Self-Hosted Alternatives to Popular Services

219 readers
3 users here now

A place to share, discuss, discover, assist with, gain assistance for, and critique self-hosted alternatives to our favorite web apps, web...

founded 2 years ago
MODERATORS
1
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/reclusebird on 2025-08-06 05:46:57+00:00.


From the official release post:

Leading open-source server solutions provider Proxmox Server Solutions GmbH (henceforth "Proxmox"), celebrating its 20th year of innovation, today announced the release of Proxmox Virtual Environment (VE) 9.0.

Main highlight of this update is a modernized core built upon Debian 13 “Trixie”, ensuring a robust foundation for the platform.

Along with it an upgrade guide from 8 to 9.

2
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/Jamsy100 on 2025-08-05 14:53:26+00:00.


Hey everyone!

I just published a small benchmark comparing five self-hosted S3 storage solutions: MinIO, SeaweedFS, Garage, Zenko, and LocalStack. The focus is on upload and download speeds, with all solutions tested in Docker under the same conditions.

Full results here

https://www.repoflow.io/blog/benchmarking-self-hosted-s3-compatible-storage-a-practical-performance-comparison

Happy to run more tests if there’s interest

3
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/darrenpauli on 2025-08-05 21:42:00+00:00.


Hi folks,

This post is for others who like me are interested in the development landscape since the end of Readarr. u/you_readit_wrong, hope this post is okay and doesn't create noise :)

I'm not affiliated with Chaptarr.

It is not on a pubic Github repo yet. I guess I should post their Discord which is the official go-to place for updates but really don't want to cause noise for them so I'll leave to others to look it up or post it. Sorry if that's dumb or an inconvenience.

But I'll write a quick summary of the project based on its FAQ.

Chaptarr:

  • Aims to take the spot of Readarr as the go-to arr app for text and audio with the same arr integrations and setup as you would expect from an official arr app.
  • Uses much improved metadata server-side and local algorithms with multiple metadata providers to "drastically" improve Readarr's mapping issues. It so far is very accurate.
  • Has 75 skilled and experienced testers (and isn't looking for more right now - and really does not want folks to ask to join).
  • Is in sustained advanced development.
  • Aims for a "wider beta" in the coming month or two with the number of testers expanding over time.
  • Will be more feature-rich than Readarr while still being an arr app.
  • Began as a personal project called Audioarr.
  • Would love people to show support by 'starring' the app on Github when it's up or for those willing and able to become a Discord supporter.

Readarr life-support for now is via Blampe's https://github.com/blampe/rreading-glasses who is linked in with Chaptarr. Blampe has done some very cool work fixing Readarr metadata. Thanks Blampe!

And thanks to the Chaptarr devs and testers!

4
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/No_Classic_8051 on 2025-08-05 18:30:44+00:00.


I used FaceSeek and liked the results, but I’d prefer to run something like that locally. Anyone know a good open-source option for facial reverse search?

5
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/alearmas1 on 2025-08-05 17:21:33+00:00.


Hello! I made this little project and wanted to share it.

https://github.com/mycroftsnm/jellyfomo

Jellyfomo is a complement for Jellyfin. It uses tags to keep only a limited number of movies available at once, reducing the choice anxiety caused by having too many options.

Why 'jellyfomo' if it’s really more about overchoice than FOMO? Because ‘jellyoverchoice’ just sounded worse :)

Simple to deploy with docker compose!

6
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/Ok_Writer4249 on 2025-08-05 14:35:52+00:00.


Grafana used to be easy: download, deploy, explore your data. Now? Most install guides push you to:

  • Pick your OS-specific package manager
  • Learn Kubernetes
  • Or sign up for Grafana Cloud

We, at Quesma, wanted something simpler. So we put together five Docker Compose setups you can run locally. No system installs. No cloud required.

The guide covers:

  • vanilla Grafana in Docker
  • Grafana with Loki for log visualization
  • Grafana with Prometheus for metrics exploration
  • Grafana with Tempo for distributed traces analysis
  • Grafana with Pyroscope for continuous profiling

Everything’s containerized and preconfigured so you can clone and go.

https://quesma.com/blog-detail/5-grafana-docker-examples-to-get-started-with-metrics-logs-and-traces

7
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/cogwheel0 on 2025-08-05 13:28:05+00:00.


