K3can
@K3can@lemmy.radio
Also at k3can@mastodon.hams.social
- Comment on Help Wanted: Accessing a Service With the Same FQDN Inside and Outside Local Network 2 days ago:
I have tried to use Adguard Home’s DNS rewrites as well as custom query filters to catch local requests for
sub.domain.tldand point them instead toUnraid.IP.Address, but this does not resolve.According to the logs you posted, it’s resolving just fine, the server is just refusing the connection.
What you’re trying to do is a pretty typical setup, and one that I use myself (except that I ditched AGH for a simpler set up).
Internal DNS points to the internal address of the reverse proxy, external DNS points to the external address (both are the same of your using ipv6).
You just need to look into why the server is refusing the connection. Anything in the logs?
- Comment on I have made a Kubernetes to Docker-compose converter/devolver. It's horrible. It's glorious. 4 days ago:
Yeah, but there’s no compose file for the converter. How can you possibly run a single python script without docker+compose?
- Comment on Can you help me adapt the Signal TLS Proxy to be used behind Nginx Proxy Manager? 1 week ago:
The config files should be in the volume you mounted in your NPM container. Probably /data/cong.d/. You can either edit them like normal nginx configuration files (NPM just runs normal nginx in the background), or you can copy them to a standard nginx instance.
- Comment on Can you help me adapt the Signal TLS Proxy to be used behind NPM? 1 week ago:
Looks like most of that install script is just creating a letsenceypt cert for you. If it’s not working, you can probably just create one yourself or use a wildcard cert if you already have one.
The rest is just an nginx instance being used to proxy a connection. If you’re already using NPM, anyway, you might as well just use that. No reason to run extra instances.
- Comment on What else should I selfhost? 2 weeks ago:
Since you’re asking on the Fediverse, an Activitypub server would be an obvious choice.
Git repos would be another good (and easy) choice.
- Comment on Installing **self-hostable** services on a cloud server isn't self-hosting ??? 2 weeks ago:
In my opinion, “self-hosted” means that you host it yourself.
Running services in the cloud (i.e. someone else is hosting it) isn’t the same as hosting it yourself.
Just have fun, though. Not everyone is in a situation where they can self host. Just do what works for you.
- Comment on What's the laziest way to create a website that looks really nice and is maintainable? 2 weeks ago:
“Nice” is entirely subjective. I think my site is nice, but someone else might think it’s garbage.
I use Hugo to generate my site. It’s not wysiwyg, but it supports markdown for pages, which is even simpler than html. It also has a live server mode, where you can see changes immediately.
The community has a created whole gallery of themes (templates) that you can use. It might be worth looking through the gallery to see if you think any of them look “nice” to you.
- Comment on E-Mail with own domain 3 weeks ago:
Another vote for purelymail, here, u/Gobbel2000@programming.dev. Easy to set up and I’ve got full dmarc/dkim/spf. You can pay the flat $10/yr, or you can pay- for-what-you-use. I don’t send a lot of attachments, personally, so my estimated bill is like $4.50.
- Comment on Rebranding our open-source Selfhosted social project to Bitsocial 3 weeks ago:
I’ve mentioned this before, but I’ll say it again: I like the concept, but I can’t help but feel that the presentation has been consistently poor.
The earlier releases left a sour taste for some by highlighting connections to cryptocurrency, and now it’s literally being rebanded to “bitsocial”? With Bitcoin being the widest known cryptocurrency in the world, it’s definitely not alleviating the concerns that this is some sort of cryptoscam.
- Comment on If you have one, how much do you pay for a domain name? Any cheap registrar recommendations? 3 weeks ago:
I have two domains through Cloudflare. They don’t mark up to price at all, so they’re basically the lowest price you’ll find that isn’t a gimmick.
I pay $6.50 for one and $10.46 for the other.
No harm in getting your domain from them. Just beware that when you create a DNS entry, they default to proxying the incoming connections. It is super easy to turn that “feature” off, you just have to remember to do it whenever you create a new record.
- Comment on Self-host Reddit – 2.38B posts, works offline, yours forever 4 weeks ago:
Yes, both the standalone quickstart and the quickstart section of the readme (which are both different).
Is it possible to get the static sites without spinning up a DB backend?
- Comment on Self-host Reddit – 2.38B posts, works offline, yours forever 4 weeks ago:
Can anyone figure out what the minimum process is to just use the SSG function? I’m having a really hard time trying to understand the documentation.
- Comment on Hosting multiple services with one IP address. 4 weeks ago:
ufw is just a fancy frontend for iptables, but hasn’t been updated for nftables, yet.
Firewalld is an option that supports both, and if you happen to be running cockpit as well, the cockpit-firewall plugin provides a simple GUI for the whole thing.
- Comment on Self hosting with subdomains 1 month ago:
He does refer to the pi as a gateway, so you would be right about it coming before the router. In that case, the pi would be the device handling NAT and forwarding ports.
So I think he’s describing it accurately… it’s just not a common setup to see these days.
- Comment on Reverse Proxy: a single point of failure in my lab 1 month ago:
I have my reverse proxy in a cluster, so it’ll survive one of the nodes going offline. My router is still a SPoF, though, as is my modem. Not to mention the physical stuff, like a tree falling on the cable lines.
