Search results for tag #selfhosting
![[?]](https://media.dol.social/accounts/avatars/115/045/361/579/662/833/original/73a8338aa2aa1151.png)
Big personal milestone: my Pull Request to Outline wiki was finally merged! 🎉
I've been self-hosting Outline for about 6 months and really needed a proper CloudFront integration (flat-rate pricing + protection against Denial-of-Wallet attacks from public S3 links).
It took a while, but PR #12656 is now merged.
Huge thanks to the Outline team! Really proud to contribute to such a large and popular open-source project (~40k stars).
https://github.com/outline/outline/pull/12656
#OpenSource #FOSS #SelfHosting #AWS #Fediverse #Software #WebDevelopment
Alt...
Screenshot of two GitHub notification emails from Tom Moor. The first one says "@tommoor approved this pull request." The second one confirms "Merged #12656 into main." Both notifications are about my CloudFront integration feature for Outline wiki.
![[?]](https://cdn.social.linux.pizza/system/accounts/avatars/112/191/986/223/560/037/original/65338944c2b3e961.png)
(more Linux and FOSS news in previous posts of thread)
Nextcloud Hub 26 Spring launches with Euro-Office and AI updates on its 10th anniversary:
https://alternativeto.net/news/2026/6/nextcloud-hub-26-spring-launches-with-euro-office-and-ai-updates-on-its-10th-anniversary/
AliasVault is The BitWarden Alternative You Didn't Know You Needed:
https://feed.itsfoss.com/link/24361/17356280/aliasvault
Stremio full version launches on AltStore for Apple devices in Europe and Japan:
https://alternativeto.net/news/2026/6/stremio-full-version-launches-on-altstore-for-apple-devices-in-europe-and-japan/
Ghost introduces Dynamic Filters and auto-updated member views:
https://alternativeto.net/news/2026/6/ghost-introduces-dynamic-filters-and-auto-updated-member-views/
Ollama 0.30 delivers faster NVIDIA GPU performance and wider hardware support:
https://alternativeto.net/news/2026/6/ollama-0-30-delivers-faster-nvidia-gpu-performance-and-wider-hardware-support/
Git 2.55-rc0 Released With Rust Enabled By Default:
https://www.phoronix.com/news/Git-2.55-rc0-Released
Qt 6.12 Beta Released With Qt Quick 3D XR Apps Now Able To Run On 2D AR Glasses:
https://www.phoronix.com/news/Qt-6.12-Beta-1
GCC 15.3 Compiler Brings Nearly A Year Worth Of Bug Fixes:
https://www.phoronix.com/news/GCC-15.3-Released
OpenProject 17.5 offers project-based work package identifiers and more flexible backlogs:
https://alternativeto.net/news/2026/6/openproject-17-5-offers-project-based-work-package-identifiers-and-more-flexible-backlogs/
Some work on FosseryWeb page-builders:
I did some rewrite of the tool, separate out HTML templates from the generation logic, and use Jinja to fill in the templates during generation (this introduces an additional dependency, which some might consider bloat, but since I'll probably be the only one using it, it doesn't matter that much I guess, I rather focus on cleaner code, long-term maintainability). I also created a separate function to handle the Markdown validation logic, and call it before prompting for the description, to give immediate feedback, and rewrote the error messages to be clearer, more organized.
https://codeberg.org/fosseryweb/page-builders
(more FOSS news in comments)
#WeeklyNews #OpenSource #FOSSNews #OpenSourceNews #FOSS #News #FosseryWeb #Nextcloud #NextcloudHub #AliasVault #Stremio #Ghost #Ollama #Git #Qt #GCC #OpenProject #SelfHosting #Dev #Programming #Coding #Development #VCS #Compiler #VersionControl #FosseryTech
![[?]](https://fd.mrmave.work/system/accounts/avatars/116/574/307/579/926/053/original/3f66f103fbd6f2ff.jpg)
🖥️ alexpinel/Dot
Text-To-Speech, RAG, and LLMs. All local!
Integrates Text-To-Speech, RAG, and Large Language Models into a local environment for fully offline operation
⭐ Stars: 1908
📅 Last Update: Jun 05, 2026
https://github.com/alexpinel/Dot
#selfhosted #homelab #selfhost #selfhosting #opensource #local #offline
![[?]](https://mastodon.nogods.be/system/accounts/avatars/114/639/305/505/262/472/original/a8267c99b531e2c8.jpg)
Seems Bitwarden is enshittifying, time to pick a successor. Going to setup vaultwarden, aliasvault and passbolt and try them out for a couple of months before making the final decision.
It's not just for me so best to be extra careful. Vaultwarden has a leg ahead as it's very easy to migrate, I should be able to run it with the Bitwarden app.
