","author":"fartedcum","published_at":"2026-05-06T13:55:41+00:00","content":"\n\n

\"image\"

\n\n\n\n

no, I'm not worried about having any offensive child related content on my device, but I have seen people be perma banned with no option to appeal for less offensive things. I'm worried about losing access to my accs with how much MFA I have set up and worse, 10s of thousands of pictures of my life and family. is there a solid way to self host these things that is reliable?

\n
\n\n

⬆️ 905 points | 💬 277 comments

","metadata":{"score":928,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t5cxe5","title":"A homepage dashboard I'm finally happy with.","link":"https://www.reddit.com/r/selfhosted/comments/1t5cxe5/a_homepage_dashboard_im_finally_happy_with/","author":"mwojo","published_at":"2026-05-06T13:27:27+00:00","content":"\n\n

\"image\"

\n\n\n\n\n\n

⬆️ 436 points | 💬 51 comments

","metadata":{"score":477,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t3l3zu","title":"PSA for anyone not using LXCs on Proxmox","link":"https://www.reddit.com/r/selfhosted/comments/1t3l3zu/psa_for_anyone_not_using_lxcs_on_proxmox/","author":"HoeCage","published_at":"2026-05-04T15:31:12+00:00","content":"\n\n\n

The Point: Holy shit LXCs are so cool and felt like black magic getting \"free\" RAM back. If you're newer, like me, and have just been using VMs instead of LXCs, you should look at changing that.

\n\n

I started my server back in November knowing absolutely nothing about using Linux, using CLI, or Docker. At the same time, I also went in raw, jumping straight into Proxmox on three nodes. As a result, I ended up using a lot of the Proxmox VE Helper Scripts for initial setup and have since gone back and learned how to do a lot of things myself. One of the hugely inefficient decisions I made at the time was to use a VM for Docker instead of an LXC.

\n\n

For context, two of my nodes are running an i3-5005U and 8gb of soldered DDR3 RAM. One of those machines was exclusively running a VM to run Docker containers largely centered around downloads. On average, I was hitting ~30-50% CPU on the PVE host and ~7GB RAM usage.

\n\n

Switching to an LXC has brought that down to 10-25% CPU and ~2-2.5GB RAM usage. A machine that felt like it was at its limit suddenly gained immense amounts of headroom.

\n\n

Just wanted to put this out there for anyone procrastinating switching some VMs to LXCs. In my case, it was worth the relatively low amount of effort to free up such a significant amount of resources.

\n
\n\n

⬆️ 251 points | 💬 83 comments

","metadata":{"score":314,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t3ba9r","title":"n8n + Paperless-ngx + Paperless-GPT for adding RAG to your documents!","link":"https://www.reddit.com/r/selfhosted/comments/1t3ba9r/n8n_paperlessngx_paperlessgpt_for_adding_rag_to/","author":"hackslashX","published_at":"2026-05-04T08:06:35+00:00","content":"\n\n\n

Paperless-ngx is undoubtedly one of the most important and useful containers in my self-hosted stack. I have a modest collection of documents, ranging from receipts, to pay-stubs, certificates, notices, IDs, etc. While it's great for cataloging documents, I feel like for scanned documents (especially) the in-built Tesseract based OCR is quite poor (I've worked with Tesseract professionally and it's really hard to get solid OCR performance on documents that have out of the ordinary template or styling). Secondly, there's no ability to semantically search for information within document, for example, \"What was my electricity bill for a particular month\" or \"How much income tax I paid last year\", and so on.

\n\n

I wanted to keep my implementation as simple and straightforward as possible. There are 5 tools that I used to achieve this.

\n\n
    \n
  1. Paperless-ngx https://github.com/paperless-ngx/paperless-ngx: We can't do anything without it :p Apart from documents cataloging, it also has a well documented API that allows interfacing with external tools quite easily.
    2. \n
  2. Paperless-gpt https://github.com/icereed/paperless-gpt: For automatic metadata generation, and LLM-based OCR (supports self-hosted LLM models too, and third-party document OCR services like Azure and Google).
    3. \n
  3. n8n https://github.com/n8n-io/n8n: Building a workflow that generates embedding for each document. It also has an MCP trigger that can expose a tool to perform a RAG search over the vector database.
    4. \n
  4. Milvus https://github.com/milvus-io/milvus: My choice of vector database. Deployed as a single-replica cluster on K8s using the operator.
    5. \n
  5. Lobehub https://github.com/lobehub/lobehub: Self-hosted chat interface that allows adding MCP. Supports a wide variety of third-party and local LLM providers.
    6. \n
\n\n

Paperless-GPT

\n\n

After uploading a document to Paperless, I basically set two tags on the document, paperless-gpt-ocr-auto to perform LLM assisted OCR on the document and replace the content with AI generated text. This is not exact 1-1 OCR but it's very readable and LLM also attempts to fix OCR mistakes. The second tag is paperless-gpt which is used for automatic population of tags, title, correspondent and created-at fields for each document. The important part is \"content\" since that's what the RAG ingestion workflow uses to generate embedding.

\n\n

The n8n RAG ingestion workflow

\n\n

https://preview.redd.it/xl4utsiqs2zg1.png?width=1640&format=png&auto=webp&s=79cff39c069cde564818ba5be2a75bb70f75defc

\n\n

The workflow itself is pretty basic. I use Chat Message trigger to send a document ID to the workflow. This can be replaced with a webhook call and you can configure Paperless to automatically call this URL, although I haven't configured that yet. It also can be replaced with a scheduled job that retrieves new documents added to Paperless and ingest them automatically.

\n\n

With the document ID, I basically hit a couple of endpoints like below to get all required information.

\n\n
GET api/documents/<document_id>/\nGET api/correspondents/<correspondent_id>/\nGET api/document_types/<document_type_id>/\nGET api/tags/<tag_id>/ (loop over multiple tags)\n
\n\n

Now that I have all of the required information, I simply use an Embedding provider (in my case I'm using Azure since I have an Enterprise account with data sharing for model training disabled) that generates embedding for the document. The document is chunked by the splitter at every 2000 characters with 200 characters overlap. This is then pushed to Milvus collection.

\n\n

Milvus Collection Schema

\n\n

I created the collection manually since n8n sets varchar size for some fields quite low. You can use pymilvus or Attu to create this:

\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Field NameTypeKeyDescription
langchain_primaryidInt64PKPrimary identifier
langchain_vectorFloatVector (dim=3072)Embedding vector
langchain_textVarChar (65535)Main text content
sourceVarChar (65535)Source of the document
blobTypeVarChar (65535)Blob type or format
locVarChar (65535)Location or path
document_idFloatDocument identifier
titleVarChar (65535)Document title
correspondentVarChar (65535)Associated correspondent
document_typeVarChar (65535)Type/category of document
tagsVarChar (65535)Tags or keywords
createdVarChar (65535)Creation timestamp
document_linkVarChar (1024)Link to the document
\n\n

I also created separate users with read and write permissions and configured them in n8n accordingly.

\n\n

The MCP workflow

\n\n

This is pretty trivial. It's just an MCP Server Trigger with a Retrieve Documents tool. Make sure to update the title and description of the tool in n8n so that it populates properly in MCP tools discovery. I haven't added a re-ranker node here since n8n only supports Cohere for now :(

\n\n

https://preview.redd.it/wjnh9fsdu2zg1.png?width=748&format=png&auto=webp&s=5833d680c8052d93363be38d6fa4f88fd09176a8

\n\n

Also, attach a Bearer Auth token with the MCP trigger to protect the endpoint. Publish the workflow and copy the Production MCP URL from the node settings.

