I was chatting with a red teamer friend recently about Windows exploitation by process injection.
My knowledge is probably very dated compared to what is current.
I'd had a couple classes on the topic, but it wasn't an area that I show great skill in.
But, the recent dialogue had me thinking about my entire personal infrastructure is Linux and I do not have commercial enterprise endpoint detections enabled on them.
As I said, personal infrastructure.
For Exploitation.. In Windows, I'd fire up vmmap/rammap from Sysinternals and look for processes with vulnerable memory.
How do I do the same on Linux? It's all listed in /proc somewhere. Wow this lead me down a rabbit hole.

The results of testing my local Linux daily driver are concerning!

#0-day #exploit #minimalist #Linux #Selfhosting #selfhosted #selfhost #InfoSec #injection #memory

Mastodon 4.6.0 installed ✅

Only thing not working so far, is the autocompletion for emojis. When typing `:check` it used to show a list of emojis with "check" in the name. This seems to be broken now :(

Release notes confirm, that this is something this part of the software was touched.

#mastodon #mastoadmin #selfhosting #updateparty

For everyone not using a VPS that is connected via a VPN to your server to remotely access it. How do you secure your server if you have any services that are publicly available through open ports?

#selfhosting #vps #vpn #remote #publicservice

Our Mastodon instance "burningboard.net" is now running on the newly released FreeBSD 15.1-RELEASE

Everything looking fine. No unpleasant surprises. Upgrade process went completely smooth!

Our Stack now:

OS: FreeBSD 15.1-RELASE with Bastille
Mastodon: 4.6.0-rc.2
DB: PostgreSQL 18.4 / Valkey 9.0.3
Search: Opensearch 3.5.0

#mastodon #mastoadmin #fediverse #selfhosting #freebsd @tux @Mathias @AlienJay

Hetzner price spikes.

Alternatives: Contabo, NetCup, Manitu, OVH to some degree

Outlook: Hetzner is a founder-owned entity, no private equity drivers (afaik, but I did not find one).

I don't expect a price hike before Christmas 2026, for cash-out effects due to migration time needed vs. temporary lock-in. I also don't expect an immediate price change to existing customers, because the old hardware isn't "AI ready" (too slow, i7, not enough GPU RAM).

The last price increases to existing customers were announced in a way, so that you could move over to competitors (Feb until May or smth).

In German law, you can dispute material contract changes. I doubt that you get lots of extra time, but certainly more than 30d. You will not need a lawyer for that. Just respond with: "such material changes require further consideration at my part. I am asking for a new term that allows me to xyz" (reasonable).

Not an option: real-self hosting for private contributors (power, network), Raspberry Pi on solar panel with DynDNS and Freifunk uplinks (also I have some ideas now)

What to really do as private / non-commercial contributors: consolidate, team up with others, share infrastructure with friends etc.

What not to do: panic, shutdown things as an existing customers, rant on the internet (like me :) ) or overthink this.

#hetzner #coffeetime #nerds #selfhosting #costexpectations

RE: https://mastodon.bsd.cafe/@subnetspider/116758330967344651

Bastille makes a great self-hosting platform! Look at this absolute list of self-hosted software ⬇️

nsd, unbound, acme, adguard, gitea, haproxy, homebox, mail, netbox, nextcloud, plex, rustdesk, samba, syncthing, tor, unifi, vaultwarden, and more on one box.

#FreeBSD #BastilleBSD #selfhosted #selfhosting

AodeRelay boosted

subnetspider » 🌐 2026-06-16
@subnetspider@mastodon.bsd.cafe

FreeBSD 15.1 is here, and my home server is already running it. :D

Alt...

Screenshot of my home server running FreeBSD 15.1-RELEASE and all 22 jails currently running on it.

New blog post:

"Speeding up static site generation with BSSG"

Some fantastic new features by @stefano to his excellent bash static site generator.

https://neilzone.co.uk/2026/06/speeding-up-static-site-generation-with-bssg/

#selfhosting #smallWeb #blog

Good news: Every time I check my GenSys dash, there are new, better features.

