I know for many of us every day is selfhosting day, but I liked the alliteration. Or do you have fixed dates for maintenance and tinkering?
Let us know what you set up lately, what kind of problems you currently think about or are running into, what new device you added to your homelab or what interesting service or article you found.
This post is proudly sent from my very own Lemmy instance that runs at my homeserver since about ten days. So far, it’s been a very nice endeavor.
I also finally set up Lemmy on my home lab, as well as moving Authelia from Docker to bare metal.
Other than that, I’ve been struggling to find any other self-hosted apps that would actually be useful to me.
Finally setup Synology surveillance station and got my local cameras all hooked in with motion events. Very swish.
Attempted and failed to set up some sort of fail2ban between my Cloudflared container and my website I host at home.
I use Mend Renovate to keep up with the latest and greatest container images in my private repo.
I finally got IPv6 working in Docker Swarm…by moving from Docker Swarm to regular Docker.
Traefik now properly gets IPv6 addresses and forwards them to the backend.
What’s the big benefit of moving to IPv6 for a LAN? Just wondering if there is any other benefits over addresses? My unifi kit can convert us to IPv6 but I’m hesitant without knowing what devices it will break.
For the first time I configured ssh with pubkey auth.
Auth between windows (agent) and alpine (host) to use as a helper/backup proxy in veeam (helper is used to mount file level restore assistant)
Took me 3 hours to find out that
Windows didnt know the private key
Pubkey auth wasnt active
Fucked up pubkey auth
Alpine isnt supported by Veeam so it didnt work
Needed to install a small debian VM.:|
At least I did my first pubkey auth setup.It gets better.
I recently setup Music Assistant and have been trying to make it work in my VLANs with my esp32 devices. It has been slow going. Nothing has the level of logging required to easily debug the issues I’ve encountered but I’m slowly working through it all.
I just spent a good few hours optimizing my LLM rig. Disabling the graphical interface to squeeze 150mb of vram from xorg, setting programs cpu niceness to highest priority, tweaking settings to find memory limits.
I was able to increase the token speed by half a second while doubling context size. I don’t have the budget for any big vram upgrade so I’m trying to make the most of what ive got.
I have two desktop computers. One has better ram+CPU+overclocking but worse GPU. The other has better GPU but worse ram, CPU, no overclocking. I’m contemplating whether its worth swapping GPUs to really make the most of available hardware. Its bee years since I took apart a PC and I’m scared of doing somthing wrong and damaging everything. I dunno if its worth the time, effort, and risk for the squeeze.
Otherwise I’m loving my self hosting llm hobby. Ive been very into l learning computers and ML for the past year. Crazy advancements, exciting stuff.
I’m patiently (cf impatiently) awaiting the arrival of an Aoostar WTR Pro and components to build my first NAS and full Arr stack for Linux ISO’s.
I completed a proof of concept and learning a month ago on a Pi 5, and I can’t wait to get my hands dirty with something more real!
I’ll take any advice anyone throws my way :D and thanks to this community for the learning and inspiration since I joined Lemmy!
I migrated my whole native service infrastructure to Docker services this weekend. I prepared for it the previous weeks; basically looking up information about details I wasn’t sure about. The services were mailing, file cloud, and traccar with modoboa, ownCloud respectively. I moved to mailcow and Nextcloud and replaced my feedly account with NextCloud News as a bonus. So far pretty happy with it, had a couple set-backs but also learned a lot in the process. This was the first time for me doing something productive with Docker
What should I do next?
-
Set up peertube in a proxmox, difficulty: My hosting provider doesn’t allow 443 or 80, I have cloudflare working for other things but I think this invades their TOS
-
Set up immich in a proxmox. Difficulty: I need regular backups off site and it’s going to be pretty large.My wife is a professional photographer.
-
Set up my Coral TPU with frigate replacing my aging win10 blue iris.
-
I spent two hours last night beating myself over the head with RAM sticks. Got an ewasted server that had the alarm misconfigured, figured I’d upgrade it and put in a valid configuration since it was just off my size. Slapped in some matching size sticks and it wouldn’t boot. It took my embarrassingly long to realize that the speeds werent the same and that the server really cared about the speeds being the same, more than it cared about sizes being the same incidentally.
I work in IT that should have been the first fuckin thing I checked smh
I remember when I worked in a data center and there was a custom server order that needed something like 64 sticks per server, and procurement didn’t bother to make sure that we had sets that were the same speed, timing, or brand. Thankfully I caught it before we wasted a ton of time troubleshooting.
I’ve set up a reverse proxy to try out hosting a few APIs but i’m curious about best practice and haven’t found any good way to do it. Anyway, i have them running dotnet 9 on debian, and hosting them on http ports and then reverse proxying to apache that serves them externally with certbot on 443 to some real hostnames. I would really want to host them on https internally as well, but is there a neat way to “cert” them without an internal CA-service? My experience with self-signed certs are mostly that they always force me to trust the server cert in my connection strings, which is also unsafe so i just don’t bother. Is it worth working on and which is the best approach here?