For a home environment, there’s realistically always going to be a couple SPoFs, you can just move it around a bit.
- Comment on Cloudflare Tunnel: proxy-dns Command Removal 2026 | What are some nice alternatives to encrypted DNS? 1 month ago:
Are you trying to send the DNS request through the tunnel?
I use DoH, which sends DNS requests through https. It essentially looks like normal https traffic (encrypted), so your ISP shouldn’t be able to hijack it and no additional tunnels are required. CF supports doh at the usual 1.1.1.1 address, even, if you want to keep using them. Otherwise plenty of other providers support doh, as well.
- Comment on Questions about how to present radio shows on Jellyfin 1 month ago:
I use the “mixed” library type for random Internet videos. It basically just lists whatever files you put in there. You can organize stuff into folders, or just toss everything together like you want to.
- Comment on Where are you running your wireguard endpoint? 1 month ago:
On my router
- Comment on [deleted] 1 month ago:
Saying something is “self hosted” when it’s actually hosted by a cloud provider is sort of like saying something was “self coded” when it was coded by an LLM.
- Comment on Plebbit is the the most decentralized selfhosted social media protocol And why development slowed Down 2 months ago:
I think it’s like this:
Imagine Reddit, but every user stores a random piece of reddit in an instance on their device. They’re all still normal users, so they can’t block users from Reddit or from specific subs, even though their instance contributes to the whole. Their instance doesn’t represent the entirety of Reddit, or even the entirety of a single sub, it’s just a random chunk of Reddit.
BUT a user can be made a sub mod, which now gives them extra power over other users, but only in that one sub. It doesn’t matter whether any portion of that sub is stored on their instance, all that matters is that they’re a sub mod.
So you, as a pleb, have no control over what’s stored on your instance, but a mod has full control over their community (which may or may not partially exist on your instance).
That’s my interpretation, at least.
- Comment on [deleted] 2 months ago:
And why is a tower defense game listed under Automation?
Has the word “automation” in the description, so the AI just assumed it belonged.
- Comment on Have clankers visited my blog one hundred twenty-one sexagintillion eight hundred ten novemquinquagintillion times so far in November?? 2 months ago:
I recently added Anubis and its validation rate is under 40%. In other words, 60% of the incoming requests are likely bots and are now getting blocked. Definitely recommend.
- Comment on Self-Hosters Confirm It Again: Linux Dominates the Homelab OS Space 2 months ago:
The question is kind of flawed, though. They list Linux, a kernel, in a list of OSes.
Either just list kernels, Linux, BSD, Windows NT, etc; or just list OSes, Debian, Fedora, FreeBSD, OpenBSD, Trunas, Windows Server 2025, Windows XP, MacOS, etc.Mixing the two together just creates weird results. ¯\_(ツ)_/¯
- Comment on Running GoToSocial on an old wifi router 2 months ago:
should it be in NAND or NOR?? Why not both? My initial idea was to flash to NOR and then configure openwrt to a sort of “minimal usable state”. That is, I’d have the basic functions required run my home network: basic routing between local networks and WAN. Then I’d copy that image to NAND and that would be when I installed the “extras”, like SQM and whatnot. That way, if I ever broke it beyond repair, I could just flip the switches and copy the NOR back to NAND and start over with that minimal usable config.
I sort of followed my plan, but I think things have changed enough that it would not be the simple restart that I hoped it would.
I still think it’s a good idea, though. - Comment on Running GoToSocial on an old wifi router 2 months ago:
The Nest ones? I haven’t seen anything online of folks successfully flashing one. The first steps would probably be to solder on a USBC port and see what kind of access you can get over serial. There’s a picture of a Nest board (not the Pro) here, as well as info on what appears to be the correct usb connector. The OP also mentions that the Nest is lacking the developer button, but my guess would be that the function is still accessible by shorting the correct TPs. It doesn’t seem like that OP ever went through with the project, though, so maybe you’ll be the first!
- Comment on Running GoToSocial on an old wifi router 2 months ago:
Interesting. Looks like he’s actually using an R4. I’ve got an R3, myself, though. I use mine as my gateway router and it certainly seems under utilized. I’ve got SQM, adblocking, DDNS, DoH proxying, multiple VPN interfaces, and it’s a ‘router on a stick’ for my home networks (at 2.5gbe). Despite all of that, the CPU load never seems to budge and I’m only using a tenth of the RAM. I’m personally a bit torn on the device; on one hand, it certainly seems like it can do a lot more. It even has a m.2 slot for SATA/nvme, so it could definitely provide NAS or even some bigger applications. On the other hand though, I feel like it’s such a critical piece of infrastructure that I don’t want to introduce a bunch of non-router-related functions and risk one of those extra functions crashing the system and bringing down my whole network.
- Submitted 2 months ago to selfhosted@lemmy.world | 23 comments
- Comment on 2 months ago:
I’m not able to watch the video right now; is this actually using the gopher protocol?
- Comment on Self hosting Sunday! What's up, selfhosters? 2 months ago:
It’s running!
- Comment on I finally understand Cloudflare Zero Trust tunnels 2 months ago:
It’s not really “zero trust”, though, right?
Isn’t CF still terminating TLS?
