jrollans.com is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.

This server runs the snac software and there is no automatic sign-up process.

Site description
These are the voyag... uh, things I post about.
Admin email
jrollans@gmail.com
Admin account
@jrollans@jrollans.com

Search results for tag #selfhosting

[?]Geoff » 🌐
@sternecker@infosec.exchange

I'm not running Gitea, but Forgejo. Here is a write up of the Gitea CVE's that are still embargoed for Forgejo. Regardless, they need to be patched! Make it a priority.
hivesecurity.gitlab.io/blog/gi

    AodeRelay boosted

    [?]Dragon of BSDCafe :freebsd: [he/him] » 🌐
    @evgandr@mastodon.bsd.cafe

    Pretty funny that the most often requested file from my small kitchen-server is "/robots.txt". Pretty surprising, since a lot of LLM-bots usually ignores this file :drgn_sigh:
    The other requested files are just some js crap, which is obviously don't exist on my server — possibly some script-kiddies tried to find some entrypoint (see "config.js" and "env.js").

    The funny part: the referrer URLs. Hope, the default content of NetBSD /etc/passwd from inside the sandbox was made someone happy :drgn_blush_giggle:

    A cwm with 3 windows. On the top window there is an xterm with ssh client connected to the my server. Inside the window there are some lines from /var/log/nginx/ from inside sandbox (mostly the list of files and gzipped files in this catalog). On the middle window there is a GoAccess web interface with list of most-requested static files from my server. There are: /robots.txt (2.6 MiB of traffic), /config.js (1 MiB), /.env.txt (588 KiB), /env.txt (300.3 KiB), /app.js (316.4 KiB), /owa/auth/x.js (134.4 KiB).

    Alt...A cwm with 3 windows. On the top window there is an xterm with ssh client connected to the my server. Inside the window there are some lines from /var/log/nginx/ from inside sandbox (mostly the list of files and gzipped files in this catalog). On the middle window there is a GoAccess web interface with list of most-requested static files from my server. There are: /robots.txt (2.6 MiB of traffic), /config.js (1 MiB), /.env.txt (588 KiB), /env.txt (300.3 KiB), /app.js (316.4 KiB), /owa/auth/x.js (134.4 KiB).

    The screenshot of cwm with a Librewolf window on top. It displays the GoAccess web interface with a list of referrer URLs, from requests to my server. There are: https://MyIP/ (47078 hits), http://MyIP:443/ (25507 hits), https://MyIP (3018 hits), () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd (621 hits), https://MyIP/WebInterface/login.html (434 hits) and https://myhostname (291 hits). On the two other windows on the bottom there are: xterm window with ssh client connected to my server and an Emacs frame with log of actions made with server.

    Alt...The screenshot of cwm with a Librewolf window on top. It displays the GoAccess web interface with a list of referrer URLs, from requests to my server. There are: https://MyIP/ (47078 hits), http://MyIP:443/ (25507 hits), https://MyIP (3018 hits), () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd (621 hits), https://MyIP/WebInterface/login.html (434 hits) and https://myhostname (291 hits). On the two other windows on the bottom there are: xterm window with ssh client connected to my server and an Emacs frame with log of actions made with server.

      [?]James Wynn 🧐 » 🌐
      @james@social.wynning.tech

      Finally started the process of migrating off cloudflare to a vps thanks to towonel. Everything I've migrated seems to be working better to ham on CF, and I'm reasonably confident in crowdsec+coraza+anubis as my security stack.

      #homelab #selfhosted #selfhosting

        AodeRelay boosted

        [?]Fox Ritch :fjoxicon:🇩🇪 » 🌐
        @fox@social.hostnetwork.xyz

        so i tried to make a nested proxmox vgpu thingy. but it doesnt work cause when i enabled viommu on the vm the nvidia driver fails(RmInitAdapter failed) but when i disable viommu mdev doesnt work cause it needs /sys/kernel/iommu_groups/ which only exsists with iommu. i fucking hate this bullshit.

          [?]Elena Rossini on GoToSocial ⁂ » 🌐
          @elena@aseachange.com

          Good morning Fedi friends!

          On the agenda today: writing a first draft explaining to newbies how to self-host #GoToSocial with the help of #YunoHost.

          Now, to do a step-by-step installation guide I need to create a brand new account, so I can document everything.