![[?]](https://f2.tchncs.de/accounts/avatars/116/741/920/380/618/221/original/102060141af6359c.jpg)
Servus Fediverse! Ich bin Tom Kenobi - FOSS-/Privacy-Freund, Homelab-Bastler und Linux-Mensch. Was nicht selbst gehostet läuft, fehlt mir irgendwie. 🖥️
Abseits vom Terminal: Star-Wars-OT-Fan (ja, der Name ist Absicht 😏), Hockey-Goalie 🥅 und überzeugter Anhänger von Craftbeer 🍺 & gutem Käse 🧀.
Frisch hier, neugierig auf gute Gespräche statt Lärm - sagt gern Hallo!
![[?]](https://media.burningboard.net/accounts/avatars/109/892/422/024/311/931/original/f22e604f554272c0.png)
Introducing ChatSLM. A small language model with a big heart.
▪ 0 tokens per query
▪ 0 L cooling water
▪ runs on a single ARM64 core in Nuremberg, hosted on FreeBSD.
▪ no telemetry, nothing sent anywhere
▪ consistent, reproducible answers every single time
Give it a try. It's often quite helpful.
https://chat.rootshell.cx
![[?]](https://media.burningboard.net/accounts/avatars/109/892/491/632/731/847/original/22ff3e71df4e5854.jpeg)
🛠️ Server-Upgrade erfolgreich abgeschlossen!
Mein Homeserver wurde soeben erfolgreich auf das brandneue #NixOS 26.05 (#Yarara) aktualisiert. 🚀
Technische Details:
🐧 Kernel: Linux 6.18 LTS
⚙️ Nix-Version: 2.31.5
🛡️ Systemd-Resolved: DNSStubListener deaktiviert, um Port 53 für AdGuard Home freizugeben
📦 7/7 Podman Container (AdGuard, OpenCloud, OnlyOffice, Jellyfin, Audiobookshelf, Homepage) & Caddy laufen stabil nach Hot-Reload.
💾 Backup: BorgBackup um 20:00 Uhr erfolgreich durchgelaufen.
Alles läuft reibungslos im grünen Bereich!
#SelfHosting #NixOS #Homelab #linux
Alt...
Eine Webservergebotsbeschreibung auf einem Bildschirm. Es gibt mehrere Dienstdomänen, Porttypen und Updatestatus.
![[?]](https://mastodon.uy/system/accounts/avatars/109/271/515/969/999/491/original/e413efd0bd4a9f5a.png)
*xmpp.uy*
Nueva actualización de @snikket_im en *xmpp.uy*, recién salida del horno.
Con algunas pequeñas novedades internas y 'cositas' de seguridad resueltas.
https://snikket.org/updates/release/20260611/
psshh.. ¿sabias que en @monocles , están trabajando en su versión de escritorio para linux? 
¿y que muy pronto se viene el soporte para OMEMO2? 
#xmpp #SnikketIM #snikket #monocleschat #monocles #xmppuy #selfhosting
![[?]](https://gts.linuxkompis.se/fileserver/018GCCTY3RDB8KCNNG9SABXASY/attachment/original/014Q52QEJKJTWPV8V23Z961GNC.png)
What's the most lightweight (and preferably easiest to setup) Git server?
I have basically no requirements in terms of features. I'm (mainly) going to run it locally so I can sync my passwords between devices.
![[?]](https://corteximplant.com/system/accounts/avatars/111/265/219/058/396/312/original/a4b87b952ecf1490.gif)
[Since tuta is also a corporation, I guess I need to learn how to self-host email. Any good resources on that? My spoons and ability are low lately, so simpler FOSS stuff is better
![[?]](https://media.mstdn.social/accounts/avatars/108/939/255/808/776/594/original/0ce087838f8f5bf1.png)
@violet Email and passwords are the two things that are just not worth hosting no matter what, in my experience
Email especially since you'd have to spend your days avoiding blacklists. It's possible, but I would not recommend it at all
![[?]](https://media.unkn.uk/media/93c623e5ca6ef1733dc32bfc8131585ea59c17056f30a823b95ba32a8c9aff4c.png)
This isn't about child safety; it’s about the infrastructure of mass surveillance. If you can scan for one thing, you can scan for anything.
Privacy is dead on stock devices.
Full write-up on why "nothing to hide" is a fallacy:
https://the.unknown-universe.co.uk/privacy-security/the-ultimatum/
#Privacy #OnlineSafetyAct #Surveillance #UKPolitics #GrapheneOS #FOSS #SelfHosting #DigitalRights #TheUltimatum
![[?]](https://m5l.eu/u/marek/s/avatar-ff8999a3b20360a58bc1da5859b98e8a.png){kind=avatar}
![[?]](https://lsbt.me/system/accounts/avatars/109/279/957/800/373/022/original/2d78270719f9925b.jpg)
FediSuite - Fediverse Management Platform
Open-source platform for social media management and analytics
If you manage several Fediverse accounts, you're constantly juggling browser tabs, losing track of which input field belongs to which platform, and at some point you no longer know what you've already posted. #FediSuite brings everything together in one place.
