Hey everyone,

I’ve been using Linode for a long time and have always been happy with their service. The performance is solid, and their tech support has been great whenever I’ve needed help. However, I’ve started to feel the pinch with their pricing—it’s definitely on the expensive side.

Recently, I decided to try out Hostinger’s VPS offering to spin up a Bluesky PDS and see how it compares. So far, I’ve had a good experience with their tech support as well, but I’m curious about the bigger picture.

Has anyone here used both Linode and Hostinger VPS? If so, how do they compare in terms of:

• Performance (CPU, RAM, disk speed, etc.)
• Uptime and reliability
• Ease of use (control panel, setup, etc.)
• Value for money

I’m especially curious about how Hostinger manages to charge so much less than Linode. Is there a catch, or is it just a different business model? If you’ve used both, do you think Hostinger is a better option overall, or is Linode worth the extra cost?

Would love to hear your thoughts and experiences!

Thanks in advance!

How digitally independent are you?

As the title says, what logging and/or alerting setup do you have? I've used graylog in the past, but find it a bit too complex and "heavy". I would like to something a bit more lightweight. Alternatives I've looked into:

• Dozzle - this looks nice, and would have been a perfect fit but it looks like it's only for docker containers, I would like to collect all syslogs and everything in one place
• Grafana Loki - Haven't looked too much into this, but considering replacing Graylog with this. I don't know if it feels less complex so I'm a bit on the fence.

Any other recommendations?

A few days ago I noticed a marketing email sent to my Zima alias. Apparently lots of other people also noticed this and were not happy. Attached is the IceWhale response.

I'm in the UK and looking to switch over to a UK host provider. Can anyone recommend IONOS for the uk? I'm considering a fairly low-spec VPS. Even with VAT, their prices will be about 3/4 of what I'm currently paying.

I’m trying to find an iOS client that lets me point to my self hosted LocalAI instance. Thanks!

cross-posted from: https://lemmy.dbzer0.com/post/39598489

Looking for privacy-focused web analytics? My new blog post breaks down Plausible Analytics - comparing cloud vs self-hosting options, with practical setup tips from my own experience. Learn how to bypass Google Analytics without sacrificing insights! #WebAnalytics #PrivacyFirst

https://lnk.clifmo.com/MB4oX

It's been a while since I noticed that but I can't find the reason. I selfhost :

• a linkding with docker
• a writefreely
• a bludit blog
• a CalDav (radicale)

There is a syncthing running for backups done with borg at night (automated with a crontab).

When I htop, I don't see anything to hint me to what is causing the heating.

Any ideas of what I could do to investigate that?

Thanks a lot.

A self-hosted URL shortener: Shlink - Keep control over all your shortened URLs, by serving them under your own domains, using this simple yet powerful tool. https://shlink.io/

I was very surprised to find this mature, full-featured URL shortener. It's written in PHP and includes Geoblocking so your shortener isn't abused.

A Docker quick-start guide: https://lnk.clifmo.com/ljk13

Hi all. Hoping someone in the #SelfHosting community can help. I'm trying to set up #Linkwarden in #Docker behind #Caddy. The service is running, but I'm unable to create a user account. This is what I see in my browser console when I try:

register:1 [Intervention] Images loaded lazily and replaced with placeholders. Load events are deferred. See https://go.microsoft.com/fwlink/?linkid=2048113register%3A1 [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://www.chromium.org/developers/design-documents/create-amazing-password-forms) <input data-testid=​"password-input" type=​"password" placeholder=​"••••••••••••••" class=​"w-full rounded-md p-2 border-neutral-content border-solid border outline-none focus:​border-primary duration-100 bg-base-100" value=​"tyq5ghp!QVH-mva1agc">register:1 [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://www.chromium.org/developers/design-documents/create-amazing-password-forms) <input data-testid=​"password-confirm-input" type=​"password" placeholder=​"••••••••••••••" class=​"w-full rounded-md p-2 border-neutral-content border-solid border outline-none focus:​border-primary duration-100 bg-base-100" value=​"tyq5ghp!QVH-mva1agc">Errorapi/v1/users:1 Request unavailable in the network panel, try reloading the inspected page Failed to load resource: the server responded with a status of 400 () Failed to load resource: the server responded with a status of 400 ()

compose file:

services:  postgres:    image: postgres:16-alpine    container_name: linkwarden_postgres    env_file: .env    restart: always    volumes:      - ./pgdata:/var/lib/postgresql/data    networks:      - linkwarden_net  linkwarden:    env_file: .env    environment:      - DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@linkwarden_postgres:5432/postgres    restart: always    # build: . # uncomment this line to build from source    image: ghcr.io/linkwarden/linkwarden:latest # comment this line to build from source    container_name: linkwarden    ports:      - 3009:3000    volumes:      - ./data:/data/data    networks:      - linkwarden_net    depends_on:      - postgresnetworks:  linkwarden_net:    driver: bridge

