This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/nbtm_sh on 2025-04-17 12:19:31+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/SillyServe5773 on 2025-04-17 11:51:36+00:00.

---

So I recently tried out OpenCloud and the experience has been... quite smooth. Easy to setup with docker compose, the webui is minimal and blazingly fast. The keycloak sso integration is pretty neat, too.

Went with nextcloud for the past few years and has been through all sorts of issues, constant crash and database corruption, and it's laggy as hell. Now I just want something simple, fast and reliable, and OpenCloud seems to do just that.

The major downside is lack of mobile and desktop apps (for now) , but it looks pretty promising to me. Have anyone else gave it a try, what are your thoughts?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/humming6 on 2025-04-17 10:49:01+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/Robs_Backyard_BBQ on 2025-04-16 12:07:39+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/FestingerVault on 2025-04-16 19:19:18+00:00.

---

Hey all,

I’m trying to move away from Google Photos and Dropbox and host things myself. Ideally looking for something that can:

• Auto-back up photos/videos from my phone
• Do some kind of face/scene recognition
• Sync files between devices
• Have a clean, easy-to-use web UI
• Be accessible remotely (securely)

I’ve looked into PhotoPrism and Nextcloud so far—wondering what others are using and how it's working out for you. Any tips or things to watch out for?

Thanks!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/cthmsst on 2025-04-16 18:15:18+00:00.

---

Hey everyone!

Thank you all for the amazing support Papra has received, you guys really motivated me to keep working on this, it feels great to see people interested in the project

Today, I’m excited to announce the release of Papra v0.3! This is the first major feature release since the initial beta launch.

For those who are new here, Papra is a minimalistic document management and archiving platform (similar to Paperless-ngx), designed to be simple, intuitive, and accessible to everyone. Think of it as a digital archive for long-term document storage.

New features in v0.3 include:

• Auto-tagging rules: Define per-organization rules to automatically apply tags to documents based on their content and filenames
• Folder ingestion: Automatically import files from a folder on your server (lot of you asked for this)
• Upload status popup: A new status popup to show upload progress, completion, or any errors.
• Improved trash management: You can now manually empty the trash directly from the UI
• And various other improvements and bug fixes

I’ve got plenty more features and ideas in the pipeline, so stay tuned for future updates!

The links:

• Announcement blog post:
• Github repository:
• Live Demo:
• Self-hosting documentation:
• Discord community:

Feel free to try out v0.3, provide your feedback and/or suggest new features, I'll be trully happy to hear from you

Thanks again for all your support!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/headlessdev_ on 2025-04-16 13:02:08+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/fdfdr on 2025-04-16 12:40:52+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/iamdabe on 2025-04-16 11:12:58+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/0xKaishakunin on 2025-04-16 09:07:26+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/BenjaminG__ on 2025-04-15 23:31:32+00:00.

---

I posted something similar in r/devops, but I figured this crowd might be more relevant.

I’ve always loved self-hosting, I run most of my personal tools that way. But now that we’re trying to do it across a team, I’m wondering where the line is.

We’re pretty resource-constrained, but still want to move fast. The more we self-host, the more time we spend wiring up containers, m secrets, and bash scripts instead of building the actual freaking product.

I’m still figuring out if others are hitting this wall too.

How far have you pushed your self-hosted stack?

What made you stop, or decide to go hybrid/hosted?

Would love to hear other perspectives 😄

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/notdoreen on 2025-04-15 22:13:28+00:00.

---

I love the concept of Pocket but not that the mobile app comes with ads.

Currently considering Linkwarden but wanted to hear from the community.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/Nir777 on 2025-04-15 16:45:57+00:00.

---

Hi all,

Sharing a repo I was working on and apparently people found it helpful (over 14,000 stars).

It’s open-source and includes 33 strategies for RAG, including tutorials, and visualizations.

This is great learning and reference material.

Open issues, suggest more strategies, and use as needed.

