I want to monthly rent a VPS in the very near future to host a website, a Peertube instance and an email server as minimum. But despite having used Linux as a home operative system for 3 years, I pretty much known nothing to properly secure online services.

So I want to first have a "dummy" cloud system where I can mess around with configurations and everything without risking losing money while I am still learning.

While typing this it crossed my mind I could also create a virtual network in Virtualbox, at least when I used it on Windows years ago it allowed you to do it. Could this also work? To create two virtual machines under the same network with one acting as server and one as client?

You know BOINC, the thing where you can donate your processing power to specific computational projects?
Is there anything like that, but for hosting platforms / services?
Something where you could say "I am willing to dedicate this much of my CPU, RAM and storage space to this project or this group of people".
Say that I have a server that is more or less collecting dust, and I want to make it do something productive.
I am aware of YUNOHost and alternatives, but that still requires me to choose which things to deploy and also somehow then offer that to the community.
As a certified lazy dude, I would much rather say "here's the computer, use it for whatever you need the most".
The issue I see with this is that my goodwill could be abused for hosting something inappropriate or even illegal, and then I would be held responsible. So there should be some transparency requirement or some other mechanism that helps prevents this.

And yes, self-hosting would not be the accurate term to describe this kind of distributed resource sharing. "croud-sourced self-hosting"? "crowd-hosting" sounds like a good description for this phenomenon.
Some implementation of this probably already exists. Please provide any relevant names or links that would help me find more about this.

I want to set up my own Matrix server, but it seems a bit complicated in the proxy and federation part since I'm not using Nginx or Caddy. Does anyone have an up-to-date guide for Traefik version?

I'm trying to install Proxmox on a server that is going to be running Home Assistant, a security camera NVR setup and other sensitive data, I need to have the drives be encrypted with automatic decryption of drives so the VMs can automatically resume after a power failure.

My desired setup:

• 2 Sata SSDs boot drives in a ZFS mirror
• 1 NVME SSD for L2ARC and VM storage
• 3 HDDs in a RAIDz1 for backups and general large storage
• 1 (maybe more added later) HDD for Camera NVR VM.

I'd prefer every drive encrypted with native ZFS encryption automatically decrypted by either TPM 2.0 or manually by a passphrase if needed as a backup.

Guide I found:

I found a general guide on how to do something similar but it honestly went over my head (I'm still learning) and didn't include much information about additional drives: Proxmox with Secure Boot and Native ZFS Encryption

If someone could adapt that post into a more noob friendly guide for the latest Proxmox version, with directions for decryption of multiple drives, that would be amazing and I'm sure it would make an excellent addition to the Proxmox wiki ;)

My 2nd preferred setup:

• 2 Sata SSDs boot drives in a ZFS mirror with LUKS encryption and automatic decryption with clevis.
• All other drives encrypted using ZFS native encryption with ZFS key (keys?) stored on LUKS boot drive partition.

With this arrangement, every drive could be encrypted at rest and decrypted on boot with native ZFS encryption on most drives but has the downsides of using LUKS on ZFS for the boot drives.

Is storing the ZFS keys in a LUKS partition insecure in some way? Would this result in undecryptable drives if something happened to ZFS keys on the boot drive or can they be also decrypted with a passphrase as a backup?

As it stands right now, I'm really stuck trying to figure this out so any help or well written guides are heavily appreciated. Thanks for reading!

Hi there!

I‘m running a somewhat developed home server setup and add more services every month.

But this thing eludes me:

I have 2 IP cameras for my pet room (I have a couple bearded dragons in terrariums).

The cameras are fenton 351.150

I can stream many different formats to home assistant or the browser. I also tried multiple apps like viseron (which is pretty cool) and agentdvr from ispy (which always makes the hair on my neck stand up since it looks like it was cobbled together).

But what doesnt work is controlling the camera, mostly. I believe agentdvr could do that but I‘m really unhappy about that app. Also, it pushes monetization very hard albeit seeming to be open source.

I also found this: https://medevel.com/10-cctv-open-source-solutions/

Does anyone have experience with a non-jank and non-pushy cctv solution that lets me control the cameras instead of just streaming?

Have a good one!

Obviously, the closer to AGPL, the better, in my opinion. But I'll run some MIT, if the product is sufficiently better, for my use case, than the alternative. For example, I want a multilibrary photo album. Photoprism (AGPL) doesn't offer it, but Immich (MIT) does. As soon as Photoprism has that functionality, I'll switch back simply for the license.

My hard line is open source. I don't use any proprietary solutions.

I've seen that searxng has been recommended here, and after trying it out I was so impressed that I spun up a docker container on my Unraid box. Opensearch works fine with public instances, but I can't get it to work with my container. I'm using the official docker image. Is there something I should watch out for?

I set the instance name, and passed environment variables with SEARXNG_URL and SEARXNG_BIND_ADDRESS.

cross-posted from: https://lemmy.ml/post/1800585

I assume many of you host a DMS such as Paperless and use it to organise the dead trees you still receive in the snail mail for some reason in the year of the lord 2023.

How do you encode your scans? JPEG is pretty meh for text even at better quantisation levels ("dirty" artefacts everywhere) and PNGs are quite large. More modern formats don't go into a PDF, which means multiple pages aren't possible (at least not in Paperless).

Discussion on GH: https://github.com/paperless-ngx/paperless-ngx/discussions/3756

Just thought I'd share this since it's working for me at my home instance of federate.cc, even though it's not documented in the Lemmy hosting guide.

