It's the first idea I had when it came to making sure login on my server is secure. Instead of having a small password that relies on my fallinble memory and may be also guessed in a not-completely-rodiculous amount of time.

Meanwhile a fairly small file, something like a 512 byte "user.key", to be uploaded along with your username, or even just having your username built-in, seems much safer.

I wanted to do some math but I could only find limited calculators for doing calculations with such big numbers so have the amount of possible combinations the file may have:

What am I missing? I assume I'm missing something, because the idea of something like this going over a lot of smart programmers and developers' heads does not sound right

Reddit's API is effectively dead for archival. Third-party apps are gone. Reddit has threatened to cut off access to the Pushshift dataset multiple times. But 3.28TB of Reddit history exists as a torrent right now, and I built a tool to turn it into something you can browse on your own hardware.

The key point: This doesn't touch Reddit's servers. Ever. Download the Pushshift dataset, run my tool locally, get a fully browsable archive. Works on an air-gapped machine. Works on a Raspberry Pi serving your LAN. Works on a USB drive you hand to someone.

What it does: Takes compressed data dumps from Reddit (.zst), Voat (SQL), and Ruqqus (.7z) and generates static HTML. No JavaScript, no external requests, no tracking. Open index.html and browse. Want search? Run the optional Docker stack with PostgreSQL – still entirely on your machine.

API & AI Integration: Full REST API with 30+ endpoints – posts, comments, users, subreddits, full-text search, aggregations. Also ships with an MCP server (29 tools) so you can query your archive directly from AI tools.

Self-hosting options:

• USB drive / local folder (just open the HTML files)
• Home server on your LAN
• Tor hidden service (2 commands, no port forwarding needed)
• VPS with HTTPS
• GitHub Pages for small archives

Why this matters: Once you have the data, you own it. No API keys, no rate limits, no ToS changes can take it away.

Scale: Tens of millions of posts per instance. PostgreSQL backend keeps memory constant regardless of dataset size. For the full 2.38B post dataset, run multiple instances by topic.

How I built it: Python, PostgreSQL, Jinja2 templates, Docker. Used Claude Code throughout as an experiment in AI-assisted development. Learned that the workflow is "trust but verify" – it accelerates the boring parts but you still own the architecture.

Live demo: https://online-archives.github.io/redd-archiver-example/ GitHub: https://github.com/19-84/redd-archiver (Public Domain)

Pushshift torrent: https://academictorrents.com/details/1614740ac8c94505e4ecb9d88be8bed7b6afddd4

With the official app no longer updated (i don't trust the forks), i'm looking for alternatives for 2 way sync between my Android phone and my Linux server. I've tried nextcloud a long time ago and the experience was very bad. Are there any new tools that i can use?

following up on my previous post:

it turns out that, like anything else weird in infrastructure, it was DNS

I registered mydomain.com as my primary router’s domain, re-ran the experiment with a fresh 128 char subdomain, and I received zero scans on the new domain.

Now my question is, who’s making that one query that leaks my domain name? Is it Apache on startup?

One solution is to resolve all my subdomains on /etc/hosts so it never has to leave the box, but I’m curious what a more experienced net admin would suggest.

I've been running Immich for about 6 months now, and it's smooth and stable.

I've synced my camera roll to it and loving it.
Next step is to move the ~150gb of media on Google-Photos over.
How do I best do that?

I also have some other issues I'd like to address before or after the migration:

1. I have a bunch of crap mixed into my Google photos, old WhatsApp images from meme groups I used to be in etc.
2. Thousands of photos of Ex girlfriends mixed in (not exactly sure what to do about these)

Is there a way to siff through these efficiently and keep what I want? I have ~20k photos some dating back to 2006 so it feels like a mountain to climb.

Anyone using Revolt as a Discord alternative? What has your experience with it been? Do the voice chats work reliably? What about screen sharing? Is it easy to use? What hardware do you host it on? What about moving people over from Discord to Revolt?

I'm considering buying some.more solid self hosting hardware at some point and considering hosting a Revolt server for friends and a community that we're moderating.

Other software recomendations are also welcome, but keep in mind that voice chats and screen sharing are features that we very often use, so something that's primarily text-based like matrix won't work.

I'd also like to hear your thoughts on converting people to non-mainstream software. I'd expect it to not work so smoothly, since discord is such a go-to platform for so many people and most of them follow multiple communities on there. The convenience aspect is a big thing.

Please share whatever thoughts you have on this topic.

Hi!

