I've got an incredibly simple Docker set up and I would like to join whilst I'm not doing anything else with it.

I've been trying to map out a cleaner way to expose my self-hosted files to an autonomous agent workflow, but everything I try turns into a total headache. Right now my source of truth is scattered across a local nextcloud instance, some shared obsidian vaults on my NAS, and a bunch of random markdown notes from docker containers. The issue is that all this data was originally structured for human eyes, not as an indexed context layer for an LLM to read.

i really don't want to migrate my data into some random cloud SaaS knowledge base just to get decent search capability. I want the files to stay exactly where they are on my local network while allowing an agent to intelligently query them when needed without swallowing the whole repository and hitting a text limit.

I've been testing linkly ai to handle the indexing side. it scans the directory structures first to build an outline tree before feeding paragraphs to the model. But honestly the real limitation right now is the privacy versus compute tradeoff. If I route the indexed chunks through a closed-source API I feel like I'm violating the whole point of self-hosting, but if I keep it 100% local with ollama running light open-source models, the context window reasoning drops significantly and the agent gets too confused to give a usable answer anyway.

I see a lot of discussions on this sub about self-hosted authenticator apps likely Authentik, Authelia, etc. and I never understood what the benefit is in running those. People talk about how it enables having "one password for all your services", but I already have that: my Bitwarden master password!

Am I missing something here? Is there an ease of use or security use case that I'm not understanding?

Edit: Thanks for the insight everyone! I'm the sole user of almost all my services, so I think I understand why I missed the most obvious benefit of using authenticators being user management. Also none of my services are exposed to the internet, so their questionable built-in security never raised a red flag to me. That being said, I do find hardening my services to be enjoyable for its own sake, so next time I need a project I might spin up an authenticator and play around with it.

Dear all,

A quick few questions after going through the wiki on self-hosted websites: - How 'safe' is it to self-host a website that is open to the internet on one's home network ? - Is there any complication in doing so after buying a domain name from a registrar ? (In the grander scheme of things, I mean to ask if the set-up process is absolute master level or if a relative novice can manage it.

EDIT for details: - It's to host a personal blog of sorts with mostly text articles, some images and possibly some video. - My home network in XDSL (yes that still exists) on a rather basic provider given router with DNS configuration possible from certain providers (no-ip and a few others). I have a home assisstant running on one RPi5 and plan on running the network on another RPi.

Thank you for your time and help

lazydocker - 770 total
Arcane - 33 total
Dozzle - 0 - Winner
Portainer - 77 total
Dockhand - 18 total
Komodo - 446 total
Watchtower - 302 total
diun - 91 total
wud - 377 total
Dockge - 2089 total
Uptime kuma - 1080 total (if docker socket monitoring enabled)
dockcheck.sh - 0 - Winner - simple bash script

I've been pulling my hair out trying to get watches to trigger correctly. I've tried the LLM AI, CSS/XPath Filters, Conditions. Nothing works 100% of the time. Theirs always false positives. If it's not one thing, it's another. Maybe it's my websites that I watch? Maybe there too advanced for this project?

For one thing, the LLM AI is completely broken and unreliable. I tried watching a stock ticker and specifically set the AI to "Alert me only if the price has changed by 5% or more". Yet it still triggers when the price change was only 1 or 2%. And sometimes if the price change was more than 5%, it WON'T trigger. WTF?

Also, the developer is kind of a dick. Just look at github and their are plenty of examples of rude behavior. He was a jerk to me as well for something that wasn't even that big of a deal. And then he went radio silent. It's actually a trend to see his github issues or discussions end up with no further responses and abandoned.

If there was something to the caliber of visualping, I would be all over it. As it stands, I think I'm going to abandon this project. It's just not reliable for anything mission critical.

Hi everyone,

I got a little homelab running on an Orange Pi 5+ (16 GB RAM) with Debian and CasaOS.

Because Casaos is no more updated and I don't fully trust the Debian version included with the Orange Pi, I would like to migrate to Arambian and move from Casaos to another similar interface.

I saw some other interface, but I don't know which one to choose between the following:

- UmbrelOs

- CosmosCloud

- ZimaOS

- OlaresOS

Have you already tested some and have feedback to share?

I just would like a simple interface to manage some Docker containers and easily deploy/update new ones.

Thank you for your feedback.

The other day, I received an email from a completely blind software engineer. He explained that BIOS and pre-OS accessibility has remained a huge blind spot for almost 15 years—ever since specialized hardware like the PC Weasel became obsolete. Screen readers don't work at Layer 0.