\n\n

Lobechat Integration

\n\n

In Lobechat, go to Skills Management and register a new MCP skill. It's pretty straightforward too!

\n\n

https://preview.redd.it/ntpry7n4v2zg1.png?width=1882&format=png&auto=webp&s=64dcd68ded5378ff2dc01125b0b993587ae2a18a

\n\n

I also created a new Agent in Lobechat to let it know which tool to call (even if not explicitly requested) and the output format.

\n\n
You are an AI assistant that answers user queries using the DocumentsRAG knowledge base.\nCore Behavior\nAlways retrieve relevant information using the DocumentsRAG skill before answering.\nDo this even if the user does not explicitly request document lookup.\nBase your responses strictly on retrieved documents whenever possible.\nIf no relevant documents are found, clearly state that and provide the best possible general answer.\nResponse Format\nStructure every response in the following format:\n1. Answer Summary\nProvide a clear, concise answer to the user’s question.\n2. Supporting Details\nExpand on the answer using information from retrieved documents.\nUse bullet points or short paragraphs for readability\nHighlight key facts, definitions, or steps\n3. Sources / References\nList all relevant documents used:\nInclude document title\nProvide direct links (if available)\nOptionally include a short snippet or context\nExample:\nDocument Title 1 – <link>\nDocument Title 2 – <link>\nAdditional Guidelines\nPrefer accuracy over completeness when documents are limited\nDo not fabricate sources or links\nIf multiple documents conflict, mention the discrepancy\nKeep responses structured and easy to scan\nAvoid unnecessary verbosity\n
\n\n

https://preview.redd.it/5ygkyjbcv2zg1.png?width=950&format=png&auto=webp&s=1f91589f52b712f8e83ada28789d0adb6f0dec5c

\n\n

Results

\n\n

I'm pretty impressed by it. Since it has allowed me to naturally query my documents, ask questions, and get information without searching and reading the document.

\n\n

https://preview.redd.it/mahwfp9nv2zg1.png?width=991&format=png&auto=webp&s=eb6b866c392962ab6e89c33d2819423c8a8416af

\n\n

Anyways, I just wanted to shared my self-hosted workflow for RAG. But I'm very much interested in what everyone else uses!

\n
\n\n

⬆️ 251 points | 💬 31 comments

","metadata":{"score":258,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t35sph","title":"She may come to regret asking.","link":"https://www.reddit.com/r/selfhosted/comments/1t35sph/she_may_come_to_regret_asking/","author":"RCAMuse","published_at":"2026-05-04T03:06:40+00:00","content":"\n\n

\"image\"

\n\n\n\n

Buckle up sis, that's just the top 10% of the iceberg.

\n
\n\n

⬆️ 997 points | 💬 65 comments

","metadata":{"score":4281,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t336f3","title":"A homepage dashboard I'm finally happy with.","link":"https://www.reddit.com/r/selfhosted/comments/1t336f3/a_homepage_dashboard_im_finally_happy_with/","author":"mwojo","published_at":"2026-05-04T01:06:58+00:00","content":"\n\n

\"image\"

\n\n\n\n\n\n

⬆️ 399 points | 💬 42 comments

","metadata":{"score":399,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t2qd26","title":"Vaultwarden 1.36.0 patches vulnerabilities","link":"https://www.reddit.com/r/selfhosted/comments/1t2qd26/vaultwarden_1360_patches_vulnerabilities/","author":"0x3e4","published_at":"2026-05-03T16:38:12+00:00","content":"\n\n

https://github.com/dani-garcia/vaultwarden/releases/tag/1.36.0

\n\n\n\n

Security fixes

\n\n

This release contains security fixes for the following advisories. We strongly advice to update as soon as possible.

\n\n

SSO Login CSRF - GHSA-pfp2-jhgq-6hg5, GHSA-w6h6-8r66-hcv7
\nUser/Organization Enumeration - GHSA-hxqh-ff5p-wfr3
\nSSO existing-user binding - GHSA-j4j8-gpvj-7fqr
\nGHSA-6x5c-84vm-5j56
\nSSRF via Icon Endpoint - GHSA-72vh-x5jq-m82g
\nSome crate's updated and other minor security enhancements

\n\n

These are private for now, pending CVE assignment.

\n\n

https://github.com/dani-garcia/vaultwarden/releases/tag/1.36.0

\n
\n\n

⬆️ 254 points | 💬 14 comments

","metadata":{"score":367,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t2ff9c","title":"Whats the point in a VPS?","link":"https://www.reddit.com/r/selfhosted/comments/1t2ff9c/whats_the_point_in_a_vps/","author":"Unusual_Economics653","published_at":"2026-05-03T08:08:59+00:00","content":"\n\n\n

So i originally came into self hosting to get away from subscriptions, to stop renting everything/ start owning things, to not rely on external sources, etc... but now that im on reddit and looking to be a bit more active im seeing A LOT of posts on VPSs.

\n\n

I had no idea what they were so i decided to look it up, and to my surprise, its renting your own self hosted work(?) It still feels wrong and i mightve been lead astray by the internet, but isnt that like everything that self hosting is meant to not be?

\n\n

VPS - small subscription, relying on external sources, and not owning your own setup?

\n\n

Owned machine - one time payment, easily upgradeable, not relying kn external sources, etc.

\n\n

Like i get it might be more affordable in the temporary, but thats everything when owning vs subscribing...

\n\n

So i ask, is there any genuine technical reason to use a vps over your own machine? Like some reason people cant use their own machine ehile being able to use a VPS? Not like a convenience issue where it would just be annoying to work around, (self hosting isnt typically convenient to setup when starting out) but an actual reason that physically could not work in their own home, or possibly a reason to keep it out of your home? Please let me know, and sorry if this was too much of a ramble

\n\n

Edit: To all those looking for the answers in the future, this is the large majority of it. I encourage everyone to dig through the comments because there is a lot of useful info. in no order:

\n\n\n\n

Thank you everyone for clarifying!!!

\n
\n\n

⬆️ 223 points | 💬 224 comments

","metadata":{"score":225,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t10cj8","title":"3-2-1 rule , how are you all doing it without breaking bank?","link":"https://www.reddit.com/r/selfhosted/comments/1t10cj8/321_rule_how_are_you_all_doing_it_without/","author":"Tasty-Picture-8331","published_at":"2026-05-01T17:40:26+00:00","content":"\n\n\n

So my nas is getting big now slowly with around 8tb of data.

\n\n

I run it on raid 1, but I wonder in the worst case scenario, I wanted to also have a off site backup. But obviously 8tb + on cloud is going to be expensive no?

\n\n

How are you guys storing your offline backup? And where do you guys store it?

\n
\n\n

⬆️ 264 points | 💬 196 comments

","metadata":{"score":289,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t0v2so","title":"Appreciation post: Tailscale and Headscale","link":"https://www.reddit.com/r/selfhosted/comments/1t0v2so/appreciation_post_tailscale_and_headscale/","author":"Curious_Olive_5266","published_at":"2026-05-01T14:30:51+00:00","content":"\n\n\n

These two are the most incredible technologies on the modern Internet. The Web is finally free and open again, just as Tim Berners-Lee intended it so many decades ago at CERN. People are finally taking the Web back from corporations, and it is amazing to see. Tailscale is going to be the biggest tech company in the world by the next decade, and the GTA will overtake the Bay Area as the world's tech capital.