This evening I found this deterministically (No Ai) System Analytics panels. Useful

Bad News: Its only Tue and I've burned all the weekly Compute (resets Sat).
I swear it hasn't been this bad, so either #anthropic turned down the screws again, of they use dynamic pricing to combat sneaky buggers like me who want all the comoute.
#sysadmin #vps #vibecode #selfhosting

Hetzner is doing another price increase.

this time it seems to only affect new orders, not existing ones .. but the price increase is pretty steep, like 2-3x or more

https://docs.hetzner.com/general/infrastructure-and-availability/price-adjustment/

#Hetzner #cloud #hosting #selfhosting

UGREEN NAS: UNIVERSAL SEARCH SINNVOLL EINRICHTEN UND NUTZEN – KI-TUTORIAL ZUR IDX-REIHE

https://gadgetchecks.de/ugreen-nas-universal-search-sinnvoll-einrichten-und-nutzen-ki-tutorial-zur-idx-reihe/

.
.
.

#ugreen #ugreennas #ugreennasync #idx6011pro #nas #networkattachedstorage #homelab #homeserver #datenspeicher #ki #artificialintelligence #aisearch #universalsearch #filesearch #nasstorage #techtutorial #ittutorial #selfhosting #datenmanagement #tutorial

Happy Monday. Sharing an update. Historically, my process has been to patch monthly unless a Known Vulnerability became Exploitable. Various feeds and sites like CISA's Known Exploited Vulnerabilities (KEV) list have been helpful. In order to "shift left," I'm moving to checking daily CVE updates against my tech stack. This is "personal optimization" to reduce the time from CVE reporting, exploit reporting, and my remediation. I like having a stable environment and don't have personal Dev/Test/Prod environments for all things. I also run the majority of my apps as containers. This is a work in progress. I'll share the updates. Trying to remain #minimalist in my #Linux #Selfhosting #selfhosted #selfhost #InfoSec

The webserver for my websites (https://blog.hofstede.it and others) is now runing on 15.1-RELEASE arm64 with PKGBase 🙂

Upgrade from 15.0 to 15.1was pleasantly boring:

https://docs.freebsd.org/en/books/handbook/cutting-edge/#pkgbase

- Creating a BE for the new version
- Mounting the BE to /mnt/upgrade
- Executing :env ABI=FreeBSD:15:aarch64 pkg-static -c /mnt/upgrade upgrade -r FreeBSD-base"
- bectl activate -t 15.0-RELEASE
- Rebooting the system

Everything working fine, all lights green

#freebsd #unix #selfhosting #arm64

Ouch, the new prices for dedicated cloud resources over at Hetzner are in:

- CPX32 went from 13.99 EUR to 35.49 EUR
- CCX23 went from 31.49 EUR to 85.99 EUR
- CCX33 went from 62.49 EUR to 138.49 EUR

juicy, juicy

#hetzner #inflation #cloud #selfhosting

So, the way I orchestrated SysGen, my Genetic algorithm autonomous #sysadmin tool is;

The more pressure there is on a resource, the more attention and insight the tool provides (In theory, by design), the vigilance level on Security is Maximum now, and the tool reports 3 different identifiable attack and the breakdown of targets.

Its found fail2ban is installed but not activated...
...the tool got tired of just warning about it and auto-started it itself; the autonomous part in autonomous.

Somewhat impressive IMHO

#Infosec #vibecode #VPS #Selfhosting

This morning GenSys (My Genetic algorithm autonomous #sysadmin tool) harvest.

Couple of days ago, I added a "CODE DELTA" log, where the runner/builder #vibecode records changes to the code. As you can see, the extensive nature if the tool is impressive.

Without that file, I had absolutely no insight on what changes were made, unless I had randomly noticed a feature.
#VPS #selfhosting

Big personal milestone: my Pull Request to Outline wiki was finally merged! 🎉

I've been self-hosting Outline for about 6 months and really needed a proper CloudFront integration (flat-rate pricing + protection against Denial-of-Wallet attacks from public S3 links).

It took a while, but PR #12656 is now merged.

Huge thanks to the Outline team! Really proud to contribute to such a large and popular open-source project (~40k stars).

https://github.com/outline/outline/pull/12656

#OpenSource #FOSS #SelfHosting #AWS #Fediverse #Software #WebDevelopment

Alt...