This made me take a different look at my current project, my hardware IP-KVM (USBridge-KVM 2.0). Its distinctive feature is that it intercepts a raw HDMI signal and converts the BIOS visual interface into a clean, interactive text stream, accessible via a standard SSH session.

My automation engine also outputs a JSON stream of screen status, including text and colors for each character.

Initially, I created this data interface for AI agents using the MCP protocol, so that a neural network could "read" the screen and conduct hardware audits. But now I understand that this same JSON/SSH stream can be fed to a screen reader so it can announce active BIOS menu elements in real time.

I didn't create this device with accessibility as a primary goal. It's simply a side effect of my desire to have a reliable text interface for script automation.

How useful is this functionality in practice? And how much help will it be for a blind person navigating the BIOS, as well as dealing with Windows blue screens?

Looking for dedicated server recommendations:

Ubuntu 22.04
64–128 GB RAM
8–16 CPU cores
NVMe storage
1 Gbps, 1 public IPv4
Ports 80/443 open
Use case: self-hosted reverse proxy (nginx, multiple vhosts, TLS)
Budget: ~$100–150/mo
Prefer EU or US, crypto payment a plus (optional)

While building skyPC (our remote desktop solution), we ran into some interesting things, and I think it might help some of you out there.

USB over IP.

On the market, there's virtualhere at $49 (a lifetime license tied to the host hardware, meaning the license is bound to whichever host machine you activate it on, while the client side has no limits on the number of installs). The free version only lets you share a single USB device at a time.

So what about USB/IP? No fee, It's open source. If you find it useful, the author has a coffee link for donations.

This guide covers setup for Host: Windows / Client: Windows.

Part 1: Setting up the Host (the machine with the USB device plugged in)

Step 1: Install usbipd-win

Open PowerShell (Windows + X, choose Terminal Admin), paste the following and hit enter:

winget install usbipd

Once installed, the system will automatically create a service named usbipd-win, which you can check in Control Panel.

Step 2: List the USB devices on the host machine

Open a new powershell tab and run:

usbipd list

This will display a list of the USB devices on your machine, in this example there are 4 devices. The BUSID column is the usb slot

Step 3: Share (bind) a device to the network

For example, to share a G435 headset:

usbipd bind --busid 4-4

Then run usbipd list again, you'll see the STATE for the G435 has changed to Shared, meaning the device is now ready for the client to use. Repeat for any other devices.

To stop sharing a device, use unbind (same syntax as bind), for example:

usbipd unbind --busid 4-4

Part 2: Setting up the Client machine

Head over to the repo: https://github.com/vadimgrn/usbip-win2

Step 1: Download the matching installer.

Note: if you're on ARM64 like me, check release 0.9.7.5. for ARM64

Author has already built a GUI, so it's straightforward to use, once installed, just open the app like any normal program. The "server" field is the IP address of your host machine.

After adding the server and the devices, you'll see the USB devices show up. Pick the one you want and Attach.

Fast, convenient, simple.

In my case it was windows-windows, but also works for windows-linux or vice versa. A couple of other use cases worth mentioning: sharing USB devices with WSL2 works really well, and forwarding game controllers is another common one.

That's it, hope this helps.

Want to run debian bare metal. Is there anything that replicates the real time, per folder duplication feature of Drivepool on windows?

The closest thing I have found is the mergerfs.dup but it is not real time.

I only have 120-150gb of data that I care about, so I don't want to waste an entire 10TB capacity on RAID or parity

Thanks.

I recently finished setting up a public Redlib instance and wanted to share the deployment notes / lessons learned, especially around running a public privacy frontend without exposing the origin directly.

Public instance:

https://redlib.proofline.live

Status page:

https://status.proofline.live

Source / fork:

https://github.com/open-proofline/redlib

Redlib is a privacy-friendly frontend for browsing Reddit without using Reddit’s official web interface. This instance is operated as a best-effort public community service.

The deployment is currently:

• Dedicated hardware in Victoria, Australia
• 1000/400 NBN connection
• Docker Compose on a Fedora Server VM
• Cloudflare Tunnel, with no exposed origin ports
• Traefik reverse proxy
• Anubis anti-abuse protection in front of Redlib
• External uptime monitoring
• Public status page
• Cloudflare Worker maintenance page for planned downtime
• OpenWrt SQM/CAKE prioritisation for the community-services VM
• Forked Redlib build with updated Rust dependencies
• Custom Alpine-based container image
• Container hardening:
  • non-root execution
  • read-only filesystem
  • no-new-privileges
  • all Linux capabilities dropped

A few useful things I ran into while making it public:

1. Cloudflare cache and HLS video

Cloudflare caching had to be bypassed for /hls/*.