The image server used by Lemmy, pict-rs, recently added support for object storage like Amazon S3, instead of serving images directly off the disk. This is potentially interesting to you because object storage is orders of magnitude cheaper than disk storage with a VM.

By way of example, I'm hosting my setup on Vultr, but this applies to say Digital Ocean or AWS as well. Going from a 50GB to a 100GB VM instance on Vultr will take you from $12 to $24/month. Up to 180GB, $48/month. Of course these include CPU and RAM step-ups too, but I'm focusing only on disk space for now.

Vultr's object storage by comparison is $5/month for 1TB of storage and includes a separate 1TB of bandwidth that doesn't count against your main VM, plus this content is served off of Vultr's CDN instead of your instance, meaning even less CPU load for you.

This is pretty easy to do. What we'll be doing is diverging slightly from the official Lemmy ansible setup to add some different environment variables to pict-rs.

After step 5, before running the ansible playbook, we're going to modify the ansible template slightly:

cd templates/

cp docker-compose.yml docker-compose.yml.original

Now we're going to edit the docker-compose.yml with your favourite text editor, personally I like micro but vim, emacs, nano or whatever will do..

favourite-editor docker-compose.yml

Down around line 67 begins the section for pictrs, you'll notice under the environment section there are a bunch of things that the Lemmy guys predefined. We're going to add some here to take advantage of the new support for object storage in pict-rs 0.4+:

At the bottom of the environment section we'll add these new vars:

  - PICTRS__STORE__TYPE=object_storage
  - PICTRS__STORE__ENDPOINT=Your Object Store Endpoint
  - PICTRS__STORE__BUCKET_NAME=Your Bucket Name
  - PICTRS__STORE__REGION=Your Bucket Region
  - PICTRS__STORE__USE_PATH_STYLE=false
  - PICTRS__STORE__ACCESS_KEY=Your Access Key
  - PICTRS__STORE__SECRET_KEY=Your Secret Key

So your whole pictrs section looks something like this: https://pastebin.com/X1dP1jew

The actual bucket name, region, access key and secret key will come from your provider. If you're using Vultr like me then they are under the details after you've created your object store, under Overview -> S3 Credentials. On Vultr your endpoint will be something like sjc1.vultrobjects.com, and your region is the domain prefix, so in this case sjc1.

Now you can install as usual. If you have an existing instance already deployed, there is an additional migration command you have to run to move your on-disk images into the object storage.

You're now good to go and things should pretty much behave like before, except pict-rs will be saving images to your designated cloud/object store, and when serving images it will instead redirect clients to pull directly from the object store, saving you a lot of storage, cpu use and bandwidth, and therefore money.

Hope this helps someone, I am not an expert in either Lemmy administration nor Linux sysadmin stuff, but I can say I've done this on my own instance at federate.cc and so far I can't see any ill effects.

Happy Lemmy-ing!

cross-posted from: https://lemmy.ml/post/1235039

https://nextcloud.com/blog/introducing-hub-5-first-to-deliver-self-hosted-ai-powered-digital-workspace/

Crossgeposted von: https://beehaw.org/post/432577

You host your own service, which can also federate with other Databag nodes. It is Public-Private key based identity (not bound to any blockchain or hosting domain) and End-to-End encrypted (the hosting admin cannot view sealed topics, default unsealed).

This is not a service for finding friends in your contact list. You, or your organisation, hosts the service, and has completely private and secure chatting amongst yourselves.

Another use-case may be if you are visiting a foreign country which blocks many public messenger services. This app would connect back to your private server, which is very unlikely to have been blocked.

See https://github.com/balzack/databag

#technology #opensource #privacy #selfhosted

Shared November 7, 2022

cross-posted from: https://feddit.de/post/134214

They seem redundant, selfhost seems to have a couple of rules, but they pretty much do the same thing, right?

I would prefer if they would be merged, it's confusing and annoying to figure out which of both is bigger, since that's all that matters. Also naming is nearly the same.

I just can't see a difference.

Is Seafile any good? It's similar to nextcloud, but apparently faster etc.

https://play.google.com/store/apps/details?id=com.seafile.seadroid2&showAllReviews=true

https://apps.apple.com/cn/app/seafile-pro/id639202512?l=en&platform=iphone

Mobile apps both have pretty bad ratings on the app stores.

What would you host for yourself, friends and family, basic dropbox functionality is all I need.

I have hosted Nextcloud in the past but it's a huge program with way too many tools, apps and a complicated way to update, the end result is often a slow and not very comfortable way to use the aforementioned basic dropbox functionality.

Would self-hosting a Nextcloud instance locally without an internet connection be viable?

Use case: Around 5 people need to share files over the network, collaborate on Office documents in real-time, use GitLab, and a To-do/Task management tool.

Beyond the initial setup, does any of these requirements need an active Internet connection, or can we all connect to the Raspberry Pi server via Ethernet?

if I have communications with someone through the internet with a homeserver. I would inevitably give out my IP address. Is that a bad thing? In my country they don't have services like that, RTCing would be a bit sluggish using available euro servers.

and is there any detailed video about how to host it using windows 10?

I have been learning a lot thanks to Lemmy and the people behind it, so I wanted to contribute a bit back by making some easy-to-follow video tutorials.

I have also made the same video in Spanish: https://www.youtube.com/watch?v=h50M6jYZ8YU

As a beginner myself, I do have a level of concern that I might teach something incorrectly, or that I might expose others to security risks and liabilities. I hope that these concerns are not well-founded, but I am open to criticism!