Hey everyone,

About a month ago, I shared the Android release of my LuCI Mobile app, and the response was incredible! I got a ton of great feedback and one request that came up over and over: "When is the iOS version coming?"

Well, today's the day! The iOS and iPad version is officially live on the App Store!

A Quick Word on Pricing

After getting a lot of input from you all, I've decided to price the Apple app at a one-time purchase of $9.99. Here’s the transparent breakdown: this price helps cover Apple's yearly developer fee based on the interest shown so far. If the app does better than expected, it directly translates into more time I can dedicate to building out new features for everyone. Thank you to everyone who weighed in on this!

For all my Android users, don't worry! The Android app is still free and will always be free. If you'd still like to support the project, I've set up a GitHub Sponsors profile here. Any contribution is hugely appreciated!

What's New? (Recent Updates from Beta Feedback)

I've been busy squashing bugs and adding features based on what you told me. Here’s what’s new since the first release:

  • Multi-Router Support is here! You can now add all your routers and switch between them seamlessly.
  • Quick Info Access: Just long-press any interface on the Dashboard to bring up its detailed info screen.
  • Better Reboot Flow: The UX for rebooting your router is now much smoother and more intuitive.
  • Under-the-hood Overhaul: I did a major code refactor and improved state management, which means the app is now significantly more stable, faster, and visually consistent.

The Road Ahead (My Feature Roadmap)

Here are some of the top things I'm planning to work on next:

  • Unified Clients View: Imagine seeing all connected clients from your main router and your dumb APs on a single screen. That's the goal.
  • Dashboard Customization: You'll be able to pick and choose which interfaces show up and which ones you want to see real-time throughput for.
  • Deeper System Info: Access to system logs, running processes, and more geeky data.
  • Interface Control: The ability to start, stop, or restart interfaces directly from the app. This one's tricky as it requires extra SSH permissions on the router, so I'm figuring out how to implement it without sacrificing the app's simplicity.

I'm super excited to finally get this into your hands. Let me know what you think, and please keep the feedback and feature ideas coming!

GitHub Link: https://github.com/cogwheel0/luci-mobile

Google Store Link: https://play.google.com/store/apps/details?id=com.cogwheel.LuCIMobile

Apple Store Link: https://apps.apple.com/app/luci-mobile/id6749455847

8
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/Eirikr700 on 2025-08-05 08:17:34+00:00.


As you know, the economic sustainability of the open source software ecosystem is fragile. This post means to remind you that many of your favourite apps depend on your support. So don't forget their funding. I have a special thought for Accrescent, striking for its future.

9
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/eddyizm on 2025-08-05 03:47:38+00:00.


Asked for write access to the repo but it seems to have stalled without any updates in 7 months. So I took it upon myself to fork it and applied about 9 pending PRs to release a new version.

It's been my favorite subsonic app since I first found it and I hope I can continue to gather more pr's and continue it if the original repo doesn't ever come back.

https://github.com/eddyizm/tempo/releases/tag/v3.10.0

Cheers!

ps. I may change the name in the near future if it starts to diverge and so I can release on fdroid as well since it is still using the original namespace.

10
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/Easy_Are on 2025-08-05 04:45:46+00:00.


Hey everyone, we’re excited to tell you about Portia v.0.5.2.

Portia is an open-source framework for building production-ready AI agents.

https://github.com/portiaAI/portia-sdk-python

(If you're open to leaving a star, we'd really appreciate it ❤️)

Here’s what’s new in this version:

  • We added Amazon Bedrock as an LLM Provider! This unlocks some important things like:
    • Unified access to top FMs like Claude, Mistral, Llama 3, and more—via a single API, no vendor juggling
    • Built-in RAG, fine-tuning, and managed agents to power custom workflows and dynamic API execution and
    • Enterprise-grade privacy & compliance, including SOC, HIPAA, GDPR—with no data shared with model providers.
  • We added Notion MCP to Portia Tool Registry! That means you can now have Portia agents read and improve your knowledge bases, databases, and Notion pages.