Maybe someone can help me with a problem I’m having, vaguely related to self hosting.

I want to use a domain with let’s encrypt certificates locally. I realise the only way to do this is a (automated) DNS-01 challenge if I don’t want to expose anything to the outside.

Those DNS challenges require my name server to have some kind of API to automate the process. My registrar/name server doesn’t have a API unfortunately.

I want to use the opportunity to switch my registrar and name server in one go, but I’m pretty picky…

My wish list is:

• MFA for general account administration
• scoped tokens or account for API access (don’t need or want to manage everything by API)
• can handle .at domains
• not cloudflare
• registrar and name server should be one entity if possible
• european if possible
• supported by ngnix proxy manager if possible

Backup plan would be picking a registrar which supports DNSSEC for .at domains and use desec.io I guess.

But maybe the hive mind has a good recommendation for me? :)

Thank you in advance for reading! I’m aware I’m just a bit extra, but i want to be able to just ignore the whole name server and domain topic for the next ten years again if I can.

Cheers!

Hello people, I recently rented a vps server from OVH and I want to start hosting my own piefed instance and a couple other services. I am running debian 13 with docker, and I have nginx proxy manager almost set up. I want to set up subdomains so when I do social.my.domain it will go to my piefed instance, but how do I tell the machine to send piefed traffic to this subdomain and joplin traffic (for example) to another domain? Can I use nginx/docker natively for that or do I have to install another program. Thanks for the advice.

Hey there selfhosted community.

Does anyone here have experience with silent or mostly silent storage solutions? I would like to implement a NAS solution for my homelab and home.

I tried a fully fledged consumer NAS (QNAP with Seagate 12 TB NAS drives) but the noise of the platters was not acceptable. Currently I have a external WD drive attached via USB to my mini PC/server but I would really love to implement some kind of redundancy in the form of a NAS from where the critical files would be backed up to Hetzner for offsite and on external drives.

I don't need a ton of space. My most critical items are photos. As silent operation is very important I started looking into ssd NAS solutions. Does anyone have experience with Beelink ME mini? Other solutions I looked into where either overkill or horrendously expensive.

I would really like to pull the trigger on a solution here before the prices for storage will skyrocket in the future.

Hi everyone, it's been a while since my last update.

Just a recap: Postiz is an open-source social media scheduling tool supporting 25 social media channels/platforms.

You can craft different posts, schedule them in advance, and cross-post them to multiple platforms, and use various tools to make them better.

https://github.com/gitroomhq/postiz-app

Any star would be amazing ❤️

---

Until today, we have used BullMQ to schedule all posts in advance.
Simple Redis queue system.

But what happened is that it was really hard to maintain it because we:

• Queue for webhooks
• Queue for comments
• Queue for plugs
• Queue for internal plug

They were all self-replenishing queues, meaning that when one queue finishes, it creates another.

Don't take my word for it; something was also wrong in BullMQ (I might be wrong), but some things would vanish.

It was a large, chaotic salad with many bugs.
I investigated further and determined that workflow execution is the best approach.
I reviewed Temporal/DBOS and Inngest and decided to go with Temporal.

I think it's the most open-source-friendly and better for scaling (I might be wrong)

With a big blitz, I consolidated all my huge salad code into a single workflow.

You can also now check your workflow states at http://localhost:8080/ (temporal workflow viewer)

I usually wouldn't post an update on the channel for something like this, but this one was important: if you use Postiz and upgrade from an older version, it will crash.

We have updated our docker-compose docs to the new one.

If you manage to test it, let me know how it goes.

Once you run the new Postiz architecture, any old posts will be moved to Temporal using the Temporal Cron we have configured.

We barely had any new features lately. Postiz's goal today is to be the best social media scheduler possible. That means FIXING DAMN BUGS, and solving technical debt.

If you want to stay with the legacy BullMQ version, don't upgrade after v2.11.3.

I know that many websites, such as Coolify, Cloudron / Elastio, are currently offering Postiz. They are not updated to the new infrastructure; they will fail if you try to deploy. So until they fix it, use v2.11.3.

I am sorry for the significant change, and I know it's a challenge.

[EDIT: Apologies for missing rule 3, my question is quite hardware focused. I will post any future follow ups elsewhere]

Hello fellow Lemmings (?).

Full disclosure, the text below is identical to my post on the OPNSense Forum, so apologies if you get déjà vu. I can edit the post and make it totally unique if just copying and pasting it here is against the rules, but I just figured that Lemmy would be a great place to get advice as well, as it embodies the selfhosting/homelab ethos and I might get some more diverse/independent advice here.

