What are some self hosted services that you think are essential?
from bpt11@sh.itjust.works to selfhosted@lemmy.world on 18 Nov 03:37
https://sh.itjust.works/post/28254923
from bpt11@sh.itjust.works to selfhosted@lemmy.world on 18 Nov 03:37
https://sh.itjust.works/post/28254923
#selfhosted
threaded - newest
Docker
TCP/IP
Sorry, this is an AppleTalk household.
I laughed my ass off when Chris from LUP podcast said they used Netbeui in their studio. I wouldn’t admit to that, myself.
Excuse me, what?
Biggest Linux podcast in the world, uses NetBEUI. Yah, there’s that.
Man, I haven’t seen a reference to that protocol in a very long time.
When I was studying for my first MCSE back in ancient times, my girlfriend heard me mention ‘netbeui’ and thought it was the funniest damn thing. She used to catch me throwing out all the computer jargon and just yell “NET… BOOEEEEEY” at me.
Plex, channels, mail, calendar, contacts, wiki
Immich/PhotoPrism/whatever you use for image backup. Cloud providers are snooping through your shit.
Plex/Jellyfin for streaming
Sonarr, Radarr, Prowlarr, SABnzbd, qBittorrent to support the streaming service(s)
vaultwarden, jellyfin, freshrss, nextcloud, and wireguard
How is fressrss?
I am also running readarr and bookshelf
It’s perfect, better with themes
Any themes you specifically recommend? I just use native apps on my phone and laptop, but it would be nice to improve the theme when I administrate.
I’m using Mapco now but was previously using Swage. There are 11 options. Just fun to switch it up! I’m sure you can make your own as well but the options are an attractive change :)
I used freshrss for quite some time, but the themes always looked a bit “off” for me. Went to miniflux and its awesome in its minimalism.
Audiobookshelf, Calibre-Web, Plex/Jellyfin, FreshRSS, NextCloud, DokuWiki.
Gitea, wger, jellyfin, samba, *arr stack, jellyseer
My most frequently used are most likely vaultwarden, Memos, Trilium, Jellyfin, Frigate, Traggo, and beaverhabits. Also AdGuard and NPM but I don’t interact with them.
Oh yeah and freshrss
And! Nextcloud and Baikal. NC only for storage and Baikal caldav and carddav
I’m curious, is there a reason you use Baikal over Nextcloud for cal-/card-dav?
I would probably be happy to not have to run an additional service, so I would have to have good reasons to run Baikal next to Nextcloud. Then again, if I had already setup Baikal and then, sometimes later, Nextcloud, There would probably be a great span where I ran both :D
It didn’t work with iphone. Also, I previously hate Nextcloud and don’t want to depend on it to do any service except storage. Do not trust it.
Depends on the situation of course, but for us:
Yeaaah I hate to admit it… But Samba is the only crossplatform sharing protocol that works with every OS… I wish I could switch to NFS.
That and ftp, but that protocol seems to be cared enough for to not be maintained. Weirdly enough, samba made it into the linux kernel recently
It’s not very exciting, but: Network UPS Tools (NUT).
Keep everything in good shape in the event of a power outage.
I use NUT with an Eaton Ellipse but it periodically stops working and I’m forced to restart the container
Huh. Losing USB access?
Yes but I don’t know why
Jellyfin/Plex like many have mentioned.
I personally like Syncthing for petty much everything else. For general file syncing of course. But also with Joplin pointed to a synced directory for notes. With keepass as a password vault. With synced config directories for some apps across devices like newsboat for RSS, and neomutt for email. I also used to use it with rtorrent via a watch directory, though I currently am using a seedbox for that purpose.
VPN (openvpn/wireguard) is a good idea if you want to access your services outside your local network, without exposing them all globally.
I believe Syncthing has been discontinued unless someone else took up the project.
It doesn't really look dead anywhere on their repo or website: https://github.com/syncthing/syncthing
Or are there different things with the same name? :)
Syncthing discontinued its android app.
Just to be clear, what was discontinued was the official gui app.
Binaries are still updated and developed. The other gui app, syncthing-fork, still exists.
Both syncthing and syncthing-fork are on F-Droid.
This is absolutely not the case.
That would suck if so since I obviously utilize it heavily but this doesn’t seem to be the case? Latest release was just a month ago and their github repo is active.