There are also several important improvements under the hood :-)

It's 100% open source, so we'd be thrilled to have you check it out and try it!

11
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/GilliganRocks on 2025-08-04 21:53:23+00:00.


Let's say I have a website... Mamma.com (tiny site, pretty much zero traffic) and I put in a sub domain of Ya.Mamma.com but it's only for private use.

I never tell anyone about it and in fact it's using port 3000 as the only port that is exposed (thought 80 does redirect if you use the FQDN). Point being a port scanner for port 80 wouldn't find it.

How do people find it?

It's running Open WebUI which is of course locked down... but I still have MANY sign up "attempts".

I assume there really isn't any means to shut that down other than restricting what IPs I would allow in or setting up a VPN.

Which is pretty unnecessary since I just don't approve anyone.

I'm more curious than anything.

Oh, all this is run on a Vultr server.

12
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/TheyCallMeDozer on 2025-08-04 17:59:34+00:00.


Hey folks,

I mentioned this a while back, and after messing with a bunch of ideas, I finally built something usable:

🔧 OfflineU, a self-hosted local course viewer and progress tracker.

At the moment, I can't think of a way to package it into a Docker container that still gives full access to mounted folders or your full system directory tree. So for now, it's just a Python Flask app you run locally, no internet needed, no cloud bullshit.

The idea came from something I’ve always wanted: a personal education dashboard that lets you go through all your saved training content (videos, PDFs, HTML lessons, etc) like a proper course platform — without uploading, converting, or restructuring files.

In the future I plan to work on it a ltitle more and add more fnctionatly get it closer to like a local Udemy system, this right now is just basic as shit so open to ideas on it, not designed for selling course content as there is any amount of WordPress shit to do that, this is purly for "i downloaded a udemy course from somewhere, its in a folder i want to just do the course without need to do shit"

💡 Features:

  • Auto-detects lessons (videos, audio, PDFs, quizzes) from your folder structure
  • Tracks progress and remembers where you left off
  • Works fully offline, just point it to a folder and go
  • Stylish, responsive UI, light/dark theme in progress
  • Quiz detection by filename (e.g., lesson3_quiz.html)
  • Built-in resume, completion checkmarks, and next/prev navigation

🧪 Use cases:

  • Going through your Udemy / Skillshare dumps
  • Local archives of old university material
  • Custom training libraries
  • Self-study with no SaaS tracking or platform lock-in

🔗 GitHub:

https://github.com/WhiskeyCoder/OfflineU

Would love feedback from anyone who tries it! Still iterating — next goals include multi-user profiles and maybe figuring out a clean Docker-friendly permission system.

13
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/sleepysiding22 on 2025-08-04 16:13:37+00:00.


Hi everyone, excited to present Postiz v2.

Postiz is a social media scheduling tool supporting 23 social media channels.

It allows you to schedule posts in advance and track them in your calendar.

https://github.com/gitroomhq/postiz-app/

(Any star will be super appreciated ❤️)

What's new:

  • Completely new design - better UX / UX and finally, looks professional 😂 https://share.cleanshot.com/lvv549fY
  • Media - Request by a few members, I added media to the menu. You can manage your media from there.
  • Switched to TipTap editor - it feels much better, and outputs HTML, which allows us to easily convert the code into the respective platform, for example, Telegram supports HTML, and Discord supports Markdown.
  • New platforms - You can now schedule posts to WordPress, DEV, Medium, and Hashnode!
  • Mentions - You can use "@" to mention accounts in the editor, currently supporting: LinkedIn, X, BlueSky, and Discord.
  • Saving state: When you move between views (Month / Week / Day), it will save it, and will open it again next time.
  • N8N nodes - I have created an n8n node for easier automation - here. We have seen tons of Postiz cool automation lately, so try to look them up online :)
  • Postiz SDK - Similar to N8N, just with an SDK for Node.js - here
  • AI Features - Added many AI features, such as generating slides/videos with VEO3, also available in the API.
  • Errors in notifications - Usually, if the post failed, you would get just "error occurred"; I have now mapped many of the errors, and you will see them both in email and in the in-app notification.