My Post

I will be building out a homelab and would like to have the router running OPNSense. I am coming from a Fritzbox 7530 AX.

I am considering a number of hardware options and would appreciate some advice to help me narrow it down.

Use Case

My use case, as I implied above, is to set up a homelab but also just have a secure and functional home network, so I can do the following:

• Segment my network into multiple VLANs
• Set up semi-managed switches
• Set up access points
• Explore the IDS/IPS features - will probably run CrowdSec
• Support personal devices for a household of 2-4 people
• Set up PoE security cameras on seperate VLAN
• Establish homelab to mess about with things like HomeAssistant, etc.
• Set up a VPN or similar means of accessing self-hosted services when away from home
• Future proof my network, at least 2.5G capable

My maximum budget would be €800, though ideally I'd like to stay well under that if possible.

Ready and Purpose Built Options

As far as brand new devices, I have been looking at the following:

1. Protectli VP2430

Pros:

• From my understanding, specs wise it should be able to handle everything I need.
• I can also configure it to have more than 8GB of RAM or just get it with 8GB and update it myself down the road if I see the need.
• Can be configured with Coreboot -Can be configured with a TPM
• Has a standard 2-year warranty

Cons

• American company (with EU offices) - would prefer to support an EU company and not have to worry about current/future international relations
• Relatively pricey, considering similar devices are available from Ali Express and other similar marketplaces

Overkill alternative:

Protecli VP2440

Similar pros and cons, just not sure if getting 10GbE is worth it.

I am not really convinced of the various Chinese brands that do similar devices, primarily due to concerns regarding ongoing support and security updates, but if somebody has similar suggestions that address these concerns somewhat, I would be interested in finding out more.

2. DEC697

Pros:

• From my understanding, specs wise it should also be able to handle everything I need.
• Supports OPNSense development
• European
• Comes with 2 year warranty
• Comes with 1 year OPNSense Business Edition

Cons:

• RAM not upgradable, may not be as future proof?[/li]
• Also pretty pricey

Questions I have about this product:

• Since this is running an AMD chip, does the lack of Coreboot still present a loss in terms of privacy and security?
• How limiting will 8GB be going forward?

Overkill alternative:

DEC750

Again, mainly for 10G future proofing.

Mini PCs

I have also looked into repurposing a SSF/USFF device as a router, like for example a Lenovo ThinkCentre M720q. I also have access to a bunch of Optiplex 5070 Micros, but these don't have the advantage of the PCIe slot (when used with a riser) that the Lenovo has.

Pros

• Much cheaper
• Possibly slightly better specs
• Can be configured with more RAM later
• Relatively low power still

Cons

• Sourcing a device that's in good condition, with original power brick may be difficult
• Need to source reputable/genuine Intel NIC
• Need to source riser for PCIe slot or alternative for the Optiplex option
• Very DIY, would feel afraid of misconfiguring the device and exposing myself to security issues
• No warranty or support
• Not as quiet
• Higher power consumption

I also have an old Intel i5-4960k and GTX 970 system lying about in a big case, which maybe I could look at converting into a small form factor build, similar concerns as above though (mainly around security). In general, I am comfortable enough with problem solving with servers and personal devices as a Linux user, but ideally my router would be fairly set and forget (and reliable!), which I'm not sure these options would provide.

Open to any alternatives in this space that would be more straightforward than the ThinkCentre/Optiplex 5070 Micros.

Bonus questions:

1. Has anybody had luck putting a device with OPNSense on it downstream of a FritzBox (which doesn't seem to support bridge mode) without too many issues due to double NAT? I've heard mixed reports that you can put the OPNSense router in the DMZ and forward traffic there, in order to avoid some issues with double NAT.
2. Does anybody have any suggestions for PoE capable switches and access points that play nicely with OPNSense - I've been considering MicroTik but I'm not entirely sure what to look for.

Any advice very much appreciated. Happy to elaborate on anything if need be.

edit: spent all day tryimg to make this work, in the end i got rid of the opnsense services, unbound and dnsmasq, and brought dhcp over to tDNS

I have been trying to set up Technitium DNS server (TDNS hereafter) for its clustering and fail over capabilities, it really does seem to be a one stop shop for DNS capabilities. But I have been hitting a wall so I'm asking if anyone here can see the flaw in my plan.

I have not been using TDNS for DHCP as it lacks ipv6 and router advertisements right now. And I like the idea of DHCP on the firewall router.