          I'm a little stressed out thinking of which domain name to use and the fact it would be something like my 20th - yes TWENTIETH - ActivityPub account!!! 🫠

          The things you do for the love of the fediverse 😅​

          #MySoCalledSudoLife #SelfHosting

            [?]Geoff » 🌐
            @sternecker@infosec.exchange

            A couple things this morning. CVE-2026-46242 "Bad Epoll" Linux kernel, CVSS 7.8, local privilege escalation was already mentioned CVE published around May.
            1: What's new today: it is now fully weaponized and publicly written up. It's a use-after-free race in the kernel's eventpoll subsystem (ep_remove()/ep_remove_file()). An unprivileged local user can win a race condition and get root.

            2: Affected: kernel 5.10 through 6.11.
            3: The Attack surface is broad because epoll underlies nginx, Node.js, Python asyncio, databases, Android's event loop.

            So, basically anything async I/O.
            An App can be the foot in the door, the race condition can lead to root.

            I'm running Kernel 6.12.94+deb13-amd64. So driving on.

              [?]Ben Arthur Looper [he/him] » 🌐
              @arthurian@defcon.social

              Good morrow Fediverse,

              My name is Ben Looper, I'm a software engineer of five years currently living in Houston, TX...but not for much longer!
              My wife and I are moving up to Calgary, AB, and I'm taking the opportunity to make some positive changes in my life, one of the first being to write more.

              I have a few projects that my ADHD brain bounces between, and I want to begin fearlessly talking about them here, rather than verbal vomiting about them to whatever poor soul asks me about them.

              Maybe (hopefully) these smaller updates will cascade into longer, more detailed pieces, but for now I'll be very happy to just share bits and bites, and to engage with others on stuff they're working on.

              That last point specifically is what I'm most excited for - I don't have many people in my life that I can full-blown nerd out about this stuff with, and I really hope that I can find a community here to do that with.

              Thanks, and happy hacking 📎

                AodeRelay boosted

                [?]Ricardo Martín :bsdhead: » 🌐
                @ricardo@mastodon.bsd.cafe

                Dear CGNAT and GPON 1:64 splits, fuck you.

                  AodeRelay boosted

                  [?]Frank » 🌐
                  @rincewind@unseen-university.social

                  Neuer Blog-Artikel

                  podman kennt keine Upgrade-Funktion wie docker? Brauchen wir auch nicht.

                  Im neuen howto machen wir aus einem pod einen sauberen systemd-service: startet beim booten, hält sich per auto-update selbst aktuell und rollt bei einem kaputten Image automatisch zurück.

                  Und alles rootless.

                  just-stuff.blog/podman-pod-aut

                    AodeRelay boosted

                    [?]Lex » 🌐
                    @lex@makertube.net

                    Ich hab's auf Platte! - Schallplatten digitalisieren und streamen mit #Navidrome

                    Spotify? Brauch ich nicht mehr. Ich hab's auf Platte – und trotzdem immer in der Tasche.

                    In diesem Video zeige ich dir, wie ich meine Schallplatten digitalisiere und mit Navidrome auf meinem eigenen Server hoste. Mein persönliches Spotify – nur mit meiner handverlesenen Vinyl-Sammlung, in HIFI-Qualität und ganz ohne Abo, Algorithmus und KI-Slop.

                    Das Motto: TIME TO PICK A SIDE.
                    Ich höre wieder ganze Plattenseiten statt geshuffelte Einzelsongs.
                    Kein Skippen, kein Spulen, kein Berieseln – dafür bewusster Musikgenuss und volle Hoheit über meine eigene Sammlung.

                    🎬 Kapitel:
                    00:00 - Intro
                    00:54 - Eine Passion für Schallplatten
                    02:41 - Die Idee: Digitalisierung
                    04:10 - How to Aufnehmen
                    06:49 - (nicht viel) Feinschliff
                    09:16 - DAS MOTTO - TIME to pick a SIDE !
                    11:52 - Go Host Yourself - Navidrome
                    13:20 - Die beste App: Symfonium vs. SubStreamer vs. Castafiore
                    15:53 - Fazit: So muss Musik heute!

