Hetzner is doing another price increase.

this time it seems to only affect new orders, not existing ones .. but the price increase is pretty steep, like 2-3x or more

https://docs.hetzner.com/general/infrastructure-and-availability/price-adjustment/

#Hetzner #cloud #hosting #selfhosting

UGREEN NAS: UNIVERSAL SEARCH SINNVOLL EINRICHTEN UND NUTZEN – KI-TUTORIAL ZUR IDX-REIHE

https://gadgetchecks.de/ugreen-nas-universal-search-sinnvoll-einrichten-und-nutzen-ki-tutorial-zur-idx-reihe/

.
.
.

#ugreen #ugreennas #ugreennasync #idx6011pro #nas #networkattachedstorage #homelab #homeserver #datenspeicher #ki #artificialintelligence #aisearch #universalsearch #filesearch #nasstorage #techtutorial #ittutorial #selfhosting #datenmanagement #tutorial

Happy Monday. Sharing an update. Historically, my process has been to patch monthly unless a Known Vulnerability became Exploitable. Various feeds and sites like CISA's Known Exploited Vulnerabilities (KEV) list have been helpful. In order to "shift left," I'm moving to checking daily CVE updates against my tech stack. This is "personal optimization" to reduce the time from CVE reporting, exploit reporting, and my remediation. I like having a stable environment and don't have personal Dev/Test/Prod environments for all things. I also run the majority of my apps as containers. This is a work in progress. I'll share the updates. Trying to remain #minimalist in my #Linux #Selfhosting #selfhosted #selfhost #InfoSec

The webserver for my websites (https://blog.hofstede.it and others) is now runing on 15.1-RELEASE arm64 with PKGBase 🙂

Upgrade from 15.0 to 15.1was pleasantly boring:

https://docs.freebsd.org/en/books/handbook/cutting-edge/#pkgbase

- Creating a BE for the new version
- Mounting the BE to /mnt/upgrade
- Executing :env ABI=FreeBSD:15:aarch64 pkg-static -c /mnt/upgrade upgrade -r FreeBSD-base"
- bectl activate -t 15.0-RELEASE
- Rebooting the system

Everything working fine, all lights green

#freebsd #unix #selfhosting #arm64

Ouch, the new prices for dedicated cloud resources over at Hetzner are in:

- CPX32 went from 13.99 EUR to 35.49 EUR
- CCX23 went from 31.49 EUR to 85.99 EUR
- CCX33 went from 62.49 EUR to 138.49 EUR

juicy, juicy

#hetzner #inflation #cloud #selfhosting

So, the way I orchestrated SysGen, my Genetic algorithm autonomous #sysadmin tool is;

The more pressure there is on a resource, the more attention and insight the tool provides (In theory, by design), the vigilance level on Security is Maximum now, and the tool reports 3 different identifiable attack and the breakdown of targets.

Its found fail2ban is installed but not activated...
...the tool got tired of just warning about it and auto-started it itself; the autonomous part in autonomous.

Somewhat impressive IMHO

#Infosec #vibecode #VPS #Selfhosting

This morning GenSys (My Genetic algorithm autonomous #sysadmin tool) harvest.

Couple of days ago, I added a "CODE DELTA" log, where the runner/builder #vibecode records changes to the code. As you can see, the extensive nature if the tool is impressive.

Without that file, I had absolutely no insight on what changes were made, unless I had randomly noticed a feature.
#VPS #selfhosting

Big personal milestone: my Pull Request to Outline wiki was finally merged! 🎉

I've been self-hosting Outline for about 6 months and really needed a proper CloudFront integration (flat-rate pricing + protection against Denial-of-Wallet attacks from public S3 links).

It took a while, but PR #12656 is now merged.

Huge thanks to the Outline team! Really proud to contribute to such a large and popular open-source project (~40k stars).

https://github.com/outline/outline/pull/12656

#OpenSource #FOSS #SelfHosting #AWS #Fediverse #Software #WebDevelopment

Alt...

Screenshot of two GitHub notification emails from Tom Moor. The first one says "@tommoor approved this pull request." The second one confirms "Merged #12656 into main." Both notifications are about my CloudFront integration feature for Outline wiki.