Connect accounts from 19(+) #Fediverse platforms: #Mastodon, #Pixelfed, #Misskey, #Friendica, #PeerTube, #Loops, #Wordpress, #Vernissage and more. The app detects your instance type automatically, loads the correct character limit and media rules straight from your instance, and sets up the composer accordingly. No manual configuration needed.
The analytics go way beyond plain follower counts: daily engagement charts, follower growth, your best posting times as a heatmap, hashtag performance, and a tips engine that evaluates your actual data and gives you concrete suggestions based on your own numbers.
Schedule posts down to the minute in your own time zone. Background workers handle publishing reliably, with resume handling for rate limits and atomic delivery.
FediSuite is free and #OpenSource under the GPL-3.0. Anyone can host their own FediSuite #instance and get it added to the official list automatically.
If you find a bug, especially in the #SelfHosting setup, feel free to report it. The project is being actively developed, and real-world bug reports are among the most valuable contributions right now. The CONTRIBUTING.md explains how it works.
The project lives on donations. Donations guarantee and make it possible for FediSuite to keep going and keep being developed. To support FediSuite, click the yellow button on the website.
More info: https://www.fedisuite.com
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/463/484/880/363/841/original/7ced8799d81820c9.jpeg)
A new version of #Forgejo is out 15.0.3
The earlier CVE-2026-27771 is a Gitea bug, and Forgejo was looped into the reporting. However, Packages under a public owner are visible to unauthenticated users by design. If you are publicly hosting, please make sure you understand the permissions model. (see below)
During that CVE stuff, a real authz bypass (any authenticated user could write to public repos they don't own) was fixed in 15.0.1 in May. So jump to 15.0.3 to get all the current security fixes.
Noodling out how to check the permissions (tell me if I'm wrong!!)
curl -s -o /dev/null -w "%{http_code}\n" \
https://<your-forgejo-host>/v2/<owner>/<image>/manifests/<tag>
- 401/404 the access control is enforcing, you're fine.
- 200 with a manifest, you are exposed. Fix it with REQUIRE_SIGNIN_VIEW=true
![[?]](https://hel1.your-objectstorage.com/glitchy-s/accounts/avatars/115/541/879/940/528/080/original/8d3262f44d851c40.jpeg)
Also, I'll need a replacement for iCloud's file storage, and currently trying #OpenCloud. It is promising despite the painful initial setup process. Also curious what other people use for #SelfHosted file storage except #Synology and #Nextcloud.
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/115/015/302/977/472/157/original/42ad1d8b0f4dbf22.png)
[Kinda postmortem:
1) The maximal log size before rotation and count of gzipped logs to store should be increased in the newsyslogd configuration. This should be applied to any service, which is looking into the void^WInternet. So, I will not loss log records, related to the start of attack…
2) Also, Asterisk log should be added to newsyslogd configuration first. It weren't added here, so *.log files became too big (> 1 Gb) and of course fail2ban ate a lot of memory while parsing these big logs. If they were rotated properly, then fail2ban will not eat so much memory, parsing small enough files.
3) Since start of attack in logs were lost, then I could only imagine possible root cause of an attack. By default, any IP, which once failed to provide the proper credentials to login somewhere in my kitchen server, is banned immediately and forever.
But somehow those attackers managed to use just 2 IPs to make an attack and they weren't banned before manual intervention 
According to fail2ban logs they were banned, but they were obviously not banned by npf. So, I think, they started attack right in time when my blacklists were successfully updated and npf was reloading — as a result their IPs appeared as "banned" in the fail2ban, but the fail2ban failed to ban them via npf, so "IRL" their IPs still weren't banned. Time to revisit my script to update blacklists 
4) Looks like I need to install some Intrusion Detection System (possibly snort 
since it is mature enough). It isn't good to rely only on one mechanism (fail2ban + blacklists + npf) to protect my precious machine.
Kinda postmortem:
1) The maximal log size before rotation and count of gzipped logs to store should be increased in the newsyslogd configuration. This should be applied to any service, which is looking into the void^WInternet. So, I will not loss log records, related to the start of attack…
2) Also, Asterisk log should be added to newsyslogd configuration first. It weren't added here, so *.log files became too big (> 1 Gb) and of course fail2ban ate a lot of memory while parsing these big logs. If they were rotated properly, then fail2ban will not eat so much memory, parsing small enough files.
3) Since start of attack in logs were lost, then I could only imagine possible root cause of an attack. By default, any IP, which once failed to provide the proper credentials to login somewhere in my kitchen server, is banned immediately and forever.
But somehow those attackers managed to use just 2 IPs to make an attack and they weren't banned before manual intervention
According to fail2ban logs they were banned, but they were obviously not banned by npf. So, I think, they started attack right in time when my blacklists were successfully updated and npf was reloading — as a result their IPs appeared as "banned" in the fail2ban, but the fail2ban failed to ban them via npf, so "IRL" their IPs still weren't banned. Time to revisit my script to update blacklists
4) Looks like I need to install some Intrusion Detection System (possibly snort since it is mature enough). It isn't good to rely only on one mechanism (fail2ban + blacklists + npf) to protect my precious machine.
