darkan15

@darkan15@lemmy.world

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨If I use Caddy for reverse-proxying into another local machine... is my local connection not HTTPS?⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
If your concern is IoT devices, TVs, and the like sniffing on your local traffic, there are alternatives, and some of them are:
- https from reverse proxy to service.
- VLANs or Different LANs for IoT and your trusted devices (I do this one).
- Internal VPN connection between devices (like WireGuard), so the communication between selected devices is encrypted.
⁨Comment⁩ on ⁨What is the easiest way to have a self hosted git server?⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
The simplest (really the simplest) would be to do a git init --bare in a directory on one machine, and that way you can push or pull from it, with the directory path as URL from the same machine and using ssh from the other (you could do this bare repo inside a container but really would be complicating it), you would have to init a new bare repo per project in a new directory.

If a self-hosted server meaning something with a web UI to handle multiple repositories with pull requests, issues, etc. like your own local Github/Gitlab. The answer is forgejo (this link has the instructions to deploy with docker), and if you want to see how that looks like there is an online public instance called codeberg where the forgejo code is hosted, alongside other projects.
⁨Comment⁩ on ⁨If you miss old network multiplayer games, or would like to try them with your friends for the first time, may I suggest setting them up via SoftEtherVPN?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I don’t know if SoftEther has an option so you don’t tunnel everything, and just use the virtual LAN IPs for games, file transfers, etc.

And I don’t know your actual technical level or the people you play with, but, for people that can go as far as opening ports and installing a server, and getting others to connect to it, I would suggest Headscale (the free self-hosted version of Tailscale) as a next step, or if inclined to learn something a bit more hands on Wireguard.

With those you can configure it so, only the desired traffic goes through (like games or files sharing using the virtual LAN IP), and the rest goes out normally, or configure exit nodes, so if/when desired, all traffic is tunneled like what you have now.
⁨Comment⁩ on ⁨Docker dashboards: choice overload⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
This would be my choice as well, as I went with Dockge exactly because it works with your existing docker-compose files, and there are no issues if you manage with either Dockge or with the terminal.
⁨Comment⁩ on ⁨First Time Self Hoster- Need help with Radicale⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
But I think I’m understanding a bit! I need to literally create a file named “/etc/radicale/config”.

Yes, you will need to create that config file, on one of those paths so you then continue with any of the configuration steps on the documentation, you can do that Addresses step first.

A second file for the users is needed as well, that I would guess the best location would be /etc/radicale/users

For the Authentication part, you will need to install the apache2-utils package with sudo apt-get install apache2-utils to use the htpasswd command to add users

So the command to add users would be htpasswd -5 -c /etc/radicale/users user1 and instead of user1, your username.

And what you need to add to the config file for it to read your user file would be:
```
[auth]
type = htpasswd
htpasswd_filename = /etc/radicale/users
htpasswd_encryption = autodetect
```
Replacing the path with the one where you created your users file.
⁨Comment⁩ on ⁨First Time Self Hoster- Need help with Radicale⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I’m trying to follow the tutorial on the radicale website but am getting stuck in the “addresses” part.

From reading from the link you provided, you have to create a config file on one of two locations if they don’t exist:

“Radicale tries to load configuration files from /etc/radicale/config and ~/.config/radicale/config”

after that, add what the Addresses sections says to the file:
```
[server]
hosts = 0.0.0.0:5232, [::]:5232
```
And then start/restart Rradicale.

You should be able to access from another device with the IP of the Pi and the port after that
⁨Comment⁩ on ⁨how to start with self-hosting?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Yeah, I started the same, hosting LAN parties with Minecraft and Counter Strike 1.6 servers on my own Windows machine.

But what happens when you want to install some app/service that doesn’t have a native binary installer for your OS, you will not only have to learn how to configure/manage said app/service, you will also need to learn one or multiple additional layers.

I could have said “simple bare metal OS and a binary installer” and for some people it would sound as Alien, and others would be nitpicky about it as they are with me saying docker (not seeing that this terminology I used was not for a newbie but for them), If the apps you want to self-host are offered with things like Yunohost or CasaOS, that’s great, and there are apps/services that can be installed directly on your OS without much trouble, that’s also great. But there are cases where you will need to learn something extra.
⁨Comment⁩ on ⁨how to start with self-hosting?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

XKCD 2501 applies in this thread.