(more Linux and FOSS news in previous posts of thread)

Nextcloud Hub 26 Spring launches with Euro-Office and AI updates on its 10th anniversary:
https://alternativeto.net/news/2026/6/nextcloud-hub-26-spring-launches-with-euro-office-and-ai-updates-on-its-10th-anniversary/

AliasVault is The BitWarden Alternative You Didn't Know You Needed:
https://feed.itsfoss.com/link/24361/17356280/aliasvault

Stremio full version launches on AltStore for Apple devices in Europe and Japan:
https://alternativeto.net/news/2026/6/stremio-full-version-launches-on-altstore-for-apple-devices-in-europe-and-japan/

Ghost introduces Dynamic Filters and auto-updated member views:
https://alternativeto.net/news/2026/6/ghost-introduces-dynamic-filters-and-auto-updated-member-views/

Ollama 0.30 delivers faster NVIDIA GPU performance and wider hardware support:
https://alternativeto.net/news/2026/6/ollama-0-30-delivers-faster-nvidia-gpu-performance-and-wider-hardware-support/

Git 2.55-rc0 Released With Rust Enabled By Default:
https://www.phoronix.com/news/Git-2.55-rc0-Released

Qt 6.12 Beta Released With Qt Quick 3D XR Apps Now Able To Run On 2D AR Glasses:
https://www.phoronix.com/news/Qt-6.12-Beta-1

GCC 15.3 Compiler Brings Nearly A Year Worth Of Bug Fixes:
https://www.phoronix.com/news/GCC-15.3-Released

OpenProject 17.5 offers project-based work package identifiers and more flexible backlogs:
https://alternativeto.net/news/2026/6/openproject-17-5-offers-project-based-work-package-identifiers-and-more-flexible-backlogs/

Some work on FosseryWeb page-builders:
I did some rewrite of the tool, separate out HTML templates from the generation logic, and use Jinja to fill in the templates during generation (this introduces an additional dependency, which some might consider bloat, but since I'll probably be the only one using it, it doesn't matter that much I guess, I rather focus on cleaner code, long-term maintainability). I also created a separate function to handle the Markdown validation logic, and call it before prompting for the description, to give immediate feedback, and rewrote the error messages to be clearer, more organized.
https://codeberg.org/fosseryweb/page-builders

(more FOSS news in comments)

#WeeklyNews #OpenSource #FOSSNews #OpenSourceNews #FOSS #News #FosseryWeb #Nextcloud #NextcloudHub #AliasVault #Stremio #Ghost #Ollama #Git #Qt #GCC #OpenProject #SelfHosting #Dev #Programming #Coding #Development #VCS #Compiler #VersionControl #FosseryTech

🖥️ alexpinel/Dot

Text-To-Speech, RAG, and LLMs. All local!

Integrates Text-To-Speech, RAG, and Large Language Models into a local environment for fully offline operation

⭐ Stars: 1908
📅 Last Update: Jun 05, 2026

https://github.com/alexpinel/Dot

#selfhosted #homelab #selfhost #selfhosting #opensource #local #offline

Seems Bitwarden is enshittifying, time to pick a successor. Going to setup vaultwarden, aliasvault and passbolt and try them out for a couple of months before making the final decision.

It's not just for me so best to be extra careful. Vaultwarden has a leg ahead as it's very easy to migrate, I should be able to run it with the Bitwarden app.

#selfhosting #bitwarden

#introduction 👋

Servus Fediverse! Ich bin Tom Kenobi - FOSS-/Privacy-Freund, Homelab-Bastler und Linux-Mensch. Was nicht selbst gehostet läuft, fehlt mir irgendwie. 🖥️

Abseits vom Terminal: Star-Wars-OT-Fan (ja, der Name ist Absicht 😏), Hockey-Goalie 🥅 und überzeugter Anhänger von Craftbeer 🍺 & gutem Käse 🧀.

Frisch hier, neugierig auf gute Gespräche statt Lärm - sagt gern Hallo!

#selfhosting #homelab #linux #privacy #starwars #eishockey

Introducing ChatSLM. A small language model with a big heart.

▪ 0 tokens per query
▪ 0 L cooling water

▪ runs on a single ARM64 core in Nuremberg, hosted on FreeBSD.

▪ no telemetry, nothing sent anywhere

▪ consistent, reproducible answers every single time

Give it a try. It's often quite helpful.
https://chat.rootshell.cx

#AI #SelfHosting #Sustainability #LLM

🛠️ Server-Upgrade erfolgreich abgeschlossen!