\n
\n\n

⬆️ 232 points | 💬 75 comments

","metadata":{"score":232,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t0uoxm","title":"Patch your servers, peeps, new Linux kernel vulnerability just dropped","link":"https://www.reddit.com/r/selfhosted/comments/1t0uoxm/patch_your_servers_peeps_new_linux_kernel/","author":"bz386","published_at":"2026-05-01T14:16:23+00:00","content":"\n\n\n

CopyFail just dropped, it's a new Linux kernel vulnerability that gives attackers root privileges. https://arstechnica.com/security/2026/04/as-the-most-severe-linux-threat-in-years-surfaces-the-world-scrambles/

\n\n

Debian has an updated kernel, Proxmox too. Looks like Raspberry Pi hasn't released an updated version yet.

\n
\n\n

⬆️ 366 points | 💬 162 comments

","metadata":{"score":919,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t0nq8t","title":"Living in Turkmenistan: 75% of IPs blocked, 6Mbps max speed. Need Linux & VPN advice for 3D Freelancing.","link":"https://www.reddit.com/r/selfhosted/comments/1t0nq8t/living_in_turkmenistan_75_of_ips_blocked_6mbps/","author":"Beautiful-Bread818","published_at":"2026-05-01T08:45:26+00:00","content":"\n\n

\"image\"

\n\n\n\n

Hi everyone,\nI’m a 3D artist living in Turkmenistan, and I’m facing a digital \"survival challenge.\" In my country, the internet is heavily censored: about 75% of global IP addresses are blocked. This includes everything from YouTube and Reddit to Wikipedia.\nThe Situation:\nSpeed: My current speed is 2 Mbps (I plan to upgrade to the national \"maximum\" of 6 Mbps soon).\nHardware/OS: I am using Linux Mint 22.3.\nWork: I work as a freelance 3D artist. Constant disconnections and blocks make it almost impossible to sync assets or even look up tutorials.\nWhat I’ve tried so far:\nPaid VPS: I rented a server from Aeza for $12/month. I was detected and blocked within 3 days. My connection is so unstable that heavy obfuscation protocols often \"choke\" the bandwidth entirely, while simple ones get sniped by the firewall instantly.\nFree VPNs: Most Play Store VPNs only deliver 25-40% of my already slow speed. Paid ones are slightly better (up to 75-90% of line speed), but they get blocked very quickly.\nLegacy Tools: Programs like Free Browser (Android) and SoftEther (Windows) used to work well, but Free Browser is mobile-only, and I can't find a reliable way to run SoftEther on Linux Mint.\nMy Questions:\nWhat is the most \"lightweight\" stealth protocol for a very slow connection (2-6 Mbps) that can survive a national-scale firewall? Is VLESS + Reality a good option here?\nAre there any Linux Mint native clients you recommend? I’ve heard of nekoray or v2rayA, but I’m not sure which handles low bandwidth better.\nAre there specific VPS regions or providers that are less likely to be flagged than the big ones like Aeza?\nAny advice from network engineers or people living in high-censorship regions would be a lifesaver. I just want to be able to work and learn.\nThank you! 🙇‍♂️

\n
\n\n

⬆️ 275 points | 💬 88 comments

","metadata":{"score":705,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t0bo8e","title":"My setup","link":"https://www.reddit.com/r/selfhosted/comments/1t0bo8e/my_setup/","author":"Expert-Paramedic1156","published_at":"2026-04-30T22:51:17+00:00","content":"\n\n

\"image\"

\n\n\n\n

This is my setup. Image made by AI but overall looks like this. There is no connection between proxmost host and media but proxmox uses my truenas storage (16TB). I removed everything. Nginx isn’t connected anymore. Everything is LAN. Started homelabbing in Feb with no background.

\n\n

Watched a lot of videos and read too many posts on here. I run apps I vibe code for personal use.

\n
\n\n

⬆️ 200 points | 💬 42 comments

","metadata":{"score":827,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1t00urv","title":"Pangolin 1.18: Web proxy through VPN, high availability client routing, wildcard resources, alerts, and more","link":"https://www.reddit.com/r/selfhosted/comments/1t00urv/pangolin_118_web_proxy_through_vpn_high/","author":"MrUserAgreement","published_at":"2026-04-30T16:12:03+00:00","content":"\n\n\n

Hello everyone!

\n\n

Pangolin 1.18 brings HTTPS support for private resources, multi-site high availability routing, uptime tracking, health checks, alert rules, wildcard resources, and more. Let's dig in!

\n\n

GitHub: https://github.com/fosrl/pangolin

\n\n

Pangolin is an open-source, identity-aware remote access platform. Use it to securely expose authenticated web applications and private VPN resources to anyone with peer-to-peer zero-trust networking.

\n\n

https://preview.redd.it/yrj4fzbsqcyg1.png?width=3456&format=png&auto=webp&s=8deba1390d2be6ec6ea5efdb834284333d559703

\n\n

HTTPS Private Resources

\n\n

Private HTTP is a new resource type for web workloads. It behaves like a public resource with a domain name and valid TLS but nothing is exposed on the public internet. The hostname resolves to a reverse proxy running in the site connector (Newt) and only serves traffic when the user has an active Pangolin client connection.

\n\n

https://preview.redd.it/mxs6483tqcyg1.png?width=1730&format=png&auto=webp&s=917528d2af7c82cae70812b07ee0bf64e95cc682

\n\n

Multi-Site Routing and High Availability

\n\n

Private resources now support multiple site connectors. Pangolin routes traffic through whichever path is best at the time and automatically fails over if a site goes offline.

\n\n

https://preview.redd.it/wpvwjhqtqcyg1.png?width=1762&format=png&auto=webp&s=5677b90b3ca3271e4f767c478c51b925017352da

\n\n

Wildcard Resources

\n\n

Set the subdomain field to * on a public resource and Pangolin routes every hostname at that level through the same resource and tunnel. Access rules and auth apply across all matched hostnames, and the original Host header is preserved for downstream routing.

\n\n

And More

\n\n

1.18 also adds uptime tracking on sites and resources, standalone health checks (HTTP and TCP) that can watch anything on your network, alert rules with email, webhook, the ability to import an identity provider across organizations, and a handful of UI improvements and bug fixes.

\n\n

https://preview.redd.it/740y4bfneeyg1.png?width=2030&format=png&auto=webp&s=ae0b7f7a9798d002ea2c7a27c4b0bf8169c5d6d1

\n\n

Check out the full blog post for details on everything in this release: https://pangolin.net/news/1-18-release

\n\n

As always, available for self-hosting via the Community or Enterprise editions or on Pangolin Cloud. The Enterprise is free for personal use.

\n\n

If you haven't starred us on GitHub yet, it genuinely helps. Thank you!

\n
\n\n

⬆️ 240 points | 💬 92 comments

","metadata":{"score":249,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1szdvgo","title":"I came to realize that selfhosted forums are an essential part towards digital sovereignty","link":"https://www.reddit.com/r/selfhosted/comments/1szdvgo/i_came_to_realize_that_selfhosted_forums_are_an/","author":"Digital_Nerve_8765","published_at":"2026-04-29T22:32:07+00:00","content":"\n\n\n

Hey, here's the HortusFox dev again.

\n\n

I got inspired by Dan Brown's decision to abandon discord for a hosted zulip instance. And then it hit me...

\n\n

Back in the day, software projects had a website, documentation and forum. Some had, in addition, an IRC channel somewhere. This just worked. It was an amazing way to foster community and keep control over your data.

\n\n

So, today I was very unhappy regarding enshittification again. I mean, we used to have soooo many platforms and sites back in the day. Now everything takes place on a handful of platforms. Internet monopolization by corporations. I know, this is no recent news. We all know that.

\n\n

I believe forums may be a key aspect to regain digital sovereignty again. That's why I've decided to setup a forum infrastructure for HortusFox. When tinkering around, I eventually decided to go with Flarum. Simply because it's easy to install, uses the well-established Laravel framework and I like it's style from the ground without any additional extensions installed.

