Self-hosting
- pierre-couy.dev Increase privacy by using nginx as a caching proxy in front of a map tile server
A tutorial featuring two examples showing how you can increase your privacy using nginx to proxy third-party services.
cross-posted from: https://lemmy.pierre-couy.fr/post/653426
> This is a guide I wrote for Immich's documentation. It features some Immich specific parts, but should be quite easy to adapt to other use cases. > > It is also possible (and not technically hard) to self-host a protomaps release, but this would require 100GB+ of disk space (which I can't spare right now). The main advantages of this guide over hosting a full tile server are : > - it's a single nginx config file to deploy > - it saves you some storage space since you're only hosting tiles you've previously viewed. You can also tweak the maximum cache size to your needs > - it is easy to configure a trade-off between map freshness and privacy by tweaking the cache expiration delay > > If you try to follow it, please send me some feedback on the content and the wording, so I can improve it
cross-posted from: https://programming.dev/post/18360806
> Hi everyone, > > I would like to enable Cross-Origin Resource Sharing on my Nginx server. for few origins (cors requestor)/domains. > > I've found this article https://www.juannicolas.eu/how-to-set-up-nginx-cors-multiple-origins that is nice, but not complete and on my browser seem really hard to read due to the layout 🤮 > > So I've opened a CodeBerg git repository for the good soul that want to perfect this piece of code the allow the most of use to use CORS with Nginx. > > https://codeberg.org/R1ckSanchez_C137/BestOfxxx/src/branch/main/Nginx/CORS_MultiDomains.py > > If you don't want to create an account on codeberg feel free to post your code here ! > >
nginx > server { > # Server > > map "$http_origin" $cors { # map in Nginx is somewhat like a switch case in a programming language. > default ''; #Seem to set $cors to '' empty string if none of the follwing rexeg match ? > "~^https:\/\/([\w-_\.]+\.)?example.com$" "$http_origin"; > #regex domain match > # ~ mean I suppose the string is RegEx ? > # Need to come with a RegEx expression that match https://anything.example.com[optional ports and Query string ?X=Y] > "~^https:\/\/([\w-_\.]+\.)?example2.com$" "$http_origin"; #regex domain match > } > > > location /static { > > # if preflight request, we will cache it > if ($request_method = 'OPTIONS') { > add_header 'Access-Control-Max-Age' 1728000; #20 days > add_header 'Content-Type' 'text/plain charset=UTF-8'; > add_header 'Content-Length' 0; > return 204; #https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/204 } > > if ($cors != "") { > add_header 'Access-Control-Allow-Origin' "$cors" always; # <-- Variable $cors > add_header 'Access-Control-Allow-Credentials' 'true' always; > add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; > add_header 'Access-Control-Allow-Headers' 'Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Requested-With' always;} > > # configuration lines... > > } > } > > } >
> >- liliputing.com Waveshare UPS HAT easily adds battery backup to a Raspberry Pi - Liliputing
Waveshare UPS HAT easily adds battery backup to a Raspberry Pi
does anyone here have experience hosting a Signal proxy and/or a Tor relay? there's a blog post on signal.org asking for folks to help, and i can but i don't know enough about network security to feel safe/confident doing some of this stuff. same with Tor - i've always wanted to host an exit relay (and in fact have this whole long theory about how every public library in the US should host an exit relay, but that's for another post someday maybe).
do any of you have experience with doing this? what kind of best practices would you recommend? any good resources on protecting your network that you might point me to? i will be getting my Net+ cert within the next year but for now i am starting from "enthusiastic beginner" and want to be helpful, but careful.
This may be deemed slightly off topic but I felt like this community might know the answer to this. I'm looking for a way to permanently embed information about who is in a photo, but when I search Google I just get some forum posts from 10 years ago. Surely there is something more recent? How would you go about doing this? Let's assume they are JPG.
I thought about this when looking through photos from my grandparents, where the names are written on the back of the photo. I have many digital photos from ten years ago and I've already forgotten the names of some of the people so imagine what it will be like in another 30 years.