Relevant part of .env file:

NEXTAUTH_URL=https://bookmarks.laniecarmelo.tech/api/v1/authNEXTAUTH_SECRET=x8az9q9w8ofAxnrVcer2vsPHeMmKSPbf Manual installation database settings# Example: DATABASE_URL=postgresql://user:password@localhost:5432/linkwardenDATABASE_URL= Docker installation database settingsPOSTGRES_PASSWORD=redacted# Additional Optional SettingsPAGINATION_TAKE_COUNT=STORAGE_FOLDER=AUTOSCROLL_TIMEOUT=NEXT_PUBLIC_DISABLE_REGISTRATION=falseNEXT_PUBLIC_CREDENTIALS_ENABLED=true

Caddyfile snippet

*.laniecarmelo.tech {    tls redacted {        dns cloudflare redacted    }    header {        Content-Security-Policy "default-src 'self' https: 'unsafe-inline' 'unsafe-eval';             img-src https: data:;             font-src 'self' https: data:;             frame-src 'self' https:;             object-src 'none'"        Referrer-Policy "strict-origin-when-cross-origin"        Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"        X-Content-Type-Options "nosniff"        X-Xss-Protection "1; mode=block"    }    encode br gzip    # Bookmarks    @bookmarks host bookmarks.laniecarmelo.tech    handle @bookmarks {        reverse_proxy 127.0.0.1:3009    }}

Can anyone help? I have no idea how to fix this.
#SelfHosted #CaddyServer #Linux #Tech #Technology
@selfhost @selfhosted @selfhosting

cross-posted from: https://lemmy.selfhostcat.com/post/232194

I found cryptpad, it seems nice. I already use NC but not for editing.

I have a VPS that I use to host a Nextcloud instance for my family. I host it there because my internet can be unreliable at times due to my rural location. I have an Unraid server at home that I use to host several services, but most file storage, for my family on our local network.

Previously I've been using https://github.com/juanitomint/nextcloud-client-docker to sync my files hosted on my VPS with my local Unraid server for each of my users. It has worked well for a few years, up until last week when I upgraded my Nextcloud on the VPS to 31.0.0.

I don't use the Nextcloud Client because I can't find it in a docker and I have multiple users I'm syncing to their appropriate file shares.

I've tried a few other Webdav related dockers to sync and I'm not having much luck. Most of them only seem to sync the main folder, so maybe I'm missing some argument or something?

Any advice or help is appreciated!

The official docker image is still at v0.11 and was last updated in 2016. It looks like maybe trunk is at 0.12, but, as far as I can tell, that a rolling release. My prosody install is too important to go with a rolling release.

Both the alternatives that they point to are similarly old;

• v0.11.13

https://github.com/OpusVL/prosody-docker/

• v0.11.x (?)

https://github.com/unclev/prosody-docker-extended

My server is langishing on the unclev image. I'd like to migrate to something with 0.12 and have a bit more confidence in its resiliance.

On my truenas scale machine, I have a container for gluetun and one for qbittorrent (among others). Maybe a couple times a week, I notice that the VPN connection gets flakey. Qbittorrent speeds go down into the kb/s range. This promps me to carry out an annoying, manual process:

1. I pause all torrents in qbittorrent webui
2. I stop both the qbit and gluetun containers
3. I start the gluetun container
4. I give the gluetun container adequate time to connect (since the qbit container depends on the gluetun network, attempting to start both at the same time yields an error on the qbit side)
5. I start the qbit container
6. I resume all torrents in the qbittorrent webui

Is there any easy way to automate this process? Preferably one that doesn't require me to learn ansible? I'm hoping the solution could all be done via portainer - which I use.

Thank you in advance.