Same, Syncthing is amazing. I use it with Mobius Sync on iOS and have it synching my keepass, Obsidian vault, photos, and a folder for random file transfers between devices. It’s so much better, faster, and more stable than all the most popular corporate cloud providers.
For me, the most essentials are definitely:
A reverse proxy, in my case Caddy.
Duh, you need a reverse proxy to host most of the stuff (if you want to run more than 1 service and use HTTPS). I use Traefik btw, though I heard Caddy is very easy to use.
How did you set up you SSL certificates, are you using a self signed certificate or do you use a custom subdomain?
Caddy automatically sets up certificates for you. Since I don’t want my subdomain to appear in certificate transparency logs, I use a wildcard certificate which requires using a plugin for my DNS provider.
Thanks, that sounds good. Can you explain more how you used the plugin for the wildcard certificate?
To get a TLS certificate from Let’s Encrypt, they need to verify that you are in control of your domain. For regular domains, this can be done via HTTP, for wildcard certificates they require you to create a DNS record with a special token to verify ownership of the domain.
This means that in order to automatically obtain a TLS certificate, caddy needs to interact with the API of your domain registrar to set up this record. Since there are many different providers, this isn’t built into caddy itself and you require a version that includes the corresponding caddy-dns module. Caddy modules need to compiled into the binary, so it’s not always trivial to set up (in my case I have a systemd timer that rebuilds a local container image whenever a new version of the docker.io/caddy:builder image is available).
The only one I haven’t seen mentioned here that is a requirement for me is OPNsense. I’ve been using it for a couple years, and pfSense before that for a very long time. Never going back to commercial routers and their shitty / buggy / backdoored software. I highly recommend OPNsense over pfSense for the UI improvements alone, but there are other reasons to use/support OPNsense over pfSense.
On my network it handles internet firewall, internal firewall, and all routing across 5 VLANs and between two internet gateways. It does 1-1 NAT for my public IPs, inbound VPN, outbound VPN for my *arr stack, and RDNS blocklists with the data source being a script I wrote that merges from several sources and deduplicates the list. It is my internal certificate authority (I don’t miss you at all, Windows CA), DHCP for the guest wifi, and does pihole-like ad blocking via DNS for my entire network. And it does all that running in a VM with 2GB of RAM, of which it only uses about 60% on my install.
It is an incredibly powerful tool, not terribly difficult to learn, has a pretty damn good UI for FOSS, and in my opinion is a fantastic foundation for a complex home network / homelab. Unlike pfSense, which corrupted itself twice over the years I ran it, it has never let me down. And every update has been painless over the years.
Second OPNsense. pfSense also is maintained by some pretty shitty individuals.
Yeah I hinted at it but didn’t feel like going into it. It’s why I switched though, and happily I found OPNsense to just be better anyway.
Why “shitty individuals”?
web.archive.org/web/…/www.opnsense.com/
This was the website that pfsense maintainers made as soon as OPNsense was announced. They sniped the name, derided the project and only ended up handing over the domain after they were legally compelled to.
One person affiliated with Netgate in particular can be seen around forums and social media and has serious axes to grind. He’s… not pleasant.
Add to that Netgate’s practices (IIRC secret proprietary blob required to build pfsense, double-check that fact / unremovable installation tracking) and the picture painted is one of petulance and anger.
[edit] oh yeah, and this gem! arstechnica.com/…/buffer-overruns-license-violati…
How many NICs do you have on your opnsense machine?
It’s a VM so technically none I guess, but my hypervisor hosts have a 4 port gigabit card and a 10 gig fiber card, plus another gigabit port on the motherboard.
OPNsense is using 6 interfaces, 2 WAN and 4 LAN, but it’s all virtualized.
Can you list or summarize some of the other reasons?
Eh, I’ve forgotten a lot of the details and it’s drama that I don’t care to relearn about. Easy to find online with some basic searching if you want to read about it.
lemmy.sdf.org/comment/15885125
Thanks for that info, @AtariDump@lemmy.world
I understood some of those words. It make network go?
It make network go very good.
I’m still using pfsense and considered switching over to opnsense but I found out it doesn’t have something similar to pfblocker.
Went to try pfSense. Need to register to their shop to buy a free download link.
Then during installation it won’t install unless it can phone home and report.
OpnSense all the way.
That’s new, it didn’t used to do that back in the days when I used it but that was a couple years ago. Sounds like it’s just getting worse.