I agree, there are so many layers of complexity in self-hosting, that most of us tend to forget, when the most basic thing would be a simple bare metal OS and Docker

you’ll probably want to upgrade the ram soon

His hardware has a max ram limit of 4, so the only probable upgrade he could do is a SATA SSD, even so I’m running around 15 docker containers on similar specs so as a starting point is totally fine.
⁨Comment⁩ on ⁨how to start with self-hosting?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I get your point, and know it has its merits, I would actually recommend Proxmox for a later stage when you are familiar with handling the basics of a server, and also if you have hardware that can properly handle virtualization, for OP that has a machine that is fairly old and low specs, and also is a newbie, I think fewer layers of complexity would be a better starting point, and then in the future they can build on top of that.
⁨Comment⁩ on ⁨how to start with self-hosting?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I have a Dell Inspiron 1545, that has similar specs to yours running Debian with Docker and around 15 services in containers, so my recommendation would be to run Debian server (with no DE), install docker, and start from there.

I would not recommend proxmox or virtual machines to a newbie, and would instead recommend running stuff on a bare metal installation of Debian.

There are a bunch of alternatives to manage and ease the management of apps you could choose from like, yunohost, casaOS, Yacht, Cosmos Cloud, cockpit, etc. that you can check out and use on top of Debian if you prefer, but I would still recommend spending time on learning how to do stuff yourself directly with Docker (using docker compose files), and you can use something like Portainer or Dockge to help you manage your containers.

My last recommendation would be that when you are testing and trying stuff, don’t put your only copy of important data on the server, in case something break you will lose it. Invest time on learning how to properly backup/sync/restore your data so you have a safety net in case that something happens, you have a way to recover.
⁨Comment⁩ on ⁨Setting up 2FAuth; Can't Register⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I have no experience with this app in particular, but most of the time there is an issue like this that you can’t reach an app or any other path besides the index, is because the app itself doesn’t work well with path redirection of subfolders, meaning the app expects paths to be something like domain.tld/index.html instead of domain.tld/subfolder/index.html for all its routes.

Some apps let you add a prefix to all its routes they can work, so you not only have to configure nginx but the app itself to work with the same subfolder, some other apps will work with the right configuration in nginx if they do a new full page load every time the page changes its path/route, but some apps like PWA that don’t do a page load every time the path is changed are not going to work with subfolders as they don’t do any page refresh that goes through nginx, and just rewrite the visible url on the browser

I don’t have the knowledge to help you troubleshoot this specific app, but what I can recommend is to switch to a subdomain like 2fa.domain.tld instead of a subfolder and test if it works, as subdomains are the modern standard for this kind of things these days, to avoid this type of issues.
⁨Comment⁩ on ⁨selfh.st: improper etiquette by 2010 standards? (trackers, no RSS) Thoughts?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
There is an update on the RSS situation of selfh.st; TL, DR: seems to be related to ways to monetize, so now it’s available to paid subscription, but for free have to visit site to read.

https://selfh.st/post/2025-08-08-introducing-member-perks/
⁨Comment⁩ on ⁨[Help request] How do I go about debugging my router?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Traceroute can be a good hint, another way to confirm is on your router config interface, there should an IP address, subnet and gateway it connects to, with these values you could also verify it depending on what IP ranges it shows.
⁨Comment⁩ on ⁨[Help request] How do I go about debugging my router?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Well, if you are forwarding the ports from your home router, and you can’t reach it’s the most probable cause, if you are, that means that there is no public IP reaching your home router.

You could contact your ISP and confirm if this is the case, they could offer to assign a public IP for an extra fee, your only other option is to rent a cheap VPS and tunnel traffic between it and your home, but at this point you could also decide to host stuff on the VPS.
⁨Comment⁩ on ⁨[Help request] How do I go about debugging my router?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
If your ISP (Internet service Provider) doesn’t have you behind CGNAT or Double NAT (meaning that multiple homes share the same public IP), some ISP block the first block of 1024 ports, so any port below that number is blocked.

If the problem is that ports below 1024 are blocked, but you do have a public IP reaching your home router, you could contact your ISP so they unblock these ports for you (I had to do that once, so at least with my ISP it was as simple as asking).

The way you could test if your public IP reaches your home router is by exposing something on a higher port than 1024 like let’s say 8080, if you can reach a simple web or caddy or any other service from 8080, you can at least confirm, that is the issue.

Be aware that most ISP even if they assign a single IP per house, this IP can be dynamic and can rotate on a regular basis, like daily or weekly
⁨Comment⁩ on ⁨Self-hosted blog - do I need a static IP address?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
As others have already commented, what you need is a Dynamic DNS service, where you register a subdomain, and setup a small program or script on your computer that pings the DDNS server every few minutes, that way you leave that running on the background, and if the program detects that the IP with the request changes, it will update the subdomain to point to it automatically.