\n\n

The selfhosted community is one of the most aware communities when it comes to data protection and digital sovereignty. I love that! That's why I once again decided to post here. ❤️

\n\n

As for me, I am now going into the process of migrating from discord to flarum. I mean, discord feels great, it offers many features, but it's eventually centralized, it only has closed communities in terms of SEO and recent decisions in terms of age verification are concerning. The latter one is also a reason why I finally abandoned publishing play store apps three years ago, and went fully PWA. Microsoft Store does the same now (removed sign-up fee in favor of ID verification).

\n\n

Maybe I'm a bit carried away, but imagine, if even the reddit communities such as r/opensource or r/selfhosted would abandon reddit in favor of a forum-based communities run by volunteers? Reddit is not our friend. And various decisions to wipe out third-party apps and pushing echo chambers aren't really something I consider \"the heart of the internet\". By the way, did you notice Reddit now tests forcing people to use the mobile app when they browse reddit via a mobile browser? Pretty sure, they will eventually rollout this \"feature\".

\n\n

What do you think? Both developers and selfhosters, would you like the idea that we turn back to forums again?

\n\n

PS: HortusFox now also officially backs the open-source petition to have the german government acknowledge opensource work as volunteering by law. A big thanks to Boris Hinzer for launching the campaign.

\n
\n\n

⬆️ 203 points | 💬 43 comments

","metadata":{"score":409,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1sz2r37","title":"Hound - A Media Server Alternative to Plex/Jellyfin + Stremio","link":"https://www.reddit.com/r/selfhosted/comments/1sz2r37/hound_a_media_server_alternative_to_plexjellyfin/","author":"NearbyYak7156","published_at":"2026-04-29T15:50:30+00:00","content":"\n\n

\"image\"

\n\n\n\n

What is Hound?

\n\n

Hound is a self-hosted, open-source media server, like Plex/Jellyfin, but with the extra ability to stream content through P2P (torrent) or HTTP/Debrid without downloading first. With Hound, you have the flexibility of fully controlling your media like Jellyfin, but can also stream instantly ala streaming services. It's the best of both worlds.

\n\n

I posted about Hound in this sub years ago, when it was originally built as a simple movie/tvshow tracker. Since then Hound has evolved into a full media server. Link.

\n\n

Links

\n\n\n\n

Features

\n\n\n\n

Demo

\n\n

Note that the web portal isn't optimized for mobile yet:

\n\n

Access the demo here.

\n\n
username: selfhosted\npassword: password\n
\n\n

This is just the web portal, for actually watching content you'll want to use the apps

\n\n

Platforms

\n\n

Android and Android TV apps are available, you'll need to sideload the APKs. iOS and tvOS require a bit more time for testing and to distribute through TestFlight. They share the same code (built on React Native TVOS) so most of the effort is done.

\n\n\n\n

Installation

\n\n

Docker compose is the recommended way to install Hound:

\n\n
services:\n  hound-postgres:\n    container_name: hound-postgres\n    image: postgres:18\n    environment:\n      POSTGRES_DB: hound_db\n      POSTGRES_USER: hound\n      POSTGRES_PASSWORD: super-strong-password\n    volumes:\n      - ./Hound Data/postgres_data:/var/lib/postgresql\n    healthcheck:\n      test: [\"CMD-SHELL\", \"pg_isready -U hound -d hound_db\"]\n      interval: 5s\n      timeout: 5s\n      retries: 5\n\n  hound-server:\n    container_name: hound-server\n    image: houndmediaserver/hound:latest\n    depends_on:\n      hound-postgres:\n        condition: service_healthy\n    ports:\n      - \"2323:2323\"\n    environment:\n      - POSTGRES_DB=hound_db\n      - POSTGRES_USER=hound\n      - POSTGRES_PASSWORD=super-strong-password\n      - HOUND_SECRET=super-strong-secret\n    volumes:\n      - ./Hound Data:/app/Hound Data\n      # (Optional) attach your media library\n      # IMPORTANT: Please read the docs before doing this\n      # - /path/to/movies:/app/External Library/Movies\n      # - /path/to/shows:/app/External Library/TV Shows\n
\n\n\n\n

Then run docker compose up -d

\n\n

Access the web portal at port 2323:

\n\n
http://<ip-address>:2323\nusername: admin\npassword: password\n
\n\n

Make sure you change your password immediately.

\n\n

Next, you'll want to set up a provider next to start watching content, refer to the guides below:

\n\n\n\n

Why Hound?

\n\n

When I set up Jellyfin for my friends and family, I found that they kept switching back to Netflix/Prime when it was more convenient. Today, the Plex/Jellyfin ecosystem is quite mature. But for some (especially older) people, using a separate app, requesting content first, and waiting a couple minutes (or even longer) can be unintuitive/inconvenient. It's much nicer to be able to scroll and discover content, and watch immediately in seconds.

\n\n

From an admin perspective, drives are getting increasingly expensive, and larger libraries drive electricity costs even more.

\n\n

My vision for Hound was to have all the advantages of self-hosting media, with the flexibility of streaming. You can still curate a library with whatever content you like, but for content not yet downloaded in your library, Hound switches automatically to P2P/Debrid streaming, so it's a seamless experience for users.

\n\n

Hound is in Beta + Pricing

\n\n

Hound is in Beta, so please expect bugs and run backups often. Although Hound is completely self-hosted and open source (AGPLv3), there will be a paid tier when Hound leaves beta:

\n\n\n\n

Unfortunately, unlike the amazing maintainers at Jellyfin, I can't keep Hound free. I thought long and hard about pricing that respects self-hosting and open source philosophies. I settled on this model so anyone can try Hound and all its features for free, and have an informed choice on whether or not to purchase.

\n\n

Since Hound is completely open-source, I can't stop you from forking and removing the license checks. Instead of doing this, if you contribute to Hound's development actively, I'll give you keys upon release.

\n\n

You can't actually purchase yet since we're in Beta, but I wanted you to know in advance.

\n\n

Please try the demo and leave feedback! If you like the project, please consider adding Hound to your stack, and even contributing!

\n
\n\n

⬆️ 228 points | 💬 96 comments

","metadata":{"score":621,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1sz2kur","title":"Do you keep your docker containers running 24/7","link":"https://www.reddit.com/r/selfhosted/comments/1sz2kur/do_you_keep_your_docker_containers_running_247/","author":"shrimpdiddle","published_at":"2026-04-29T15:44:24+00:00","content":"\n\n\n

Do you keep your docker containers running 24/7, or spin them up before they are needed. For example, I use BentoPDF maybe three times a week. So I've gotten to where I down the container after I'm done using it. The only containers I leave up, are my “infrastructure” apps... vaultwarden, radicale, WireGuard, NPM, Jellyfin.

\n\n

Given that most images have unresolved CVEs, reducing exposure, is just another security layer. As well it frees up memory, and reduces CPU load, and the power that requires.

\n
\n\n

⬆️ 174 points | 💬 146 comments

","metadata":{"score":268,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1symidv","title":"Can I host myself streaming games (like on Twitch) to my own website?","link":"https://www.reddit.com/r/selfhosted/comments/1symidv/can_i_host_myself_streaming_games_like_on_twitch/","author":"FantasticFrontButt","published_at":"2026-04-29T02:57:28+00:00","content":"\n\n\n

I essentially want to be able to embed a stream of myself (thru OBS) onto a personal website without relying on external services like YouTube, Kick, or Twitch.

\n\n

I do not expect large audiences, but somehow integrating IRC chat would be great.

\n\n

Might anyone point me in any direction I'd need to start to accomplish this?

