this post was submitted on 12 Apr 2026
137 points (99.3% liked)

Selfhosted

58609 readers
612 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
137
Colota 1.x - Open Source Android GPS Tracker with selfhosted backend support (colota.app)
submitted 6 days ago* (last edited 6 days ago) by mxdcodes@lemmy.world to c/selfhosted@lemmy.world
28 comments fedilink hide all child comments
 

Hi there,

recently there has been a post here about Colota and thought you might be interested in a short summary about Colota.

I am tracking my position since several years now mainly with Owntracks (and now Colota) and a simple postgres DB/table.

I am a fan of the indieweb and eat what you cook and with already some million location points collected I recognized some pattern in existing GPS trackers I wasn't happy about:

  1. Battery consumption
  2. Duplicate points while staying in the same location for a long time

So I decided to build my own GPS tracker and called it Custom Location Tracker.

Improved battery consumption should come from disabling GPS entirely in so called "geofences" which are basically circles you draw on a map in the app. With GPS disabled in these you also won't get duplicate points while staying at e.g. home or work.

The app is still quite new (actively developed since early 2026) but has already quite a lot of features which basically all came from user feedback. E.g.:

  • Automatic Tracking profiles which apply different tracking settings while e.g. being connected to Android Auto, moving slower than 6km/h or while the phone is currently charging.
  • The app works fully offline (map will not be visible then) but you can predownload map tiles from a tile server I selfhost or use your own tile server.
  • You can define how locations are synced to your backend. E.g. only for a specific Wi-Fi SSID every 15min, once a day or with every location update.

Overall the app's focus should move to be a mobile location history app. So basically Google Timeline in a mobile app which also supports selfhosted backends (as backup).

The app is fully open-source AGPL-3.0, has no ads, analytics or telemetry and only sends data to your own server (if you want to).

You can download two versions.

  1. Google Play store which uses Fused Location Provider and therefore uses Google APIs. Also works with the sandboxed version by GrapheneOS and microG.
  2. FOSS version which uses Android's native GPS provider with a network location fallback. Available on IzzyOnDroid and hopefully someday on F-droid.

Both can be also downloaded directly from the repo.

all 29 comments
sorted by: hot top controversial new old
[–] q7mJI7tk1@lemmy.world 1 points 3 days ago (1 children)

Hi mxdcodes. I have been using your app for the past month in a sort of testing phase with Darawich. I have used GPS Logger and Reitti since October last year, which is still running, but Colota offers a lot more exciting possibilities of data collection and so I'll probably switch across pretty soon. I got hit by the bug a while back of it stopping once entering a geofence, but I saw that got fixed promptly so thanks for all of this.

I love all that you and others who code for the (wider) selfhosted community offer, so let me say that for every person criticizing your app and all the effort you have put in, there are hopefully 1000x more of us who are truly grateful for what you and others do. I find it odd that people who are concerned about having their location history hacked by someone are actually wanting to record their location history in the first place. Seems the obvious answer is to... not track your location history with ANY app.

Keep up the good work!

[–] mxdcodes@lemmy.world 1 points 3 days ago* (last edited 2 days ago)

Thank you, really appreciate it! Glad to hear Colota is working well with Dawarich for you so far. Feedback and criticism are always welcome. Most of it has led to real improvements in the app. I think a casual forum thread is probably just not the best setting for deep technical discussions, where context shifts quickly, everyone has a different background and nuance gets lost.

[–] Ulrich@feddit.org 8 points 6 days ago* (last edited 6 days ago) (1 children)

Why a dedicated backup server instead of just backing up to a local file that can then be backed up to a service of choice?

Also for profiles, it would make more sense to use Bluetooth to detect a vehicle or WiFi to detect when you're home vs. Geofencing or Android Auto or speed. How can it tell when you leave the geofence if the GPS is off?

[–] mxdcodes@lemmy.world 8 points 6 days ago* (last edited 6 days ago) (1 children)

Probably phrased that wrong. There is no backup server. Users can create and add one if they like.

Colota offers out of the box file export (csv,geojson, gpx and kml) and supports hive_partitioning via variables in the endpoint (https://colota.app/docs/configuration/server-settings#url-variables).

Colota already uses WiFi for home detection (WiFi pause in geofence zones) and Android Auto/car mode for vehicle profiles.

How can it tell when you leave the geofence if the GPS is off?

GPS is only turned off by being connected to a WiFi or being motionless (or both) while being in a geozone. When wifi disconnects or/and motion is recognized the GPS starts again.

Bluetooth detection is the one thing that doesn't exist. It could be a useful addition. I will note that. Thank you for the feedback!

[–] Ulrich@feddit.org 2 points 6 days ago (1 children)

There is no backup server. Users can create and add one if they like.

No I understood the server is self-hosted...?

Colota offers out of the box file export

I see that but this should be an automatic backup process. Plus there's no way I can see to IMPORT that data somewhere else.

When I use an app like Fitotrack, it automatically makes a backup file periodically and then is automatically backed up to my server with Nextcloud or Syncthing. I don't need a dedicated server for it.

