🤣 sure, I’ll use a reverse proxy / waf that has a release change log “I don’t remember lol” (Yes, it’s in alpha, but still…)
Is anyone here using it? Are you scared?
Almost every single deployment has failed lmao
Thanks for the analysis; I had also seen the API keys 🤣 “avaliable”
Hey everyone,
Quick question out of curiosity.
I work as a manager in a consulting firm, and a lot of my day goes into communicating across platforms like Slack, WhatsApp, Teams, LinkedIn messages, etc. Switching between all of them sometimes feels a bit messy.
A couple of things I personally struggle with are important tasks getting buried in chats and constantly jumping between apps to keep up with conversations.
Would be great to hear how you handle this in your day-to-day work.
Thanks for sharing this. It sounds like a powerful setup, but I’m not very technical, so managing a Matrix instance feels a bit complex for my use case. I’ve also tried integrating Google Chat, but it hasn’t been possible due to recent changes in Google’s security policies, which makes it harder to rely on as a complete solution
I’m a bit late to the party but the stack I run is what Beeper uses. If you don’t mind handing them your IMs it’s exactly what they host and it works great (used it for a year before I decided to host my own things).
This is a hugely requested feature for many years and a huge hole in my entire self hosted ecosystem. Every self-hosted app I have connects to my Authentik system for user management… Except home assistant. Arguably one of the apps I need it for the most for the whole family to use with their accounts.
Devs have been resistant for some reason.
There is now a community integratation that allows user management for HA to be via any openID backend (authentik, keycloak etc).
I’ve been running it for a few days and it works perfectly. Very easy to setup if you already have a working authentik setup and know how to use it with other apps like immich.
You can self host the authentication outside of the Internet.
Problem is that the user has to be presented that webpage anf the results have to make their way back to teach component. If you have a bunch of microservices that aren’t user facing (whether internet or private network) then how do those services get the user data to do their things. Monolithic server applications are bad practice outside of extremely simple web apps if you want something scalable. So you still need a database of local users that the services can share privately. That means a built-in user database that is just linked to the SSO user by the service that is user facing. Otherwise, all micro-services have to authenticate separately with the user once every time the token expires. Which means lots of browser sessions somehow getting from a micro-service with no web front end to the user.
Anyway, just an example, but when a local user database is required anyway, then SSO is always addition development work and exerts possibly significant limitations on the application architecture. This is why it’s not commonly implemented at first. There needs to be better protocols that are open source and well tested. OIDC is my current favorite in many cases, but it has limitations like logging out or switching between users on the same browser is a pain. Most proprietary apps use proprietary solutions because of the limitations and they feel (often incorrectly) like it’s obfuscated enough to not be susceptible to attacks despite the simplicity. Doing SSO right is hard, so having to implement something from scratch isn’t feasible and when done is usually vulnerable.
I run OmniOS on an Aoostar WTR PRO as my NAS and for most of my self hosting needs. After installing a new fan, I wanted to see if I could read and control the fan speed from the OS instead of just the BIOS. Using Claude chat, I got a working kernel driver that gives me fan speed, PWM control, temperature readings, and even (incorrect) voltage readings.
I wanted to share as an example of what’s currently possible. I’ve even seen people vibe code ethernet drivers for freeBSD.
What do you all think of using LLMs to cobble together drivers like this?
🤣
First I asked it how to create a dump file. I hooked up ADB debugging to my phone, then used the scooter’s app as normal, with the logging turned on in Android developer tools. It created a very long and complex dump file of hex that I could not understand.
However, then I had Claude get to work. I describe that in that I had opened the scooter’s app, and turned it on, paused a few seconds, then turned it off and closed the app. It started attempting to mimic the commands through the computer’s local bluetooth device, to get a successful response. Eventually, after something like 20 attempts it found a hidden clue that was basically a pattern that it had detected, and it was able to finally get an ACK from the scooter. Something I would have never been able to do. From there we have a plan on how to map out all of the other commands, but it was a huge win for the day.
Hi all,
There are plenty of CalDAV servers out there, but surprisingly very few good self-hosted web interfaces to actually access and manage your calendars.
For the past couple of years I’ve been following a project called Luna, and I think it deserves a bit more visibility here: https://github.com/Opisek/luna
It can pull calendars from multiple sources (CalDAV, Google, iCal links, etc.) and bring them together in a single interface.
For people like me with a constantly changing, busy, and somewhat chaotic schedule, having everything in one place like this is incredibly useful.
The project is still young, but it’s progressing steadily, and the developer has been very patient and responsive whenever I’ve interacted with him.
Just wanted to share it here and show some support.
Guys, your comments made my day :D
Had me rolling last night and this morning.
Hello everyone. Need some opinions here. Does it worth all the trouble to make things like jellyfin and immich run with HTTPS for services that are only accesible in the LAN? I ask it ‘cause, as far as I know, there is no way to put a valid certificate like let’s encrypt for a service that is not accessible from the net and I don’t plan to buy a certificate for myself. But I have some trouble with the rest of my family having issue with their browsers complaining about the lack of https every time a browser is updated. So, what would be the best solution?