I have an opnsense firewall with DNSmasq performing DHCP and DNS forwarding to the Technitium server, which is hosted on proxmox in an lxc. I own my own public domain, example.com for our purposes here.

TDNS is set to "allow recursion only for private networks" this means that if something external tried to resolve using my TDNS they'll be refused, correct? I ask because that could as be interpreted as not forwarding to external dns when needed.

I set NAT rules to force TDNS port 53 routing. TDNS is set to forward to quad9 and cloud flare externally. DNS blocking lists are set in TDNS.

I don't really know what I'm doing with zones but I have a primary zone set with example.com. I set some static hosts records in this zone and enabled reverse lookup, expecting servicehost.example.com

query logs app enabled in TDNS.

Edit: 10.2.0.1 turned out to be my vpn’s dns server (When nslookup google.com from a laptop on this LAN, it returns Server: 10.2.0.1 Address: 10.2.0.1#53

nonauthoritative answer: google.com with ip information repeated.

I don't under stand this return as it's an ip outside my lan net and dhcp provisioning.)

Unable to reach external net when NAT rules active.

It seems the DHCP is handing out the fire wall's ip for DNS server, 100.100.100.1 is that the expected behavior since DNSmasq should be forwarding to TDNS 100.100.100.333. Why not just hand out the TDNS address?

Do I have some setting misconfigured in either DNSmasq/opnsense or TDNS?

Hello!! Some recent technical problems on my family's NAS gave me a big scare and finally pushed me to figure out a way to back it all up. I'm asking here specifically because I really don't know where to even starts because of the fact I've got just under 50 terabytes worth of data stored in a 7-disk RAID-5 and would prefer to keep it cheap. What are your suggestions?

Edit: thank you for all the suggestions, I'll probably be considering using Backblaze for backups, or perhaps seeing if I can scrounge up old unused disks from people I know. Thank you all again <3

I have been using a NAS running TrueNAS for a couple of weeks now. From the App GUI for setting up Docker containers, which I genuinely despise, to the removal of SMART tests in the new version, I don't think this was a good call. So I'm thinking I might as well DIY it, although if you believe that may be a questionable idea, feel free to mention that!

Because of that, I am looking at Debian, as it seems to be the standard server OS, and I have used it a little before. I have light server administration experience, although not a lot, and no specific knowledge of how to optimize one to act as a NAS. I am, however, reasonably familiar with Linux in general.

• How do I optimize Debian for NAS use?
• What utilities should I install that provide system info, allow for network shares, and so on?
• Are there things that TrueNAS did that I may be unaware of and should also set up for myself on Debian?
• Do you have any tips and suggestions for what I should install in addition to that? Maybe some power optimization tools or useful dashboard software?
• Can I just wipe the OS drive, put Debian on there, and then mount my pool once Debian is set up for ZFS, or does TrueNAS do anything special to the filesystem? If not, how should I migrate the existing data? (Mostly videos, pictures, documents, and a Home Assistant setup)
• What are good resources to find help with Debian server administration?
• Are there any issues with Nvidia? If so, how do I fix them? I have an old Nvidia GPU in the NAS for video encoding since my CPU doesn't have an iGPU.
• Are there common pitfalls in this for people with little experience like me?

I'd be glad to get some info on these topics to know if this is a reasonable idea or if I should just stick with what I have.

Youlag is a FreshRSS extension that allows you to browse your YouTube and article feeds through a modernized design that incorporates quality-of-life features.

Optimized for both watching videos and reading articles.

Why?

Stay connected with creators without a Google account by using RSS. Don't be tied to a specific platform and access your subscriptions from any device.

You can also use Youlag solely for its theme and quality of life features, ignoring any video feature.

Highlights v4.1.0

This is the biggest update yet, featuring many customization options! Additionally, the UI has been refreshed, along with numerous tweaks and performance improvements.

• Whitelist specific categories to use the video mode layout
• Block incoming YouTube shorts
• Modernized interface for articles
• Swipe down in video mode to activate mini player
• Mini player follows across pages; read articles while keeping a floating video at the bottom

...25+ more updates in the changelog

Other features

• Use Invidious instance as video playback source
• Fullscreen video interface for viewing videos
• Close videos/articles using Esc key or browser Back navigation.
  • Especially handy for smartphones, where you can swipe to trigger Back.