Hi everyone,

I'm encountering an issue with my self-hosted setup using Caddy 2.9.1 and Authelia 4.38.19. All domains except auth.laniecarmelo.tech return a 401 Unauthorized error. Journald logs suggest issues with insecure schemes ('') instead of https or wss.

Details:

• Setup: Caddy as reverse proxy, Authelia for authentication
• Domains: AdGuard Home, Forgejo, LinkAce, MiniFlux, TheLounge, Homepage, Beszel, Glances, Uptime Kuma, Tandoor Recipes, BookStack, Watchtower, Portainer
• Logs:
  Authelia:
  Feb 24 21:01:47 stormux authelia[2932]: level=error msg="Target URL '/' has an insecure scheme '', only 'https' and 'wss' are supported"Caddy:
  Feb 24 21:19:41 stormux caddy[48845]: {"msg":"handled request","method":"GET","host":"adguard.laniecarmelo.tech","status":200}

Configurations:

• Full Caddyfile and Authelia config: GitHub Gist

Curl Output:

HTTP Request:

$ curl home.laniecarmelo.tech -v< HTTP/1.1 308 Permanent Redirect< Location: https://home.laniecarmelo.tech/

HTTPS Request:

$ curl https://home.laniecarmelo.tech/ -v< HTTP/2 401 < content-type: text/plain; charset=utf-8< server: Caddy401 Unauthorized

Does anyone know what might be causing this? I suspect it could be related to forward_auth or trusted proxies.

Thanks in advance! 🙏

#SelfHosting #CaddyServer #Authelia #ReverseProxy #TechHelp #Linux #HomeLab
@selfhost @selfhosting @selfhosted

Need help with #Caddy configuration. Getting error:
"Error: adapting config using caddyfile: /etc/caddy/Caddyfile:20: parsed 'header' as a site address, but it is a known directive; directives must appear in a site block"

Running #LinkAce behind Caddy. Config has global options block, site blocks for subdomains, and snippets for common configs. Error persists despite:

• Proper indentation
• Blank lines between blocks
• Snippets after global block
• Valid header directives

Full config: https://privatebin.io/?e2b50660d40b8463#Awoq9mqdg5nyNB25xvd1zB8L7mX5m9e9sZJDguegJL2G
Password: bka@zhj@btc4FPR!emr

#SelfHosted #Docker #ReverseProxy #WebDev #Linux #HomeLab
@selfhost @selfhosted @selfhosting

#SelfHosted #LinkAce Bookmark Manager Running, but Unable to Check for Updates or Generate a Cron Token

Hi all. Hoping someone in the #SelfHosting community can help here. I'm running LinkAce in #Docker behind non-Dockerized #Caddy and #Authelia, and most things are working, but I'm seeing "Could not check for updates" at the bottom of each page, and when I tried to generate a cron token, nothing happened except for the generate button graying out. I am seeing one or two 404 errors in my logs, but I don't know if that's causing the problem or not. I don't know much about #PHP applications.

Logs

2025-02-22 23:25:26,460 INFO supervisord started with pid 12025-02-22 23:25:27,465 INFO spawned: 'php-fpm' with pid 82025-02-22 23:25:27,467 INFO spawned: 'caddy' with pid 9[22-Feb-2025 23:25:27] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root[22-Feb-2025 23:25:27] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root[22-Feb-2025 23:25:27] NOTICE: fpm is running, pid 8[22-Feb-2025 23:25:27] NOTICE: ready to handle connections{"level":"info","ts":1740266727.5264525,"msg":"using config from file","file":"/etc/caddy/Caddyfile"}{"level":"info","ts":1740266727.5280282,"msg":"adapted config to JSON","adapter":"caddyfile"}{"level":"warn","ts":1740266727.5280406,"msg":"Caddyfile input is not formatted; run 'caddy fmt --overwrite' to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":2}{"level":"info","ts":1740266727.529092,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}{"level":"warn","ts":1740266727.529331,"logger":"http.auto_https","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}{"level":"info","ts":1740266727.5294206,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x40000bab00"}{"level":"warn","ts":1740266727.530186,"logger":"http","msg":"HTTP/2 skipped because it requires TLS","network":"tcp","addr":":80"}{"level":"warn","ts":1740266727.530195,"logger":"http","msg":"HTTP/3 skipped because it requires TLS","network":"tcp","addr":":80"}{"level":"info","ts":1740266727.530198,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}{"level":"info","ts":1740266727.5412574,"msg":"autosaved config (load with --resume flag)","file":"/home/www-data/.config/caddy/autosave.json"}{"level":"info","ts":1740266727.541271,"msg":"serving initial configuration"}{"level":"info","ts":1740266727.5477707,"logger":"tls","msg":"cleaning storage unit","storage":"FileStorage:/home/www-data/.local/share/caddy"}{"level":"info","ts":1740266727.5541356,"logger":"tls","msg":"finished cleaning storage units"}2025-02-22 23:25:28,555 INFO success: php-fpm entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)2025-02-22 23:25:28,555 INFO success: caddy entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)::1 -  22/Feb/2025:23:25:34 +0000 "GET /index.php" 200::1 -  22/Feb/2025:23:25:34 +0000 "GET /index.php" 404