Screenshot of two GitHub notification emails from Tom Moor. The first one says "@tommoor approved this pull request." The second one confirms "Merged #12656 into main." Both notifications are about my CloudFront integration feature for Outline wiki.

(more Linux and FOSS news in previous posts of thread)

Nextcloud Hub 26 Spring launches with Euro-Office and AI updates on its 10th anniversary:
https://alternativeto.net/news/2026/6/nextcloud-hub-26-spring-launches-with-euro-office-and-ai-updates-on-its-10th-anniversary/

AliasVault is The BitWarden Alternative You Didn't Know You Needed:
https://feed.itsfoss.com/link/24361/17356280/aliasvault

Stremio full version launches on AltStore for Apple devices in Europe and Japan:
https://alternativeto.net/news/2026/6/stremio-full-version-launches-on-altstore-for-apple-devices-in-europe-and-japan/

Ghost introduces Dynamic Filters and auto-updated member views:
https://alternativeto.net/news/2026/6/ghost-introduces-dynamic-filters-and-auto-updated-member-views/

Ollama 0.30 delivers faster NVIDIA GPU performance and wider hardware support:
https://alternativeto.net/news/2026/6/ollama-0-30-delivers-faster-nvidia-gpu-performance-and-wider-hardware-support/

Git 2.55-rc0 Released With Rust Enabled By Default:
https://www.phoronix.com/news/Git-2.55-rc0-Released

Qt 6.12 Beta Released With Qt Quick 3D XR Apps Now Able To Run On 2D AR Glasses:
https://www.phoronix.com/news/Qt-6.12-Beta-1

GCC 15.3 Compiler Brings Nearly A Year Worth Of Bug Fixes:
https://www.phoronix.com/news/GCC-15.3-Released

OpenProject 17.5 offers project-based work package identifiers and more flexible backlogs:
https://alternativeto.net/news/2026/6/openproject-17-5-offers-project-based-work-package-identifiers-and-more-flexible-backlogs/

Some work on FosseryWeb page-builders:
I did some rewrite of the tool, separate out HTML templates from the generation logic, and use Jinja to fill in the templates during generation (this introduces an additional dependency, which some might consider bloat, but since I'll probably be the only one using it, it doesn't matter that much I guess, I rather focus on cleaner code, long-term maintainability). I also created a separate function to handle the Markdown validation logic, and call it before prompting for the description, to give immediate feedback, and rewrote the error messages to be clearer, more organized.
https://codeberg.org/fosseryweb/page-builders

(more FOSS news in comments)

#WeeklyNews #OpenSource #FOSSNews #OpenSourceNews #FOSS #News #FosseryWeb #Nextcloud #NextcloudHub #AliasVault #Stremio #Ghost #Ollama #Git #Qt #GCC #OpenProject #SelfHosting #Dev #Programming #Coding #Development #VCS #Compiler #VersionControl #FosseryTech

🖥️ alexpinel/Dot

Text-To-Speech, RAG, and LLMs. All local!

Integrates Text-To-Speech, RAG, and Large Language Models into a local environment for fully offline operation

⭐ Stars: 1908
📅 Last Update: Jun 05, 2026

https://github.com/alexpinel/Dot

#selfhosted #homelab #selfhost #selfhosting #opensource #local #offline

Seems Bitwarden is enshittifying, time to pick a successor. Going to setup vaultwarden, aliasvault and passbolt and try them out for a couple of months before making the final decision.

It's not just for me so best to be extra careful. Vaultwarden has a leg ahead as it's very easy to migrate, I should be able to run it with the Bitwarden app.

#selfhosting #bitwarden

#introduction 👋

Servus Fediverse! Ich bin Tom Kenobi - FOSS-/Privacy-Freund, Homelab-Bastler und Linux-Mensch. Was nicht selbst gehostet läuft, fehlt mir irgendwie. 🖥️

Abseits vom Terminal: Star-Wars-OT-Fan (ja, der Name ist Absicht 😏), Hockey-Goalie 🥅 und überzeugter Anhänger von Craftbeer 🍺 & gutem Käse 🧀.

Frisch hier, neugierig auf gute Gespräche statt Lärm - sagt gern Hallo!