I run https://blog.hofstede.it aiming for maximum digital sovereignty!
DNS: My own authoritative servers (PowerDNS) with DNSSEC signing.
HW: Own physical server in a German colocation
Net: My own Autonomous System (AS201379) for full BGP control
Stack: 100% FOSS (FreeBSD, Caddy, Forgejo, Pelican)
Web: <600kb total size, 0 trackers, 0 external deps. All assets hosted locally.
I don't even log IPs. Data I don't store is data I can't accidentally leak. Keeping data is a burden!
#SelfHosting #FreeBSD #BGP #FOSS #DigitalSovereignty
![[?]](https://mastodon.blablalinux.be/system/accounts/avatars/113/675/429/104/963/472/original/6baf4240c1614c5a.jpg)
Mes services publics font peau neuve !
J’ai mis à jour ma page de services publics. Désormais, pour chaque service, vous trouverez un bouton #CryptCheck dédié.
En un clic, vous pouvez vérifier en toute transparence la configuration #SSL et la sécurité de chacun de mes outils auto-hébergés.
🔗 Découvrez la liste complète ici : https://blablalinux.be/mes-services-publics/
Linux CVE drops. CVE-2026-23111 — nf_tables UAF → root + container escape. A use-after-free in netfilter's nft_map_catchall_activate(). A local unprivileged user gets root, and because it runs through user namespaces, an unprivileged Podman container can break out to the host. A full working exploit dropped June 8, confirmed on Debian defaults.
CVE-2026-46316 "ITScape" It's a KVM/arm64-only guest-to-host escape (vGIC-ITS interrupt emulation). x86 is explicitly unaffected.
CVE-2026-42945 "NGINX Rift" A heap overflow in ngx_http_rewrite_module, CVSS 9.2, getting exploited in the wild.
My main server now has two #Toshiba hard drives. I have no idea why they are so unpopular in the #selfhosting community when they are cheap, quiet, and reliable. I suppose #WD and #Seagate have good marketing departments.
![[?]](https://object.ceph-waw3.hswaw.net/mastodon-prod/accounts/avatars/109/360/274/978/913/890/original/30fe75c6bcdfe430.gif)
@homelab OK, after playing around a tiny bit, it seems that the code for this exists in #KaniDM
- https://github.com/kanidm/kanidm/pull/2968
- https://github.com/kanidm/kanidm/pull/3535/
but what doesn't exist is ability to reach it and set that up for a user. Oh well.
Blog update:
https://blog.hofstede.it now loads zero external resources. Fonts and Bootstrap are self-hosted, the requests to Google Fonts and jsdelivr are gone. All visits stays between the visitors browser and my server.
Also new:
- Full-text search (Pagefind: fully static, no search backend, no tracking)
- Series navigation for multi-part articles
- Older/newer article links
- A proper 404 page
Static sites don't need third parties.
Blog update:
https://blog.hofstede.it now loads zero external resources. Fonts and Bootstrap are self-hosted, the requests to Google Fonts and jsdelivr are gone. Your visit stays between the visitors browser and my server.
Also new:
- Full-text search (Pagefind: fully static, no search backend, no tracking)
- Series navigation for multi-part articles
- Older/newer article links
- A proper 404 page
Static sites don't need third parties.
Database cleanup work:
$ psql -c "SELECT pg_size_pretty(pg_database_size('mastodon'))"
pg_size_pretty
----------------
38 GB
(1 row)
$ pg_repack mastodon
INFO: repacking table "public.account_aliases"
....
$ psql -c "SELECT pg_size_pretty(pg_database_size('mastodon'))"
pg_size_pretty
----------------
32 GB
(1 row)
Nice :-) Another successful maintanance ! Also patched up the entire machine and all jails to FreeBSD 15.0-RELEASE-p10 and verified our backups work and are restorable.
#mastodon #mastoadmin #postgresql #selfhosting #freebsd
![[?]](https://media.mstdn.social/accounts/avatars/114/157/811/381/163/835/original/acdab3e983036d80.png)
@mgfp_fediprofile
https://hub.vocalcat.com/mgfp_fediprofile
After a few attempts in the past, I finally created a FediProfile. I won't be needing Biolink anymore :D.
1/2
#Fediverse #ActivityPub #Linkinbio #OpenSource #SelfHosting #FediProfile #Federation #Federated #FederatedSocialWeb
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/000/187/720/original/90b7505f9aa62a61.jpeg)
onion-relay v2.0.0 is out, and it's been a long road from v0.0.1 ⬇️
ℹ️ What started as "one command to run a relay" is now a hardened, production-tested AIO stack: guard, exit, and bridge (obfs4) in a 16.8 MB image.
