Found this utility barely mentioned given how useful it is in the context of limited selfhosting resources.

This could be handy for low powered devices with tools that you only use on occasion, particularly automated stuff

I use it with Grafana. No need to run it all the time especially when it uses CPU while idle.

While speaking with a colleague who is working in a small company he told me, that the lost track about user right management. They had a an excel table where they tracked all user groups and special rights users in the company have. But depending on some changes in the company structure, they got problems.

Is there any selfhosting software to manage usergroups, teams and userrights in a modern UI? It should be abe to set also data owner and so may keep track on non Active-Directory data.

LDAP is the Linux equivalent of a window domain controller

I assume you meant “Active Directory”. AD is based on a heavily modified LDAP schema, but they are interoperable. AD adds a LOT of extra functionality on top of the auth part of it, however.

Linux it’s self can use it too

That’s why I suggested it.

it was more for anyone who doesnt know LDAP

Afaik they are hosting their code on their own closed source internal system.

So it will no longer be Open-Source

I have vaultwarden, navidrome, uptime kuma (on a vps, because it doesn’t make sense to host it on my pi, because if it goes down, I’m not gonna know), pihole (though it’s not currently working with Mullvad), dokuwiki, freshrss, searx, ntfy, and tugtainer (replacement for watchtower since that’s now abandoned).

Welcome! Good to meet you.

Hardware: - hp EliteDesk 800 G4 SFF - i5-8500 - 32 GB RAM - 250 ssd boot disk - 1TB nvme - 2 x 4 TB SSD

I run most of my services via Docker but also in their own LXCs on Proxmox:

• adguard
• borg-backup
• caddy
• forgejo
• filebrowser-quantum
• rackpeek
• opencloud, Baikal, obsidian-live sync
• immich
• paperless
• vikunja
• navidrome, octo-fiesta
• karakeep
• proxmox-backup-server

Next thing I want to set up would be arcane and maybe ansible, audio-bookshelf, and someday some monitoring.

I access my services only via NetBird when I am out and about.

The biggest flaw in my setup as for now is that I only have one device that’s a single point of failure. Since I have remote backups that’s okayish atm. In the future I would try to get ahold of more hardware and separate things out. For someone who just wanted to try things out a little I got my self kind of deep into it haha Performance vice its enough for me as a single user

Also: If anyone has any suggestions what I could do with my Oracle free tier VPS, besides running a Minecraft server, I would be happy to hear ideas :)

I use fluxcd with helmrelease’s which auto update the helm release. If the helm chart versions specify container versions, then updating the helm chart updates the containers in the deployments.

But for raw deployments, I found this, but not much else.

Interesting. I’m using Argo, there may be something similar for it

Statistics for Strava is a self-hosted, open-source dashboard for your Strava data.

Features and improvements worth mentioning since we lasted posted here:

• Dark mode
• Added a timeline view of your key achievements and milestones over time.
• Added statistics for recording devices, giving you more insight into which devices you use for your activities
• You can now view Eddington metrics in both metric and imperial units, regardless of your default unit system
• Use compression algorithms to store data. This results in a 70% drop in used storage space
• A lot of bug fixes and quality of life improvements

As always, thanks for your feedback and I’m looking forward to more feature requests! Stay fit, stay healthy 💪

• Example: https://statistics-for-strava.robiningelbrecht.be/dashboard
• GitHub: https://github.com/robiningelbrecht/strava-statistics
• Docs: https://statistics-for-strava-docs.robiningelbrecht.be/#/--

You may want to look at the supported devices on this project. It’s an app to get data to/from wearables.

Two of the supported devices are bangle.js and bangle.js 2. These are open source smart watches with GNSS and HR, which have different apps available already that I believe can record data without your phone connected, and then sync later, either to your phone or computer (not sure on that one). And you can develop your own apps too of course.

I don’t really know much more than that. I do want to get back into exercising regularly, and would like to track my progress, so I may get one myself at some point.

I’ve already looked into gadgetbridge, but all supported devices unfortunately have fairly limited functionality. I get that it’s the premise with the reverse engineering they do to make things almost work.

The bangle.js models are a fucking ugly apple watch clone, I’d never wear that thing. And I’m not looking to get an actual smartwatch, I have no need for any of that clutter or a desire to charge my watch daily or every other day.

I’ve used a coros pace 2 for a long time, definitely not private but very limited smartwatch bullshit and >week of battery with +1h of daily GPS tracked running. Not supported by gadgetbridge though.

Hello!

I’ve spent a lot of time struggling with Hetzner’s KVM console, there are a lot of problems causing severe issues with settings up passwords and passphrases. I just thought I’d create this “guide” to get things rolling, for everyone who faces the same issues I’ve faced.

Step 1 - Firewall

Set up a firewall and only open port 22 with your IP (you can look it up using ip.me).