Pi-hole. Get rid of at least some ads on the network level. Maybe add unbound for a faster DNS response.
Using unbound on opnSense with blacklists. Works wonders and do not require an additional device.
I use unbound with pi-hole inside an Ubuntu lxc container. No additional device needed.
docs.pi-hole.net/guides/dns/unbound/
Pi-hole can run inside a docker container no problem. In fact I have it running on my unraid server that way.
I keep one in a docker container and one in an actual pi, that way I can perform updates and upgrades without interrupting DNS service at the house.
This is the way.
I like AdGuard Home myself.
In terms of most used for me, it would be:
Audiobookshelf also supports podcasts (and ebooks, but I haven’t tested that).
Podcasts are my primary use case (my partner uses audiobooks exclusively), and while it works rather well, I want to put in the caveat that there’s no working playlist functionality in the app, and IME headset controls don’t work from FF for Android.
That’s not a deal breaker for me, but it was a massive disappointment when I switched over. But the lack of playlist functionality in the app only annoys me when I want to follow one of the shorter news feeds, since I have to stop and select the next track every 5 min as the episode ends. No issue with that feed from the browser, so meh.
Works great through my reverse proxy/cloudflare tunnel setup, so not too many actual complaints.
Do you have any experience with the dedicated Audiobookshelf app?
The Android app works well. I rarely have issues with it, except when switching back and forth between the web player and and the app, when it sometimes doesn’t properly sync progress fast enough.
Yes, the android app is my preferred method of accessing my server. It works great, other than on rare occasions when it gets killed in the background for some reason, and my complaint about playlists from the previous comment is a much bigger irritation, but a very minor complaint.
There’s a player queue functionality (which works kind of like a playlist) but I don’t think it transfers across devices. But you can at least queue up a bunch of tracks on a device.
I’ve tried to use the playlist feature on my device a couple of times, but I still had to manually start the next episode. I might try again and see if I can figure it out.
Edit: no change in behavior sadly. Created a playlist and hit play, still had to select the next episode. Played the same playlist from the web client and it goes to the next episode, but headset controls don’t work.
Maybe post an issue report on their github. The queue function does work on desktop at least (the web client), but I don’t bother with playlists.
Cool, I didn’t know. Going to try it out.
Gonna also throw in: Nextcloud Memories.
It makes the photo organizing part of NextCloud AMAZING. I’m so happy I got to dump Google Photos for good.
Did not know about this, but it’s exactly the extension I was looking for! Thank you!
I’m so glad it was helpful! You’re very welcome! I try to spread the word since NextCloud’s default photo app…scares people away frankly lol.
I now use an extension to customize the menu, so Memories effectively replaces the default app from a user point of view.
Using Memories in Nextcloud AiO simplifies things a bit, but I seriously consider it NextCloud’s “killer app.” It’s got EXIF editing, albums, user sharing, folder organizing, facial (and object!) recognition done locally, geo tagging map view…all local. The face recognizing stuff isn’t perfect, but it’s definitely good enough for the most part.
It’s also very easy to send to people outside NextCloud, but I run it behind TailScale so it’s not exposed to the open net at all. Copying and sending images through something like Signal also works fine. :)
It even has a neat Android app that sends my pictures to my server whenever I plug my phone in. (And moves them to my SD card in case something goes awry…but I learned I need to manage the cleanup of that part better lol)
Given all the other neat things NextCloud does, I like how it keeps photo managing in one place too.
Audiobookshelf also finds, manages, streams podcasts. After Google killed off Google Podcasts, ABS has been an even better replacement in my experience.
Jellyfin is also useful for music collection. I tried both it and Navidrome to start with, and ended up only using Jellyfin.
I use my searxng instance several times a day.
DNS server/cache/pihole. If that goes down I can't browse anything.
I also selfhost a SaaS that I built. It's essential to me that it's available to my customers although I don't use it personally.
I have a dedicated vm for things that are crucial to the home network, either latency-critical or network related.
That’d be my dns resolver (I enforce it over VLANs by hijacking anyone trying to do DNS to other resolvers, like random IoT devices), homebridge for less important home automaton and my own matter controller for most important home automaton (controlling the lights).
My router of choice is RouterOS in another VM. I tried opnsense, pfsense, vyatta, and a bunch of others (even a containerized Cisco route), and I settled on ROS, because it was the only one who could do IPv6 properly (apart from Cisco, but that has other issues).