In general, the system becomes a lot more stable. I added small features, such as a concurrency limit between requests on platforms, Sentry for error detection, a 'Today' button to access the current date quickly, and a cron job to re-add items to Redis in case they were removed for any reason.

As always, everything is 100% open-source :)

14
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/SubnetLiz on 2025-08-04 14:52:47+00:00.


I have been running basic WireGuard tunnels for a while to reach my homelab (NUC + Pi setup). It works but now that I’m adding more devices and giving family remote access managing all the peer configs is starting to feel like a puzzle

Curious what the current go-to solutions are

Anyone here moved to a full mesh VPN or overlay network? Is it actually easier to manage long-term, or just a different set of headaches?

Any tools that you think deserve more love? Would love to hear what’s working well for you before I start getting into my network

15
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/weisineesti on 2025-08-04 13:27:02+00:00.


Hey guys,

I’d like to share an open-source email archiving tool I’ve created. 

So the backstory is that I run a small software company here in Estonia, and we use Google Workspace for all of our emails and financial documents. One day, I had this paranoia that what if we lost access to our Google Workspace due to some vendor abnormalities (which is not even rare to happen).

So I built this open source tool that helps individuals and organizations to archive their whole email inboxes with the ability to index and search these emails. 

The tool is called Open Archiver, and it has the ability to archive emails from cloud-based email inboxes, including Google Workspace, Microsoft 365, and all IMAP-enabled email inboxes. You can connect it to your email provider, and it copies every single incoming and outgoing email into a secure archive that you control (Your local storage or S3-compatible storage).

Some features:

  • Archive and index all emails and attachments
  • Back up the whole organization's emails: For Google Workspace and MS 365, Open Archiver can import and sync all individual inboxes' emails
  • Full-text search: All archived emails and attachments are indexed, so you can search all emails and attachments from Open Archiver's web UI
  • You can choose to store your files either on your local machine or on any S3-compatible storage provider
  • API access

Since it's an open-source project, you can use it for free for individual or business purposes. I’d be happy to connect with you and hear your feedback in our Discord channel. You can find the invite link in the README file.

You can find the project on GitHub (Demo site available): https://github.com/LogicLabs-OU/OpenArchiver

Disclaimer about the use of AI: I've noticed that there is an ongoing discussion on this sub about projects using AI. I'd like to point out that some of the code in the project is written with the help of AI. However, the use of AI is limited to coding assistance, as I myself am a full-stack developer with 5 years of experience. Here is how I used AI in the project:

  • Writing some frontend components
  • Writing boilerplate code for API routes and controllers, while the logic of the services are hand coded
  • Writing comments to help other developers understand the codebase
  • Writing docs
  • Most importantly: all code generated by AI is carefully reviewed and scrutinized to the same level as how we build other commercial products

I understand it is the sub rules to disclose AI involvement in development, so I added this disclaimer. Please let me know if you have any concerns.

Cheers!

16
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/su_ble on 2025-08-04 11:30:32+00:00.


Hi fellow selfhosters,

I just released V 0.3.1 of Fail2Ban-Report, a small self-hosted web interface to view, search, and manage Fail2Ban -Bans.

Useful if you’re tired of grepping through logs via SSH or or writing your 174th "fail2ban-logs.sh" script ;-)

You can block/unblock IPs from the UI (currently UFW only), and optionally see how often an IP shows up on **AbuseIPDB** if you provide an API key.

This version adds:

  • Secured access to JSON data (no more raw .json exposure)

  • Live stats in the header: Bans, Unbans & Event total for today

  • Frontend improvements: cleaner JS, better structure

  • and a little more - see Readme.md or changelog.md for Details

There is not a Docker image yet – native install preferred for full system control – but I may provide a container version later on. (See Discussion)

If this sounds useful, have a look at:

👉 https://github.com/SubleXBle/Fail2Ban-Report

Let me know what you think, Suggestions & feedback welcome!

17
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/baIdissara on 2025-08-04 02:42:51+00:00.


Hey guys, version 3.0.0 of Tasks.md just got released. This is the largest update so far and includes several new features. I'll list the most important ones below.