Step 2 - Installation

Perform the installation procedure as normal, setting very simple passwords and passphrases for the user accounts and the disk encryption. Set them to something like 123. These will be changed later!

I’m using Debian 13, the steps may or may not be the same for your choice of distribution.

Step 3 - SSH access

Unmount the ISO and reboot. Enter the console again, log in as root with your simple password. Now, if you have the same problem as me, keys like /, CTRL etc. won’t work, so I used tab completion and vi to to modify the config file.

# cd ../etc/ssh/
# vi sshd<TAB>

Inside vi, press o to create a new line and enter insert mode. Add:

PermitRootLogin yes
PasswordAuthentication yes

Press ESC and then <SHIFT>-yy (so holding shift and pressing y twice). This will save the file and exit vi.

Step 4 - Dropbear

ssh into your VPS. Now you have full keyboard access like usual. Install dropbear-initramfs, which is an SSH server that’s placed in the initial RAM filesystem so that you can ssh into your VPS during start up so you can easily enter your encryption passphrase.

Generate a new key pair and add the public key to /etc/dropbear/initramfs/authorized_keys

Run update-initramfs -u and reboot. You should now be able to ssh into your VPS using the key you just generated. The following command lets you unlock the encrypted disk:

cryptroot-unlock

This will probably disconnect you from the tunnel, simply re-establish the SSH tunnel again.

Step 5 - Changing passwords and passphrases

To change the encryption passphrase:

# cryptsetup luksAddKey /dev/sdXY
# cryptsetup luksRemoveKey

Lock the root user and change the password of your user (don’t forget to add the user to the sudo group!):

# passwd -l root
# passwd user

Done!

At this point you might want to use some other means to access the server, such as Netbird or Tailscale or Wireguard. Regardless of how you decide to access the server, you should revert the changes to sshd_config.

P.S.

I have no idea if this is a secure or good way to do this. Use at your own risk!

They might care if it’s 69420 since the max port number is 2^16 = 65536

You can fire packets as fast as you like, but if my end can’t process them that fast, either they’ll get dropped or you’ll knock me offline. Neither makes a valid scan.

Hey gang, do you have any suggestions for moving data from my phone to my jellyfin server? I tried using the daemon tools on F-Droid and could not for the life of me figure them out.

I just saw this on F-Droid, will need to test it, but sounds like it could be really good: https://f-droid.org/packages/lu.knaff.alain.saf_sftp

I’m hoping, it works like mounting or FUSE on proper Linux, where you can just use normal applications to transparently access network files. Then you’d be able to use any old file manager app to actually work with the files…

Yea, that’s a challenging part for sure, one that I still deal with.

It can be done, but you need to configure the sync jobs “just so”. Send only from the phone, don’t sync deletions, etc.

Disclaimer: I am the developer

Long story short, after Huntarr exploded I still wanted an app that did the core of Huntarr’s job: find and fetch missing or upgradable media. I looked around for some solutions but didn’t like them for various reasons. So, I made my own.

No web UI, configured via environment variables in a similar manner to Unpackerr. It does one job and it does it (a little too) well. Even when trying a few different solutions for a few days each, Fetcharr caught a bunch of stuff they all missed almost immediately. This is likely due to the way it weights media for search.

Since you made it this far, a few notes: 1) I did still use ChatGPT on a couple of occasions. They’re documented and entirely web UI - no agents. Anything it gave me was vetted and noted in the code before publishing. 2) The current icon is temporary and LLM-generated. I’ve put out some feelers to pay an artist to create an icon. Waiting to hear back. 3) It’s written in Java because that’s the language I’m most familiar with. SSL certs in Java containers can be painful but I added some code to make it as easy as Python requests or Node 4) While it still has a skip-if-tagged-with-X feature, it doesn’t create or apply any tags. I didn’t find that portion necessary, despite other popular *arrs using it. Not sure why they do, even after developing this. 5) Caution is advised when first using it on a large media collection. It’ll very likely pick up quite a number of things initially if you weren’t on top of things beforehand. Just make sure your pipeline is set up well, or you limit the number of searches or lengthen the amount of time between searches using the environment variables.

Not sure what you mean by that. I occasionally use the web UI as the tool that it is and I’ve played around with opencode, cursor, etc previously on other home projects to get a sense for where things are and what the limits of these things are. That said, I take pride in my own work and this project is no exception. Is there something in this project that makes you think I threw a prompt into cursor and am passing that off as my own? Or are you against the idea of using an LLM and consider any person or project using them at all to be vibecoded?

That’s great! A cronjob can be effective if your indexer doesn’t mind the extra strain or you have a small library.

Can you access immich from outside of your network? If so, how do you do it? I’d like to do it, too, without accidentally opening everything to the internet haha

Yes, either Netbird or Zerotier allow me to connect to my home lan without exposing ports to the outside. Netbird seems more user friendly to setup and there’s good documentation for openwrt.