Mein Homeserver wurde soeben erfolgreich auf das brandneue #NixOS 26.05 (#Yarara) aktualisiert. 🚀

Technische Details:

🐧 Kernel: Linux 6.18 LTS

⚙️ Nix-Version: 2.31.5

🛡️ Systemd-Resolved: DNSStubListener deaktiviert, um Port 53 für AdGuard Home freizugeben

📦 7/7 Podman Container (AdGuard, OpenCloud, OnlyOffice, Jellyfin, Audiobookshelf, Homepage) & Caddy laufen stabil nach Hot-Reload.

💾 Backup: BorgBackup um 20:00 Uhr erfolgreich durchgelaufen.

Alles läuft reibungslos im grünen Bereich!

#SelfHosting #NixOS #Homelab #linux

Alt...

Eine Webservergebotsbeschreibung auf einem Bildschirm. Es gibt mehrere Dienstdomänen, Porttypen und Updatestatus.

*xmpp.uy*

Nueva actualización de @snikket_im en *xmpp.uy*, recién salida del horno.
Con algunas pequeñas novedades internas y 'cositas' de seguridad resueltas.

https://snikket.org/updates/release/20260611/

psshh.. ¿sabias que en @monocles , están trabajando en su versión de escritorio para linux?
¿y que muy pronto se viene el soporte para OMEMO2?

#xmpp #SnikketIM #snikket #monocleschat #monocles #xmppuy #selfhosting

What's the most lightweight (and preferably easiest to setup) Git server?

I have basically no requirements in terms of features. I'm (mainly) going to run it locally so I can sync my passwords between devices.

#Git #Selfhosting

Since tuta is also a corporation, I guess I need to learn how to self-host email. Any good resources on that? My spoons and ability are low lately, so simpler FOSS stuff is better

#duckduckfedi #askfedi #selfhosting

@violet Email and passwords are the two things that are just not worth hosting no matter what, in my experience

Email especially since you'd have to spend your days avoiding blacklists. It's possible, but I would not recommend it at all

#SelfHosting

https://lukasiewicz.tech/blog/6

#selfhosting #Debian #Docker #Dockge

FediSuite - Fediverse Management Platform

Open-source platform for social media management and analytics

If you manage several Fediverse accounts, you're constantly juggling browser tabs, losing track of which input field belongs to which platform, and at some point you no longer know what you've already posted. #FediSuite brings everything together in one place.

Connect accounts from 19(+) #Fediverse platforms: #Mastodon, #Pixelfed, #Misskey, #Friendica, #PeerTube, #Loops, #Wordpress, #Vernissage and more. The app detects your instance type automatically, loads the correct character limit and media rules straight from your instance, and sets up the composer accordingly. No manual configuration needed.

The analytics go way beyond plain follower counts: daily engagement charts, follower growth, your best posting times as a heatmap, hashtag performance, and a tips engine that evaluates your actual data and gives you concrete suggestions based on your own numbers.

Schedule posts down to the minute in your own time zone. Background workers handle publishing reliably, with resume handling for rate limits and atomic delivery.

FediSuite is free and #OpenSource under the GPL-3.0. Anyone can host their own FediSuite #instance and get it added to the official list automatically.

If you find a bug, especially in the #SelfHosting setup, feel free to report it. The project is being actively developed, and real-world bug reports are among the most valuable contributions right now. The CONTRIBUTING.md explains how it works.

The project lives on donations. Donations guarantee and make it possible for FediSuite to keep going and keep being developed. To support FediSuite, click the yellow button on the website.

More info: https://www.fedisuite.com

A new version of #Forgejo is out 15.0.3
The earlier CVE-2026-27771 is a Gitea bug, and Forgejo was looped into the reporting. However, Packages under a public owner are visible to unauthenticated users by design. If you are publicly hosting, please make sure you understand the permissions model. (see below)

During that CVE stuff, a real authz bypass (any authenticated user could write to public repos they don't own) was fixed in 15.0.1 in May. So jump to 15.0.3 to get all the current security fixes.

