this post was submitted on 13 Mar 2026
1092 points (99.1% liked)

Selfhosted

57489 readers
1566 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
1092
Your logging is probably down (media.piefed.social)
submitted 16 hours ago* (last edited 16 hours ago) by Ek-Hou-Van-Braai@piefed.social to c/selfhosted@lemmy.world
158 comments fedilink hide all child comments
 
top 50 comments
sorted by: hot top controversial new old
[–] Bakkoda@lemmy.world 2 points 1 hour ago

I should do some breaking network changes... While tunneled in.

[–] Shayeta@feddit.org 1 points 1 hour ago* (last edited 1 hour ago)

One word: chaos engineering!

[–] fruitycoder@sh.itjust.works 2 points 2 hours ago

How is the kubernetes (k3s/rke2) migration coming along?

[–] Abbysimons@lemmy.world 15 points 5 hours ago (1 children)

The rare moment when everything actually works. 😄

[–] kamen@lemmy.world 4 points 2 hours ago (1 children)

Quick! Break something!

[–] mr_anny@sopuli.xyz 2 points 2 hours ago

Maybe try this...

[–] synapse1278@lemmy.world 2 points 4 hours ago

Living the good life

[–] paequ2@lemmy.today 16 points 7 hours ago (5 children)

Actually, one thing I want to do is switch from services being on a subdomain to services being on a path.

immich.myserver.com -> myserver.com/immich
jellyfin.myserver.com -> myserver.com/jellyfin

I'm getting tired of having to update DNS records every time I want to add a new service.

I guess the tricky part will be making sure the services support this kind of routing...

[–] suicidaleggroll@lemmy.world 15 points 6 hours ago* (last edited 6 hours ago) (1 children)

Why are you having to update your DNS records when you add a new service? Just set up a wildcard A record to send *.myserver.com to the reverse proxy and you never have to touch it again. If your DNS doesn't let you set wildcard A records, then switch to a better DNS.

[–] Scrath@lemmy.dbzer0.com 3 points 3 hours ago (2 children)

Not OP but a lot of people probably use pi-hole which doesn't support wildcards for some inane reason

[–] qjkxbmwvz@startrek.website 2 points 1 hour ago

I switched to Technitium and I've been pretty happy. Seems very robust, and as a bonus was easy to use it to stop DNS leaks (each upstream has a static route through a different Mullvad VPN, and since they're queried in parallel, a VPN connection can go down without losing any DNS...maybe this is how pihole would have handled it too though).

And of course, wildcards supported no problem.

[–] Croquette@sh.itjust.works 3 points 2 hours ago (1 children)

That's my case. I send every new subdomain to my nginx IP on pi-hole and then use nginx as a reverse proxy

[–] Scrath@lemmy.dbzer0.com 1 points 1 hour ago* (last edited 1 hour ago)

That was my exact setup as well until I switched to a different router which supported both custom DNS entries and blocklists, thereby making the pi-hole redundant

[–] CorvidCawder@sh.itjust.works 14 points 7 hours ago

Wildcard CNAME pointing to your reverse proxy who then figures out where to route the request to? That's what I've been doing - this way there's no need to ever update DNS at all :)

I find the path a bit clunky because the apps themselves will oftentimes get confused (especially front-ends). So keeping everything "bare" wrt path, and just on "separate" subdomains is usually my preferred approach.

[–] magic_smoke@lemmy.blahaj.zone 3 points 6 hours ago* (last edited 6 hours ago) (1 children)

Alternatively if you're tired of manual DNS configuration:

FreeIPA, like AD but fer ur *Nix boxes

Configures users, sudoer group, ssh keys, and DNS in one go.

Also lotta services can be integrated using LDAP auth too.

So far I've got proxmox, jellyfin, zoneminder, mediawiki, and forgejo authing against freeipa in top of my samba shares.

Ansible works too just because its uses ssh, but I've yet to figure out how to build ansible inventories dynamically off of freeIPA host groups. Seen a coupla old scripts but that's about it.

Current freeipa plugin for it seems more about automagic deployment of new domains.