Find more details: https://github.com/civilblur/youlag

Before you scream at your screen, I am aware this setup isn't ideal, to say the least, my Self-hosting has been composed of a laptop with a usb carry with a 2.5 1tb hard drive. I recent made up my mind about getting a couple 4 tb server hdd (heard barracuda are relatively silent) to run software raid 1, since I can't find a budget double bay carry (that I can purchase locally) I've decided I'll get a couple 3.5 inch usb cases and get a splitter to run the power from just just one brick.

My question is regarding resiliency, I get occasional blackouts and low tension every now and then, a few times a year but it can be a few times in a day. I've never had hardware dying because of it and I don't have a UPS, but I worry I could be risking data corruption or something swapping to this setup because of the extra power those drives will need being fed from the wall instead of the laptop (the laptop feeds the current drive over usb alone and it has a battery) which could be abruptly cut off every now and then. Right now, the worst this has caused has been having to reboot the system because it got unmounted but never had a loss of data from this.

Am I worrying for nothing? Would it be just the same? Should I just put this off until (if) I can afford the drives plus a ups? So far I've had my server for basically free, but I'm running out of space for family photos and I kinda have to upgrade.

Edit: Thanks a lot for all the thoughtful responses! What I've learnt from them so far:

• ZFS (what's used for software RAID) takes some extra memory and might not be the best idea for a memory constrained system.
• In this case of mirrored drives, it's better to schedule backups than to try a flimsy raid array usb abomination, didn't even think of that as an option
• Sudden power loss is likely to corrupt files
• Following the previous item, a UPS is more important than I thought, my laptop's battery probably saved me from more corruption than I was aware of. I might have to prioritize that over the expansion.

Learned a lot so far, thank you all so much!

Hello everyone!

Journiv is a self-hosted private journaling application that puts you in complete control of your personal reflections. Built with privacy and simplicity at its core, Journiv offers comprehensive journaling capabilities including mood tracking, prompt-based journaling, media uploads, analytics, and advanced search. All while keeping your data on your own infrastructure.

Journiv v0.1.0-beta.11 is out with

• Day One Import - Own your data forever and import them from Day One
• Location and Weather - Attach location and weather to your entries
• Tags Management - Complete Tag management with tag based filtering and tag analytics
• Auto Save - Never lose your entry in draft mode
• Media de-duplication: Attach same media to multiple entries/journal without consuming more space.
• Journiv Plus: Gives supporters additional features as a thank you for supporting the development of Journiv. Thanks to Kavita developer majora2007 for providing some guidance on this.
• and many more features and bug fixes.

The Journey Ahead

Journiv is in active development, with a fully functional backend, a web frontend, and mobile apps launching soon. It is self-hosted, and designed to be your companion for decades.

Journiv is being built because our memories deserve to be ours, forever.

Learn More

• Spin up Journiv
• Watch other demo videos
• Want to just try a demo? https://demo.almostadatacenter.com/ (Thanks to JasonFieldz for hosting a demo instance): username: demo@test.com password: Demo1234

I am slowly setting up my home environment. I was looking at ways to access my services from my mobile device. I know a lot of folks set up Traefik but I have a Unifi System and that has Teleport. I have tested it on my mobile device and I can connect to local devices that are not opened to the internet. I am curious if people have used this as an alternative and how it worked out.

Since I already have the Unfi system I was hoping this could work for me so I don't need to mess with anything else.

I generated 16 character (upper/lower) subdomain and set up a virtual host for it in Apache, and within an hour was seeing vulnerability scans.

How are folks digging this up? What's the strategy to avoid this?

I am serving it all with a single wildcard SSL cert, if that's relevant.

Thanks

Edit:

• I am using a single wildcard cert, with no subdomains attached/embedded/however those work
• I don’t have any subdomains registered with DNS.
• I attempted dig axfr example.com @ns1.example.com returned zone transfer DENIED

Edit 2: I'm left wondering, is there an apache endpoint that returns all configured virtual hosts?