Noodling out how to check the permissions (tell me if I'm wrong!!)
curl -s -o /dev/null -w "%{http_code}\n" \
https://<your-forgejo-host>/v2/<owner>/<image>/manifests/<tag>
- 401/404 the access control is enforcing, you're fine.
- 200 with a manifest, you are exposed. Fix it with REQUIRE_SIGNIN_VIEW=true

#Linux #Selfhosting #selfhosted #selfhost #InfoSec

Also, I'll need a replacement for iCloud's file storage, and currently trying #OpenCloud. It is promising despite the painful initial setup process. Also curious what other people use for #SelfHosted file storage except #Synology and #Nextcloud.

#homelab #selfhost #selfhosted #selfhosting

Kinda postmortem:

1) The maximal log size before rotation and count of gzipped logs to store should be increased in the newsyslogd configuration. This should be applied to any service, which is looking into the void^WInternet. So, I will not loss log records, related to the start of attack…

2) Also, Asterisk log should be added to newsyslogd configuration first. It weren't added here, so *.log files became too big (> 1 Gb) and of course fail2ban ate a lot of memory while parsing these big logs. If they were rotated properly, then fail2ban will not eat so much memory, parsing small enough files.

3) Since start of attack in logs were lost, then I could only imagine possible root cause of an attack. By default, any IP, which once failed to provide the proper credentials to login somewhere in my kitchen server, is banned immediately and forever.
But somehow those attackers managed to use just 2 IPs to make an attack and they weren't banned before manual intervention

According to fail2ban logs they were banned, but they were obviously not banned by npf. So, I think, they started attack right in time when my blacklists were successfully updated and npf was reloading — as a result their IPs appeared as "banned" in the fail2ban, but the fail2ban failed to ban them via npf, so "IRL" their IPs still weren't banned. Time to revisit my script to update blacklists

4) Looks like I need to install some Intrusion Detection System (possibly snort since it is mature enough). It isn't good to rely only on one mechanism (fail2ban + blacklists + npf) to protect my precious machine.

#NetBSD #selfhosting #fail2ban #npf

Kinda postmortem:

1) The maximal log size before rotation and count of gzipped logs to store should be increased in the newsyslogd configuration. This should be applied to any service, which is looking into the void^WInternet. So, I will not loss log records, related to the start of attack…

2) Also, Asterisk log should be added to newsyslogd configuration first. It weren't added here, so *.log files became too big (> 1 Gb) and of course fail2ban ate a lot of memory while parsing these big logs. If they were rotated properly, then fail2ban will not eat so much memory, parsing small enough files.

3) Since start of attack in logs were lost, then I could only imagine possible root cause of an attack. By default, any IP, which once failed to provide the proper credentials to login somewhere in my kitchen server, is banned immediately and forever.
But somehow those attackers managed to use just 2 IPs to make an attack and they weren't banned before manual intervention

According to fail2ban logs they were banned, but they were obviously not banned by npf. So, I think, they started attack right in time when my blacklists were successfully updated and npf was reloading — as a result their IPs appeared as "banned" in the fail2ban, but the fail2ban failed to ban them via npf, so "IRL" their IPs still weren't banned. Time to revisit my script to update blacklists

4) Looks like I need to install some Intrusion Detection System (possibly snort since it is mature enough). It isn't good to rely only on one mechanism (fail2ban + blacklists + npf) to protect my precious machine.

#NetBSD #selfhosting #fail2ban #npf

I run https://blog.hofstede.it aiming for maximum digital sovereignty!

DNS: My own authoritative servers (PowerDNS) with DNSSEC signing.

HW: Own physical server in a German colocation

Net: My own Autonomous System (AS201379) for full BGP control

Stack: 100% FOSS (FreeBSD, Caddy, Forgejo, Pelican)

Web: <600kb total size, 0 trackers, 0 external deps. All assets hosted locally.

I don't even log IPs. Data I don't store is data I can't accidentally leak. Keeping data is a burden!

#SelfHosting #FreeBSD #BGP #FOSS #DigitalSovereignty

Mes services publics font peau neuve !

J’ai mis à jour ma page de services publics. Désormais, pour chaque service, vous trouverez un bouton #CryptCheck dédié.

En un clic, vous pouvez vérifier en toute transparence la configuration #SSL et la sécurité de chacun de mes outils auto-hébergés.