#selfhosting #homelab #linux #privacy #starwars #eishockey

Introducing ChatSLM. A small language model with a big heart.

▪ 0 tokens per query
▪ 0 L cooling water

▪ runs on a single ARM64 core in Nuremberg, hosted on FreeBSD.

▪ no telemetry, nothing sent anywhere

▪ consistent, reproducible answers every single time

Give it a try. It's often quite helpful.
https://chat.rootshell.cx

#AI #SelfHosting #Sustainability #LLM

🛠️ Server-Upgrade erfolgreich abgeschlossen!

Mein Homeserver wurde soeben erfolgreich auf das brandneue #NixOS 26.05 (#Yarara) aktualisiert. 🚀

Technische Details:

🐧 Kernel: Linux 6.18 LTS

⚙️ Nix-Version: 2.31.5

🛡️ Systemd-Resolved: DNSStubListener deaktiviert, um Port 53 für AdGuard Home freizugeben

📦 7/7 Podman Container (AdGuard, OpenCloud, OnlyOffice, Jellyfin, Audiobookshelf, Homepage) & Caddy laufen stabil nach Hot-Reload.

💾 Backup: BorgBackup um 20:00 Uhr erfolgreich durchgelaufen.

Alles läuft reibungslos im grünen Bereich!

#SelfHosting #NixOS #Homelab #linux

Alt...

Eine Webservergebotsbeschreibung auf einem Bildschirm. Es gibt mehrere Dienstdomänen, Porttypen und Updatestatus.

*xmpp.uy*

Nueva actualización de @snikket_im en *xmpp.uy*, recién salida del horno.
Con algunas pequeñas novedades internas y 'cositas' de seguridad resueltas.

https://snikket.org/updates/release/20260611/

psshh.. ¿sabias que en @monocles , están trabajando en su versión de escritorio para linux?
¿y que muy pronto se viene el soporte para OMEMO2?

#xmpp #SnikketIM #snikket #monocleschat #monocles #xmppuy #selfhosting

What's the most lightweight (and preferably easiest to setup) Git server?

I have basically no requirements in terms of features. I'm (mainly) going to run it locally so I can sync my passwords between devices.

#Git #Selfhosting

Since tuta is also a corporation, I guess I need to learn how to self-host email. Any good resources on that? My spoons and ability are low lately, so simpler FOSS stuff is better

#duckduckfedi #askfedi #selfhosting

@violet Email and passwords are the two things that are just not worth hosting no matter what, in my experience

Email especially since you'd have to spend your days avoiding blacklists. It's possible, but I would not recommend it at all

#SelfHosting

https://lukasiewicz.tech/blog/6

#selfhosting #Debian #Docker #Dockge

FediSuite - Fediverse Management Platform

Open-source platform for social media management and analytics

If you manage several Fediverse accounts, you're constantly juggling browser tabs, losing track of which input field belongs to which platform, and at some point you no longer know what you've already posted. #FediSuite brings everything together in one place.

Connect accounts from 19(+) #Fediverse platforms: #Mastodon, #Pixelfed, #Misskey, #Friendica, #PeerTube, #Loops, #Wordpress, #Vernissage and more. The app detects your instance type automatically, loads the correct character limit and media rules straight from your instance, and sets up the composer accordingly. No manual configuration needed.

The analytics go way beyond plain follower counts: daily engagement charts, follower growth, your best posting times as a heatmap, hashtag performance, and a tips engine that evaluates your actual data and gives you concrete suggestions based on your own numbers.

Schedule posts down to the minute in your own time zone. Background workers handle publishing reliably, with resume handling for rate limits and atomic delivery.

FediSuite is free and #OpenSource under the GPL-3.0. Anyone can host their own FediSuite #instance and get it added to the official list automatically.

If you find a bug, especially in the #SelfHosting setup, feel free to report it. The project is being actively developed, and real-world bug reports are among the most valuable contributions right now. The CONTRIBUTING.md explains how it works.

The project lives on donations. Donations guarantee and make it possible for FediSuite to keep going and keep being developed. To support FediSuite, click the yellow button on the website.