- github.com GitHub - lastlogin-io/obligator: Simple and opinionated OpenID Connect server designed for self-hosters
Simple and opinionated OpenID Connect server designed for self-hosters - lastlogin-io/obligator
> Obligator is a relatively simple and opinionated OpenID Connect (OIDC) Provider (OP) server designed for self-hosters.
- • 100%sathyasays.com Self-hosting your location history with OwnTracks
Looking to find an alternative to Google Maps Timeline? OwnTracks is a self-hosted location history tracker and might be a decent alternative to Google Maps Timeline.
- www.cnx-software.com SunFounder PiPower 3 kit is a UPS solution for the Raspberry Pi 5 SBC - CNX Software
SunFounder PiPower 3 kit is a UPS solution designed to work with the Raspberry Pi 5, other Arm SBCs, or even MCU boards like Arduino UNO and Raspberry Pi
- nachtimwald.com Vaultwarden a Self Hosted Password Vault
Introduction When Lastpass first came on the scene I jumped on it because of how easy it makes syncing passwords between devices. Previously, I was using a local password manager that was only on my computer. Thankfully, mobile logins weren’t nearly as necessary for daily life back then. However, I ...
- github.com Release v0.16.0 Snappy Sloth · superseriousbusiness/gotosocial
Hello internet! Roll up roll up and see ye all version 0.16.0 of GoToSocial, codename SNAPPY SLOTH. Release highlights Sign up / registration: In this release, you can open your instance to new re...
>GoToSocial is an ActivityPub social network server, written in Golang.
- liliputing.com SZBOX G48S is a cheap, fanless mini PC made for networking with Intel N100 and four 2.5 GbE LAN portsrts, and - Liliputing
SZBOX G48S is a cheap, fanless mini PC made for networking with Intel N100 and four 2.5 GbE LAN portsrts, and
Basically a modernised PCengine APU4, which sadly got discontinued.
I'm looking to buy a router for home use, on which I plan to install OpenWRT. After some research, I have come across the TP-LINK Archer AX23, which checks all of the boxes I have:
- [x] Comparatively low price
- [x] Supports WPA3
- [x] Supported by OpenWRT
- [x] Has at least three LAN ports
However, before I and my dad go and buy one, it has to pass the final test: the forums.
Has anyone used this router before? What was your experience? Can I do better, or have I found the best router ever made? Please share your thoughts.
- https:// sr.ht /~nixgoat/shoelace
Hello Lemmy! Yesterday I released the first version of an alternative frontend for Threads: Shoelace. It allows for fetching posts and profiles from Threads without the need of any browser-side JavaScript. It's written in Rust, and powered by the spools library, which was co-developed between me and my girlfriend. Here's a quick preview:
!Mark Zuckerberg's profile on Shoelace, showing three posts: One showcasing columns on the official Threads frontend, another congratulating himself for 1.2M+ downloads in his company's new AI software, and the glimpse of a post related to the "metaverse" !Post by münecat on Shoelace, announcing the release of a video essay criticizing the field of evolutionary psychology
The official public instance (at least for now) is located at https://shoelace.mint.lgbt/, if y'all wanna try it out. There's also instructions to deploy it inside the docs you can find in the README. Hope y'all enjoy it!
- www.linuxlinks.com Machine Learning in Linux: LibreTranslate is Self-hosted Machine Translation - LinuxLinks
LibreTranslate is a machine translation API which is entirely self-hosted. This software lets you use machine translation in your projects.
YouTube Video
Click to view this content.
- www.cnx-software.com ODROID-H4+ kit review - Part 1: Unboxing, H4 Type 3 case assembly, and first boot - CNX Software
First part of Hardkernel ODROID-H4+ kit review with an Intel N97 SBC, an H4 Type 3 case taking four 2.5-inch SATA drives, and a quick try.
- • 100%
Cockpit shows some PCP metrics but Grafana is nicer and better suited for time-series data.