Tasks.md is a self-hosted, Markdown file based task management board. It's like a kanban board that uses your filesystem as a database, so you can manipulate all cards within the app or change them directly through a text editor, changing them in one place will reflect on the other one.

I wish I could add a gif here, but apparently it's not possible anymore. You can see how the app works in the repo link above or right here

The latest release includes the following:

  • Added support for checkboxes;
  • Added different view modes (extended, regular, compact, tight);
  • Added due date;
  • It now uses tree structure from root path for multiple boards;
  • Syncs UI with filesystem changes done outside the app;
  • Ignores lanes and cards whose names start with dot;
  • Added copy button to code blocks;

Inspired by this blog post, I included a "This is a low maintenance project" segment in the README, which means that this was the last big update the project will receive and I'll no longer work on new features, expect for maybe some that were already previously discussed in the issues page.

If you decide to try the app, feel free to open new issues in the repo for any problem you may encounter, this release came with a lot of new stuff so there is always a chance that it introduced new bugs (but hopefully it didn't, I tested it a lot before pressing the "new release" button).

18
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/Big_Head8250 on 2025-08-04 02:48:40+00:00.


This is one of the greatest login screens ever. Requiring Authelia SSO as the only supported signin option makes this much more secure IMO (also, it looks slick as heck).

Is it possible to do this on Jellyfin with the SSO plugin?

19
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/TheOriginalOnee on 2025-08-03 21:51:12+00:00.


I used nextcloud for over a year now, but its way to much for what I’m looking for - just basic file storage and sharing (like Dropbox). Then I tried seafile, but due to its block-level storage, initial filling via the desktop/web client takes forever.

So, is there any alternative with the criteria:

  • self-hosted
  • iOS-App
  • WebClient
  • 1:1 file storage (like nextcloud)
20
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/T3ch_Guy09 on 2025-08-03 21:22:18+00:00.


Just spun up a stack in portainer running Stirling PDF. OMG, this suite of tools makes me want to cancel my Adobe subscription right now. Im thoroughly impressed with the number of tools included for free. Im paying for Adobe and I dont have some of the tools listed in Stirling. Setup was simple for me. I just had to add TRUSTED_ORIGINS to my setup and I was good to go. I highly recommend setting this up, if you haven't already.

21
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/vininovais on 2025-08-03 14:10:56+00:00.


Hello! I'm looking for alternatives to Spotify, the idea is to have 3 containers (Docker) or less where 1 queues a playlist (could be a YouTube link) and then activates ytdl to download only the music, (or the video being optional) 1 container for converting everything to HLS (m3u8 format) and saving it in a folder and 1 container being the frontend (public access) and using the data generated in m3u8, I thought about creating something from the absolute zero, but first I would like to know if there are ways to do this (perhaps already posted here in the community)

22
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/Limbeckx1911 on 2025-08-03 21:37:58+00:00.


One like home assistant but for health. Potentially where you add your own algorithms of someone else's blueprints/algo's for specific parts. Go give an example: Garmin sleep tracking is horrible. Sleep2/nukkuua is much better and used a Polar Verity Sense. Why can't we combine the data from that with the hr data from your runs in a platform where you than connect multiple metrics to determine your readiness/battery. That platform should let you import data from platforms as well as connect data to algorithms you can find in a store in order to give you the specific insight you are looking for...

As for the question why I don't do it: well I could only try to vibe code it because I have never made an app or anything similar....

Not sure if the flair is good...

23
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/TheDevilishSaint on 2025-08-03 18:07:22+00:00.


I've managed to convince my Dad to give me an old laptop to run a server on. I know how I'm going to do this (pterodactyl) but I need to make sure I cover my ass. The problem is my dad's always been the tech guy and when I told him I'd be running a Minecraft server for friends it started an entire lecture on security and port forwarding. My dad is weird with tech in the sense he knows what he's talking about but also not really? He's a bit like an old man who thinks the computers are mythical beings and I need something to reassure him that hackers aren't going to get into our home cameras from my minecraft server. Which is nuts coming from a man who has only one password.

