this post was submitted on 16 Aug 2025
57 points (100.0% liked)

Selfhosted

50550 readers
312 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
57
Selfhosting Sunday - What's up to date, selfhosters? (lemmy.nocturnal.garden)
submitted 1 day ago by tofu@lemmy.nocturnal.garden to c/selfhosted@lemmy.world
16 comments fedilink hide all child comments
 

With the recent Proxmox 9 release, many of us have the upgrade ahead or already done. What about you, and how do you generally approach updating your services? Which other updates are you looking forward to or is it just an annoying chore?

Also the usual - let us know what you are currently working on, what problems you are encountering and what you are excited about.

As for updates, I update my machines semi-regularly with Ansible. The Proxmox 9 update was unspectacular (good thing!), I just had to change some things in my Promox-post-install automation (nag bar removal and package sources). I still plan to get a merge request based update process for my containers as mentioned here but I'm just not there yet. That guide was also posted on reddit recently and got some traction.

I also spent some time yesterday to organize my nginx logs, they basically all got their own folder in /var/log/nginx with their own access log file by adding access_log /var/log/nginx/$server_name/access.log vhost_combined; to each config. Error log file paths can't contain variables so I kept them in the default file so far.

Recently enabled wireguard (easy setting in my FritzBox router) and stopped exposing some of my services to the internet. That process isn't finished yet though as I'll need to switch to wildcard certificates in order to keep valid SSL for the now local-only services.

top 16 comments
sorted by: hot top controversial new old
[–] thzihdd@feddit.org 5 points 18 hours ago (1 children)

I use Traefik as reverse proxy for local only services with let's encrypt certificates. Just needed to a) register the subdomains and b) expose port 80 for the challenges without anything being served on that port.

Wireguard into my network and local DNS via Pihole to ensure proper local IPs. Works like a charm.

[–] tofu@lemmy.nocturnal.garden 1 points 15 hours ago

I need to check what exactly I need to expose. I had 80 and 443 exposed but limited the access to local IPs in nginx like this:

    allow 192.168.x.0/24;  # Allow FritzBox subnet
    allow 10.0.0.0/24;       # Allow OpnSense subnet
    deny all;                # Deny all other IPs

I still have some services I want to expose so generally I'll keep the ports open.

[–] ikidd@lemmy.world 5 points 19 hours ago

Finally got a drive to replace a deader in my zpool. Raid10 ftw

[–] confusedpuppy@lemmy.dbzer0.com 4 points 21 hours ago

I finally got Caddy's TLS working with a custom module to handle DNS challenges. Turns out all I had to do was wait 10-15 minutes and everything would sort itself out.

Now on to the next puzzle. I started with Caddy in a Docker container and it's working as intended. Now I want to replicate that in Rootful Podman Compose but I'm running into an issue. With the exact same setup (docker-compose.yml, Dockerfile and Caddyfile) I can get my TLS cert without issue but I can't seem to connect to my website from any external browser. Not through my domain name or even through my home's local network.

Once I figure out how I can access my website, I'll be one step closer to where I want to be. Next will be to get Rootless Podman working, then I can finally set up the file server and kiwix instance instead of the test page I am currently using.

After that, I can finally spend time doing what I want to do and focus my time looking into the Gemeni Protocol.

Down the road I'll look into hosting an IRC server and Snikket instant messenger but that's super low priority. I like tinkering with my Raspberry Pi and my constant backup/restores wouldn't be good for reliability for such services.

[–] HelloRoot@lemy.lol 3 points 20 hours ago* (last edited 20 hours ago) (1 children)

I'm too lazy to spin up docker containers and config for stuff that would make my life a bit better, but not enough to warrant the hassle... Like for example a finance management software that can hook into my bank. Or document management with automatic email imports etc.

[–] grue@lemmy.world 3 points 19 hours ago (2 children)

Like for example a finance management software that can hook into my bank

What software would that be? I've been looking for a viable self-hosted alternative to Mint (and now Monarch Money) since forever.

[–] HelloRoot@lemy.lol 4 points 17 hours ago* (last edited 17 hours ago)

Firefly III is the one I had on my radar

@friend_of_satan@lemmy.world

[–] friend_of_satan@lemmy.world 2 points 18 hours ago

I'm also interested. I migrated from mint to Credit Karma... what a complete shit show. I really miss ooold mint.

[–] Eirikr70@jlai.lu 6 points 1 day ago

Upgraded to Debian Trixie two days ago. Runs flawlessly

[–] Object@sh.itjust.works 6 points 1 day ago* (last edited 17 hours ago)

sops-nix + rootless podman turns out to be much trickier than I imagined. Spent like 2 days over this shit just to get it in the central config when I could have just manually loaded the config files and change the permission... I eventually solved it by running rootlesskit in the activation script to copy the decrypted file into a temporary folder and changing the permission to the correct sub-user. Not worth the time though.

[–] stoy@lemmy.zip 3 points 1 day ago

I am currently in the final phase of building my first own built NAS.

(I have an oooooold Intel NAS, that I don't really use anymore....)

I need to populate the case with storage drives, I need to add an Intel GPU, a 10gbit NIC, and possibly add an HBA to add two SSDs for VM storage.

Currently I have a:

  • Jonsbo N4 case
  • Asrock B550m Pro4
  • AMD Ryzen 4600G
  • 32GB RAM
  • Kingston boot SSD
  • Corsair SF750 PSU

I am running TrueNAS on it, that was just installed to make sure that it is working, but I am planning on running it going forward, as I am mostly looking to run the server as a filserver.

[–] grue@lemmy.world 1 points 19 hours ago

I just upgraded my Proxmox to 9 last night, too!

...from 7, 'cause that's how long I'd been neglecting it. 😅

I've also been trying to get my old dual-Opteron server working again, after having abandoned it a couple of years ago due to what I thought was a bad motherboard (IIRC, it wasn't turning on at all). I was gonna buy a new motherboard since I happened to run across a cheap Ebay listing, but I decided to double-check the existing one first, and lo and behold, it booted!

Then I tried to update the ancient Proxmox on it from 6 to 7, and now it still turns on but doesn't successfully boot.

Also, I can't get it to boot from a flash drive for some reason, so I think I might have to take out the SSD, reinstall Proxmox on it from a different system, and then put it back in.

[–] carloshr@lile.cl 3 points 1 day ago (2 children)

I've just noticed that proxmox 9 is already available. I will check the procedure before upgrading my machine. Any suggestions regarding that?

@tofu @selfhosted

[–] TVA@thebrainbin.org 2 points 22 hours ago

I just followed their instructions and on 2 of the nodes in my cluster, I migrated all VMs/LXCs off and then did the upgrade and they went through without a hitch. For the last one, I just YOLO'd it and powered off the VMs/LXCs and upgraded it and it also went through without a hitch.

One thing I did find interesting was the systemd-boot packages needed to be removed and were on 2/3 of the machines. I basically intentionally keep their config as close to identical as possible, so I have no clue why it was only needed on 2 of them.

[–] tofu@lemmy.nocturnal.garden 3 points 1 day ago

Just that, they have a detailed description of the upgrade routine. Make backups :)

[–] themachine@lemmy.world 2 points 1 day ago

DC my server is at is shutting down so I have to bring everything home. Conveniently I just got hooked up with symetric 1G fiber so that's not too much of a problem now thankfully.

Currently exploring docker swarm as a method of using one of my external VPSs to route all external traffic though it to my hardware at home on my tailnet.

Swarm isn't required for this but figured I'd play around with it.