More info: https://www.fedisuite.com

A new version of #Forgejo is out 15.0.3
The earlier CVE-2026-27771 is a Gitea bug, and Forgejo was looped into the reporting. However, Packages under a public owner are visible to unauthenticated users by design. If you are publicly hosting, please make sure you understand the permissions model. (see below)

During that CVE stuff, a real authz bypass (any authenticated user could write to public repos they don't own) was fixed in 15.0.1 in May. So jump to 15.0.3 to get all the current security fixes.

Noodling out how to check the permissions (tell me if I'm wrong!!)
curl -s -o /dev/null -w "%{http_code}\n" \
https://<your-forgejo-host>/v2/<owner>/<image>/manifests/<tag>
- 401/404 the access control is enforcing, you're fine.
- 200 with a manifest, you are exposed. Fix it with REQUIRE_SIGNIN_VIEW=true

#Linux #Selfhosting #selfhosted #selfhost #InfoSec

Also, I'll need a replacement for iCloud's file storage, and currently trying #OpenCloud. It is promising despite the painful initial setup process. Also curious what other people use for #SelfHosted file storage except #Synology and #Nextcloud.

#homelab #selfhost #selfhosted #selfhosting

Kinda postmortem:

1) The maximal log size before rotation and count of gzipped logs to store should be increased in the newsyslogd configuration. This should be applied to any service, which is looking into the void^WInternet. So, I will not loss log records, related to the start of attack…

2) Also, Asterisk log should be added to newsyslogd configuration first. It weren't added here, so *.log files became too big (> 1 Gb) and of course fail2ban ate a lot of memory while parsing these big logs. If they were rotated properly, then fail2ban will not eat so much memory, parsing small enough files.

3) Since start of attack in logs were lost, then I could only imagine possible root cause of an attack. By default, any IP, which once failed to provide the proper credentials to login somewhere in my kitchen server, is banned immediately and forever.
But somehow those attackers managed to use just 2 IPs to make an attack and they weren't banned before manual intervention

According to fail2ban logs they were banned, but they were obviously not banned by npf. So, I think, they started attack right in time when my blacklists were successfully updated and npf was reloading — as a result their IPs appeared as "banned" in the fail2ban, but the fail2ban failed to ban them via npf, so "IRL" their IPs still weren't banned. Time to revisit my script to update blacklists

4) Looks like I need to install some Intrusion Detection System (possibly snort since it is mature enough). It isn't good to rely only on one mechanism (fail2ban + blacklists + npf) to protect my precious machine.

#NetBSD #selfhosting #fail2ban #npf

Kinda postmortem:

1) The maximal log size before rotation and count of gzipped logs to store should be increased in the newsyslogd configuration. This should be applied to any service, which is looking into the void^WInternet. So, I will not loss log records, related to the start of attack…

2) Also, Asterisk log should be added to newsyslogd configuration first. It weren't added here, so *.log files became too big (> 1 Gb) and of course fail2ban ate a lot of memory while parsing these big logs. If they were rotated properly, then fail2ban will not eat so much memory, parsing small enough files.

3) Since start of attack in logs were lost, then I could only imagine possible root cause of an attack. By default, any IP, which once failed to provide the proper credentials to login somewhere in my kitchen server, is banned immediately and forever.
But somehow those attackers managed to use just 2 IPs to make an attack and they weren't banned before manual intervention

According to fail2ban logs they were banned, but they were obviously not banned by npf. So, I think, they started attack right in time when my blacklists were successfully updated and npf was reloading — as a result their IPs appeared as "banned" in the fail2ban, but the fail2ban failed to ban them via npf, so "IRL" their IPs still weren't banned. Time to revisit my script to update blacklists

4) Looks like I need to install some Intrusion Detection System (possibly snort since it is mature enough). It isn't good to rely only on one mechanism (fail2ban + blacklists + npf) to protect my precious machine.

#NetBSD #selfhosting #fail2ban #npf

I run https://blog.hofstede.it aiming for maximum digital sovereignty!

DNS: My own authoritative servers (PowerDNS) with DNSSEC signing.

HW: Own physical server in a German colocation

Net: My own Autonomous System (AS201379) for full BGP control

Stack: 100% FOSS (FreeBSD, Caddy, Forgejo, Pelican)

Web: <600kb total size, 0 trackers, 0 external deps. All assets hosted locally.