                    🔗 Links & Setup:
                    ▶ Mein Discogs-Profil: https://www.discogs.com/de/user/lex_takuna/collection
                    ▶ Playlist „Takuna's Turntable": https://open.spotify.com/playlist/2OUlf9LI4Q60GFplqc3TcP?si=6f45b2f83c834e9e
                    ▶ REGA Phono Mini USB: https://amzn.to/3SJzE9z
                    ▶ Navidrome: https://www.navidrome.org/
                    ▶ Symfonium: https://play.google.com/store/apps/details?id=app.symfonik.music.player&hl=de

                    💬 Wie hörst du deine Musik? Voll auf Stream oder auch zurück zu physischen Medien? Lass mir deine Plattenempfehlungen in den Kommentaren!

                    Alt...---

                      [?]Fossery Tech :debian: :gnome: » 🌐
                      @fosserytech@social.linux.pizza

                      FOSS NEWS

                      Firefox is adding Vulkan video decoding for Nvidia GPUs:
                      omgubuntu.co.uk/2026/07/firefo

                      Brave Says This is Not a Privacy Feature, But Using Containers Has Its Perks:
                      feed.itsfoss.com/link/24361/17

                      Introducing Lumo 2.0: advanced reasoning models, image recognition and generation, improved web search, memory collection, custom Lumos:
                      proton.me/blog/lumo-2
                      (Good to see a privacy focused LLM service catching up to the big guys, it's nice to have a non-invasive online service for those who don't have the hardware to run powerful local models, including image generation models)
                      (It still sucks at answering Linux-related questions though unfortunately)

                      OBS Studio 32.2.0 Beta 3 Released: Audio Mixer Fixes and Linux Polish:
                      linuxcompatible.org/story/obs-

                      Notesnook 3.4 brings an Inbox API, enhanced desktop security, unique URL slugs, and more:
                      alternativeto.net/news/2026/6/

                      Collabora Office 26.04 Keeps AI Optional and Refines Writer and Calc:
                      feed.itsfoss.com/link/24361/17

                      Ente makes business metrics public, sharing revenue and user counts:
                      alternativeto.net/news/2026/7/

                      Arti 2.5 brings stable Counter Galois Onion, default Congestion Control and security fixes:
                      alternativeto.net/news/2026/7/

                      Sick of AI Slop, Former Microsoft Engineer Built a New, AI-less Notepad:
                      feed.itsfoss.com/link/24361/17

                      Krita AI Diffusion 1.52.1 Released to Fix Server Connection Bug in Local AI Art Plugin:
                      linuxcompatible.org/story/krit

                      Immich 3.0 adds non-destructive editing & OCR on mobile, workflows, and improved backups:
                      alternativeto.net/news/2026/7/

                      Kodi 22 Beta Improves Linux Support for Remote Keys and HDR Profile Support:
                      9to5linux.com/kodi-22-beta-imp

                      ClamAV Unofficial Signatures v8.0.0 Drops After Five Years with Official Docker and ClamAV 1.x Support:
                      linuxcompatible.org/story/clam

                      (more FOSS news in comment)

                        [?]Steve » 🌐
                        @stev3yd@social.linux.pizza

                        Found this useful tool called Hister. Basically your search history with better capabilities. I often will stumble across something, forget to save it and recalling it is a hit-or-miss if i can remember the title of the page I am thinking of. This makes it easier. It makes a local copy of the text and adds better search capabilities to sites you have visited in the past.

                        Forgot what Grim Dawn build I was working on. Searched for it and found it from my browsing history.

                        Another great tool to add to the self-hosting arsenal. Check it out!

                        hister.org/

                          [?]Wulfy—Speaker to the machines » 🌐
                          @n_dimension@infosec.exchange

                          I felt so strongly about this...
                          ... I created a meme.

                          Was and caught myself shoving new features that were not needed.

                            [?]Matthias Johnson » 🌐
                            @opennomad@mastodon.social

                            I'm quite happy with my replacement for . i was missing dependabot enforced correctness and installed a Renovate container. IMO it's an improvement over the github approach. love it.

                            github.com/renovatebot/renovate

                              [?]Geoff » 🌐
                              @sternecker@infosec.exchange

                              I am running forgejo as part of my personal stack.
                              Related codebase gitea realeased 13 CVE's from 7 to 9.8 in criticality yesterday.
                              Forgejo's are still under embargo:
                              codeberg.org/forgejo/security-

                              Expect to patch around the 9th.

