Context: my father is a lawyer and therefore has a bajillion pdf files that were digitised, stored in a server. I’ve gotten an idea on how to do OCR in all of them.

But after that, how can I make them easily searchable? (Keep in mind that unfortunately, the directory structure is important information to classify the files, aka you may have a path like clientABC/caseAV1/d.pdf

With the recent news, VPN bans being tested in western countries and even states like Michigan toying with new internet censorship; it’s had me thinking that I need to up my self hosting game. I currently use Truenas scale electric eel and I really am a novice with no formal education. I have a myriad of apps running, learned through YouTube tutorials, documentation, and AI. I tunnel out some of these services via cloudflare zero trust to a domain. I’ve got pi-hole running on the network and a VPN on my windows machine but that’s about it. It’s great! It works! It’s fun to tinker with and has allowed my family to ditch a lot of subscriptions. Browsing around, though, I see a lot of comments about different ways to secure servers. Everytime I try to learn about something such as VPS, reverse proxies it feels like an inundation of too much information and differing opinions. It seems like there are so many ways to do it that I really have no clue where to begin. I also don’t want to break what is currently working for me.

Anyone have a good idea on good sources to educate myself? Is it vital I learn how to run some sort of local service? How would hard government crackdown shutdown VPNs and what could a self-hoster do to avoid that? Be gentle. Thanks.

selfh.st was a website that was included in my RSS feed for reading news about self hosting and such for a while now. I never felt it was that helpful for me since I usually add the release notes of the services I use individually on my feed. I would often read out of curiosity.

I also felt their feed was always very clunky to be honest, it was never formatted properly but at least there was content there. In the middle of the huge images there was at least a little bit of information to be seen.

9 months ago their feed broke (because they changed their domain or something like that) and since then, I noticed the website is kind of declining? I kind of hate the overuse of enshittification but there are no other words for me to define this. Many red flags were already ignored before by the way, including the usage of AI slop imagery and a change of interface for the worse, to include information about sponsors.

They started sending the feeds with: "This is a feature reserved to premium users" with a link to their website. Felt very icky.

I do NOT expect people that make content to keep doing it without support (we support a few independent news outlets, also donate every now and then to projects we use a lot), however the way they are trying to get said support is very.... weird. Like trying to boost numbers, if that makes sense? If done different I would gladly give them a subscription each month, but this hit me in a weird way.

Anyway, I won't be part of their audience anymore. Are there other websites which focus on self hosting have on your feed?

If I want a #selfhosted database backend for #n8n automations, what does @selfhost suggest? Baserow? Grist? Supabase?

Needs to run nicely in a Docker container on #TrueNAS.

IMPORTANT NOTES (PLEASE READ!):

• These are NOT products. They are for testing and demonstration purposes only.
• They have NOT been reviewed or audited. Do NOT use for sensitive data.
• All functionality demonstrated is experimental.
• These are NOT meant to replace robust solutions like VeraCrypt, Simplexchat, Signal, Whatsapp, wetransfer. It's a proof-of-concept to show what's possible with browser APIs.
• Cyber security is full of caveats, so reach out for clarity on any details if they can't be found in the docs.

Aiming to create the worlds most secure messaging app.

https://positive-intentions.com/docs/projects/chat

• Open Source
• Cross Platform
  • PWA
  • iOS, Android, Desktop (self compile)
  • App store, Play store (coming soon)
  • Desktop
    • Windows, MacOS, Linux (self compile)
    • Run index.html on any modern #browser
• Decentralized
• Secure
  • No Cookies
  • P2P E2EE encrypted
  • Forward secrecy
  • No registration
  • No installing
• Messaging
  • Group Messaging (coming soon)
  • Text Messaging
  • Multimedia Messaging
  • Screensharing (on desktop browsers)
  • Offline Messaging (in research phase)
  • File Transfer
  • Video Calls
• Data Ownership
  • SelfHosted
  • GitHub pages Hosting
  • Local-only storage

For more information on "how it works", check out: https://positive-intentions.com/blog/decentralised-architecture

(Degoogled links to the apps)

• P2P Chat: https://chat.positive-intentions.com/
• P2P File: https://file.positive-intentions.com/
• Encrypted drive storage: https://dim.positive-intentions.com/?path=%2Fstory%2Fusefs--encrypted-demo

More:

• GitHub: https://github.com/positive-intentions
• Mastodon: https://infosec.exchange/@xoron
• Reddit: https://www.reddit.com/r/positive_intentions

I'll be self-hosting a service with user submissions soon, so I'm worried about the https://howto.geoblockthe.uk/ situation.

