vegetaaaaaaa
@vegetaaaaaaa@lemmy.world
- Comment on What type of computer setup would one need to run ai locally? 18 hours ago:
- Small 4B models like gemma3 will run on anything (I have it running on a 2020 laptop with integrated graphics). Don’t expect superintelligence, but it works for basic classification tasks, writing/reviewing/fixing small scripts and basic chat
- I use github.com/ggml-org/llama.cpp in server mode pointing to a directory of GGUF model files downloaded from huggingface. The use it from the built-in web interface or API (wrote a small assistant script)
- To load larger models you need more RAM (preferably fast VRAM/GPU but DDR5 on the motherboard will work - it will be noticeably slower). My gaming rig with 16GB AMD 9070 runs 20-30B models at decent speeds. You can grab quantized (lower precision, lower output quality) versions of those larger models if the full-size/unquantized models don’t fit. Check out whatmodelscanirun.com
- For image generation I found github.com/vladmandic/sdnext which works extremely well and fast wth Z-Image Turbo, FLUX.1-schnell, Stable Diffusion XL and a few other models
As for the prices… well the rig I bought for ~1500€ in september is now up to ~2200€ (once-in-a-decade investment). It’s not a beast but it works, the primary use case was general computing and gaming, I’m glad it works for local AI, but costs for a dedicated, performant AI rig are ridiculously high right now. It’s not economically competitive yet against commercial LLM services for complex tasks, but that’s not the point. Check old.reddit.com/r/LocalLLaMA/ (yeah reddit I know). 10k€ of hardware to run ~200-300B models, not counting electricity bills
- Submitted 2 days ago to selfhosted@lemmy.world | 24 comments
- Comment on Alternatives to Mattermost 1 week ago:
Any recommendations for a good XMPP web client?
See my requirements in other comment.
- Comment on Alternatives to Mattermost 1 week ago:
I’m in the same boat, running a Gitlab Mattermost instance for a small team.
Gitlab has not announced yet what will happen with the bundled Mattermost, but I guess it will be dropped entirely, or be hit by the new limitations (what will hit us the hardest is the 10000-most-recent messages limitation, anything further than that will be hidden behind a paywall - including messages sent before the new limitations come in effect - borderline ransomware if you ask me)
I know there are forks that remove the limitation, may end up doing that if the migration path is not too rough.
I used to run a Rocket.Chat instance for another org, became open-core bullshit as well. I’m done with this stuff.
I have a personal Matrix + Element instance that barely gets any use (but allows me to get a feeling of what it can do) - I don’t like it one bit. The tech stack is weird, the Element frontend receives constant updates/new releases that are painful to keep up with, and more importantly, UX is confusing and bad.
So I think I’ll end up switching this one for a XMPP server. Haven’t decided which one or which components around it precisely. I used to run prosody with thick clients a whiiille ago and it was OK.
My needs are simple, group channels, 1-to-1 chat, posting files to a channel. ideally temporary many-to-many chats, decent web UI.
Voice capabilities would be a bonus (I run and use a mumble server and it absolutely rules once you’ve configured the client, but it doesn’t integrate properly into anything else, and no web UI), as well as some kind of integration with my Jitsi Meet instance. E2E encryption nice but not mandatory. Semi-decent mobile clients would be nice.
For now, wait and see.
- Submitted 4 weeks ago to selfhosted@lemmy.world | 4 comments
- Comment on How often do you update software on your servers? 3 months ago:
unattended-upgrades doesn’t do that unless you explicitly specify
//Unattended-Upgrade::Automatic-Reboot “true”;in the config. Check/usr/share/doc/unattended-upgrades/README.md.gzThe main configuration file is
/etc/apt/apt.conf.d/50unattended-upgrades, maybe you put your config in the wrong place?here is mine
- Comment on Custom Firewall 3 months ago:
I use
firewalldas generic firewall and fail2ban as IPS/anti-bruteforce soltion (blocks IPs using firewalld’s ipsets) - Comment on The end of tt-rss.org 4 months ago:
I have copied the latest git revision
c67b943aa894b90103c4752ac430958886b996b2from gitlab.tt-rss.org/tt-rss/tt-rss to my gitea instance which is mirrored to gitlab.com/nodiscc/tt-rss and github.com/nodiscc/tt-rss.I don’t intend to make changes or bugfixes (it’s working fine), but I will try to keep it compatible with the PHP version in Debian stable, since I’ve been using it for years and would really like to keep doing so.
- Submitted 4 months ago to selfhosted@lemmy.world | 37 comments
- Comment on Alternative to github pages? 5 months ago:
- Any of staticsitegenerators.bevry.me
- Any webserver + virtualhost config that serves plain HTML pages
- a build/upload script
- Comment on Started hosting my own Nextcloud and its awesome! 5 months ago:
A full-blown samba domain is extremely overkill if you don’t have a fleet of windows machines.
You can get centralized user management with a simple LDAP server or similar, no need for a domain.
- Comment on Best Practice Ideas 5 months ago:
lemmy.world/post/34029848/18647964
Hypervisor: Debian stable + libvirt or PVE if you need clustering/HA VMs: Debian stable podman if you need containerization below that
You can migrate VMs live between hosts (it’s a bit more work if you pick libvirt, but the overhead/features or proxmox are sometimes overkill, libvirt is a bit more barebones, each has its uses), have a cluster-wide L2 network, use a machine as backup storage for others… use VM snapshots for rollback, etc. Regardless of containerization/orchestration below that, a full hypervisor is still nice to have.