I don't even log IPs. Data I don't store is data I can't accidentally leak. Keeping data is a burden!

#SelfHosting #FreeBSD #BGP #FOSS #DigitalSovereignty

Mes services publics font peau neuve !

J’ai mis à jour ma page de services publics. Désormais, pour chaque service, vous trouverez un bouton #CryptCheck dédié.

En un clic, vous pouvez vérifier en toute transparence la configuration #SSL et la sécurité de chacun de mes outils auto-hébergés.

🔗 Découvrez la liste complète ici : https://blablalinux.be/mes-services-publics/

#SelfHosting #LogicielLibre

Linux CVE drops. CVE-2026-23111 — nf_tables UAF → root + container escape. A use-after-free in netfilter's nft_map_catchall_activate(). A local unprivileged user gets root, and because it runs through user namespaces, an unprivileged Podman container can break out to the host. A full working exploit dropped June 8, confirmed on Debian defaults.

CVE-2026-46316 "ITScape" It's a KVM/arm64-only guest-to-host escape (vGIC-ITS interrupt emulation). x86 is explicitly unaffected.

CVE-2026-42945 "NGINX Rift" A heap overflow in ngx_http_rewrite_module, CVSS 9.2, getting exploited in the wild.

#Linux #Selfhosting #selfhosted #selfhost #InfoSec

My main server now has two #Toshiba hard drives. I have no idea why they are so unpopular in the #selfhosting community when they are cheap, quiet, and reliable. I suppose #WD and #Seagate have good marketing departments.

#homelab #selfhost #SelfHosted #hdd #harddrive #harddrives

Out of the #IdM / #SSO solutions I can #SelfHost that I remembered about, apparently only #KaniDM has ability to create app passwords / bearer tokens that actually allow to access only a single application 🤔

#Linux #SysAdmin #Privacy #Security #SelfHosting #homelab
@homelab

@homelab OK, after playing around a tiny bit, it seems that the code for this exists in #KaniDM
- https://github.com/kanidm/kanidm/pull/2968
- https://github.com/kanidm/kanidm/pull/3535/
but what doesn't exist is ability to reach it and set that up for a user. Oh well.

#Privacy #Security #SelfHosting #SSO

Blog update:

https://blog.hofstede.it now loads zero external resources. Fonts and Bootstrap are self-hosted, the requests to Google Fonts and jsdelivr are gone. All visits stays between the visitors browser and my server.

Also new:
- Full-text search (Pagefind: fully static, no search backend, no tracking)
- Series navigation for multi-part articles
- Older/newer article links
- A proper 404 page

Static sites don't need third parties.

#DataSovereignty #SelfHosting #Pelican #FreeBSD #Blog

Blog update:

https://blog.hofstede.it now loads zero external resources. Fonts and Bootstrap are self-hosted, the requests to Google Fonts and jsdelivr are gone. Your visit stays between the visitors browser and my server.

Also new:
- Full-text search (Pagefind: fully static, no search backend, no tracking)
- Series navigation for multi-part articles
- Older/newer article links
- A proper 404 page

Static sites don't need third parties.

#DataSovereignty #SelfHosting #Pelican #FreeBSD #Blog

Database cleanup work:

$ psql -c "SELECT pg_size_pretty(pg_database_size('mastodon'))"
pg_size_pretty
----------------
38 GB
(1 row)

$ pg_repack mastodon
INFO: repacking table "public.account_aliases"
....

$ psql -c "SELECT pg_size_pretty(pg_database_size('mastodon'))"
pg_size_pretty
----------------
32 GB
(1 row)

Nice :-) Another successful maintanance ! Also patched up the entire machine and all jails to FreeBSD 15.0-RELEASE-p10 and verified our backups work and are restorable.

#mastodon #mastoadmin #postgresql #selfhosting #freebsd

@mgfp_fediprofile
https://hub.vocalcat.com/mgfp_fediprofile

After a few attempts in the past, I finally created a FediProfile. I won't be needing Biolink anymore :D.