Colota already uses WiFi for home detection (WiFi pause in geofence zones)

How can it do that when it didn't ask me for an SSID? And what's the point of the geofence if it doesn't even use it anyway? I am cornfuse.

When wifi disconnects or/and motion is recognized the GPS starts again.

How is motion recognized without GPS?

[–] mxdcodes@lemmy.world 4 points 6 days ago (1 children)

No I understood the server is self-hosted…?

Colota is client-only. There is no Colota server software. When you add a server endpoint in the settings, you're pointing it at your own existing server (Dawarich, Home Assistant, Traccar or any HTTP endpoint). Colota doesn't provide or require any server component. It just sends data where you tell it to.

I see that but this should be an automatic backup process. Plus there’s no way I can see to IMPORT that data somewhere else. When I use an app like Fitotrack, it automatically makes a backup file periodically and then is automatically backed up to my server with Nextcloud or Syncthing. I don’t need a dedicated server for it.

Colota actually has automatic file export (Settings > Export Data > Auto-Export) that periodically exports to a directory on your device. From there Syncthing/Nextcloud can pick it up. Import is not yet available but is planned. There is no dedicated server needed and also not offered to setup. However you can create a webhook on your own server for the app if you want to. See e.g. https://colota.app/docs/integrations/custom-backend.

How can it do that when it didn’t ask me for an SSID? And what’s the point of the geofence if it doesn’t even use it anyway? I am cornfuse.

WiFi pause doesn't use a specific SSID. It detects any unmetered network (WiFi/Ethernet) while you're inside a geofence zone. The geofence defines where the pause should happen, the WiFi connection confirms you're settled there and is used to detect when you leave it. Without the geofence, any WiFi connection would pause tracking everywhere.

How is motion recognized without GPS?

Motion detection uses the device's hardware motion sensor (if available). It's a low-power sensor that fires when physical movement is detected.

[–] Ulrich@feddit.org 1 points 6 days ago (1 children)

When you add a server endpoint in the settings, you're pointing it at your own existing server (Dawarich, Home Assistant, Traccar or any HTTP endpoint).

Ok please forgive me, I'm unfamiliar with this terminology.

Colota actually has automatic file export (Settings > Export Data > Auto-Export)

Oh, sick, I missed that somehow, thanks.

Sorry for the confusion on my part.

I still don't see a way to import data? Doesn't do any good to back it up if I can't import it back in?

[–] mxdcodes@lemmy.world 1 points 6 days ago (1 children)

No worries.

I still don’t see a way to import data? Doesn’t do any good to back it up if I can’t import it back in?

Totally true. A import feature will be added with one of the upcoming releases.

[–] Ulrich@feddit.org 2 points 6 days ago

Cool, thank you!

[–] FlowerFan@piefed.blahaj.zone 2 points 6 days ago (1 children)

Do you recommend the sandboxed play store / Fused location providor version over the fdroid or is it a negligible dkfference?

[–] mxdcodes@lemmy.world 5 points 6 days ago

FusedLocationProvider (GMS version) is generally better for most users. It combines GPS, WiFi, cell tower and sensor data for faster GPS fixes and better battery efficiency. The FOSS version uses raw LocationManager with GPS as primary and network as fallback. It works but GPS fixes can be slower, especially indoors. But if avoiding (sandboxed) Play Services is a priority, the FOSS version works fine too.

[–] artyom@piefed.social 2 points 6 days ago (2 children)

Thank you for sharing. Is this information encrypted? Doesn't seem safe to use without that...

[–] mxdcodes@lemmy.world 12 points 6 days ago* (last edited 6 days ago)

All location data is stored locally on device in a (unecrypted) SQLite DB. Auth headers (Bearer tokens, Basic auth) are stored using Android's EncryptedSharedPreferences. HTTPS is enforced for all public endpoints. HTTP is only allowed for private/local network addresses (192.168.x.x, etc.) for self-hosted setups. For a app where the user controls both endpoints, I think that's a reasonable tradeoff (https://colota.app/privacy-policy/). Probably makes sense to also mention that in a separate page in the docs for easier overview. Thank you for the question.

[–] teawrecks@sopuli.xyz 1 points 5 days ago (1 children)

All phones are already disk encrypted these days. If you want disk encryption on your PC, you should enable it. Otherwise, it's the responsibility of whatever backend you choose to handle encryption over the network.

[–] artyom@piefed.social -1 points 5 days ago* (last edited 5 days ago) (2 children)

No one is talking about a phone or a PC, we're talking about a server.

Also phones and PCs are only encrypted at rest.

[–] teawrecks@sopuli.xyz 2 points 5 days ago (1 children)

Who is "we"? I'm responding to your top level comment. You just asked the creator of an exclusively client-side app whether they support encryption. Not only is it reasonable for me to assume you mean client side encryption, it's unreasonable for you to ask for server side encryption, because there is no server. It's a BYOBackend situation.