If you want a recommendation, I have been using DuckDNS for years, and it has been pretty reliable.
⁨Comment⁩ on ⁨What's up, selfhosters? It's self hosting Sunday!⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

what is a good solution to keep a music folder backed up

syncthing (file sync, update: removed this, not needed, actually need a backup solution)

Backup solution, you could use Borg or Restic, they are CLI, but there are also GUI for them

how can I back up my Docker setup in case I screw it up and need to set it all up again?

learn to use Dockage to replace Portainer (done, happy with this)

If you did the switch to Dockge, it might be because you prefer having your docker compose files accessible easily on the filesystem, the question is if you have the persistent data of your containers in bind mounts as well, so they are easy to backup.

I have a git repo of my stacks folder, with all my docker compose files (secrets on env files that are ignored), so that I can track all changes made to them.

Also, I have a script that stops every container while I’m sleeping and triggers backups of the stacks folder and all my bind mount folders, that way I have a daily/weekly backup of all my stuff, and in case something breaks, I can roll back from any of these backups and just docker compose up, and I’m back on track.

An important step, is to frequently check that backups are good, I do this by stopping my main service and running from a different folder with the backed up compose file and bind mounts
⁨Comment⁩ on ⁨Recommendations for a version control system⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Used Gitea for a while, and decided to switch to Forgejo before the hard fork split (no more code from Gitea), been using it since, In my opinion both work well, but prefer Forgejo.
⁨Comment⁩ on ⁨Upgrading Paperless-ngx several revisions behind⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Having the ability to shut down the main instance of an app and run a secondary instance from backups without much hassle is the best feeling ever, I recently updated from Nextcloud v26 to v31, and having the ability to just go back to a working version if anything was wrong saved me from so much stress.
⁨Comment⁩ on ⁨Upgrading Paperless-ngx several revisions behind⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Yeah, these are pretty solid advice, would say that you should be safe with patch version updates, like from 1.17.1 to 1.17.4

Should be able to jump from 1.17.4 to 2.0.1 and from 2.0.1 to 2.1.3, etc. going straight to the last patch of the next version, but should go one by one minor version, paying close attention to those versions that have breaking changes in the release notes. And always backup and test before each version jump.
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
This probably is the issue, when you download a script or binary from the internet it doesn’t have execution permission, you would have to right click on folder to open in terminal (that way don’t have to cd to it), and check permissions with ls -la if it doesn’t have permission, change it with chmod
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

and then donate to the instance’s admins because there are no VC’s here … yet.

The point of lemmy (as far as I understand) is that there will not be a central corpo entity controlling and enshittifiying it as a whole, if that does happen to the particular instance your account or community is, you have the freedom to jump to another one, and continue your life.

On the other hand if you enjoy lemmy you could show support/donate, either to the devs, a particular instance admins, or even a particular community moderators
⁨Comment⁩ on ⁨Immich Flatpak⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

In my mind it would be super useful, I could sync my photos when my PC is on and when is off rely on my local photos only since my main goal is having a backup of them.

You could do this perfectly with the docker version, so just curiosity here, why not user docker?

Is it because you don’t want to install docker for only Immich? (you could also install other selfhosted server/apps as bonus),

would you be against snap? As someone already mentioned, there is a snap version.

If the important thing is having backups of your photos, there are alternative apps with different packaging formats.

You could make a request for flatpak, I suppose, but you would have to wait for feedback from devs and understand if they don’t have the resources or willingness to maintain it.

Am I crazy or it makes sense?

Imho what makes sense is that, if I’m interested in a specific app, see what packaging formats it has and see how to install it and try it out. Only if I’m having issues with it, or can’t run it on my specific distro with the provided packaging formats, I try to suggest/request a different format.
⁨Comment⁩ on ⁨What's the solution to QR code phishing?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
As far as I know, the options are:
- Use a QR reader app that doesn’t auto open links (or lets you configure it like that), so you see the URL and inspect it before opening the URL in the browser.
- In case of a short URL, use a short URL resolver so you can see what is the real destination without actually opening the URL yourself.
- Using a DNS with block lists (that are updated often) of known phishing sites.
If these 3 checks fail, there is not much more you can do.
⁨Comment⁩ on ⁨What do you like/dislike about lemmy?⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
Dislike: there is still no way to group communities into sub feeds, apart from subs, local, all. (and the work around some do of having multiple accounts seems silly to me)