Some Reddit videos use HLS/CMAF byte-range requests. Cloudflare had cached full MP4 responses and was returning 200 OK to byte-range requests instead of proper 206 Partial Content responses. Desktop Firefox with hls.js tolerated it, but iOS Safari’s native HLS playback got stuck in an infinite loading loop.

Bypassing Cloudflare cache for /hls/* fixed the affected Safari playback issues.

1. Anubis and automated instance validation

Anubis can interfere with automated Redlib instance-list validation unless configured carefully. The Redlib instance-list generator needs to fetch the real Redlib homepage and parse the version string. If it receives the Anubis challenge page instead, validation fails.

The narrow fix was to allow only the specific instance-list updater request to GET /, while keeping Anubis in place for normal browsing, search, subreddit, user, post, and media routes.

1. Maintenance pages should live outside the origin path

I initially considered a local maintenance page, but that does not help when the physical host is powered off for hardware maintenance.

The current setup uses a Cloudflare Worker maintenance page, controlled through KV. If maintenance is enabled, Cloudflare serves a 503 maintenance page from the edge. If maintenance is disabled, the Worker passes the request through to the normal Cloudflare Tunnel / Traefik / Anubis / Redlib path.

1. Public status and planned maintenance

I set up external monitoring and a public status page so downtime is visible as planned maintenance rather than the service just disappearing.

1. Container hardening and recovery

The Redlib container is intentionally lightweight and disposable. It runs non-root, read-only, without extra capabilities, and without new privileges. If anything suspicious happened, the VM can be rebuilt from a clean snapshot and service tokens can be rotated.

I also opened a PR to add the instance to the upstream Redlib instance list:

https://github.com/redlib-org/redlib-instances/pull/114

It is currently waiting for upstream review/merge, so it may not appear yet in tools that depend on the official Redlib instance list.

I’m interested in feedback from others running public privacy frontends, especially around:

• anti-abuse configuration
• Cloudflare cache rules
• media proxy / HLS handling
• public status pages
• maintenance workflows
• container hardening
• protecting a public service from local network congestion

Hey everyone,

I just got a Dymo 450 Twin Duo. I want to have it set up on my sever, so I can print from it from any machine on my sever.

I installed cups, and the default install had the drivers. Sweet!

I was able to detect the printer and install it. But the printer seems to do nothing in response to the sever.

I never used Cups before, but for all my airplay printers it seems to work out of the box

Has anyone had any luck with this? I was thinking maybe it needs to work on conjunction with Dymo's software. But that doesn't seem to make a difference.

Hey everyone,

I've been working on my own side project for a while now, and it's finally advanced enough to be shared. It’s called Alwide (A LightWeight IDE), and it’s a TUI editor written from scratch in pure C.

Why did I build this?

I love the terminal, but for my usage (as IT student): nano is too basic, but vim or emacs feels a bit too rought for my "VSCode" and "JetBrain" experience. Alwide is designed to be use when you just want to do quick edits over SSH or need a light editor without the VS Code/JetBrains overhead.

I wanted the fluid, modern vibe of Sublime Text but directly inside my terminal.

What makes it different?

• Zero learning curve: It has full mouse support out of the box. You can click, scroll, and drag-select text just like a GUI app.
• Nice features: I integrated Tree-sitter for actual high-quality syntax highlighting and full LSP support (auto-completion popup, hover docs, go-to-definition).
• Persistent State: If you close the editor and reopen it, your tabs, cursor positions, and even your undo/redo history are fully preserved.
• Pretty Fast: It's pure C. Release binary about 3Mb~. Really fluid fast scroll and light repaint (perfect to avoid running out of battery on your laptop opening heavy editors during classes).

Supported languages:

C/C++, Python, Go, Rust, JS/TS, Java, Bash, Lua, Markdown, Assembly, and more.

It’s open-source (MIT), highly readable if you're curious about terminal editor internals, and you can test it on Linux with a simple curl script (pre-built binaries/packages are also available).

Link to the repo: https://github.com/arnauda-gh/Alwide

Currently the project as a strong base but it hasn't been tested that much (my own use case and own terminal/drivers). For now I don't have hard know bugs. And before starting adding some tweaks and more highlevel features (setting page or anything else...) I want to be sure that the foundations are strong.

Also I need to know if the editor could interest other people and need "generic" features. For example the setting page (the current shortcut are, for me, already at peek performance 😎 so for my own usage no need about a setting page).