Non SSL behind your ingress proxy is acceptable professionally in most circumstances, assuming your network is properly segmented it’s not really a big deal.
Self-signing and adding the CA is a bit of a pain in the ass and adds another unnecessary layer for failure in a home network.
If it really grinds your gears you could issue yourself a real wild card cert from lets encrypt then at DNS names with that wild card on your local DNS server with internal IPs, but to auto renew it you’re going to have to do some pretty decent DNS work.
To be honest I’ve scrapped most of my reverse proxies for a nice tailscale network. Less moving parts, encrypted end-to-end.
Thanks! I initially considered going the wildcard route until i saw the workload involved for my host! There does seem to exist autorenewal programs for the largest hosts out there but i’m trying to support my local businesses so it’s unfortunately out of of my scope at the moment, but i’ll checkout your suggestion and see what tailscale has to offer!
Total noob to Docker (desktop for windows) and I’m just trying to figure out how (and where) to add a config to my Navidrome image or change lines on the image itself, to point it to my music library and create admin login credentials (ಥ﹏ಥ) If I can accomplish that then I eventually want to try Immich or NextCloud afterward.
I want to switch to Linux but I’m not sure where to start! I want to
- play current-gen games (graphically speaking) on steam, as well as
- lots of retro games with Launchbox/RetroArch
- do 3D modeling in blender, and
- produce music in a free DAW.
I don’t know if any of those factors impose restrictions due to software/hardware differences (or if that even makes a difference), but I want to move over everything I can into a linux environment
All of those should be fine, the main caveats w/ Linux are:
- anti-cheat games generally don’t work - there are exceptions, and this is a limitation by the developer, not Linux
- Windows-only software can be iffy - e.g. photoshop and whatnot
- using an NTFS drive on Linux can have surprises - don’t mount your game lib on Linux, just redownload
Blender works perfectly fine, gaming on Steam and Heroic works well, emulators work well, and while I don’t know anything about Linux music production, I know there are software options available.
Anyway, I recommend buying a separate disk and trying Linux out. That way you don’t touch your current Windows install while messing w/ stuff.
My current project is email. Setting up Mailcow and moving my domains over to VMs on a OVH KS-3 server right here in Canada. I’m sick of depending on cloud email providers and want more control of my data. Also getting Addy.io setup to move my aliases over from SimpleLogin. End game is to dump Proton and go all selfhosted for email and Mullvad for VPN. For Mullvad I found that you can buy a 6 or 12 month gift card vouncher on Amazon and it works out to being less than paying Mullvad directly per month.
Migrating from proxmox to incus, continued.
- got a manually-built wireguard instance rolling and tested, it’s now “production”
- setting up and testing backups now
- going to export some NFS and iscsi to host video files to test playback over the network from jellyfin
- building ansible playbooks to rebuild instances
- looking into ansible to add system monitoring, should be easy enough
Lots of fun, actually!
What’s your motivation for the switch? Second time in a short while I’ve heard about people migrating to incus.
I’ve moved to all containers and I’m gradually automating everything. The metaphor for orchestration and provisioning is much clearer in incus than it was in lxd, and makes way more sense than proxmox.
Proxmox is fine, I’ve used it for going on 8 years now, I’m still using it, in fact. But it’s geared toward a “safe” view of abstraction that makes lxc containers seem like virtual machines, and they absolutely aren’t, they are much, much more flexible and powerful than vms.
There are also really annoying deficiencies in proxmox that I’ve taken for granted for a long time as well:
- horrible builtin resource usage metrics. And I’m happy to run my influxdb/grafana stack to monitor, but users should be able to access those metrics locally and natively, especially if they’re going to be exported by the default metrics export anyway.
- weird hangovers from early proxmox versions on io delay. Proxmox is still making users go chase down iostat rabbit holes to figure out why io_wait and “io delay” are not the same metric, and why the root cause is almost always disk, yet proxmox shows the io_wait stat as if it could be “anything”
- integration of pass through devices is a solved problem, even for lxc, yet the bulk of questions for noobs is about just that. Pass through is solved for so many platforms, why proxmox just doesn’t have that as a GUI option for lxc is baffling.
- no install choices for zfs on root on single disk (why???)
- etc
Ultimately, I have more flexibility with a vanilla bookworm install with incus.
Thanks a lot for your response! I too was a bit misguided by the way Proxmox presents LXCs but I’m mostly on VMs and haven’t explored LXCs further so far.
No worries. And don’t misunderstand: I think proxmox is great, I’ve simply moved on to a different way of doing thing.