Enjoy!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/ChopSueyYumm on 2025-04-15 14:18:56+00:00.

---

I was really frustrated with the tedious process of manually configuring Cloudflare Tunnel ingress rules every time I wanted to expose a new Docker container. So, I built DockFlare! It's a self-hosted ingress controller designed to automate the entire process using Docker labels.

Just add a few simple labels to your containers (e.g., cloudflare.tunnel.enable=true, cloudflare.tunnel.hostname=your.domain.com), and DockFlare takes care of the rest – including deploying and managing the cloudflared agent. No more manual edits in the Cloudflare dashboard!

Key features:

• Label-based Dynamic Configuration: Automatically updates Cloudflare Tunnel rules based on container labels.
• cloudflared Agent Auto-Deploy: Handles the deployment and lifecycle of the cloudflared container.
• Graceful Deletion + State Persistence: Gracefully removes rules when containers stop, and persists state across restarts.
• Web UI: Provides a status dashboard and control panel for your Tunnel and managed rules.

Check it out on GitHub:

I'd love to get your feedback and contributions! Let me know what you think. Are there any features you'd find particularly useful?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/sagiadinos on 2025-04-15 07:30:24+00:00.

---

Hello,

I am an open-source software developer and company founder in the digital signage industry. Digital signage is the about replacing signs with screens for public display, advertising, entertainemnt, or information.

Currently, I have been working on a management suite (content and device management) for on premise (no-cloud) solutions.

Which would be the most comfortable way of installing server site software.

I am thinking about Docker, but not very familiar with it.

Alternatives:

• a classic installation script

• install by internet

Greetings Niko

P.S: It is a real project:

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/woodland_dweller on 2025-04-15 15:56:11+00:00.

---

I was watching a movie on Jellyfin, and it started to stutter a bit. I assumed the transcoding was overtaxing the CPU and I was ready to hit stop.

I logged into Proxmox, looked at Jellyfin, and realized I'm on a 4 core machine and had only given Jellyfin access to 2. I made the change, got ready to reboot everything - and I saw that Jellyfin instantly had 4 cores and was playing better.

I still need to fix the transcoding problem, but this bought me some time. I was so surprised I decided to share it here. What an awesome piece of software.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/smartphilip on 2025-04-15 12:32:16+00:00.

---

I just came across Proxmox and it looks fantastic, begin able to control it from just a Web UI is also a big plus and the sheer amount of stuff that it can do. Now I’ve been only using docker compose to run my stuff, I run mainly Pihole, Jellyfin, Mealie etc… but I wanted to also run Home Assistant WITH addons and since I don’t want to install it directly on my machine I figured that Proxmox might be what I’m looking for. My server is an old pc that has in intel i5 and 16gb of RAM, would it be enough to run what I’m already running + home assistant?

EDIT: This blew up much more than I expected! Thanks to everyone and after all of this positive feedback I will definitely try and setup Proxmox! Thanks again and I will let you know how it goes!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/sleepysiding22 on 2025-04-15 13:52:25+00:00.

---

Hi Everyone!

I just released MCP Servers to the open-source and am pretty excited about this release.

Just a quick recap:

Postiz is a social media scheduling tool supporting 18 social media channels:

Instagram, Facebook, TikTok, Reddit, LinkedIn, X, Threads, BlueSky, Mastodon, YouTube, Pinterest, Dribbble, Slack, Discord, Warpcast, Lemmy, Telegram and Nostr.

MCPs are everywhere and for a good reason.

It's the next step in the evolution of apps.

Being able to use everything from a single chat without accessing any app.

It feels native for Postiz to schedule all your social posts from the chat!

I am all about productivity, and I use ChatGPT my whole day.

Being able to create posts and schedule them on social media is a big productivity changer.

ChatGPT doesn't support MCPs yet, but it will soon. For now, you can use Cursor or Claude Desktop.