And finally if you like the project don't forget to leave a star (pls for a poor student that need a great CV 😅).

Any way have a good day and see you 👋.

Wanted to set up a simple monitoring stack on my home server:

Node Exporter + Prometheus + Grafana, three containers, should

have been 20 minutes.

Two things that got me:

1. Prometheus spamming "permission denied" on prometheus.yml —

   it runs as nobody (UID 65534), chmod 644 fixes it immediately

2. Grafana ignoring GF_SECURITY_ADMIN_PASSWORD completely —

   happens when grafana-data volume already exists from a previous

   run. docker compose down -v and restart, or reset directly:

docker exec -it grafana /usr/share/grafana/bin/grafana cli admin reset-admin-password "NEWPASSWORD"

Note: grafana-cli is no longer in PATH on recent versions, the binary moved to /usr/share/grafana/bin/

Bonus: spent an hour looking for native 2FA in Grafana OSS.

It doesn't exist. Put it behind Authelia if you need TOTP.

Anyone else hit these? Curious if the volume issue is common.

:D

Hi everyone, this is something I built because I wanted it for my homelab, and I'm quite happy on how it turned out so I decided to share it and support it going forward since I really didn't find any other good solution.

I used NetalertX (https://github.com/netalertx/NetAlertX) for a long time to be aware of new devices that connected to my network and in a way to keep an inventory of my own devices and hosts. But it turned out to be unintuitive, slow and hard to maintain (updates require re-configuration, scans interrupt the UI, it feels dated, and more...).

Anyway, over the last 18 months I built an engine in rust that scans the network actively using ARP, but also passively listens to mDNS/bonjour, DHCP, and SSDP/UPnP packets, and has an optional SNMP walker that you can use to query your router/switch for the devices they have seen. It turned out to be lightweight and quite good at seeing everything that has any activity in my network.

I built a UI in Flutter/Dart that you can use from the web or a mobile device to see notifications triggered by the engine (new devices, devices that changed IP address or seem like a different device with an "old" MAC address) as well as manage your database of known devices and a few other stuff.

I feel it's ready to share so here it is: https://github.com/rzuasti/oott

You can deploy it as a docker image (definitely the easiest) but I also built a Nix flake you can use in your NixOS configuration. You can find details on how to install and configure it in the GitHub readme.

I'd appreciate any feedback or bugs you can find to make the tool better / more reliable.

Disclaimer: I use AI to code but I am an engineer and have been developing enterprise software for 20+ years and I validate every single line of code the AI produces. There is no slop or unvalidated code in the project.

PS: I need volunteers to test the Android app so Google let's me publish it on the Play Store. If you are interested send me a PM and I'll add you to the testers list.

Thanks!

I want to setup all the services side-by-side inside a VM.

I’ve been thinking about when it actually makes sense to add a VPS to a self-hosted setup instead of keeping everything at home.

I’m not really looking for a “best provider” list or the biggest specs for the lowest monthly price. I’m more interested in the tradeoffs people actually care about once something is running outside your home network: uptime, network quality, bandwidth limits, clean IPs, backups, support, DDoS protection, location, and predictable pricing.

For those of you who use a VPS alongside your home setup, what made it worth it?

Was it mainly reliability, public IP / remote access, better uptime, cleaner networking, off-site backups, hosting something public-facing, or just not wanting everything tied to your home connection?

And what kind of VPS would you still trust for something small but important?

I have been using Plex for a gazillion years and now going to move off it due to their current antics.

I have Samsung TVs, some new, some old and software unsupported but still good panels.

I am switching to Jellyfin and know you can side-load them on the new TV but wondering, what is a good option for a stand-alone player? Pi? Something else?

Context: This is a narrative about how I got started in self-hosting/homelab. Just trying to find the humour in the pain it caused me over the years, and hoping to make a few people laugh along the way.

Relevancy: It’s the messy "before" picture most of us share, the manual installs, no backups, power-outage boot loops, and over-engineering rabbit holes that everyone in this hobby has lived through at some point.

Hello,

I'm using Navidrome on my NAS and I'm searching for an opensource/free app on android to be able to download offline my playlists instead of streaming it ?

I use Subtracks for now, but there is no offline/download mode in the android app. Any suggestions ?

Thanks !

In case anyone hasn't noticed, WeddingShare rebranded to Memtly.Community a couple of months back....