Docker Compose file

services:  #
***
LinkAce  linkace:    image: docker.io/linkace/linkace:latest    container_name: linkace    restart: unless-stopped    depends_on:      - linkace_db    ports:      - "0.0.0.0:3009:80"    volumes:      - ./.env:/app/.env      - ./backups:/app/storage/app/backups  #
***
Database  linkace_db:    image: docker.io/library/mariadb:11.5    container_name: linkace_db    restart: unless-stopped    command: mariadbd --character-set-server=utf8mb4 --collation-server=utf8mb4_bin    environment:      - MYSQL_ROOT_PASSWORD=${DB_PASSWORD}      - MYSQL_USER=${DB_USERNAME}      - MYSQL_PASSWORD=${DB_PASSWORD}      - MYSQL_DATABASE=${DB_DATABASE}    volumes:      - db:/var/lib/mysql  #
***
Cache  linkace_redis:    image: docker.io/bitnami/redis:7.4    container_name: linkace_redis    restart: unless-stopped    environment:      - REDIS_PASSWORD=${REDIS_PASSWORD}volumes:  db:

.env (secrets redacted)

## LINKACE CONFIGURATION# The app key is generated later, please leave it like thatAPP_KEY=redactedAPP_ENV=development## Configuration of the database connection## Attention: Those settings are configured during the web setup, please do not modify them now.# Set the database driver (mysql, pgsql, sqlsrv, sqlite)DB_CONNECTION=mysql# Set the host of your database hereDB_HOST=linkace_db# Set the port of your database hereDB_PORT=3306# Set the database name hereDB_DATABASE=linkace# Set both username and password of the user accessing the databaseDB_USERNAME=linkace# Wrap your password into quotes (") if it contains special charactersDB_PASSWORD=redacted## Redis cache configuration# Set the Redis connection here if you want to use itREDIS_HOST=linkace_redisREDIS_PASSWORD=redactedREDIS_PORT=6379APP_DEBUG=true# SSO configurationSSO_ENABLED=trueSSO_OIDC_ENABLED=trueSSO_REGISTRATION_ENABLED=trueREGULAR_LOGIN_DISABLED=trueSSO_OIDC_BASE_URL=https://auth.laniecarmelo.tech/  # Your Authelia base URLSSO_OIDC_CLIENT_ID=linkaceSSO_OIDC_CLIENT_SECRET='redacted'SSO_OIDC_SCOPES=openid,profile,email

Caddyfile snippet

{    email laniecarmelo@gmail.com    debug    acme_dns cloudflare redacted    http_port 80    https_port 443    admin :2019 {        origins 127.0.0.1:2019 0.0.0.0:2019 stormux:2019 caddy.laniecarmelo.tech    }}(logconfig) {    log {        output stdout        format json    }}(auth_headers) {    header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"}(proxy_config) {    header_up Host {http.request.host}    header_up X-Real-IP {http.request.remote}    header_up X-Forwarded-User {http.auth.user.id} # Pass user ID    header_up X-Forwarded-Email {http.auth.user.email} # Pass email}(authelia_middleware) {    forward_auth localhost:9091 {        uri /api/verify?rd=https://auth.laniecarmelo.tech/        copy_headers Remote-User Remote-Email Remote-Groups Authorization    }}bookmarks.laniecarmelo.tech {    route {        import authelia_middleware        reverse_proxy localhost:3009 {  # Directly proxy to LinkAce's web server            import proxy_config        }    }    import logconfig    import auth_headers}