1/2

#Fediverse #ActivityPub #Linkinbio #OpenSource #SelfHosting #FediProfile #Federation #Federated #FederatedSocialWeb

onion-relay v2.0.0 is out, and it's been a long road from v0.0.1 ⬇️

ℹ️ What started as "one command to run a relay" is now a hardened, production-tested AIO stack: guard, exit, and bridge (obfs4) in a 16.8 MB image.

What's new in v2.0.0:
🩺 health + status tools now expose build_version & config_source
⚡ healthcheck.sh fails fast on missing/empty torrc
🔒 DirPort now defaults to 0 (disabled) in ENV-generated configs

What the project has grown into since launch:
🔑 Happy Family support (Tor 0.4.9+ FamilyId, 🪦 RIP MyFamily lists)
🧰 6 busybox only diagnostic tools
🌍 Battle-tested across 10+ countries: https://relays.brokenbotnet.com
🔐 35+ security fixes, CVE coverage, weekly automated rebuilds
🐋 Works with Docker CLI, Compose, Cosmos Cloud & Portainer

https://github.com/r3bo0tbx1/tor-guard-relay

If you care about privacy infrastructure:
🥢 Try it out
🐛 Report bugs
💡 Suggest features
⭐ Star it to help others find it

Still maintaining this in my free time, donation info
in the README. And please support @torproject

@eff and @privacyguides too.

Protecting privacy, one relay at a time ✨

#Tor #Privacy #OpenSource #Docker #FOSS #SelfHosting #Infosec

v2.0.0 is out, and it's been a long road from v0.0.1 ⬇️

ℹ️ What started as "one command to run a relay" is now a
hardened, production-tested AIO stack: guard, exit, and
bridge (obfs4) in a 17 MB image.

What's new in v2.0.0:
🩺 health + status tools now expose build_version & config_source
⚡ healthcheck.sh fails fast on missing/empty torrc
🔒 DirPort now defaults to 0 (disabled) in ENV-generated configs

What the project has grown into since launch:
🔑 Happy Family support (Tor 0.4.9+ FamilyId, RIP MyFamily lists)
🧰 6 busybox only diagnostic tools
🌍 Battle-tested across 10+ countries: https://relays.brokenbotnet.com
🔐 35+ security fixes, CVE coverage, weekly automated rebuilds
📦 Works with Docker CLI, Compose, Cosmos Cloud & Portainer

https://github.com/r3bo0tbx1/tor-guard-relay

If you care about privacy infrastructure:
🥢 Try it out
🐛 Report bugs
💡 Suggest features
⭐ Star it to help others find it

Still maintaining this in my free time, donation info
in the README. And please support @torproject

@eff and @privacyguides too.

Protecting privacy, one relay at a time ✨

#Tor #Privacy #OpenSource #Docker #FOSS #SelfHosting #Infosec

If anyone was wanting a way out from #Discord, and other similar closed-source forums, #Flarum will soon be having their 2.0 release. rc3 just came out. They have good developer and bugfixing momentum right now. If you have Sysadmin skills, and know of an #OpenSource community in need of a new and suitable OpenSource forum, maybe warm up a VPS, and/or register a domain? And perhaps try out their RC on a testing rig first.

Now is a good time to get into flarum, I say. I've been watching them for a long time, and have done multiple #Debian installs myself.

Note: Flarum doesn't do team voice chat, unlike Discord. But it's a great web forum, with good mobile support (unlike #PHPBB) . Is also lightweight (unlike #Discourse) - can be run on a cheap VPS or Raspberry Pi.

Flarum's 2.0 RC3 announcement:
https://discuss.flarum.org/d/39406-flarum-200-rc3-released-built-by-the-community-almost-ready-for-everyone

#datasovereignty #SelfHosting

Murphys Law mal wieder.

Das neue Nextcloud Update "mal eben" ohne (Datenbank) Backup einspielen, weil hat ja die elf-trillionen male vorher auch ohne irgendwelche Probleme immer funktioniert, wird schief gehen (mit einem Datenbankfehler)

`Foreign key name for table "oc_mail_accounts" collides with the constraint on table oc_mail_accounts.`

Ein Glück nutz ich die NC Mail App nicht, somit tut ein mutiges `drop table` den Dienst.

#admin #nextcloud #sysadmin #selfhosting #murphyslaw