- • 100%klarasystems.com ZFS High Availability with Asynchronous Replication and zrep
Explore how the 'zfs send' and 'receive' commands enable efficient data synchronization for high-availability storage services, ensuring quick, reliable failovers between replica systems with up-to-date incremental changes.
Describes the zrep script that uses zfs send and receive over network to keep a read-only copy of snapshots up-to-date.
- • 100%github.com Release v0.8.1 · SamR1/FitTrackee
Features and enhancements PR#527 - improve Sports endpoints response time Bugs Fixed PR#531 - Minor navigation fixes on mobile PR#532 - Fix footer color on dark mode PR#536 - Accessibility fixes...
A simple self-hosted workout/activity tracker.
- www.cnx-software.com Raspberry Pi 5 vs Intel N100 mini PC comparison - Features, Benchmarks, and Price - CNX Software
Detailed comparision of the Raspberry Pi 5 and Intel N100 mini PCs with a look at features and specifications, benchmarks, and price.
- • 100%meshtastic.org Meshtastic
An open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices
An open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices
Imagine I want to create a local internet for my community. Things that will be useful, helpful, and easy to use. Ideally, setup/maintenance would be relatively straightforward too, since I will for the time being at least be running this solo.
So if I'm going to be the community SysAdmin but also have free choice of what to run, what would you think about the following ideas of things to share with people?
-Radarr (movies) -Sonarr (TV shows) -Lidarr (music) -Calbire (or Readarr I guess, for books) -Jellyfin (media streaming) -Nextcloud (file sharing)
And then as for me myself, I'd probably set up a Graylog Open instance to aggregate issues, and have a couple of separate physical servers for these different things.
Do you think that would be helpful/useful/fun for getting community members to think about the potential of hyperlocal internet?
Alternatively, are folks doing this already? If so, how do you have this kind of thing set up?
If I'm dreaming big, I would also love to set up a mesh relay to offer this intranet stuff to the community.
I'm hoping that these ideas are solarpunk enough and selfhosting enough to warrant community feedback.
Basically, I guess, are there any other community SysAdmins out there doing this kind of work?
Thanks for your time.
- zoraxy.arozos.com Cluster Proxy Gateway | Zoraxy
A reverse proxy server and cluster network gateway for noobs
cross-posted from: https://slrpnk.net/post/8966140 Zoraxy describes itself as: > "General purpose request (reverse) proxy and forwarding tool for networking noobs. Now written in Go!".
Yet it seems to be packed with goodies and features, such as Geo-IP & Blacklist, ZeroTier controller integrated GAN, IP Scanner, Real Time Stats and even built in Uptime monitor. Addtionally, it can run via a single binary for those who don't want to rely on Docker. There is also an Unraid Template available from IBRACORP. Lastly the project is under the AGPL license 🌻
I also checked, and saw this was recommended on this community 9months ago, but didn't seem to get much attraction then. Has anyone tried this yet? It seems like a good alternative to say NGINX proxy manager and am wondering if I should switch, but wanted to hear thoughts first!
Zoraxy's Github list the following features:
Features
- Simple to use interface with detail in-system instructions
- Reverse Proxy (HTTP/2)
- Virtual Directory
- WebSocket Proxy (automatic, no set-up needed)
- Basic Auth
- Alias Hostnames
- Custom Headers
- Redirection Rules
- TLS / SSL setup and deploy
- ACME features like auto-renew to serve your sites in https
- SNI support (one certificate contains multiple host names)
- Blacklist / Whitelist by country or IP address (single IP, CIDR or wildcard for beginners)
- Global Area Network Controller Web UI (ZeroTier not included)
- TCP Tunneling / Proxy
- Integrated Up-time Monitor
- Web-SSH Terminal
- Utilities
- CIDR IP converters
- mDNS Scanner
- IP Scanner
- Others
- Basic single-admin management mode
- External permission management system for easy system integration
- SMTP config for password reset
Screenshots
- • 100%discuss.freedombox.org FreedomBox 24.9 released
FreedomBox 24.9 has been released and uploaded to Debian unstable. Typically, the freedombox package will migrate to testing in 2 days, and then can be uploaded to stable-backports. Changes in this release: action_utils, nextcloud: Make podman util more generic config: Handle dropin config files ...