Now if you're asking for client-side encryption, something like Keepass where the file itself is encrypted, you have to use some form of auth to decrypt it on use, and you can store this file using whatever backend you want, that's perfectly reasonable. I would still consider that encrypted at rest, but at least you could maybe separate encrypted reads from writes and limit the attack surface in the event of a breach.

[–] artyom@piefed.social -2 points 5 days ago (1 children)

You just asked the creator of an exclusively client-side app whether they support encryption.

Client-side encryption is not a novel concept.

something like Keepass where the file itself is encrypted, you have to use some form of auth to decrypt it on use

That's significantly more complicated and time-consuming.

[–] teawrecks@sopuli.xyz 2 points 5 days ago (1 children)

Lol I don't know what you want man, i didn't realize this was one of those "digging my heels in because I don't know how to be wrong" threads. I'll let you do your thing, peace.

[–] artyom@piefed.social 0 points 4 days ago

I don't know what you want man

I honestly don't know how to be more clear about this. It's not complicated. I want client-side encryption, man.

i didn't realize this was one of those "digging my heels in because I don't know how to be wrong" threads

LOL I didn't know that either, but here you are!

[–] Cyber@feddit.uk 1 points 6 days ago* (last edited 6 days ago) (1 children)

you can predownload map tiles from a tile server I selfhost or use your own tile server.

Could OSM tiles be used? Ie direct the app to an OSM server and download their data?

I've no idea how tiles work, so this may be an absurd question 🙂

I'm currently using GPSLogger, but Home Assistant's integration for it can't handle >1 device... if I install your app on multiple devices, can Home Assistant distinguish between them? Ie does the data nclude a DeviceID of some kind?

Edit: ok, I think I've found the answer in your Home Assistant documentation

[–] mxdcodes@lemmy.world 1 points 6 days ago (1 children)

Not an absurd question at all. The app uses vector data for the map. Public OpenStreetMap server's only offer raster data which is not compatible and would need way more storage to cover the same area downloaded. Also downloading tiles from openstreetmap servers would violate their tile usage policy.

However there are alternatives e.g. https://openfreemap.org/. I actually had OpenFreemap used before for the app but it uses Cloudflare as CDN which doesn't align with the privacy policy I want to offer for the app which is the reason I setup a own server (vps) which just directly serves the tiles (https://colota.app/docs/guides/tile-server). Also if I would use a external tile server which may go offline for whatever reason there would be nothing I could do about it.

Basically you could use any tile sever which provides mbtiles but I don't know any other free options.

if I install your app on multiple devices, can Home Assistant distinguish between them? Ie does the data nclude a DeviceID of some kind?

Yes it either works with the Colota integration which needs a custom payload attribute to distinguish different devices (e.g. "tid": "colota") or you could use also the Owntracks integration (see https://colota.app/docs/integrations/home-assistant). The API format sent from colota is completly editable.

[–] Cyber@feddit.uk 2 points 5 days ago (1 children)

Thanks for the background on the tiles.

Yeah, from my PoV, I'd like to use the OSM data that's already on my phone (from other OSM based apps), but I understand your point.

So, where's your VPS? In EU?

FYI: Got the app installed, followed the instructions (which refers to a Home Assistant template that doesn't exist on the app?), modified the default custom template with tid set to an identifier and ... I appear to be at home 🙂

Thank you

[–] mxdcodes@lemmy.world 2 points 5 days ago

So, where’s your VPS? In EU?

It's a VPS hosted by netcup in germany (https://maps.mxd.codes/)

Which refers to a Home Assistant template that doesn’t exist on the app?

Yes, you are right. I have to update the docs there. I removed the HA template because it basically just added the tid which I think is quite easy to add manually.

[–] nykula@piefed.social 1 points 6 days ago

Looks like a good starting point for municipalities implementing live bus location maps.

[–] Eheran@lemmy.world 1 points 6 days ago (1 children)

How to tell when you leave the GPS-off area?

[–] mxdcodes@lemmy.world 1 points 6 days ago* (last edited 6 days ago) (1 children)

GPS is only turned off by being connected to a WiFi or being motionless (or both) while being in a geozone. When wifi disconnects or/and motion is recognized the GPS starts again. There is also an option to just not record locations in a geofence but then the GPS stays on and will still drain some battery.

[–] Eheran@lemmy.world 2 points 6 days ago

Ah, got it. So you need WiFi if you want to reliably turn off GPS, that is a good solution.

[–] Decronym@lemmy.decronym.xyz 1 points 6 days ago* (last edited 2 days ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
CA (SSL) Certificate Authority
HA Home Assistant automation software
~ High Availability
HTTP Hypertext Transfer Protocol, the Web
HTTPS HTTP over SSL
IP Internet Protocol
SSH Secure Shell for remote terminal access
SSL Secure Sockets Layer, for transparent encryption
TLS Transport Layer Security, supersedes SSL
VPN Virtual Private Network
VPS Virtual Private Server (opposed to shared hosting)

10 acronyms in this thread; the most compressed thread commented on today has 7 acronyms.

[Thread #235 for this comm, first seen 12th Apr 2026, 12:40] [FAQ] [Full list] [Contact] [Source code]