\n
\n\n

⬆️ 185 points | 💬 58 comments

","metadata":{"score":185,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1sxqyh7","title":"It’s always DNS.","link":"https://www.reddit.com/r/selfhosted/comments/1sxqyh7/its_always_dns/","author":"warriorforGod","published_at":"2026-04-28T04:23:13+00:00","content":"\n\n\n

Well having a proxmox server go down silently, then upon bringing it back up and having it spin up a second DNS server that had the same IP as your primary DNS server so that nothing works in terms of name resolution whether local or remote is a sobering experience.

\n\n

You should try it sometime. Lmao.

\n\n

Edit: Autocorrect fixing.

\n
\n\n

⬆️ 148 points | 💬 46 comments

","metadata":{"score":160,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1swsb7o","title":"Glance Dashboard V.2 | GA","link":"https://www.reddit.com/r/selfhosted/comments/1swsb7o/glance_dashboard_v2_ga/","author":"ginesjunior11","published_at":"2026-04-27T03:36:19+00:00","content":"\n\n

https://www.reddit.com/gallery/1swsb7o

\n\n\n

After a lot of trial & error (and a few docker restart moments 😅), I finally got my dashboard where I want it:

\n\n\n\n

All running on a Raspberry Pi 5 with a clean and optimized Docker stack.

\n\n

Still a work in progress (because let’s be honest… a homelab is never “finished”), but it’s already my daily control center.

\n\n

What would you add next? Any ideas for the next upgrade?

\n
\n\n

⬆️ 333 points | 💬 37 comments

","metadata":{"score":1524,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1swkj5a","title":"It’s a mess, but it’s my mess.","link":"https://www.reddit.com/r/selfhosted/comments/1swkj5a/its_a_mess_but_its_my_mess/","author":"New-Raspberry3572","published_at":"2026-04-26T21:42:59+00:00","content":"\n\n

\"image\"

\n\n\n\n

Finally moved my Pi 3+ off the desk and mounted it (with hopes and dreams) next to my ISP's WiFi 6 router. I know the cables are a crime scene, but everything is working 24/7 so I’m afraid to touch it lol.

\n\n

Running a pretty packed stack for a Pi 3+:

\n\n\n
\n\n

⬆️ 199 points | 💬 43 comments

","metadata":{"score":257,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1svz9fi","title":"My self-hosted website ran on my Pi Zero 2W","link":"https://www.reddit.com/r/selfhosted/comments/1svz9fi/my_selfhosted_website_ran_on_my_pi_zero_2w/","author":"mads_5489","published_at":"2026-04-26T06:00:55+00:00","content":"\n\n

\"image\"

\n\n\n\n

So I have been working on my personal portfolio website for some time now, I had since forgot about it and had no motivation to expand it. I have been looking for the perfect usecase for my Pi Zero 2W, after moving my Pi-hole server from it onto my new Pi 5.

\n\n

I then saw this post: https://www.reddit.com/r/selfhosted/comments/1sqvujn/selfhosted_public_website_running_on_a_10_esp32/

\n\n

And it honestly got me excited to update my site, and move everything over the Pi. It is certainly much easier to run my site, from a measly 512KB of ram to just about 512MB.

\n\n

The site is finally in a state where I feel comfortable sharing it, and I hope you guys like the aesthetic. There is a guestbook to sign as well :)

\n\n

Site:
\nhttps://spellbound.sh

\n
\n\n

⬆️ 220 points | 💬 19 comments

","metadata":{"score":410,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1svxsx1","title":"MinIO repository was archived on Apr 25, 2026","link":"https://www.reddit.com/r/selfhosted/comments/1svxsx1/minio_repository_was_archived_on_apr_25_2026/","author":"Kitchen-Patience8176","published_at":"2026-04-26T04:43:43+00:00","content":"\n\n

\"image\"

\n\n\n\n

Just learned about S3-style object storage and was looking into self-hosted options for my homelab. Came across MinIO and got pretty excited because it seemed like exactly the kind of thing I’d want to learn and maybe use.

\n\n

Then I noticed the repo is archived, which was a bit discouraging.

\n\n

I know that doesn’t necessarily mean the software is dead, but it made me pause before building around it.

\n\n

For those using MinIO, would you still adopt it today for a homelab? Or would you look at alternatives instead?

\n\n

Curious what people here are doing.

\n
\n\n

⬆️ 310 points | 💬 62 comments

","metadata":{"score":582,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1svq0y0","title":"PSA: if you’re running iSponsorblockTV you’ll need to pair your devices again","link":"https://www.reddit.com/r/selfhosted/comments/1svq0y0/psa_if_youre_running_isponsorblocktv_youll_need/","author":"dmunozv04","published_at":"2026-04-25T22:31:58+00:00","content":"\n\n\n

Hi there, I’m iSponsorblockTV’s maintainer.

\n\n

If you’re running iSponsorblockTV, you’ll need to pair your devices again since YouTube have changed the screenId format and are on the process of revoking all older codes.

\n\n

For those of you that don’t know, iSponsorblockTV allows you to use SponsorBlock on all YouTube TV devices (TVs, sticks and consoles). It can also click the skip button for you and mute native YouTube ads.

\n\n

Sadly there’s nothing that can be done on my part other than pairing devices again.

\n\n

EDIT: the new screen id will be 64 hex digits long, compared to the old 26 characters

\n
\n\n

⬆️ 197 points | 💬 18 comments

","metadata":{"score":360,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1svh7km","title":"Responsibility and Ownership: You Can’t Vibe‑Code Your Way Around It","link":"https://www.reddit.com/r/selfhosted/comments/1svh7km/responsibility_and_ownership_you_cant_vibecode/","author":"SigsOp","published_at":"2026-04-25T16:46:38+00:00","content":"\n\n\n

The title took me a while to land on, but the thoughts behind it have been sitting in my head for months. I've been into homelabing since early 2020 with my first build, then a second, then a third, then whatever my bank account allowed after that. It's been a lot of fun and tears. But lately browsing this community has had a edge to it, a lot of AI negativity that I mostly understand, and that's what I want to write about.

\n\n

I'm a programmer by trade, actually army before, but released and went back to school. The usage of AI at work has increased and I don't see that trend stopping quite yet, AI is useful as a companion to handle tedious tasks like documentation, reviewing SQL, tedious front-end markup, one shot scripts etc.. But using it to one-shot a whole application is risky and if published downright irresponsible and this is where I think most of the friction is happening, at least for me.

\n\n

When I see the AI projects posted here, with my experience, I think I can separate the wholly vibe coded ones from those that AI was used to assist, the latter I don't mind, despite what some Luddites say, that's what the industry is like now. When you code something for your own use, the blast radius is limited, thing could run horribly and it won't matter, you are the only one that suffers the consequences, but if you publish this code you need to take ownership of it and ownership brings responsibilities that you need to shoulder. Even as a programmer I don't take this lightly, this is not something people should dismiss with the command git push origin main.

\n\n

It's one of the reasons I don't publish my stuff, or at the very least don't advertise it, not because it's vibe coded, it isn't, it's because I still need to take responsibility for it, that's time, effort and commitment that shouldn't be underestimated (many seems to). Maintenance is not a trivial affair, thinking about current and future users, how you approach breaking changes, how you architect things to avoid breaking changes as much as possible. Continuity of the project is also important, if you take your project seriously and your user base seriously you should have this in mind : \"What if I can't continue the project?\", archiving the repo and disappearing is not the right way to do things.

\n\n

So, before publishing and parading your project, you just need to ask yourself a simple question : \"Can I take ownership and responsibility for this code\". The answers will depend on your definitions of these concepts, but if you think about it for more than 5 minute, you might just realise your project should stay private.