🔗 Découvrez la liste complète ici : https://blablalinux.be/mes-services-publics/

#SelfHosting #LogicielLibre

Linux CVE drops. CVE-2026-23111 — nf_tables UAF → root + container escape. A use-after-free in netfilter's nft_map_catchall_activate(). A local unprivileged user gets root, and because it runs through user namespaces, an unprivileged Podman container can break out to the host. A full working exploit dropped June 8, confirmed on Debian defaults.

CVE-2026-46316 "ITScape" It's a KVM/arm64-only guest-to-host escape (vGIC-ITS interrupt emulation). x86 is explicitly unaffected.

CVE-2026-42945 "NGINX Rift" A heap overflow in ngx_http_rewrite_module, CVSS 9.2, getting exploited in the wild.

#Linux #Selfhosting #selfhosted #selfhost #InfoSec

My main server now has two #Toshiba hard drives. I have no idea why they are so unpopular in the #selfhosting community when they are cheap, quiet, and reliable. I suppose #WD and #Seagate have good marketing departments.

#homelab #selfhost #SelfHosted #hdd #harddrive #harddrives

Out of the #IdM / #SSO solutions I can #SelfHost that I remembered about, apparently only #KaniDM has ability to create app passwords / bearer tokens that actually allow to access only a single application 🤔

#Linux #SysAdmin #Privacy #Security #SelfHosting #homelab
@homelab

@homelab OK, after playing around a tiny bit, it seems that the code for this exists in #KaniDM
- https://github.com/kanidm/kanidm/pull/2968
- https://github.com/kanidm/kanidm/pull/3535/
but what doesn't exist is ability to reach it and set that up for a user. Oh well.

#Privacy #Security #SelfHosting #SSO

Blog update:

https://blog.hofstede.it now loads zero external resources. Fonts and Bootstrap are self-hosted, the requests to Google Fonts and jsdelivr are gone. All visits stays between the visitors browser and my server.

Also new:
- Full-text search (Pagefind: fully static, no search backend, no tracking)
- Series navigation for multi-part articles
- Older/newer article links
- A proper 404 page

Static sites don't need third parties.

#DataSovereignty #SelfHosting #Pelican #FreeBSD #Blog

Blog update:

https://blog.hofstede.it now loads zero external resources. Fonts and Bootstrap are self-hosted, the requests to Google Fonts and jsdelivr are gone. Your visit stays between the visitors browser and my server.

Also new:
- Full-text search (Pagefind: fully static, no search backend, no tracking)
- Series navigation for multi-part articles
- Older/newer article links
- A proper 404 page

Static sites don't need third parties.

#DataSovereignty #SelfHosting #Pelican #FreeBSD #Blog

Database cleanup work:

$ psql -c "SELECT pg_size_pretty(pg_database_size('mastodon'))"
pg_size_pretty
----------------
38 GB
(1 row)

$ pg_repack mastodon
INFO: repacking table "public.account_aliases"
....

$ psql -c "SELECT pg_size_pretty(pg_database_size('mastodon'))"
pg_size_pretty
----------------
32 GB
(1 row)

Nice :-) Another successful maintanance ! Also patched up the entire machine and all jails to FreeBSD 15.0-RELEASE-p10 and verified our backups work and are restorable.

#mastodon #mastoadmin #postgresql #selfhosting #freebsd

@mgfp_fediprofile
https://hub.vocalcat.com/mgfp_fediprofile

After a few attempts in the past, I finally created a FediProfile. I won't be needing Biolink anymore :D.

1/2

#Fediverse #ActivityPub #Linkinbio #OpenSource #SelfHosting #FediProfile #Federation #Federated #FederatedSocialWeb

onion-relay v2.0.0 is out, and it's been a long road from v0.0.1 ⬇️

ℹ️ What started as "one command to run a relay" is now a hardened, production-tested AIO stack: guard, exit, and bridge (obfs4) in a 16.8 MB image.