Edit 3: I'm going to go through this hardening guide and try against with a new random subdomain https://www.tecmint.com/apache-security-tips/

I used to self-host because I liked tinkering. I worked tech support for a municipal fiber network, I ran Arch, I enjoyed the control. The privacy stuff was a nice bonus but honestly it was mostly about having my own playground. That changed this week when I watched ICE murder a woman sitting in her car. Before you roll your eyes about this getting political - stay with me, because this is directly about the infrastructure we're all running in our homelabs. Here's what happened: A woman was reduced to a data point in a database - threat assessment score, deportation priority level, case number - and then she was killed. Not by some rogue actor, but by a system functioning exactly as designed. And that system? Built on infrastructure provided by the same tech companies most of us used to rely on before we started self-hosting. Every service you don't self-host is a data point feeding the machine. Google knows your location history, your contacts, your communications. Microsoft has your documents and your calendar. Apple has your photos and your biometrics. And when the government comes knocking - and they are knocking, right now, today - these companies will hand it over. They have to. It's baked into the infrastructure. Individual privacy is a losing game. You can't opt-out of surveillance when participation in society requires using their platforms. But here's what you can do: build parallel infrastructure that doesn't feed their systems at all. When you run Nextcloud, you're not just protecting your files from Google - you're creating a node in a network they can't access. When you run Vaultwarden, your passwords aren't sitting in a database that can be subpoenaed. When you run Jellyfin, your viewing habits aren't being sold to data brokers who sell to ICE. I watched my local municipal fiber network get acquired by TELUS. I watched a piece of community infrastructure get absorbed into the corporate extraction machine. That's when I realized: we can't rely on existing institutions to protect us. We have to build our own. This isn't about being a prepper or going off-grid. This is about building infrastructure that operates on fundamentally different principles:

Communication that can't be shut down: Matrix, Mastodon, email servers you control

File storage that can't be subpoenaed: Nextcloud, Syncthing

Passwords that aren't in corporate databases: Vaultwarden, KeePass

Media that doesn't feed recommendation algorithms: Jellyfin, Navidrome

Code repositories not owned by Microsoft: Forgejo, Gitea

Every service you self-host is one less data point they have. But more importantly: every service you self-host is infrastructure that can be shared, that can support others, that makes the parallel network stronger. Where to start if you're new:

Passwords first - Vaultwarden. This is your foundation. Files second - Nextcloud. Get your documents out of Google/Microsoft. Communication third - Matrix server, or join an existing instance you trust. Media fourth - Jellyfin for your music/movies, Navidrome for music.

If you're already self-hosting:

Document your setup. Write guides. Make it easier for the next person. Run services for friends and family, not just yourself. Contribute to projects that build this infrastructure. Support municipal and community network alternatives.

The goal isn't purity. You're probably still going to use some corporate services. That's fine. The goal is building enough parallel infrastructure that people have actual choices, and that there's a network that can't be dismantled by a single executive order. I'm working on consulting services to help small businesses and community organizations migrate to self-hosted alternatives. Not because I think it'll be profitable, but because I've realized this is the actual material work of resistance in 2025. Infrastructure is how you fight infrastructure. We're not just hobbyists anymore. Whether we wanted to be or not, we're building the resistance network. Every Raspberry Pi running services, every old laptop turned into a home server, every person who learns to self-host and teaches someone else - that's a node in a system they can't control. They want us to be data points. Let's refuse.

What are you running? What do you wish more people would self-host? What's stopping people you know from taking this step?

EDIT: Appreciate the massive response here. To the folks in the comments debating whether I’m an AI: I’m flattered by the grammar check, but I'm just a guy in his moms basement with too much coffee and a background in municipal networking. If you think "rule of three" sentences are exclusive to LLMs, wait until you hear a tech support vet explain why your DNS is broken for the fourth time today.

More importantly, a few people asked about a "0 to 100" guide - or even just "0 to 50" for those who don't want to become full time sysadmins. After reading the suggestions, I want to update my "Where to start" list. If you want the absolute fastest, most user-friendly path to getting your data off the cloud this weekend, do this:

The Core: Install CasaOS, or the newly released (to me) ZimaOS. It gives you a smartphone style dashboard for your server. It’s the single best tool I’ve found for bridging the technical gap. It's appstore ecosystem is lovely to use and you can import docker compose files really easily.

The Photos: Use Immich. Syncthing is great for raw sync, but Immich is the first thing I’ve seen that actually feels like a near 1:1 replacement for Google Photos (AI tagging, map view, etc.) without the privacy nightmare.

The Connection: Use Tailscale. It’s a zero-config VPN that lets you access your stuff on the go without poking holes in your firewall.

I’m working on a Privacy Stack type repo that curates these one click style tools specifically to help people move fast. Infrastructure is only useful if people can actually use it. Stay safe out there.

Sup. I have proxmox configured to start a Jellyfin LXC whenever the host (re)starts. However, the /dev/nvidia* devices do not appear until I manually run nvidia-smi (probably anything nvidia* would would work) on the host, so the autostart is failing. Any ideas why I would need to run something likenvidia-smi first to get/dev/nvidia* devices to show up?