What's new in v2.0.0:
🩺 health + status tools now expose build_version & config_source
⚡ healthcheck.sh fails fast on missing/empty torrc
🔒 DirPort now defaults to 0 (disabled) in ENV-generated configs
What the project has grown into since launch:
🔑 Happy Family support (Tor 0.4.9+ FamilyId, 🪦 RIP MyFamily lists)
🧰 6 busybox only diagnostic tools
🌍 Battle-tested across 10+ countries: https://relays.brokenbotnet.com
🔐 35+ security fixes, CVE coverage, weekly automated rebuilds
🐋 Works with Docker CLI, Compose, Cosmos Cloud & Portainer
https://github.com/r3bo0tbx1/tor-guard-relay
If you care about privacy infrastructure:
🥢 Try it out
🐛 Report bugs
💡 Suggest features
⭐ Star it to help others find it
Still maintaining this in my free time, donation info
in the README. And please support @torproject
@eff and @privacyguides too.
Protecting privacy, one relay at a time ✨
#Tor #Privacy #OpenSource #Docker #FOSS #SelfHosting #Infosec
v2.0.0 is out, and it's been a long road from v0.0.1 ⬇️
ℹ️ What started as "one command to run a relay" is now a
hardened, production-tested AIO stack: guard, exit, and
bridge (obfs4) in a 17 MB image.
What's new in v2.0.0:
🩺 health + status tools now expose build_version & config_source
⚡ healthcheck.sh fails fast on missing/empty torrc
🔒 DirPort now defaults to 0 (disabled) in ENV-generated configs
What the project has grown into since launch:
🔑 Happy Family support (Tor 0.4.9+ FamilyId, RIP MyFamily lists)
🧰 6 busybox only diagnostic tools
🌍 Battle-tested across 10+ countries: https://relays.brokenbotnet.com
🔐 35+ security fixes, CVE coverage, weekly automated rebuilds
📦 Works with Docker CLI, Compose, Cosmos Cloud & Portainer
https://github.com/r3bo0tbx1/tor-guard-relay
If you care about privacy infrastructure:
🥢 Try it out
🐛 Report bugs
💡 Suggest features
⭐ Star it to help others find it
Still maintaining this in my free time, donation info
in the README. And please support @torproject
@eff and @privacyguides too.
Protecting privacy, one relay at a time ✨
#Tor #Privacy #OpenSource #Docker #FOSS #SelfHosting #Infosec
![[?]](https://autistics-life.s3.bhs.io.cloud.ovh.net/accounts/avatars/114/613/151/536/635/497/original/c49d9783b68a9905.jpg)
If anyone was wanting a way out from #Discord, and other similar closed-source forums, #Flarum will soon be having their 2.0 release. rc3 just came out. They have good developer and bugfixing momentum right now. If you have Sysadmin skills, and know of an #OpenSource community in need of a new and suitable OpenSource forum, maybe warm up a VPS, and/or register a domain? And perhaps try out their RC on a testing rig first.
Now is a good time to get into flarum, I say. I've been watching them for a long time, and have done multiple #Debian installs myself.
Note: Flarum doesn't do team voice chat, unlike Discord. But it's a great web forum, with good mobile support (unlike #PHPBB) . Is also lightweight (unlike #Discourse) - can be run on a cheap VPS or Raspberry Pi.
Flarum's 2.0 RC3 announcement:
https://discuss.flarum.org/d/39406-flarum-200-rc3-released-built-by-the-community-almost-ready-for-everyone
![[?]](https://social.la10cy.net/system/accounts/avatars/108/420/908/007/657/877/original/19d324a4c6322915.jpg)
Murphys Law mal wieder.
Das neue Nextcloud Update "mal eben" ohne (Datenbank) Backup einspielen, weil hat ja die elf-trillionen male vorher auch ohne irgendwelche Probleme immer funktioniert, wird schief gehen (mit einem Datenbankfehler)
`Foreign key name for table "oc_mail_accounts" collides with the constraint on table oc_mail_accounts.`
Ein Glück nutz ich die NC Mail App nicht, somit tut ein mutiges `drop table` den Dienst.
@peanutsguy @mosu @dlemper Thanks for all your recommendations. I tried #dockhand first, and its “all compose files should be on the main machine” approach didn’t fit my existing infrastructure. Existing stacks adoption will be too much of an issue.
Also #komodo feels much more stable and feature complete compared to #dockhand and especially to #arcane. Not the simplest tool but pretty intuitive after some time of tinkering.
#docker #homelab #SelfHosted #selfhosting #selfhost
Oh fuck, I was mistaken — it was a real attack, not LLM bots 
— someone, using machines from French hosting, was trying to connect to my Asterisk box, using various SIP endpoints.
The attack was started at Monday's night and was found only because monit reported about too much memory eaten by fail2ban 
Interesting, why fail2ban didn't banned attacker's IP, because it should do that right after failed attempt to login? 