What's new in v2.0.0:
🩺 health + status tools now expose build_version & config_source
⚡ healthcheck.sh fails fast on missing/empty torrc
🔒 DirPort now defaults to 0 (disabled) in ENV-generated configs

What the project has grown into since launch:
🔑 Happy Family support (Tor 0.4.9+ FamilyId, 🪦 RIP MyFamily lists)
🧰 6 busybox only diagnostic tools
🌍 Battle-tested across 10+ countries: https://relays.brokenbotnet.com
🔐 35+ security fixes, CVE coverage, weekly automated rebuilds
🐋 Works with Docker CLI, Compose, Cosmos Cloud & Portainer

https://github.com/r3bo0tbx1/tor-guard-relay

If you care about privacy infrastructure:
🥢 Try it out
🐛 Report bugs
💡 Suggest features
⭐ Star it to help others find it

Still maintaining this in my free time, donation info
in the README. And please support @torproject

@eff and @privacyguides too.

Protecting privacy, one relay at a time ✨

#Tor #Privacy #OpenSource #Docker #FOSS #SelfHosting #Infosec

v2.0.0 is out, and it's been a long road from v0.0.1 ⬇️

ℹ️ What started as "one command to run a relay" is now a
hardened, production-tested AIO stack: guard, exit, and
bridge (obfs4) in a 17 MB image.

What's new in v2.0.0:
🩺 health + status tools now expose build_version & config_source
⚡ healthcheck.sh fails fast on missing/empty torrc
🔒 DirPort now defaults to 0 (disabled) in ENV-generated configs

What the project has grown into since launch:
🔑 Happy Family support (Tor 0.4.9+ FamilyId, RIP MyFamily lists)
🧰 6 busybox only diagnostic tools
🌍 Battle-tested across 10+ countries: https://relays.brokenbotnet.com
🔐 35+ security fixes, CVE coverage, weekly automated rebuilds
📦 Works with Docker CLI, Compose, Cosmos Cloud & Portainer

https://github.com/r3bo0tbx1/tor-guard-relay

If you care about privacy infrastructure:
🥢 Try it out
🐛 Report bugs
💡 Suggest features
⭐ Star it to help others find it

Still maintaining this in my free time, donation info
in the README. And please support @torproject

@eff and @privacyguides too.

Protecting privacy, one relay at a time ✨

#Tor #Privacy #OpenSource #Docker #FOSS #SelfHosting #Infosec

If anyone was wanting a way out from #Discord, and other similar closed-source forums, #Flarum will soon be having their 2.0 release. rc3 just came out. They have good developer and bugfixing momentum right now. If you have Sysadmin skills, and know of an #OpenSource community in need of a new and suitable OpenSource forum, maybe warm up a VPS, and/or register a domain? And perhaps try out their RC on a testing rig first.

Now is a good time to get into flarum, I say. I've been watching them for a long time, and have done multiple #Debian installs myself.

Note: Flarum doesn't do team voice chat, unlike Discord. But it's a great web forum, with good mobile support (unlike #PHPBB) . Is also lightweight (unlike #Discourse) - can be run on a cheap VPS or Raspberry Pi.

Flarum's 2.0 RC3 announcement:
https://discuss.flarum.org/d/39406-flarum-200-rc3-released-built-by-the-community-almost-ready-for-everyone

#datasovereignty #SelfHosting

Murphys Law mal wieder.

Das neue Nextcloud Update "mal eben" ohne (Datenbank) Backup einspielen, weil hat ja die elf-trillionen male vorher auch ohne irgendwelche Probleme immer funktioniert, wird schief gehen (mit einem Datenbankfehler)

`Foreign key name for table "oc_mail_accounts" collides with the constraint on table oc_mail_accounts.`

Ein Glück nutz ich die NC Mail App nicht, somit tut ein mutiges `drop table` den Dienst.

#admin #nextcloud #sysadmin #selfhosting #murphyslaw

@peanutsguy @mosu @dlemper Thanks for all your recommendations. I tried #dockhand first, and its “all compose files should be on the main machine” approach didn’t fit my existing infrastructure. Existing stacks adoption will be too much of an issue.
Also #komodo feels much more stable and feature complete compared to #dockhand and especially to #arcane. Not the simplest tool but pretty intuitive after some time of tinkering.
#docker #homelab #SelfHosted #selfhosting #selfhost

Oh fuck, I was mistaken — it was a real attack, not LLM bots — someone, using machines from French hosting, was trying to connect to my Asterisk box, using various SIP endpoints.

The attack was started at Monday's night and was found only because monit reported about too much memory eaten by fail2ban

Interesting, why fail2ban didn't banned attacker's IP, because it should do that right after failed attempt to login? Tine to revisit fail2ban jails configs…

#asterisk #pbx #hackers #selfhosting

Alt...