\n\n

PS: Here I am talking more about the moral/ethical implications when I talk about responsibilities and ownership, you are obviously responsible for what run in your machine. Excuse some awkward syntax or phrases, non native English speaker.

\n
\n\n

⬆️ 230 points | 💬 87 comments

","metadata":{"score":526,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1su3pp2","title":"Turned my broken Steam Deck into a low-power 2.5GbE NAS (Debian + rsync + Glances)","link":"https://www.reddit.com/r/selfhosted/comments/1su3pp2/turned_my_broken_steam_deck_into_a_lowpower_25gbe/","author":"Decker_Bazzite","published_at":"2026-04-24T03:05:25+00:00","content":"\n\n

https://www.reddit.com/gallery/1su3pp2

\n\n\n

My Steam Deck LCD screen died, so I repurposed it as a headless Debian 12 NAS.

\n\n

Current setup:

\n\n

- Debian 12 minimal (no GUI)

\n\n

- 2.5GbE USB NIC

\n\n

- 6TB (main storage) + 4TB (backup)

\n\n

- rsync-based incremental backups (~280MB/s)

\n\n

I added a small sub display running Glances for real-time monitoring (CPU / RAM / network / processes).

\n\n

This lets me check system status instantly without SSH.

\n\n

Also integrated some controls via Stream Deck:

\n\n

- One-button safe shutdown (sync + poweroff)

\n\n

- HDD temperature check

\n\n

- SSH access

\n\n

The NAS is not always-on.

\n\n

I power it on only when needed (backups / file access).

\n\n

So far it's stable and surprisingly fast for a Steam Deck.

\n\n

Happy to answer any questions 👍

\n
\n\n

⬆️ 213 points | 💬 59 comments

","metadata":{"score":660,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1stjtay","title":"Bitwarden CLI has been compromised. Check your stuff.","link":"https://www.reddit.com/r/selfhosted/comments/1stjtay/bitwarden_cli_has_been_compromised_check_your/","author":"RedTermSession","published_at":"2026-04-23T14:07:55+00:00","content":"\n\n

https://socket.dev/blog/bitwarden-cli-compromised

\n\n\n\n

Same as the title. The Bitwarden CLI has been compromised and it would be good to check your stuff. I know how popular Bitwarden is around here.

\n
\n\n

⬆️ 723 points | 💬 152 comments

","metadata":{"score":1478,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1st7c1x","title":"In which folder do you keep your Docker stack?","link":"https://www.reddit.com/r/selfhosted/comments/1st7c1x/in_which_folder_do_you_keep_your_docker_stack/","author":"Artistic_Quail650","published_at":"2026-04-23T03:32:33+00:00","content":"\n\n\n

I keep my entire Docker stack in /opt/docker/ and all my external volumes in /mnt/hdd_1tb/{nextcloud, jellyfin, immich, etc.}

\n\n

I'm curious to hear about other ways people store their files.

\n
\n\n

⬆️ 177 points | 💬 212 comments

","metadata":{"score":186,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1ss09kn","title":"Self-hosted personal finance automation: n8n + Actual Budget + SimpleFIN + Claude on my homelab.","link":"https://www.reddit.com/r/selfhosted/comments/1ss09kn/selfhosted_personal_finance_automation_n8n_actual/","author":"Hail_2_Victors","published_at":"2026-04-21T20:47:25+00:00","content":"\n\n\n

Sharing something I've been running for a few months that's become one of the most useful things on my homelab.

\n\n

The stack:

\n\n\n\n

What it does:

\n\n

Six n8n workflows that run on schedules and replace what I used to do manually every week:

\n\n\n\n

Architecture notes:

\n\n\n\n

The stack runs entirely on self-hosted n8n. No recurring SaaS costs beyond SimpleFIN (~$15/year) and Anthropic API calls (~$0.01/100 transactions). Everything else runs on your own infrastructure.

\n\n

https://github.com/hail2victors/n8n-Actual-Automation

\n
\n\n

⬆️ 307 points | 💬 106 comments

","metadata":{"score":339,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1srtphr","title":"LubeLogger, Self-Hosted Vehicle Maintenance and Fuel Mileage Tracker, has some Important Quality of Life Improvements You Should Know About","link":"https://www.reddit.com/r/selfhosted/comments/1srtphr/lubelogger_selfhosted_vehicle_maintenance_and/","author":"ChiefAoki","published_at":"2026-04-21T16:59:42+00:00","content":"\n\n\n

Hi all, it's been a few months and we've made some incremental updates to LubeLogger over that time.

\n\n

In case you've never heard of LubeLogger, it's a self-hosted vehicle maintenance and fuel mileage tracker, you can log your service records and fillups in here and it will tell you exactly how much you've spent your vehicles.

\n\n

Website

\n\n

Documentation

\n\n

Git Repository

\n\n

First, as stated in our previous post here with the big UI update, we were going to start converting the grids in mobile views to cards, which makes it a lot easier to see all data without horizontal scrolling on small vertical screens, and that's finally delivered. If you prefer the older grid view in mobile, there is an option to revert in the Settings page.

\n\n

https://preview.redd.it/13txlwifkkwg1.png?width=800&format=png&auto=webp&s=74c3eae6a1750460529764ff9fa047c0ceeab0b7

\n\n

Second, there are now real-time notifications built within the app, if you follow us on the r/lubelogger subreddit, you might have heard of a daemon service that needed to be deployed separately, well that's no longer the case as we have integrated the daemon features into the LubeLogger app itself. Real-time notifications will allow you to immediately be notified when a reminder has its urgency changed to an urgency that you're tracking(i.e.: a reminder went from Not Urgent to Urgent), and it can be integrated with nearly every notification service out there as long as they take a HTTP POST request(there are samples for NTFY, Gotify, and Discord in the Documentation), if you don't wish to use an external notification service, it can also be configured to use the pre-existing SMTP settings.

\n\n

Video Walkthrough

\n\n

Documentation

\n\n

As part of this, there are also Automated Events that you can now configure, some examples of what you can do with Automated Events:

\n\n\n\n

Here's what the automated backup email looks like:

\n\n

https://preview.redd.it/q4mgykzzmkwg1.png?width=1363&format=png&auto=webp&s=1175e815a0ff23837cf3ed7192087fcb83c6c39c

\n\n

Third, there is now a smoother way to onboard OIDC users with SSO-specific registration options

\n\n

Documentation

\n\n

Misc. Improvements:

\n\n

CSV's are now validated before any imports are performed, and it will tell you what went wrong/was formatted wrong:

\n\n

https://preview.redd.it/k0okuk9unkwg1.png?width=525&format=png&auto=webp&s=ef159f8174acd22b83a9f1814127d2d16c0a5ae3

\n\n

You can now add multiple recurring reminders to Plan Records and you can modify which reminders are tied to these plan records all the way up until the plan is marked as done

\n\n

https://preview.redd.it/04ptjed3okwg1.png?width=421&format=png&auto=webp&s=6e521ee9c1226a22f44ee2426b25c59ffea8b378

\n\n

On that note, there are now QR Codes that you can generate that can either take you to a specific record or to add a new record:

\n\n

Video Walkthrough

\n\n

If you want realtime events coming from LubeLogger but you don't want a webhook integration, you can now use web sockets which works on a pub-sub model.

\n\n

Documentation

\n\n

Anyways, that's it from us for this update, have a great Summer and we'll see you in Fall.