Authelia config snippet

    - domain: "*.laniecarmelo.tech"      policy: bypass      networks:        - 192.168.1.0/24    # Local network        - 172.17.0.0/16     # Docker bridge network        - 100.64.0.0/10     # Tailscale network    - domain: "bookmarks.laniecarmelo.tech"      resources: ["^/api.*"]      policy: bypass    - domain: "*.laniecarmelo.tech"      policy: one_factor            - client_id: linkace        client_name: LinkAce bookmarking app        client_secret: redacted         public: false        authorization_policy: one_factor        scopes: [openid, groups, profile, email, offline_access]        redirect_uris:          - https://bookmarks.laniecarmelo.tech/auth/oidc/callback        grant_types: [authorization_code]        response_types: [code]        response_modes: [form_post, query]        userinfo_signed_response_alg: none        consent_mode: explicit        pre_configured_consent_duration: "1y"

Does anyone know what might be causing this and how I can fix it?
#Linux #ArchLinuxARM #Stormux #RaspberryPi #RaspberryPi500 #RPi #RPi500 #tech #technology
@selfhost @selfhosted @selfhosting

cross-posted from: https://lemmy.world/post/25939893

"Youlag" is a theme and extension for the feed aggregator FreshRSS. It delivers a video-focused browsing experience for your YouTube RSS feeds, all within FreshRSS, with a sleek theme and extra features.

Supports video feeds from YouTube, Invidious, and Piped.

Why?

The general idea is to subscribe to YouTube channels via RSS, allowing you to follow your favorite creators without an account. With Youlag installed, you can browse and watch videos in a familiar, YouTube-like interface.

More features are planned, including video queuing (with some limitations).

Git repository for more details:

https://github.com/civilblur/youlag

Features:

• ⭐ Optimized for Video Viewing
  • Browse your YouTube, Invidious, Piped RSS subscriptions with ease.
  • Clean, familiar video platform layout.
  • Fullscreen viewing for videos and feed items.
  • Quickly exit videos with Esc key.
  • Shortcuts for external viewing: "Invidious", "YouTube", or "YouTube embed view" (for less distraction).
  • Dark mode.
• 🖥️ Desktop & Mobile
  • Reponsive design.
  • Redesigned menus for better one-handed navigation.
  • Improved readability and legibility across devices.

Since v3.0.0, and currently v3.0.2, Youlag has been refactored from a CSS theme to work more like an extension. This has improved stability and allowed me to add more features.

It's still not yet a native FreshRSS extension, but my plan is to convert it to one.

cross-posted from: https://lemmy.ml/post/26304038

from the OpenSSH 9.9p2 release announcement:

This release fixes two security bugs.

Security
========

* Fix CVE-2025-26465 - ssh(1) in OpenSSH versions 6.8p1 to 9.9p1
  (inclusive) contained a logic error that allowed an on-path
  attacker (a.k.a MITM) to impersonate any server when the
  VerifyHostKeyDNS option is enabled. This option is off by default.

* Fix CVE-2025-26466 - sshd(8) in OpenSSH versions 9.5p1 to 9.9p1
  (inclusive) is vulnerable to a memory/CPU denial-of-service related
  to the handling of SSH2_MSG_PING packets. This condition may be
  mitigated using the existing PerSourcePenalties feature.

Both vulnerabilities were discovered and demonstrated to be exploitable
by the Qualys Security Advisory team. We thank them for their detailed
review of OpenSSH.

Password is right in compose and config. Idk what else to do.

A distributed streaming platform that can run on Raspberry Pi 5.

Last October, at a conference we shared a demo running Fluvio and Stateful DataFlows on a Rasperry Pi 5 running an object recognition pattern.

Fluvio is a distributed streaming runtime for building event driven analytical applications.

Relevant for Builders who are writing applications in Rust. Software & Data Architects who are building intricate data processing workflows to build intelligent applications using Rust, Python, or JavaScript, and of course SQL.

Fluvio currently is version 0.15.2, closing towards version 1 steadily. The past release notes and features are here - https://www.fluvio.io/news/

Documentation updated as of last release - https://www.fluvio.io/

We released a benchmarking utility in v0.15 and a blog showing some basic benchmark runs here : https://infinyon.com/blog/2025/02/kafka-vs-fluvio-bench/

Would love for you awesome people to try it out and share your experience.