For the less important things I run them on k8s and really, there are only two bits worth mentioning as essential: ArgoCD and nixhelm. Together, they provide effortless and mostly automated software updates with very easy rollbacks. I don’t have to go and manually update every single bit of software and that saves huge amounts of time.
For me it’s the first thing i learned how to self host: Nextcloud …which in turn allows me to sync Joplin notes, which I use constantly
Nextcloud.
I was hosting nextcloud at home for years. Then when I worked in a Datacenter I got to host some servers there from free so I set up a two-node proxmox with nextcloud and some other stuff. Now I don’t work there anymore and I really felt the hole nextcloud left, no more notes syncing for notes, tasks, calendar, podcasts no more place to upload my photos from my phone … So now I’m hosting nextcloud at home again.
I also host jellyfin which is nice but if I don’t have it doesn’t actively hamper my workflow.
I used to have a Nextcloud instance on a shared webhost… It ran like shit but you can’t beat the storage space… VPS storage is expensive.
Now I use syncthing on my home server
Immich (Photo backup), Vaultwarden (FOSS Biwarden server for passwords)
Adguard home
and Wireguard pointed at AdGuard for DNS
Set the mobile app to enable WireGuard connection when not on home network and then you have AdGuard everywhere
I’ve pointed my domain to my wireguard tunnel VPS IP, same result. I can just set my private DNS in settings pointing to my AdGuard domain
Depends on what your usecase is for what is “essential.”
I think keeping household documents, taxes, medical bills, etc… In a local only paperless-ngx instance is quite essential to the organization of a household where everything is searchable and able to be organized on multiple levels compared to a simple document folder on 1 computer.
Having a document or self-hosted wiki with an in - case - of - death document that gets backed up in an encrypted, but accessible by family place is probably the most “essential” thing.
No one’s mentioned Forgejo yet? Solid git and artifact repository.
Some WebDAV server, can be Nextcloud but actually something more lightweight is better.
Also a XMPP server is very nice to have. Even if you don’t have many contacts on it (yet), it works very well has a notification service and can even be extended to act as a Unified Push distributor.
Radicale is next on my list
wait wait wait wait.
That works? Teach me how!
joinjabber.org/tutorials/service/unifiedpush/
Nextcloud, vaultwarden.
In no particular order, the most essential ones are those I constantly use throughout my day and also weekly.
Proxmox holds all of these in different LXC’s and VM’s
Aside from that, i do have other services I use every so often like Memos, Joplin Server (holds most of my notes), Pingvin and a few others.
I tried Baserow a while ago but decided not to use it because it started downloading the application after running the container and required an online account (that could also be NocoDB). How has your experience been after using it for longer?
I had to create an account as per the usual process for these types of apps, but it was all local. I never had to do one to connect to their servers. I know it generates a unique instance ID which I believe phones home to their servers but I don’t mind personally.
As for my experience, a lot of it is locked behind their paid plans, so I just keep it limited to what I use which is fine. I do like it as it does better than NocoDB for my needs (the input forms is what I needed) and it does better there. I don’t recall the other reasons for not using NocoDB otherwise, but it’s a long while.
Their pricing is here: baserow.io/pricing
<img alt="" src="https://lemmy.world/pictrs/image/9135c6b5-a585-4a60-b06f-ded77247628d.png">
So, that’s mostly what is locked behind. My sleep form I built which feeds the database: <img alt="" src="https://lemmy.world/pictrs/image/c12ab17b-c087-4f05-90ff-ae4388666cd8.png">
Overall, it does meet my needs so that’s all I ask. :)
+1 for UptimeKuma. Works great.
Does Technitium support DNS rewrites like Adguard Home?
I’m about 99% sure it does, I don’t use it that way but It does allow DNS zones. For example:
<img alt="" src="https://lemmy.world/pictrs/image/cbf0d77f-8d22-4a11-9d44-271261b30250.png">
It’s a lot more technical then Adguard Home for sure. Both work just fine though, I came from Adguard Home as I use a PXE server to provision some of my devices and Technitium is super easy to configure that.
Paperless-ngx
The rest is already in the other comments
Tailscale
So headscale?
Pepsi or Coke?
Yes.
Honestly, I’ve used both. Tailscale edges out headscale by a tiny bit just because of the admin console’s GUI but other than that, yeah.