The fun part is that you can connect multiple MCPs, for example:

• Connect it to Cursor and ask it to schedule a post about your work today.
• Connect it to Notion and ask to schedule all the team's latest work on social media.
• Connect it to any SaaS with CopilotKit (for example) and schedule posts based on the app.

There are so many options, and I will use it now.

You can use this from the Public API feature inside the "settings" of Postiz.

As always, it's open-source.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/OhBeeOneKenOhBee on 2025-04-15 10:36:08+00:00.

---

I want to start out by saying that I REALLY do not want this to be interpreted as or devolve into any form of hate against the creator or their work. Judging by their Github history alone, they have a quite long track record of awesome open source work, and the scenario "I just felt like uploading all my projects on to Github since recently retiring" is a completely valid scenario. But remember, Github accounts being hacked is also a valid scenario. This is an exercise in caution - Trust, but verify.

Stumbled over this post that was made recently on here about CyberPAM (github.com/RamboRogers/cyberpamnow), and it really sounds like a great piece of software... in theory.

It also sounds a lot like a well-executed training exercise in a cybersecurity lab. Even though someone has a long track record on Github - accounts can be hacked and taken over. Here are some of the red flags:

• The RamboRogers github acount does have quite a long history, but a lot of the larger/substantial projects have popped up in the last 3 months
• The first mention of CyberPAM anywhere was 3 months ago. The domain, repo, docker images were all created within the last 3 months.
• Since release, there's a rapid progression through minor versions, 0.3 > 0.4 > 0.5 within about a month. This could just indicate that a lot of features were added since releasing because bugs were discovered, but it might be a flag.
• Releasing the whole thing on Github, with a lot of claims in regards to functionality but little to no documentation or actual source code gives a sense of "this is legit/open source", but without much substance behind it.
• The quote "Often implementations of PAM products take a long time to get to production, but not CyberPAM" - well, generally security products do indeed take a long time to get to production but that's because they are tested quite extensively. It's kind of what I'd expect from a product making a LOT of claims about security features.
• Repetitive mentions of the importance of adding your Cloudflare API keys to the software, with the only substantive documentation helpfully showing you how to do that.
• Very flashy and visually impressive Github repo
• Massive claims on the feature side with a lot of buzzwords
• A sudden shift in programming languages from C++, Shell scripts and some Python/Rust to Go-based software
• A lot of minor changes in a lot of places, the matthewrogers.org domain was modified in december of 2024
• No substantial documentation about the software at all, except for "here's how you run the docker container, here's how your run the container in Kubernetes, here's how you add the Cloudflare API Key"
• The cyberpamagent installation shell script downloads a compiled binary, also without any hint of source code or documentation. The recommended installation method is basically "just run this without thinking about it"

Now, how you interpret all of this is up to you.

Most of the points could be covered in the scenario you get when reading his various posts, "I recently retired, I've been using this for years, I just wanna share it with the community". This isn't unreasonable at all. Releasing software without the source code on Github, or bulk uploading projects aren't red flags in itself.

But the scenario of "Yeah, this will likely infiltrate your network and Cloudflare account" is equally likely at this point. Matthew could be away for a couple of months on holiday and his account was hacked, he could've finally snapped after retiring from working for EvilCorp for years, maybe it's not really his account at all, or maybe he's running a cybersecurity PSA just for laughs.

Trust - but verify.

Edit: Fixed the link to CyberPAM in the intro.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/hurray-rethink on 2025-04-15 09:40:28+00:00.

---

Hello all,

For some time already i was thinking to have dead-man-switch, but all available open source solutions were missing something.

So DMH was created -

Features:

• Privacy focused - even with access to DMH you will not be able to see action details.
• Tested - almost 100% code covered by unit tests and integration tests.
• Small footprint
• Multiple action execution methods (json_post, bulksms, mail)
• Multiple alive probe methods (json_post, bulksms, mail)

What makes DMH different from other solutions is privacy. DMH consists of two main components - dmh itself and vault.