\n
\n\n

⬆️ 339 points | 💬 47 comments

","metadata":{"score":397,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1srmjht","title":"Twenty v2.0: Self-hosted CRM","link":"https://www.reddit.com/r/selfhosted/comments/1srmjht/twenty_v20_selfhosted_crm/","author":"charlesBochet","published_at":"2026-04-21T12:43:03+00:00","content":"\n\n\n

Hi everyone,

\n\n

We're an open-source CRM (https://github.com/twentyhq/twenty). It's been a while since I last posted here, but today we're shipping our biggest update yet, so I wanted to give a heads-up.

\n\n

Twenty 2.0 lets you build apps on top of the CRM without forking the codebase. The idea is a framework one level above web frameworks, tailored specifically for enterprise SaaS. Roughly Salesforce's original idea from 20 years ago, but built from a clean slate in 2026, and self-hostable.

\n\n

In practice: you can build (or ask Claude Code) a call recording feature or anything you'd like, using an SDK. It creates custom objects, React components, server-side logic. Your code but get everything Twenty already ships: permissions, dashboards, workflows, API, AI chat, webhooks, audit logs. That way, you can ship quickly on top of the engine and still keep version control, CI/CD, and so on.

\n\n

On the technical side, building extensibility into an enterprise app surfaced interesting problems:

\n\n\n\n

Happy to answer any questions and would love to hear your feedback!

\n\n

Charles (CTO)

\n\n

All the code is available here on Github

\n
\n\n

⬆️ 152 points | 💬 60 comments

","metadata":{"score":152,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1sqvujn","title":"Self-hosted public website running on a $10 ESP32 on my wall","link":"https://www.reddit.com/r/selfhosted/comments/1sqvujn/selfhosted_public_website_running_on_a_10_esp32/","author":"Techtoshi","published_at":"2026-04-20T17:19:17+00:00","content":"\n\n

\"image\"

\n\n\n\n

My homelab does have the usual rack of stuff (Dell Poweredge R730s and ECU servers), but this one ESP32 sits separately on the wall and serves a public website entirely by itself. No nginx or apache, no Pi, no container... just a $10 microcontroller holding an outbound WebSocket to a Cloudflare Worker that fronts the traffic.

\n\n

The original launch of this back in 2022 ran for ~500 days before the original board burned out in 2023. The site sat as a read-only archive until now. I relaunched it after rebuilding it from the ground up with a lot of redundancy in mind such as a Worker relay, daily off-site backups to R2, and more, check out the project's README.

\n\n

Site: https://helloesp.com

\n\n

Code: https://github.com/Tech1k/helloesp

\n\n

---

\n\n

Update: So slight miscalculation on how popular this was going to get, this was a good stress test of the ESP to say the least. The hug of death hit way harder than I anticipated lol

\n\n

I believe the ESP32 has fully crashed or it's exhausting heap in a loop. It's not even showing up on my router now. The Cloudflare Worker is still serving the offline page in the meantime which is expected. Probably not the best idea to have made this post while I was at work and away from it. I will reboot and investigate this when I'm home and make adequate changes to get it back online and stable!

\n\n

Update to the update: it has risen from the cold grasp of offline darkness and reconnected as the WiFi watchdog kicked in and rebooted it automatically. Requests are getting served again and I managed to regain access to it on LAN. Cloudflare is back to showing timeouts for some while others get through (expected behavior). I may lower the SSE cap and raise the min heap threshold. It's back to just getting overloaded at the moment. I will investigate further and see what I can make changes on later to help keep it afloat and serve more requests on 520KB of ram lol

\n
\n\n

⬆️ 467 points | 💬 35 comments

","metadata":{"score":3274,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1sqi04i","title":"Beyond the Basics: What are your non-negotiable Linux server hardening steps before exposing a service to the web?","link":"https://www.reddit.com/r/selfhosted/comments/1sqi04i/beyond_the_basics_what_are_your_nonnegotiable/","author":"Browndude345","published_at":"2026-04-20T07:09:10+00:00","content":"\n\n\n

Most of us start by slapping a reverse proxy (like Nginx Proxy Manager or Traefik) and maybe Tailscale or Wireguard on our setups. But for those of you exposing specific services directly to the web, how far do you take your server hardening?

\n\n

I usually stick to a strict baseline (Fail2Ban/Crowdsec, UFW, disabling root SSH, key-only auth, and isolating apps in Docker containers), but I’m curious about the more advanced layers. Are any of you actively running SOC-level monitoring, Wazuh, or strict SELinux/AppArmor profiles on your homelabs?

\n\n

What is the one security measure you think the average self-hoster overlooks until it's too late?

\n
\n\n

⬆️ 364 points | 💬 187 comments

","metadata":{"score":446,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1sq2xkt","title":"My retired gaming-rig became a mediaserver","link":"https://www.reddit.com/r/selfhosted/comments/1sq2xkt/my_retired_gamingrig_became_a_mediaserver/","author":"Drummerrob666","published_at":"2026-04-19T19:42:33+00:00","content":"\n\n

\"image\"

\n\n\n\n

I just wanted to share my two weeks of progress and configuration that I am quite happy about.

\n\n

It all started with installing Jellyfin on a outdated machine with Windows 10 to be able to play music and movies from my own collection.

\n\n

Two weeks later the same computer is now running Proxmox VE with a single VM that is running an arr-stack.

\n\n

I also took ownership of all my 40K of photos and videos through Immich and said goodbye to Apple and Google.

\n\n

The picture shows the whole setup and I just wanted to share this because I had so much fun setting this up and wanted to take the opportunity to say thank you for this subreddit, it’s been an inspiration!🙏

\n\n

**EDIT** I just tried starting up a brand new VM to test my Immich-backup and it worked flawlessly. Database and photos intact and the full 38K of photos with correct metadata was read from my backup. Happy guy!

\n
\n\n

⬆️ 253 points | 💬 97 comments

","metadata":{"score":254,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1sps0gj","title":"Reitti v4.0.2: A New Map Experience and Update Progress","link":"https://www.reddit.com/r/selfhosted/comments/1sps0gj/reitti_v402_a_new_map_experience_and_update/","author":"_daniel_graf_","published_at":"2026-04-19T12:45:37+00:00","content":"\n\n

https://www.reddit.com/gallery/1sps0gj

\n\n\n

Hey everyone, I’m Daniel.

\n\n

It's been 103 days since I last posted about Reitti, and what a journey it's been! What started as a personal project on June 5, 2025, has grown immensely. In that time, Reitti has seen exactly 52 releases, culminating last week in the biggest and most ambitious update yet: Reitti 4.0! Today, I want to recap everything that's happened since my last post.

\n\n

The past few months have been dedicated to transforming how I interact with my movement data, and the community's support has been incredible:

\n\n\n\n

What is Reitti?

\n\n

\"Reitti\" is Finnish for \"route\" or \"path.\" It’s a personal location tracking and analysis application. It is fully local and private, and no data ever leaves your server. You own the database, and you own the memories.

\n\n

Reitti 4.0: A New Map Experience

\n\n

This release focuses on taking your map experience to the next level. I've completely rebuilt the map from the ground up, switching to a foundation powered by MapLibre GL JS and deck.gl. This enables a new level of visualization for your movements, even with millions of data points from years of tracking, it remains blazingly fast and responsive!

\n\n\n\n

Other New Functionality

\n\n

Expanded Language Support

\n\n

Thanks to the incredible dedication of the community translators, Reitti has expanded its global reach and now officially supports more languages, including:

\n\n\n\n

These additions are a huge step towards making Reitti accessible to even more users worldwide.

\n\n

Place Editing with Geocoding

\n\n

When editing a place, you can now directly request geocoding suggestions and select the most accurate result from various available providers. This makes managing your locations much more intuitive and precise.