I deploy my services directly to the VM or as podman containers in said VMs. I use ansible for all automation/provisioning (though there are still a few basic provisioning/management to bootstrap new VMs, if it works it works)
- Comment on Your favourite piece of selfhosting - Part 1 - Operating System 6 months ago:
- Hypervisor: Debian stable + libvirt or PVE if you need clustering/HA
- VMs: Debian stable
- podman if you need containerization below that
- Comment on GeoIP Database to use with FreeNginx !? 6 months ago:
- Comment on Is there any Middleware that performs similar functions to Cloudflare, just... selfhosted? 6 months ago:
I’m not sure of any formal name
Cloudflare turnstile
- Comment on Ansible sounds interesting 8 months ago:
If you needs are simple, write a simple playbook using the proxmox ansible module docs.ansible.com/…/proxmox_kvm_module.html
Terraform/Opentofu provides more advanced stuff but then you have to worry about persistent state storage, the clunky DSL… used it when acsolutely needed, you can do 90% of this stuff with the proxmox ansible module.
If you need to make your playbook less verbose, move the logic to a role so that you can configure your VMs from a few lines in the playbook/host_vars. Mine looks like this (it’s for libvirt and not proxmox, but the logic is the same)
# playbook.yml - hosts: hypervisor.example.org roles: - libvirt # host_vars/hypervisor.example.org.yml libvirt_vms: - name: vm1.example.org xml_file: "{{ playbook_dir }}/data/libvirt/vm1.example.org.xml" state: running autostart: yes - name: vm2.example.org xml_file: "{{ playbook_dir }}/data/libvirt/vm2.example.org" autostart: no - name: vm3.example.org xml_file: "{{ playbook_dir }}/data/libvirt/vm3.example.org" autostart: no - name: vm4.example.org xml_file: "{{ playbook_dir }}/data/libvirt/vm4.example.org" autostart: no disk_size: 100G
- Comment on Console display options 8 months ago:
turn that monitor off and save power?
- Comment on What load balancers can do HA (preferably open source, web gui) 8 months ago:
apache can do load balancing as well httpd.apache.org/docs/…/mod_proxy_balancer.html
I’d pick something that you already use across your stack, to minimize the number of different integration/config styles/bugs…
- Comment on Questions about selfhosting Git, and making some small scratch on the side. 8 months ago:
- Ever tested restoring those backups? Do you have the exact procedure written down? Does it still work? If the service gets compromised/data corrupted on sunday, and your backup runs, do you still have a non-compromised backup and how old is it?
- How timely can you deal with security fixes, and how will you be alerted that a security fix is available?
- How do you monitor your services for resource availability, errors in logs, security events?
- How much downtime is acceptable for routine maintenance, and for incidents?
Not saying this is impossible, you just need to have these questions in mind before you start charging people for the service, and have the support infrastructure ready.
Or you can just provide the service for free, best-effort without guarantees.
I do both (free services for a few friends, paid by customers at $work, small team). Most of the time it’s smooth riding but it needs preparation (and more than 1 guy to handle emergencies - vacations, bus factor and all that).
For the git service I can recommend gitea + gitea-actions (I run the runners in podman). Gitlab has more features but it can be overwhelming if you don’t need them, and it requires more resources.
- Comment on talon voice, self hosted voice control of your computer 8 months ago:
Spyware until proven otherwise. Where is the source code?
- Comment on Alternative to LinkStack and LinkTree 8 months ago:
github.com/sethcottle/littlelink Or a simple HTML page…
- Comment on Version Dashboard 9 months ago:
I use RSS feeds, bump version numbers when a new release is out, git commit/push and the CI does the rest (or I’ll run the ansible playbook manually).
I do check the release notes for breaking changes, and sometimes hold back updates for some time (days/weeks) when the release affects a “critical” feature, or when config tweaks are needed.
- Comment on CrowdSec vs Fail2Ban - What to use? 9 months ago:
Fail2ban is a Free/Open-Source program to parse logs and take action based on the content of these logs. The most common use case is to detect authentication failures in logs and issue a firewall level ban based on that. It uses regex filters to parse the logs and uses policies called jails to determine which action to take (wait for more failures, run command xyz…). It’s old, basic, customizable, does its job.
crowdsec is a commercial service [1] with a free offering, and some Free/Open-Source components. The architecture is quite different [2], it connects to Crowdec’s (the company) servers to crowd-source detections, their service establishes a “threat score” for each IP based on detections they receive, and in exchange they provide [3] some of these threat feeds/blocklists back to their users. A separate crowdsec-bouncer process takes action based on your configuration.
If you want to build your own private shared/global blocklist based on crowdsec detections, you’ll need to setup a crowdsec API server and configure all your crowdsec instances to use it. If you want to do this with fail2ban you’ll need to setup your own sync mechanism (there are multiple options, I use a cron job+script that pulls IPs from all fail2ban instances using
fail2ban-client status, builds an ipset, and pushes it to all my servers). If you need crowdsourced blocklists, there are multiple free options ([4] can be used directly byipset).Both can be used for roughly the same purpose, but are very different in how they work and the commercial model (or lack of) behind the scenes.
- Comment on Trying to find a general-use project management software solution 9 months ago:
Odoo major version upgrades are a pain in the ass. Wouldn’t recommend.
- Comment on CrowdSec vs Fail2Ban - What to use? 9 months ago:
Fail2ban unless you need the features that crowdsec provides.
- Comment on How do I build up a lemmy instance right from the scratch ? 9 months ago:
Debian
- Comment on What webapps do you selfhost that aren't media/game servers? 9 months ago:
There is a pinned post for this lemmy.world/post/60585
- Comment on How do I build up a lemmy instance right from the scratch ? 9 months ago:
- Comment on SMS/MMS backup and sync? 9 months ago:
Tested SMS Import/Export (installed from F-droid), works fine.
- Comment on Ansible iptables best practices? 9 months ago:
Ansible should only run to make changes to a existing system.
No. Ansible is fine for provisioning and initial deployment.