                                [?]Geoff » 🌐
                                @sternecker@infosec.exchange

                                Podman CVE-2026-44517: A breakout can happen during container build using malicious Containerfile and Git Smart HTTP server or GitHub release tar archive. This is weird, essentially it is a path traversal, which has been fixed in 1.43.2.
                                Still pulling malicious code into a container, we can agree, is not ideal path traversal or not.

                                Have not explored the exploitation on this one.

                                  [?]Bryan :tng_badge: » 🌐
                                  @bryan@dusty.ninja

                                  I think the title of this blog is a bit misleading. There was definitely a lot of setup and there is still “15 min” of administrative work going on. But a good list of things one can do to maintain a server for their #selfhosting #homelab
                                  https://cleberg.net/blog/homelab-maintenance.html

                                    AodeRelay boosted

                                    [?]Larvitz :fedora: » 🌐
                                    @Larvitz@burningboard.net

                                    New post: IPv6 Foundations.

                                    IPv6 isn't "the future of the internet." It's the internet. IPv4 is the relic we keep alive on NAT life support.

                                    A laid-back tour through the basics: how the addresses are built, the two rules for crushing out the zeros, a /64 per subnet so you stop counting hosts, SLAAC, and why blocking ICMPv6 is a self-inflicted wound.

                                    And no, dual-stack isn't a destination. It's a burden.

                                    blog.hofstede.it/ipv6-foundati

                                      [?]Self-Hosted Feed » 🤖 🌐
                                      @selfhosted_bot@fd.mrmave.work

                                      🎶 pldubouilh/gossa

                                      🎶 a fast and simple multimedia fileserver

                                      Serves multimedia files with a fast dependency-free web UI featuring uploads, streaming and note editing

                                      ⭐ Stars: 1094
                                      📅 Last Update: Jun 28, 2026

                                      github.com/pldubouilh/gossa

                                        AodeRelay boosted

                                        [?]Yehor 🇺🇦 » 🌐
                                        @yehor@mastodon.glitchy.social

                                        It's been a full week of instance working with S3 storage implemented with two-node cluster.

                                        28.2 GB
                                        141 663 objects

                                        Doing perfectly fine for now. Also much faster than with Object Storage. Also for now.

                                          [?]Alex 🐘 » 🌐
                                          @alsivx@livellosegreto.it

                                          Sto cercando una soluzione per segnare note/appunti/idee, che sia preferibilmente sincronizzabile e . Tra i papabili candidati, ho trovato: , e .

                                          La scelta principale ricadrebbe su Joplin Server, in , per via della sua natura "cloud". Pareri in merito? Dovrei considerare altro? Avete suggerimenti?

                                          Eviterei soluzioni tutto in uno come , che installerei comunque ma a parte, per compartimentare meglio e avere un servizio dedicato ad ogni scopo.

                                            AodeRelay boosted

                                            [?]Elena Rossini on GoToSocial ⁂ » 🌐
                                            @elena@aseachange.com

                                            European institutions seem to be all in when it comes to introducing age verification mandates for citizens in member states: https://digital-strategy.ec.europa.eu/en/library/commission-sets-out-common-approach-eu-wide-age-verification-technologies

                                            I now have daily anxiety thinking about the future of the fediverse.

                                            So how do I channel this fear and turn it into something constructive? I'm going back to writing #selfhosting guides for newbies.

                                            It's a great distraction, which gives me a bit of hope. Especially the next guide, which will cover my favorite fediverse software - #GoToSocial (which is powering this instance) - and how to install and configure it. Your own little home on the fediverse! Lightweight and features-packed.

                                            Surely something like this would fall outside the scope of regulation. Right? Right?

                                            #MySoCalledSudoLife #YunoHost #VPS #AgeVerification #privacy #EUBigTech

                                              [?]edafe knabe » 🌐
                                              @me@edafe.social

                                              "You have limited resources and want Syncthing to use as few as possible. You care less about performance."

                                              Also consider increasing the full scan interval on folders that change infrequently.
                                              docs.syncthing.net/users/tunin

                                                AodeRelay boosted

                                                [?]Yehor 🇺🇦 » 🌐
                                                @yehor@mastodon.glitchy.social

                                                I'm moving my location history from to , because GeoPulse is awesome.

                                                Timeline Generation. Geocoding locations: 20 out of 2086. 1136 of 3203 locations geocoded (2067 pending).

                                                Alt...Timeline Generation. Geocoding locations: 20 out of 2086. 1136 of 3203 locations geocoded (2067 pending).