\n\n

Faster & More Robust Visit and Trip Detection

\n\n

I've completely overhauled the algorithms for detecting visits and trips. The new system is not only significantly faster but also much more robust, leading to more accurate and reliable insights into your time spent and journeys taken.

\n\n

New Dedicated Open-Source Services!

\n\n

As part of this update, I'm introducing two new, free-to-use services that power Reitti 4.0 and are available for everyone:

\n\n\n\n

BREAKING CHANGES – Please Read Carefully

\n\n

While Reitti 4.0 added new features, there are a couple of crucial changes you need to be aware of for a smooth upgrade:

\n\n\n\n

It is absolutely essential that you update your docker-compose file during the upgrade process. Please visit https://www.dedicatedcode.com/projects/reitti/4.0/upgrade/ for the necessary steps to get your Reitti instance running seamlessly on 4.0.

\n\n

Full v4.0.0 Release Notes: https://github.com/dedicatedcode/reitti/releases/tag/v4.0.0

\n\n

Thank You

\n\n

This project thrives because of its community. Thank you to everyone who contributed this year. To the new contributors like u/Jonsen94, u/GunseiKPaseri, u/sieren, u/wjansenw, u/subha0319, and u/per_terra your code, ideas, and dedication are invaluable. Special thanks go to the translators who ensure Reitti is accessible worldwide, and to everyone who posts issues, suggests features, and supports the project indirectly.

\n\n

What’s Next?

\n\n

Thanks to the incredible support from my Ko-fi supporters, I've recently acquired a dedicated GPS logger! This means I'm now setting my sights on bringing multi-device support to Reitti. Imagine this: you use your phone for day-to-day tracking, while simultaneously logging a run or ride with another device, leaving your phone at home. My goal is to seamlessly bring these timelines back together into one cohesive view. Along with this, I'll be introducing more powerful editing capabilities, such as defining \"no-visit\" areas and the ability to remove individual GPS points.

\n\n

For the Memories feature I explored local AI for natural-language travel diaries, it's still very much on my mind. However, I haven't yet managed to get decent results with a small, local LLM that supports multiple languages. Time will tell if this ever happens, as I only want to introduce massive new requirements when they can deliver a truly tremendous impact for all of you. If anyone has a tip, please drop me a message.

\n\n

Development Transparency

\n\n

I use AI as a development tool to accelerate certain aspects of the coding process, but all code is carefully reviewed, tested, and intentionally designed. AI helps with boilerplate generation and problem-solving, but the architecture, logic, and quality standards remain entirely human-driven.

\n\n

I appreciate your feedback and support! Here are a few ways to connect:

\n\n\n\n

I'll be in the comments to answer your questions.

\n
\n\n

⬆️ 284 points | 💬 49 comments

","metadata":{"score":295,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1sp1bvz","title":"n8n dropped every webhook at 3am for two weeks and I only noticed because a client asked where his invoice was","link":"https://www.reddit.com/r/selfhosted/comments/1sp1bvz/n8n_dropped_every_webhook_at_3am_for_two_weeks/","author":"Ambitious-Garbage-73","published_at":"2026-04-18T15:54:04+00:00","content":"\n\n\n

So this is either useful or embarrassing depending on who's reading, probably both.

\n\n

Running n8n on a mini PC under my desk (NUC clone, 16GB, Debian 12, docker compose). Been up around 8 months, mostly boring. A couple weeks ago I noticed the invoice-reminder flow had silently stopped firing on a few contacts. Poked it for ten minutes, blamed a flaky SMTP relay I'd swapped the week before, moved on.

\n\n

Yesterday a client DMs me basically asking if I'd ghosted him because he hadn't heard anything since late March. I open the executions tab and there's this neat little gap every single night between roughly 02:50 and 03:30 where literally nothing ran. Fourteen nights of it. The dashboard I never close had been showing a green checkmark the whole time because whatever executions happened outside the gap worked fine.

\n\n

The actual bug, for the record: logrotate. The postrotate hook was doing docker kill -s HUP on the n8n container to make it reopen log files. n8n apparently does not take SIGHUP well and just dies. The restart policy brought it back, but only after the rest of logrotate finished whatever else it was rotating, which is why the gap drifted a little each night. Fix was switching to copytruncate, ugly but it works.

\n\n

the thing I actually can't get over is that uptime-kuma was green for all fourteen days. container up. HTTP port open. /healthz returning 200. every layer of my \"monitoring\" was technically correct and also completely lying about whether the thing n8n exists to do was happening. I'd built a setup that told me what I asked instead of what I needed to know.

\n\n

so I'm looking at bolting on a synthetic check that actually fires a test webhook into one flow and asserts on the expected execution ID in the DB a few seconds later. feels like something that should already exist as a Docker sidecar or whatever but I haven't found it. anyone here doing real end-to-end synthetic monitoring on self-hosted workflow stuff, or am I about to spend a Saturday writing something mediocre?

\n\n

(also yes I know about Healthchecks.io, I use it for cron, but for a webhook->DB assertion I'd need something slightly more)

\n
\n\n

⬆️ 210 points | 💬 43 comments

","metadata":{"score":213,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1sockr8","title":"My lab domain got added to a DNS blocklist and broke my whole setup.","link":"https://www.reddit.com/r/selfhosted/comments/1sockr8/my_lab_domain_got_added_to_a_dns_blocklist_and/","author":"FanClubof5","published_at":"2026-04-17T20:27:02+00:00","content":"\n\n\n

I setup the hagezi ultimate adblock list in pihole a few months ago and didnt think much of it after that. Today I am chilling and trying to avoid working too much on a Friday afternoon when I get an alert from uptime kuma that my nginx-proxy-manager stopped responding.

\n\n

I check the docker container first, everything is green and logs look fine, weird but lets restart it just to be sure. No change, hmmm well I can access the demo page at the direct IP so maybe its not this, lets check the DNS resolve.

\n\n
    > nslookup proxy.homelab.com\nServer:         10.0.1.66\nAddress:        10.0.1.66#53\n\nName:   proxy.homelab.com\nAddress: 0.0.0.0\nName:   proxy.homelab.com\nAddress: ::\n
\n\n

Odd that should be resolving to the 10.0.1.66 server not 0.0.0.0 I wonder what changed. I dig around in the Pihole logs for a bit and discover that my domain was actually added to the offical blacklist. I am not really sure how since my public footprint is minimal, gets virtually zero traffic except for some bots to the root domain, and definitely doesn't serve ads. Either way I was able too lookup the commands to white list my domain in Pihole and bam everything was back to normal.

\n\n

Just some friday fun.

\n
\n\n

⬆️ 333 points | 💬 54 comments

","metadata":{"score":339,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}},{"id":"1soavp6","title":"Migrated a client off shared hosting to a VPS last week, the difference was embarrassing","link":"https://www.reddit.com/r/selfhosted/comments/1soavp6/migrated_a_client_off_shared_hosting_to_a_vps/","author":"Own_Addition_7619","published_at":"2026-04-17T19:24:44+00:00","content":"\n\n\n

so i've been telling this client for 2 years their site was slow because of shared hosting
\nthey finally listened after a competitor started ranking above them on google

\n\n

moved them to a KVM VPS, same wordpress stack, nothing else changed
\npage load went from 3.2 seconds to 0.9 seconds. that's it. that's the whole story

\n\n

the amount of money they lost over 2 years because they didn't want to spend an extra 15€ a month is genuinely painful to think about

\n\n

if your site is on shared hosting and you're wondering why it feels slow, it's that. it's always that

\n
\n\n

⬆️ 338 points | 💬 32 comments

","metadata":{"score":815,"source_feed_id":"r-selfhosted","source_feed_type":"reddit"}}]