Headscale is not essential. Of course in this context the “self-hosted service” would be the Tailscale client…
Omada software controller handles my wireless access points. HomeBridge lets me control various things from my iPhone, without having to use 5 poorly-made apps.
WireGuard on my VPS, because otherwise I’m stuck behind CGNAT and can’t access anything in my network from elsewhere. Or Tailscale, but that’s not really self-hosted.
do you have a good guide on how it works/ho to set it up? I tried a little while ago but couldnt figure it out.
I used the Arch Wiki entry about WireGuard. The trickiest part was some MTU nonsense.
Tailscale is a bit simpler and I think I just figured it out with some docs on their website.
Gamevault: To share Games with my friend’s especially modded games. Jellyfin: Sharring Movies/Series/Music Immich: Saving my Pictures Pi-Hole + Unbound: Ad-blocking
Gamevault is cool, but I wish they weren’t windows-only on the client side. Lutris integration would be excellent.
Zim + syncthing + mega
XBev 4thud EE
My three essential selfhosted services are :
Arr stack plus Jellyfin/Plex, Nextcloud and Gitea.
Essentials? Difficult to decide, it depends on why you are even selfhosting in the first place.
At a first glance and looking at my attempt at a homelab:
Opnsense
Vaultwarden
Email
Home assistant
Emby
Gitea
Paperless-ngx
Firefox
Honest question, I’d love to host email but it seems like a huge pain in the ass these days with trying to keep from being delisted. Is there a decent, home user accessible email system that’s useable out there?
A decade ago it was easy and doable but even in professional life I don’t deal with email backend anymore, all google or o365.
You’ll never get away from maintenance for ant service you host, and you need a VPS at a minimum to handle mail unless your ISP allows it (which they probably don’t). There’s going to be front loading needed in order to make sure the IP you’re given isn’t on blocklists, and you’ll need to take appropriate measures with Apple, M$, Google, Yahoo, etc in order to send email to their domains. The good thing is that I’ve you do that, you’ll never need to touch it again.
I personally use iRedMail because of the breadth of documentation, but mailcow and others like that are allegedly nice. I prefer the omnibus solutions because I don’t care to do manual service configuration if it’s not necessary.
Been doing email hosting for my domain for 25 years, 12 years with iRedMail.
I’m also using iredmail. Apart from it needing more hardware than it used to its been pretty stable. I use an SMTP Relay for sending mail, so I don’t hit issues with sending. Not that I ever actually send many emails.
I use an SMTP Relay for sending mail, so I don’t hit issues with sending.
Highly recommend purelymail. No nonsense mail, with straight forward pricing.
You mean you self-host your profile?
No. I host Firefox that runs in a browser.
It’s one of my favourite things. So places that may block certain sites can be bypassed.
Not sure why I was downvoted for answering a question accurately.
How do you self host Firefox? This is something I’d like to setup!
It’s this: github.com/jlesage/docker-firefox
Samba (I can move files now, sweet!)
Jellyfin (I can watch stuff, sweet!)
Qbittorrent-wireguard (for pirating copyrighted material from the internet illegally)
Somesuch Wireguard solution (for accessing the backend and doin stuff)
A proxy somewhere else
The rest is extra. This gets my usual goals completed pretty well.
I’m pretty sure that’s not the phase we use now
“Archiving legally purchased content as an insurance against corporate-sanctioned theft”?
Nextcloud for sure.
Everything else is a nice to have, not essential
The arr family with a torrent client is great for feeding Jellyfin. If you are a developer, you can host your own shit there too. Game servers for playing with family and friends (so far Minecraft, Terraria, Project Zomboid, V Rising). I like to host a bunch of different telegram bots I wrote for fun. Discord bots are another interesting side. I also run some automation runners for helping out with testing, building and deploying my projects.
Focus on your needs and what you want to improve of your online life, there is probably a project you can self host for it.
Arr stack, Jellyfin, and Nextcloud + some dashboard.
For me:
I have stopped using most of the services that got me into selfhosting. Things like rss and wikis. I try new things from time to time but kill them if I don’t find myself using them regularly or if the maintenance cost is more than the value add.
where do you source your magazines from out of interest? Are they epubs etc?
Please not these posts again
This thread is pinned for a reason: lemmy.world/post/60585
No one metioned hoarder.app - bookmark app featuring offline archive, full text search and AI auto tagging