- codeberg.org eintopf
A calendar for stuttgart, showing events, groups and places. Find EINTOPF here: https://sueden.social/@eintopf
> Eintopf is a calendar where one can publish events, groups and places. It is deployed at eintopf.info
- www.cnx-software.com ODROID-H4 - A Compact Alder Lake N-Series SBC with up to dual 2.5GbE and four SATA III ports - CNX Software
Hardkernel has just launched an upgrade to their ODROID-H3/H3+ Jasper Lake SBC, with the ODROID-H4, ODROID-H4+, and ODROID-H4 Ultra boards powered by
- liliputing.com This little "firewall appliance" is a mini PC with Intel N100 and 6 x 2 5 GbE LAN ports - Liliputing
This little "firewall appliance" is a mini PC with Intel N100 and 6 x 2 5 GbE LAN ports
- • 100%discuss.freedombox.org FreedomBox 24.8 released
FreedomBox 24.8 has been released and uploaded to Debian unstable. Typically, the freedombox package will migrate to testing in 2 days, and then can be uploaded to stable-backports. Highlights: gitweb: Fix an issue when cloning existing repository ttrss: Improve backup and restore of the database...
- www.cnx-software.com CWWK NAS mini-ITX motherboard features six SATA connectors, three 2.5Gbps Ethernet ports - CNX Software
CWWK NAS board with Intel Celeron J SoC, 3x2.5GbE (2 Intel i226-V, 1 Realtek), supports dual M.2 NVMe, DDR4, HDMI, DP, USB, PCIe, audio ports.
If you have tried several self-hosting platforms like the above, please share your experience.
I have so far only tried Yunohost and I'm quite satisfied. It does help to read French, sometimes solutions can be hidden in French forum topics.
Coop Cloud seems to be docker-based, as far as I understand, and I just never managed to wrap my head around containers and why I should use them. Not sure though if Yunohost does container stuff in the background that I am not aware of?
I've just started to use my Yunohost installation for some small scale collaborative stuff so I really hope it scales (to probably not more than 100 users) and keeps running smoothly. Starting to host common stuff is a little more scary than just fucking up my own private files.
- • 100%karrot.world Karrot - Start a group, become a community
Karrot is a free and open-source tool for grassroots initiatives and groups of people that want to coordinate face-to-face activities on a local, autonomous and voluntary basis.
>Karrot is a free and open-source tool for grassroots initiatives and groups of people that want to coordinate face-to-face activities on a local, autonomous and voluntary basis.
>It is designed in ways to enable community-building and support a more transparent, democratic and participatory governance of your group.
cross-posted from: https://slrpnk.net/post/8297248
> Recommendations for RaspberryPI 4B case? > > Hiya, so I have a spear RaspberryPI 4b, and want to selfhosted HomeassistantOS on it, heard there were some advantages of running the full OS and not just the docker container. However I currently don't have a casing for it. > > So: Is there anything I should know before buying one? Does the rpi get very hot running HomeassistantOS? E.g. Do I need one of these cases with a fan built into it? Or is it OK without? > > Appreciate any tips or suggestions! however I will not order anything from Amazon or Ali Express or any of those type of websites. Feel free to recommend via them though as I might find the same case elsewhere, perhaps. > > 🌻
- • 100%homenetworkguy.com Beginner's Guide to Set Up a Home Network Using OPNsense
Going beyond the basics of home networking
Also see their hardware recommendations.
- github.com GitHub - Flomp/wanderer: wanderer is a self-hosted trail database. Save your adventures!
wanderer is a self-hosted trail database. Save your adventures! - Flomp/wanderer
YouTube Video
Click to view this content.