[–] jjlinux@lemmy.zip 1 points 2 hours ago

Having a very similar infrastructure, I would love to know if you ever find anything that works for this. I've been maintaining a SnipeIT instance manually, but that's a real PITA. Tried the same with ITSM-NG, but haven't even lookid in it for months.

[–] HK65@sopuli.xyz 4 points 7 hours ago

In Nginx you can do rewrites so services think they are at the root.

load more comments (1 replies)
[–] PHLAK@lemmy.world 28 points 9 hours ago (3 children)

Time to start documenting it!

[–] irmadlad@lemmy.world 16 points 7 hours ago (1 children)

At 71, I have to document. I started a long time ago. I worked for a mec. contractor long ago, and the rule was: 'If you didn't write it down, it didn't happen.' That just carried over to everything I do.

[–] Vile_port_aloo@lemmy.world 5 points 5 hours ago (1 children)

Do you write down what you write down on the internet?

[–] irmadlad@lemmy.world 2 points 3 hours ago

As in a blog or wiki? I do not because I am not authoritative. What I know came from reading, doing, screwing it up, ad nauseam. When something finally clicks for me, I write it down because 9 times out of 10, I will need that info later. But my writing would be so full of inaccuracies that it would be embarrassing and possibly lead someone astray.

[–] BuboScandiacus@mander.xyz 11 points 9 hours ago

NEVER1!!!11!!

load more comments (1 replies)
[–] jeffep@lemmy.world 11 points 8 hours ago (3 children)

Can't believe nobody here mentioned nixOS so far? How about moving all of your configs in a flake and manage all of your systems with it?

[–] FauxLiving@lemmy.world 8 points 8 hours ago (2 children)

I made a git repo and started putting all of my dot files in a Stow and then I forgot why I was doing it in the first place.

load more comments (2 replies)
load more comments (2 replies)
[–] nonentity@sh.itjust.works 88 points 12 hours ago (1 children)

If it’s stable, it’s not a lab.

That’s infrastructure.

load more comments (1 replies)
[–] fleem@piefed.zeromedia.vip 8 points 8 hours ago (3 children)

heck i really wish we could all throw a party together. part swap, stories swap. show off cool shit for everyone to copy.

help each other fill in the missing pieces

y'all seem like cool peeps meme-ing about shit nobody else gets!

time to test the backups!

[–] moonpiedumplings@programming.dev 2 points 5 hours ago

https://infosecmap.com/

https://wiki.hackerspaces.org/List_of_Hacker_Spaces

Also check out meetup.com for linux user groups and other events.

[–] irmadlad@lemmy.world 5 points 7 hours ago

time to test the backups!

Always a white knuckle event for me

[–] Ensign_Crab@lemmy.world 5 points 8 hours ago

You just described a convention.

[–] Coleslaw4145@lemmy.world 37 points 11 hours ago* (last edited 10 hours ago) (18 children)

Now try migrating all your docker containers to podman.

[–] emerald@lemmy.blahaj.zone 1 points 3 hours ago

And then migrate all your podman containers to proxmox

load more comments (17 replies)
[–] DownByLaw@sh.itjust.works 33 points 11 hours ago (6 children)

Have you already tried implementing an identity provider like Authentik, so you can add OIDC and ldap for all your services, while you are the only one that’s using them? 🤔

load more comments (6 replies)
[–] truthfultemporarily@feddit.org 129 points 14 hours ago (12 children)

Have you tried introducing unnecessary complexity?

load more comments (12 replies)
[–] rumba@lemmy.zip 6 points 8 hours ago

Nothing to install? Not with that attitude!

Start a 10" rack.

[–] Avicenna@programming.dev 14 points 10 hours ago (3 children)

You can always configure your vim further

load more comments (3 replies)
[–] irmadlad@lemmy.world 3 points 7 hours ago

OP, totally understand, but this is a level of success with your homelab. Nothing needs fiddling with. Now, there is a whole Awesome Self Hosted list you could deploy on a non-production server and run that through the paces.

[–] squirrel@piefed.zip 193 points 16 hours ago (2 children)

Let's tinker around and accidentally break something.

[–] FreshLight@sh.itjust.works 1 points 1 hour ago

My ~~man~~ person!

load more comments (1 replies)
load more comments
view more: next ›