I was just going to stick a whitelist on it and call it a day. That's what most people I know have done. I don't really want to spend any money, that's the whole reason I'm hosting it myself. I have looked into VLANs and ehhhhhh I don't want to fuck with those but also I can't on my router from my ISP anyway. I'm a little unsure where to go next. I don't really see much risk personally. My dad is worried my friends will get hacked and they'll have our IP 🤷.

24
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/l-duesing on 2025-08-03 16:58:33+00:00.


Like many of you, I'm running a bunch of different services in my homelab – Docker containers, databases, file shares, and more. For a long time, my backup "strategy" was a messy collection of cron jobs and custom scripts for each service. It was fragile, hard to manage, and I was never 100% sure if everything was actually working.

So, I decided to build a proper solution to scratch my own itch: a modular, client-server backup system that's easy to configure and just works. Today, I'm releasing Version 0.3, which is a huge step forward!

The whole thing is built on a simple, transparent stack: Bash, rsync, and restic for the heavy lifting on the server.

What makes it cool?

🧩 Truly Modular with Plugins: Just drop a script for your service into the plugins folder. I've already created plugins for:

Docker Compose (backs up volumes)

PostgreSQL & MySQL/MariaDB (creates a proper DB dump)

InfluxDB

Plain file/directory sync (using rsync)

🤖 Automatic Service Discovery: You define your services in simple .yml files. The main backup script finds them automatically and runs the right plugin. No need to edit a master script.

🔒 Powerful Server-Side Backups with Restic: Server fetches their data from the clients, which then uses restic to create efficient, encrypted, and deduplicated snapshots. This saves a ton of space.

🧹 Automatic Maintenance: It comes with systemd timers to automatically run restic forget --prune and restic check, so your repository stays clean and healthy without you having to think about it.

📜 Simple Configuration: There's a central client_config.yml and server_config.yml. To back up a new service, you just create a small file like this:

For example, here's how you'd back up your forgejo:

service:
  # REQUIRED: Unique name for the service (used in backup path)
  name: "forgejo"
  # Optional: Explicitly define type if needed, otherwise derived from parent dir
  # type: "docker"

# Task Type: docker (handled by docker_compose.sh plugin)
docker:
  # REQUIRED: Path to the docker-compose file. Triggers stop/start.
  docker_compose_path: "/opt/forgejo/docker-compose.yml"

  # Optional: Seconds to wait after 'docker compose start' before proceeding.
  # Useful if services need time to initialize. Default is 0 (no wait).
  wait_after_restart: 3
  pin_images_to_digest: true

# Task Type: files (handled by files_rsync.sh plugin)
files:
  # REQUIRED: List of paths to include (backup relative to basename)
  paths:
    - "/opt/forgejo/forgejo"

The client script will see this file, run the docker and files plugin with these paths, and ship it off to the server. That's it!

I've put a lot of work into making this stable and have written detailed documentation, including a Disaster Recovery Guide.

I would be thrilled if you checked it out and gave me some feedback! What plugins are missing? Is the documentation clear?

You can find the project and all the documentation on GitHub:

➡️ https://github.com/lduesing/backup-suite

Thanks for reading! Let me know what you think.

25
 
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/mattan99 on 2025-08-02 23:44:09+00:00.


I'm currently running a few docker containers on my server pc running ubuntu server. They are only accessible on LAN.

This pc is isolated in a separate VLAN with firewall rules only allowing access from my trusted VLAN to the server, not the other way around.

I have a NPM (proxy) container to handle SSL certs. This container has a network called "npm_network" that my other containers share.

I'm only able to access my services through NPM as I don't expose any ports for the other containers.

So I forward traffic to http(s)://container_name:port.

NPM example

services:
  nginx_proxy_manager:
    ...
    networks:
      - npm_network
networks:
  npm_network:
    external: true

Other containers example:

services:
  name-of-app:
    ...
    networks:
      - default
      - npm_network
networks:
  default:
    driver: bridge
    name: app_name_internal
  npm_network:
    external: true

Now to the question about docker security.

I'm mostly copying the compose file from the services documentation and add the security_opt: no-new-privileges:true

Is this enough? Should I be more paranoid?

view more: next ›