Data is always stored in encrypted form and encryption keys are stored in vault (Vault should be running on different physical server or cloud!).

This architecture ensures that even with access to DMH, you would not be able to decrypt stored actions.

How this works:

1. User creates action
2. DMH encrypt action with age
3. DMH uploads encryption private key to Vault
4. Vault encrypts private key with own key and saves it (Vault will release encryption private key when user will be considered dead)
5. DMH saves encrypted action, discards plaintext action, discards private key (from now, nobody is able to see unencrypted action, even DMH)
6. DMH will sent alive probes to user
7. When user will ignore N probes (configured per action), she/he would be considered dead.
8. When both DMH and Vault will decide that user is dead, Vault secrets will be released, actions would be decrypted and executed.
9. After execution, DMH will remove encryption private key from Vault - to ensure that action will remain confidential

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/jaouanebrahim on 2025-04-15 09:00:43+00:00.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/Uiqueblhats on 2025-04-15 03:34:41+00:00.

---

For those of you who aren't familiar with SurfSense, it aims to be the open-source alternative to NotebookLM, Perplexity, or Glean.

In short, it's a Highly Customizable AI Research Agent but connected to your personal external sources like search engines (Tavily), Slack, Notion, YouTube, GitHub, and more coming soon.

I'll keep this short—here are a few highlights of SurfSense:

📊 Advanced RAG Techniques

• Supports 150+ LLM's
• Supports local Ollama LLM's
• Supports 6000+ Embedding Models
• Works with all major rerankers (Pinecone, Cohere, Flashrank, etc.)
• Uses Hierarchical Indices (2-tiered RAG setup)
• Combines Semantic + Full-Text Search with Reciprocal Rank Fusion (Hybrid Search)
• Offers a RAG-as-a-Service API Backend

ℹ️ External Sources

• Search engines (Tavily)
• Slack
• Notion
• YouTube videos
• GitHub
• ...and more on the way

🔖 Cross-Browser Extension

The SurfSense extension lets you save any dynamic webpage you like. Its main use case is capturing pages that are protected behind authentication.

PS: I’m also looking for contributors!

If you're interested in helping out with SurfSense, don’t be shy—come say hi on our Discord.

👉 Check out SurfSense on GitHub:

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/Mabizle on 2025-04-14 23:59:45+00:00.

---

How do i block all cloud providers from accessing my website? I use opnsense and nginx reverse proxy. 99% of sniffing comes from cloud providers.

edit:

I run private sites where only friends and family have accounts to login. I already block all but 2 countries via rule/alias. How i need to refine blocking all cloud providers that utilize bot to sniff traffic. I already block sniffing user agents if i catch them on the logs accessing certain folders or using the whois command. Now i am blocking some cloud providers / corporate vpn from accessing my reverse proxy. I do not know how to create custom naxsi WAF rules for searching folders/files that are still giving 400 errors.

edit 2: user agents of bots

Python-urllib

Nmap

python-requests

libwww-perl

MJ12bot

Jorgee

fasthttp

libwww

Telesphoreo

A6-Indexer

ltx71

ZmEu

sqlmap

LMAO/2.0

l9explore

l9tcpid

Masscan

Ronin/2.0

Hakai/2.0

Indy\sLibrary

^Mozilla/[\d.]+$

Morfeus\sFucking\sScanner

MSIE\s[0-6].\d+

^Expanse.*.$

^FeedFetcher.*$

^.*Googlebot.*$

^.*bingbot.*$

^.*Keydrop.*$

^.*GPTBot.*$

^-$

^.*GRequests.*$

^.*wpbot.*$

^.*forms.*$

^.*zgrab.*$

^.*ZoominfoBot.*$

^.*facebookexternalhit.*$

^.*Amazonbot.*$

^.*DotBot.*$

^.*Hello.*$

^.*CensysInspect.*$

^.*Go-http-client/2.0.*$

^.*python-httpx.*$

^.*Headless.*$

^.*archive.*$

^.*applebot.*$

^.*Macintosh.*$

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/WonderfulCloud9935 on 2025-04-14 20:53:20+00:00.