Tine to revisit fail2ban jails configs…
#asterisk #pbx #hackers #selfhosting
Alt...
Screenshot of termux with opened console of my home server. There is an asterisk log in the console, showing various and constant attempts to login into my PBX via PJSIP.
I think one of the coolest things about #Mastodon is all the small-time instances. It proves there are tons and tons of people out there who get how to do self-hosting. They get DNS, domain registry, and some System Administration skills, to empower themselves, and make a stand on the #internet, participating in a federation whatsoever.
Email doesn't really enjoy this same status: it's sort of (effectively) "semi-federated". Even after doing all the correct DNS vodoo (SPF, DKIM, DMARC), one might be cursed anyway, because one's IP address comes from some disreputable IP block. This "original sin" can't really be cleansed, according to #Google , #Microsoft, etc, who silently and ruthlessly can send all one's incoming, self-hosted email messages to the recipient's spam folder.
Ok #Arcane is no longer a simple #Docker orchestrator for #HomeLab. Also, their v2 migration guide is a good example of bad documentation.
Anything except #UptimeKuma? Any recommendations?
Some graphs 
from #Munin with LLM-bots attacking my kitchen server.
Graphs spans to the whole week, so on the left there is a normal state of my server. And on the right — attack is happening.
#NetBSD #LLM #AInt #selfhosting
Alt...
Graph of CPU usage, which going high after LLM bots attack (at near 08 Jan Monday). At near 2 CPU cores were used by LLM bots, trying to abuse my PBX as an Web-server.
Alt...
Graph with main network interface bits per minute — before attack there were almost no data receivin/transmitting, only some cron jobs at night. But after attack there are at near 20 Mb per minute both receiving and transmitting.
Alt...
Graph with PostgreSQL connections. Active connections has green color. Before the attack there are almost no active connections, but after attack there are a lot of them, since Asterisk using PostgreSQL as a main backend.
Alt...
Load average for my server. After attack it increased at near 4 times.
Then, I logged into my box and found that fail2ban, Asterisk and PostgreSQL aren't feeling well. The system load and the traffic amounts was unusual — the parameters are completely differs from which I used to see since server installation.
I checked fail2ban logs and found that it is still parses the data from Asterisk log which were happen at near 5 hours ago 
And there were total mess in the Asterisk security.log (see screenshot) — some dumb (as it programmers 
) LLM-bots were constantly trying to connect to my Asterisk server with HTTP protocol, evaluating it as a web-server, I dunno
And the Asterisk logs became enormously big — while newsyslogd wasn't invoked — they eat at near 4 GB . I didn't specify the maximal size of Asterisk logfiles in the /etc/newsyslog.conf, because I wasn't expected a lot of lines in the PBX logs, which is in use only for my relatives.
#Asterisk #selfhosting #AInt #LLM
Alt...
top output in the terminal of NetBSD server, showing three CPU-consuming processses: python3.12, postgres, asterisk.
Alt...
Excerpt from failban log showing how it processes events from asterisk logs, happened 5 hours ago.
Alt...
Video with as fast scrolling lines -- there is a tail -f security.log for my Asterisk installation. Each three lines is an unsuccessfull attempt to break into my Asterisk from LLM bots.
Alt...
ls -lh in the /var/log/asterisk.
Size of asterisk.log: 1.2 Gb, queue.log: 4.4 Kb, security.log: 2.5 Gb.
Le guide IPv6 (#OVH / #NPM / #Proxmox / #Docker) fait peau neuve !
Vous connaissez déjà cette page de mon wiki, mais elle vient de s'offrir une réécriture complète !
Pourquoi ? Pour couvrir proprement deux cas de figure bien distincts selon vos besoins. Que vous soyez dans une config ou dans l'autre, tout y est détaillé pas à pas.
👉 À checker et à mettre dans vos favoris ici : https://wiki.blablalinux.be/fr/deploiement-ipv6-ovh-npm-proxmox-docker
Bonne lecture et bon déploiement !
Huh, looks like the new ASes, with LLM-bots attacking servers, just dropped
TLDR: there are AS12876 and AS16276 — both located in France (Scaleway SAS and OVH SAS). My Asterisk self-hosted box was attacked from the next IPs: 62.4.15.81 and 51.222.38.229.
Today, after I was checked my e-mail, I found three warnings from Monit about fail2ban exhausting limits in my small server in the kitchen (Intel Atom N2800 1866 MHz and 4 Gb of RAM). First e-mail warns about fail2ban ate 200 MB of RAM, next about 500 MB of RAM and the last e-mail warns me that fail2ban ate 2 GB of RAM
Alt...
Emacs Gnus with e-mail from Monit opened. In the e-mail Monit warns me about fail2ban ate 2.1 GB of RAM when the limit is 200 MB.