Screenshot of termux with opened console of my home server. There is an asterisk log in the console, showing various and constant attempts to login into my PBX via PJSIP.

I think one of the coolest things about #Mastodon is all the small-time instances. It proves there are tons and tons of people out there who get how to do self-hosting. They get DNS, domain registry, and some System Administration skills, to empower themselves, and make a stand on the #internet, participating in a federation whatsoever.

Email doesn't really enjoy this same status: it's sort of (effectively) "semi-federated". Even after doing all the correct DNS vodoo (SPF, DKIM, DMARC), one might be cursed anyway, because one's IP address comes from some disreputable IP block. This "original sin" can't really be cleansed, according to #Google , #Microsoft, etc, who silently and ruthlessly can send all one's incoming, self-hosted email messages to the recipient's spam folder.

#SelfHosting

Ok #Arcane is no longer a simple #Docker orchestrator for #HomeLab. Also, their v2 migration guide is a good example of bad documentation.

Anything except #UptimeKuma? Any recommendations?

#selfhosted #selfhosting #selfhost #askfedi

Some graphs from #Munin with LLM-bots attacking my kitchen server.
Graphs spans to the whole week, so on the left there is a normal state of my server. And on the right — attack is happening.

#NetBSD #LLM #AInt #selfhosting

Alt...

Graph of CPU usage, which going high after LLM bots attack (at near 08 Jan Monday). At near 2 CPU cores were used by LLM bots, trying to abuse my PBX as an Web-server.

Alt...

Graph with main network interface bits per minute — before attack there were almost no data receivin/transmitting, only some cron jobs at night. But after attack there are at near 20 Mb per minute both receiving and transmitting.

Alt...

Graph with PostgreSQL connections. Active connections has green color. Before the attack there are almost no active connections, but after attack there are a lot of them, since Asterisk using PostgreSQL as a main backend.

Alt...

Load average for my server. After attack it increased at near 4 times.

Then, I logged into my box and found that fail2ban, Asterisk and PostgreSQL aren't feeling well. The system load and the traffic amounts was unusual — the parameters are completely differs from which I used to see since server installation.

I checked fail2ban logs and found that it is still parses the data from Asterisk log which were happen at near 5 hours ago And there were total mess in the Asterisk security.log (see screenshot) — some dumb (as it programmers ) LLM-bots were constantly trying to connect to my Asterisk server with HTTP protocol, evaluating it as a web-server, I dunno

And the Asterisk logs became enormously big — while newsyslogd wasn't invoked — they eat at near 4 GB . I didn't specify the maximal size of Asterisk logfiles in the /etc/newsyslog.conf, because I wasn't expected a lot of lines in the PBX logs, which is in use only for my relatives.

#Asterisk #selfhosting #AInt #LLM

Alt...

top output in the terminal of NetBSD server, showing three CPU-consuming processses: python3.12, postgres, asterisk.

Alt...

Excerpt from failban log showing how it processes events from asterisk logs, happened 5 hours ago.

Alt...

Video with as fast scrolling lines -- there is a tail -f security.log for my Asterisk installation. Each three lines is an unsuccessfull attempt to break into my Asterisk from LLM bots.

Alt...

ls -lh in the /var/log/asterisk. Size of asterisk.log: 1.2 Gb, queue.log: 4.4 Kb, security.log: 2.5 Gb.

Le guide IPv6 (#OVH / #NPM / #Proxmox / #Docker) fait peau neuve !

Vous connaissez déjà cette page de mon wiki, mais elle vient de s'offrir une réécriture complète !

Pourquoi ? Pour couvrir proprement deux cas de figure bien distincts selon vos besoins. Que vous soyez dans une config ou dans l'autre, tout y est détaillé pas à pas.

👉 À checker et à mettre dans vos favoris ici : https://wiki.blablalinux.be/fr/deploiement-ipv6-ovh-npm-proxmox-docker

Bonne lecture et bon déploiement !

#IPv6 #SelfHosting #SysAdmin #Linux #OpenSource

Huh, looks like the new ASes, with LLM-bots attacking servers, just dropped

TLDR: there are AS12876 and AS16276 — both located in France (Scaleway SAS and OVH SAS). My Asterisk self-hosted box was attacked from the next IPs: 62.4.15.81 and 51.222.38.229.