Many people talking about using subdomains, but that’s only really a thing if you actually have a domain. Just last year the domain .internal was reserved for internal use, so that’s what I’ve set up all my domains to use. E.g. https://pihole.internal/, https://proxmox.internal/.
To make this work I use pihole’s local dns records to rewrite any *.internal domain to point to my reverse proxy Caddy’s ip.
As for the certificates, I created my own CA, which I install on all my and my family’s devices. Then, for each new url I set up, I create a new certificate and sign it with my CA certificate, then have my reverse proxy serve it.
This all sounds like a lot of work, and it is, but using OPNsense plugins for the reverse proxy and handling certificates in opnsense means it’s manageable and certificates are trivial to renew. With that said, if you have your own domain, go that route instead imo. It saves you a lot of manual labor with setting up your CA in every device you own and creating new certificates for each site.
thanks, I’ll look at it!
According to the official Discord, “ACX has made the decision to close Booklore and step away.” Some contributors are working together on an unnamed replacement project.
For those not in the loop, Booklore was an app that for selfhosting book libraries. It had a nice UI. It was able to store metadata separately from the download files, so you could have an organized library without duplication. In recent weeks, there have been conflict about my butt code, licensing, and general Discord nastiness.
RIP
That’s fair. An unfortunate situation.
Thank you for answering.
Hey selfhosters 👋
0.7 is out. Biggest release so far.
Quick context if you missed the previous posts: Ideon is a self-hosted visual workspace for developers. Infinite canvas, everything about a project in one place: notes, Git repos, tasks, files, links, kanbans.
The problem was never too many tools. It was that none of them talk to each other.
What’s new:
300+ stars now, more than I expected when I first posted here. Every issue, every comment pushed this forward, thank you.
Anyway. Worth a try if you haven’t yet :)
I took a look and I’m kinda miffed the only instructions are for a docker install. If I had any energy I’d contribute some more options.
That being said I would love if it could be just a desktop app.
Fair point. Docker is the only install path right now. I’m a solo dev and I can’t properly test across multiple platforms yet. A desktop app is on my list, it’ll happen if the project grows enough to justify it. And if you ever recover that energy, PRs are open :D
After getting tired of paying for a bunch of dev tools that I barely use, I decided to self-host everything on a single $5/month VPS. Here is what my stack looks like now:
What I replaced: - Uptime monitoring (was paying for UptimeRobot Pro) → self-hosted status page - SSL certificate monitoring → custom checker with alerts - Website change detection → self-hosted monitor with diff tracking - API testing/mocking → local toolkit running on the same box - QR code generation → own endpoint, no rate limits
The setup: - Ubuntu 24.04 on a 2GB VPS (Hetzner, $5/month) - Nginx as reverse proxy - Let’s Encrypt for SSL - Everything runs as Node.js services managed by PM2 - Total resource usage: ~400MB RAM, barely touches CPU
Lessons learned: 1. Start with the tools you actually use daily. I wasted time self-hosting stuff I check once a month. 2. PM2 is underrated. It handles restarts, logs, and monitoring for free. 3. Nginx location blocks are your friend. One domain, multiple services. 4. Backups are non-negotiable. I do daily snapshots + config git repo. 5. Security basics go far. UFW + fail2ban + SSH keys = 99% of attacks blocked.
Cost comparison (monthly): - Before: ~$150 (UptimeRobot $8, Postman $15, various monitoring tools, API services) - After: $5 VPS + $0 for the tools - Savings: ~$145/month
I wrote up a more detailed guide covering the full setup process if anyone is interested: The No-BS Self-Hosting Guide for Developers
Happy to answer questions about any part of the stack. What are you all self-hosting these days?
Can you guys suggest some reliable and secure selfhosted IM service? I’m kinda in a very bad spot right now, so any centralized messaging wouldn’t really work. And yeah, state sponsored mass surveillance is a question of concern. Sorry for odd phrasing, just really at a loss.
I heard of matrix, XMPP (heard good things about snikket.org), SimpleX and even some IRC wizardry over TOR. And I actually tried matrix (synapse server), but found it not reliable enough - sometimes skips a notification, periodic troubles with logging in, weird lack of voice calls on mobile client, and some other irritating, tiny hiccups. I’m open to any suggestion, really, even open to trying matrix once again. Just, please, describe why you think one option is better than the other.
And just FYI, use case is simply texting with friends and family, while avoiding state monitoring. Nothing nefarious
Hi, still using Prosody, works great. I’d love to hear how you managed to setup Element Call :) We aren’t using matrix rn, but I still wonder why the calls didn’t work
It was a huge pain and I ended up troubleshooting with Gemini for hours aha! I know, I’ll plant a tree to offset my sins. It was at least useful to rapid search solutions and tell me what component was the most likely issue.
I had coturn set up for legacy Element Classic and, before that, XMPP, but as I wasn’t using those I decided to shut it down and try using Matrix Livekit’s internal TURN server. I’m not sure what actually helped in the end, but Livekit’s latest build caused a bug, so I instead pulled v1.9.12. I also shuffled around my reverse proxy config (from my old attempts) because some endpoints seemed to have changed. I’ll update later with anonymised config :3