![[?]](https://social.christiansblog.eu/fileserver/01WA01Q4MR8ABFAKNX4SMBND2X/attachment/original/01KRR4FNK4A09JF7AMSTVGNCAE.png)
🚛 Neuer Beitrag auf ChristiansBlog.eu
Nextcloud-Server von einer USB-NVMe auf eine interne SATA-Festplatte migrieren – ohne Neuinstallation
Ein Praxis-Tutorial zur Migration eines laufenden Debian- und Nextcloud-Servers von einer USB-NVMe auf eine interne SATA-Festplatte – inklusive GRUB, rsync, fstab und typischer Fehlerfallen.
🔗 https://christiansblog.eu/post/tutorial/serverumzug/
#NextCloud #Debian #Linux #Server #Migration #NVMe #SATA #Apache #GRUB #Tutorial #HomeServer #Selfhosting
![[?]](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAEAAAABAAQAAAACCEkxzAAAAV0lEQVQoz43RwQ3AMAwCQDZg/y3ZgNqo3+JaedwDOUQBQFHYaTB8wTM6sGl2cMPu+DFzn+ZcgN7wF7ZVihXkfSlWIVzIA6dbQzaygllpNuTXZmmFNlvxADX1+o0cUPMbAAAAAElFTkSuQmCC)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/112/943/374/179/881/625/original/a1e9590077e5fdf0.png)
I have totally re-engineered the Genomic Sysadmin tool. Emphasis is on generating standalone code vs Ai centric processing, with universal Ai stubs that can run off cloud or local models with a fallback to deterministic evaluators.
Added emphasis on pressure sensitive governance.
Eg. If the firewall is getting more hits, the security posture is elevated, if diskspace, housekeeping...etc
Second major "innovation", the mission.md is actually composing the codebase as the compute windows flap.
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/111/360/189/352/809/556/original/1666b5555edba414.gif)
It's currently just a simplified version of my existing blog, but I'm hosting this website on my Raspberry Pi Zero for testing purposes:
We will see how things go over time, then possible port over the "real" thing 😛
New post: IPv6 Foundations.
IPv6 isn't "the future of the internet." It's the internet. IPv4 is the relic we keep alive on NAT life support.
A laid-back tour through the basics: how the addresses are built, the two rules for crushing out the zeros, a /64 per subnet so you stop counting hosts, SLAAC, and why blocking ICMPv6 is a self-inflicted wound.
And no, dual-stack isn't a destination. It's a burden.
https://blog.hofstede.it/ipv6-foundations-the-internet-protocol-you-should-already-be-using/
Also, I didn't get the notification about high server temperature from #Beszel because of this: https://github.com/henrygd/beszel/issues/2042 (still not released).
So the federation is working on my #Wanderer instance, and you can actually follow me there from any #ActivityPub instance: @yehor@wanderer.glitchy.social
The issue was actually in my #Mastodon instance: https://mastodon.glitchy.social/@yehor/116713584141417614
#Fediverse #homelab #selfhosted #selfhosting #selfhost
AodeRelay boostedWrote my first server announcement. Because yesterday, after updating my #Mastodon instance to 4.5.11, I didn't realise the Sidekiq died.
I spotted an unusual server load and temperature 24 hours later, found out that it was a Mastodon LXC, and realised there had been nothing processed by Sidekiq for 24 hours already.
I'm not sure about the reasons, because I didn't find anything useful in the logs. I definitely need better monitoring for #GlitchySocial.
Also wrote a guide on setting up #Wanderer instance bare-metal using #systemd service: https://github.com/open-wanderer/wanderer/discussions/817#discussioncomment-17209054
![[?]](https://cdn.fosstodon.org/accounts/avatars/113/035/113/440/494/960/original/a6527ec36949d9e4.jpg)
Halp! I just installed Yunohost on my home server with a wired connection.
Access to my apps works fine on devices with ethernet cable. But my wireless devices can only access my admin page, not the app portal.
Is this a common issue?
I think #SelfHosting is an important skill to learn, for anyone with the aptitude for it. I think the internet can't really be made a better place, until people learn to use those same skills to "staple the internet to real life". Like start from a place in one's real-world existence and look around. There are real-world organizations, and various community groups.
These groups should ideally roll their own self-hosted services: forums, group chats, file-sharing, etc. That's what I mean by "stapling": real world regional orgs aligning to the services they self-host. It's the opposite of using Big Tech forums: the Facebooks, Instagrams, etc of the world, where the platforms can't be trusted, and are totally certain to enshittify. In this way, #DataSovereignty is gained.
Yes, people will need a password manager to manage all those passwords. Or perhaps regional SSO servers - run by a city of province/state - can unify these accounts somewhat. Password management and backing up the password database (eg. .kdbx file) should be taught in school.
People actually visiting over coffee/tea (or meals), are the right time to help someone less technically inclined (in person) to install a new #OpenSource friendly app, like Signal or #DeltaChat
Yes, it won't be easy, *but I don't see an alternative*. There's pretty much no escape from the Tech Bro billionaires otherwise.