Today, after I was checked my e-mail, I found three warnings from Monit about fail2ban exhausting limits in my small server in the kitchen (Intel Atom N2800 1866 MHz and 4 Gb of RAM). First e-mail warns about fail2ban ate 200 MB of RAM, next about 500 MB of RAM and the last e-mail warns me that fail2ban ate 2 GB of RAM

#AInt #LLM #selfhosting #bots

Alt...

Emacs Gnus with e-mail from Monit opened. In the e-mail Monit warns me about fail2ban ate 2.1 GB of RAM when the limit is 200 MB.

🚛 Neuer Beitrag auf ChristiansBlog.eu

Nextcloud-Server von einer USB-NVMe auf eine interne SATA-Festplatte migrieren – ohne Neuinstallation

Ein Praxis-Tutorial zur Migration eines laufenden Debian- und Nextcloud-Servers von einer USB-NVMe auf eine interne SATA-Festplatte – inklusive GRUB, rsync, fstab und typischer Fehlerfallen.

🔗 https://christiansblog.eu/post/tutorial/serverumzug/

#NextCloud #Debian #Linux #Server #Migration #NVMe #SATA #Apache #GRUB #Tutorial #HomeServer #Selfhosting

Adding some context for discoverability:
#privacy #infosec #selfhosting #encryption

I have totally re-engineered the Genomic Sysadmin tool. Emphasis is on generating standalone code vs Ai centric processing, with universal Ai stubs that can run off cloud or local models with a fallback to deterministic evaluators.

Added emphasis on pressure sensitive governance.
Eg. If the firewall is getting more hits, the security posture is elevated, if diskspace, housekeeping...etc

Second major "innovation", the mission.md is actually composing the codebase as the compute windows flap.

#sysadmin #vps #selfhosting

It's currently just a simplified version of my existing blog, but I'm hosting this website on my Raspberry Pi Zero for testing purposes:

https://fsck.lol

We will see how things go over time, then possible port over the "real" thing 😛

#raspberrypi #nginx #alpinelinux #selfHosting

New post: IPv6 Foundations.

IPv6 isn't "the future of the internet." It's the internet. IPv4 is the relic we keep alive on NAT life support.

A laid-back tour through the basics: how the addresses are built, the two rules for crushing out the zeros, a /64 per subnet so you stop counting hosts, SLAAC, and why blocking ICMPv6 is a self-inflicted wound.

And no, dual-stack isn't a destination. It's a burden.

https://blog.hofstede.it/ipv6-foundations-the-internet-protocol-you-should-already-be-using/

#IPv6 #Networking #SelfHosting

Also, I didn't get the notification about high server temperature from #Beszel because of this: https://github.com/henrygd/beszel/issues/2042 (still not released).

#homelab #selfhosted #selfhosting #selfhost

So the federation is working on my #Wanderer instance, and you can actually follow me there from any #ActivityPub instance: @yehor@wanderer.glitchy.social

The issue was actually in my #Mastodon instance: https://mastodon.glitchy.social/@yehor/116713584141417614

#Fediverse #homelab #selfhosted #selfhosting #selfhost

AodeRelay boosted

Yehor 🇺🇦 » 🌐 2026-06-08
@yehor@mastodon.glitchy.social

Wrote my first server announcement. Because yesterday, after updating my #Mastodon instance to 4.5.11, I didn't realise the Sidekiq died.

I spotted an unusual server load and temperature 24 hours later, found out that it was a Mastodon LXC, and realised there had been nothing processed by Sidekiq for 24 hours already.

I'm not sure about the reasons, because I didn't find anything useful in the logs. I definitely need better monitoring for #GlitchySocial.

#selfhost #homelab #selfhosted

Self-Hosting an ActivityPub Video Podcast Is Surprisingly Affordable

1/

Imagine this.

You want to launch your own video podcast.

A new episode every week.
Each episode is 1 hour long.
Full HD (1080p), 60 fps video.

What would it cost to host it yourself?

Before I ran the numbers, I assumed it would be expensive — maybe even impractical.

I was wrong.

The reality is surprisingly affordable.

Here is why.

...

#ActivityPub #FediDev #HomeLab #SelfHost #SelfHosting