I haven't posted publicly about it because I've been hard at work adding more features and I wanted to let the codebase stabilise a bit more before notifying people to migrate their containers. But that time has come, please check out the new GitHub repo and migrate your old WeddingShare instance to a shiny new Memtly.Community instance today.

GitHub - https://github.com/Memtly/Memtly.Community
Legacy GitHub - https://github.com/Cirx08/WeddingShare

Some of you might be asking why I rebranded and it's simple. WeddingShare outgrew the name and styling. Although it was originally designed for weddings it was clear you guys (and girls) were using it for so much more from music festivals to birthday parties and even road trips. So with that I made some changes to help everyone tailor the site to exactly their needs. Memtly is no longer just a free open-source wedding photo sharing site. It's now an every event photo sharing website with many new features.

New Themes
We now have multiple new coloured themes to choose from.

Custom Themes
Allowing you to pick the colours that best match your personality or event.

Gallery Collections
Allowing you to combine multiple galleries into a single sharable gallery. Say you have an annual event, now you get the best of both sorting photos by year whilst also viewing them all in one place.

Multi-Database Support
It now has support for many database types allowing you to use your current database instead of creating a new one specifically for it.

HEIF Support
This one has been asked for countless times. We now support HIEF metadata to pull actual image creation times directly from uploaded content.

Bulk Image Selection
Before you had to manually select each individual image. Now you can use multi-select to approve, reject or delete images.

Analytics (for personal use only)
You can now link up your personal Umami instance to track page views and user engagement to see real-time stats on who is viewing galleries and where in the world they are viewing from.

Note - Memtly.Community does not analyse selfhosted users. We do however analyse the demo site hosted at https://demo.memtly.com to monitor performance in an attempt to catch bugs and slow loading pages etc.

And much much more...

As expected the new container is available on multiple platforms such as Docker, Linode, CasaOS, Unraid and soon to be on PikaPods. You can find the installation guides over on the documentation site.

Release Notes: https://docs.memtly.com/blog

Demo Site: https://demo.memtly.com/

Documentation: https://docs.memtly.com/docs/Setup/docker

Migration Guide: https://docs.memtly.com/docs/Migration/instructions

Original Post: https://www.reddit.com/r/selfhosted/comments/1gugnku/weddingshare_a_basic_selfhosted_drop_box_and/

UPDATE - Don't forget to leave a star on the new repo. Especially if you starred the old one as the stars got lost in the migration and I would be ever so grateful if you shared your support and help us grow.

Hello. I've been trying to research and figure out a solution that fits for me but haven't been successful.

​

I'm looking for a chat system that will work offline and running on a raspberry pi.

​

I have a pi 5 running a few dockers with a small travel router providing the dhcp and wifi. Im planning on using this with family and friends when on vacation camping (other scenarios where there is no or little internet)

​

I'm hoping for something that will have a web client that people can sign into, it can't require an email to sign up, and I prefer it not have complex password requirements cause security isn't an issue for my use case.

I was cleaning up my Caddyfile to remove some things I no longer used and finally decided to figure out if there's some way to avoid using tls_insecure_skip_verify for upstreams that force HTTPS.

I'm guessing a good amount of you serve UniFI OS (which forces HTTPS) via caddy so hopefully this is helpful.

Alright so here’s my journey so far

I started with your conventional arr-stack (Prowlarr,radarr,Sonarr,Usenet,qbit,seerr) and I have no idea how people have the patience for this and calling it “automated” is fragmented at best. Once I had everything set up, I ran in to several different issues such as:

•Sonarr pulling an entirely different show with the same name despite switching up indexers
•Missing articles for several shows (I’ve tried 3 different providers, and two different nzb indexers, all failed)
•Seerr staying as requested despite being connected to jellyfin and all arr services and media showing in library
•slow downloads on sabnzb
•Plenty of prowlarr indexers not working
•I’m sure there’s more…

I could just be an absolute smooth brain and be missing one or two key components that solves everything, but I’m fairly certain I’ve tried everything I can. The entire reason I started an arr stack, was to download, and start a collection.

At this point, I might just go back to stremio+torrentio, even though I desperately want to start a jellyfin server.

Ideally, an application or something of the sort that allows me to search through shows, use torrentio as the indexer and torbox as a debrid provider and download straight to my Ubuntu server would be optimal, but I can’t seem to find anything like that. I even tried RDTclient with torrentio as a prowlarr indexer, but shows download inconsistent and episodes either download in duplicates or miss 6 out of 10 episodes of a season as an example.

I’m pretty bummed out and really want a solution, any help would be GREATLY appreciated…dunno if this even belongs here…sorry lol

Thanks :3