✨ Demain 18h : rendez-vous mail !
Abonnés à la campagne Wiki, attendez-vous à recevoir demain une belle dose de contenu technique pour vos serveurs. Soyez prêts ! 📖
#BlablaLinux #Wiki #Tips #SelfHosting
![[?]](https://makertube.net/lazy-static/avatars/a56f6d18-504b-4311-b130-5edc1f599378.png)
MATRIX-Bridges sind der absolute Messenging-Game-Changer! part 3 #did
Hol dir die volle Kontrolle über deine Kommunikation zurück! 🚀
In diesem dritten Teil meiner Matrix-Serie zeige ich dir, wie du mit sogenannten Bridges die Brücke zu WhatsApp, Telegram, Discord und sogar Instagram schlägst. Wir bündeln alles in einer einzigen, sicheren Open-Source-Oberfläche: Element. Das macht nicht nur euch, sondern auch euren Kontakten den Umstieg umso einfacher. Denn wir müssen ganz dringend raus aus diesen goldenen Käfigen.
Ich nehme dich mit durch meinen Prozess, zeige dir die Stolpersteine bei der Konfiguration (Docker, Config-Dateien & Co.) und wie du die Bridges für die gängigsten Messenger erfolgreich aufsetzt. Außerdem erfährst du, warum Selfhosting für mich nicht nur ein Hobby, sondern eine Philosophie für digitale Souveränität und Privatsphäre ist.
Du hast auch lieber "ADMIN-RECHTE statt RECHTE ADMINS" ?
Hier gib's die Fashion zum Statement:
https://lex-takuna.myspreadshop.de
In diesem Video siehst du:
00:00 - Intro: Austausch über Matrix & Community-Feedback
01:00 - Was sind Matrix-Bridges? (WhatsApp, Discord, Telegram, Instagram)
02:02 - Das Problem: Konfiguration klappt nicht „Out of the Box“
03:18 - Speedrun: Matrix-Stack neu aufsetzen & Installation
04:18 - WhatsApp-Bridge konfigurieren (Config & Registration YAML)
06:40 - Wichtiger Fix: Synapse Neustart & Token-Abgleich
07:44 - Hookshot: Ausblick
08:21 - WhatsApp Login & Kontakte/Gruppen synchronisieren
10:00 - Pro-Tipp: WhatsApp-Status-Benachrichtigungen deaktivieren
11:39 - Telegram-Bridge: Login via Telefonnummer
12:34 - Discord-Bridge: Server (Guilds) & Channels einbinden
14:54 - Instagram-Bridge: Login via Cookies/CURL (DevTools)
16:13 - Fazit: Warum Selfhosting & digitale Souveränität wichtig sind
17:48 - Kleiner Merch-Drop: "Adminrechte statt rechte Admins"
18:50 - Outro & Ausblick auf PeerTube / Fediverse
Peertube: https://makertube.net/c/lex_takuna/videos
Mastodon: https://burningboard.net/@LexTakuna
Matrix: @lex:trixie.takuna-homelab.de
I really should stop fucking with the tool, but there is always one more tweak to make it more functional. Takes a lot of discipline to stop poking at it...
... of which I have none.
This is the current iteration.
3 runners (but you can add as many as you want, just by cloning the runner directory)
Each runner has an autonomous mission.md - this is basically a super prompt. You can see, I can assign the compute load (its 5%, 95% atm).
The load logic was broken and I only picked it up by watching the runners cycle.
A cute little function I added, the ant-trail moves faster the more compute % its got allocated, so you can see at a glance where you are at.
There is a logic that estimates the available compute window and ramps up towards the end, to burn up the remaining compute, while allowing a window at the start, should you need it for manual prompts.
#sysadmin #vibecode #llm (windup) #codemonkey #selfhosting #vps
Alt...
Mission control
![[?]](https://social.anoxinon.de/system/accounts/avatars/109/315/049/614/768/502/original/b0e0c195af41b449.jpg)
Die eigene Nextcloud zu betreiben geht einfacher als gedacht. Dank Nextcloud AIO und meinem ausführlichen Video-Tutorial gelingt die Installation auch ohne Vorkenntnisse. Und falls doch Fragen aufkommen sollten, steht unsere Community mit Rat und Tat zur Seite.
https://gnulinux.ch/video-nextcloud-all-in-one-dein-einstieg-ins-selfhosting
![[?]](https://files.mastodon.social/accounts/avatars/108/116/990/725/247/731/original/2e097b7812894201.png)
Self-Hosting an ActivityPub Video Podcast Is Surprisingly Affordable
1/
Imagine this.
You want to launch your own video podcast.
A new episode every week.
Each episode is 1 hour long.
Full HD (1080p), 60 fps video.
What would it cost to host it yourself?
Before I ran the numbers, I assumed it would be expensive — maybe even impractical.
I was wrong.
The reality is surprisingly affordable.
Here is why.
...