                                                  AodeRelay boosted

                                                  [?]o/1MS\o ⌨️🐧 | #WeAreNatenom » 🌐
                                                  @db_geek@norden.social

                                                  Bei Podman 6 gibt es einige grössere Änderungen, welche eventuell zu Problemen führen können.

                                                  Aktuell ist das neue Major Release noch nicht bei meinen Systemen angekommen, aber ich habe mir schon mal angesehen, was da demnächst kommt.

                                                  linuxiac.com/podman-6-0-lands-
                                                  github.com/podman-container-to
                                                  byteiota.com/podman-6-migratio
                                                  blog.podman.io/2026/06/podman-

                                                  @homelab_de

                                                    [?]Smeldr » 🌐
                                                    @smeldr@mastodon.social

                                                    Self-hosters: what's the actual dealbreaker that makes you walk from a tool?

                                                    Making sure I ship none of them.

                                                      AodeRelay boosted

                                                      [?]Meikel Bloch » 🌐
                                                      @meikel@social.shellstube.de

                                                      📓 Neuer Beitrag auf Shellstube:

                                                      OPNsense: Eigene Firewall fürs Homelab mit VLANs

                                                      OPNsense übernimmt die PPPoE-Einwahl (FritzBox nur Bridge), fünf VLANs trennen Management, Clients, Gäste, Infrastruktur und IoT, ein Managed Switch trunkt die VLANs und ein Omada-AP strahlt getrennte WLANs aus — ein professionell segmentiertes Heimnetz statt Consumer-Router.

                                                      shellstube.de/anleitungen/opns

                                                        [?]Owl Eyes » 🌐
                                                        @d1@autistics.life

                                                        @Richard_Littler You're not wrong, but the culture I see doesn't want to invest any trust to speak of in the alternative solutions of the SelfHosters of the world. The SelfHosters know how to make this grassroots internet you suggest, but they all do it in a different way. The normies of the world can't bear losing network effects, to adopt a frayed variety of solutions, where there are no network effects anywhere. The "consensual emotional clan warmth", for lack of a better term (which the status quo affords; using big tech Social media), would be lost, and although they won't come out and admit it, this isn't a thinkable, bearable loss to the normies.

                                                        You're up against a wall of unbearable emotional loss; alas this isn't really about logic.

                                                          [?]Geoff » 🌐
                                                          @sternecker@infosec.exchange

                                                          This one seems interesting.
                                                          Podman CVE-2026-57231
                                                          A malicious container image with a malformed Env entry (a key with no value) can trick podman run into leaking the host environment variables into the container. The wildcard glob makes it worse, it can return all host env vars from the launching session without knowing their names.


                                                            [?]Geoff » 🌐
                                                            @sternecker@infosec.exchange

                                                            The "weaponization watch" script pulled up two Debian-13 kernel root exploits with public PoCs that the KEV list doesn't include:
                                                            CVE-2026-46331 "pedit COW" weaponized sometime around 6/16, unprivileged user to root on Debian 13 trixie (the user namespaces is open by default).
                                                            RHEL 10 is also in scope (again, local priv escalation not remote.)
                                                            CVE-2026-46333: ptrace logic flaw, local root + credential disclosure, exploits circulating.
                                                            Then from yesterday:
                                                            DirtyClone (CVE-2026-43503) confirmed against Debian.

                                                              AodeRelay boosted

                                                              [?]rootwerkstatt » 🌐
                                                              @rootwerkstatt@mastodon.social

                                                              AodeRelay boosted

                                                              [?]Yehor 🇺🇦 » 🌐
                                                              @yehor@mastodon.glitchy.social

                                                              I was researching a way to get to my home network remotely when my is unreachable, as I’m using it as an identity provider for . Turns out One-Click VPN is like Tailscale, but with the server on your router. Also, it is actually a so you can connect any server to it. Looks like a good alternative for Tailscale.

                                                                [?]Nikolai Hampton 💾 » 🌐
                                                                @nikolaihampton@infosec.exchange

                                                                HOLY CRAP... a RAID (albeit a faux 'SnapRAID') just saved my files! AND it did it in minutes!

                                                                I have NEVER had a RAID give me anything but grief. EVER

                                                                I mean in 30 years of running RAIDs, I've never had anything but dead controllers and week long rebuilds that failed!

                                                                I love you SnapRAID!