---

A Huge thanks to r/Garmincommunity for supporting the fundraiser. This project would never be possible without their active support on this earlier fundraiser posthere on reddit r/Garminwhich received more than 345 upvotes (pushed to the daily top on this subreddit). This contribution is added to the credits sectionof the GitHub readme, to spread awareness on what made this amazing tool possible.

After receiving the watch on last Friday, I have not spend a minute without actively working on this code. A lot of decision had to be made, how to organize the database, how to do the automatic fetching effectively, how to visualize and organize the Grafana dashboard (what looks best) and a lot more things, how to write the readme properly (making it beginner friendly). I have skipped lunch and had sleep less than 6 hours on the weekend :)

But here is the result of my hard effort, A free and open source project published for you all. Anyone can use this for free, and a generous license allows modification and distribution without any liability.

✅ Please check out the project : https://github.com/arpanghosh8453/garmin-grafana

Features

• Automatic data collection from Garmin
• Collects comprehensive health metrics including:
  • Heart Rate Data
  • Hourly steps Heatmap
  • Daily Step Count
  • Sleep Data and patterns (SpO2, Breathing rate, Sleep movements, HRV)
  • Sleep regularity heatmap (Visualize sleep routine)
  • Stress Data
  • Body Battery data
  • Calories
  • Sleep Score
  • Activity Minutes and HR zones
  • Activity Timeline (workouts)
  • GPS data from workouts (track, pace, altitude, HR)
  • And more...
• Automated data fetching in regular interval (set and forget)
• Historical data backfilling

Feel free to give it a try and go through the setup process (relatively easy and detailed if you are familiar with Linux and Docker). I have done all possible testing on my end, but can't confirm it's bugless because I only have two days worth of data to test with. You can fetch your old data from the Garmin connect server as well to visualize the trends on Grafana with this tool. This release is currently in Public beta (Just finished it today).

If this works for you and you love the visual, a word of support here will be very appreciated. You can star the repository as well to show your appreciation.

How it looks like?

Please note that the stats are missing on the dashboard because I just had this one for two days and only have data for the same from Garmin. I was able to upload some basic data from my Fitbit export, so there are a few stats which has more points.

Parent projects:

• python-garminconnectby cyberjunky: Garmin Web API wrapper
• garth by  martin : Used for Garmin SSO Authentication

Please share your thoughts on the project in comments or private chat and I look forward to hearing back the users. File a bug report if you find any, and star the repository if everything works out as expected.

A big thanks to r/Garmin community and active donors to the fundraiser for making this possible TOGETHER!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/selfhosted by /u/No-Concern-8832 on 2025-04-14 14:32:11+00:00.

---

Note: I'm not the developer. Developer is Matthew Rogers.

Found this little gem on GitHub. PAM is used in the enterprise environment for securing and monitoring server access. CyberArk is one of the most well known PAM. You can find it in most of the banks.

CyberPAM is a free PAM solution, that does the job in style. I think a PAM with a Matrix code effect is very cool :).

From the ReadMe:

CyberPAM is a comprehensive Zero Trust Privileged Access Management solution designed for secure access to Windows, UNIX systems, and web applications. With its beautiful dark-themed interface and robust security features, it provides enterprise-grade access control and session monitoring capabilities.

I made CyberPAM for my own use, but I'm happy to share it with the community. I've been working with PAM products for years and CyberPAM is the culmination of my experience. Session recording is a must have for any PAM product, and CyberPAM is the best I've seen from an Admin perspective, and user experience. Often implementations of PAM products take a long time to get to production, but not CyberPAM.