Based on this I've wondered, are there any community maintained geo block lists that might be useful? All database options I found are either 1. an on-demand online service which seems questionable for privacy reasons, or 2. IPv4 only, or 3. have weird terms of use with a gag clause regarding the entire company making it and other weird stuff.

I'm not a fan of geo blocking in general, but the situation is what it is.

PS: Please don't discuss the Online Safety Act itself too much in the comments, or whether somebody should be using a geo ip to handle this. While I might appreciate useful input on that, I'm hoping this post can remain a resource for those who are looking for such a database for other reasons as well.

Homebox v0.21.0 released!

Homebox is proud to announce the release of version v0.21.0!

But first, what is Homebox?

Homebox is the inventory and organization system built for the Home User! With a focus on simplicity and ease of use. Homebox is the perfect solution for your home inventory, organization, and management needs.

About the update

We have officially released v0.21.0 and at the same time are making progress towards v1 (stable). This release covers a range of new features and bug fixes, including:

• Add product fetching using barcodes
• Support listening on unix sockets and systemd sockets
• Add plugin to set image sizes in Markdown
• Add support for postgres certificate authentication
• Hardened Docker images now available!
• Use aspect ratio when making thumbnails
• Fixes to Windows attachment paths
• Fix photo display issue when adding additional attachments to items
• ... And much more!

You can see a full list of changes here: Changelog

What about V1..?

Great news! We're making some solid progress towards a v1 release, and have documented our roadmap update here: Homebox v1 Roadmap: Update

Important Note
Our new -hardened suffixed docker images are experimental, and may have bugs not normally encountered in other docker builds.

Follow the Homebox journey

• On Discord: https://discord.homebox.software/
• On the web: https://homebox.software/
• On Github: https://git.homebox.software/
• Demo: https://demo.homebox.software/
• Translate Homebox: https://translate.sysadminsmedia.com/

After a lot of work, and a lot of trying, I couldn’t find FOSS software that properly syncs my family’s photos in the background (tried Immich, still not good enough despite the new beta timeline, kinda worked in 1.136, got kinda broken on 1.138, tried Nextcloud, but still haven’t gotten new photos to sync in the background. Ente is waaaay too complicated, with waaaay too many moving parts that can break). Given all of this, I gotta choose some prebuilt nas that can properly sync. I don’t like synology but apparently their background sync is ok. What about Qnap and Ugreen? Are they ok?

I'm a professional DevOps worker, and I recently got back into building my own services in the cloud, and I discovered Oracle Cloud Free Tier. It is full of goodies I couldn't resist, especially since my own personal server at home had gone down. In my quest to ensure that I spend absolutely no time in a terminal, I came across this other application called Cosmo Cloud that works a lot like CasaOS. It's got some bells and whistles, though, that CasaOS is missing like a secure reverse proxy complete with an application shield to prevent malicious attacks, central user management through the use of OpenID, multiple URLs can be locked down to individual users, and Cosmo offers a lot of flexibility when it comes to adding containers to your server.

Since it took me a couple of days to build a server, I thought I would write it down in a guide so I wouldn't forget it, and it's occurred to me that other people might appreciate some instructions on how to get all this configured securely.

This guide includes using cloudflare tunnels as the way to expose internet services as it adds another layer of protection between your server and the internet.

I've reviewed it pretty thoroughly but I probably wrote something down wrong or maybe I mistyped something. If you have any questions or need any help getting things configured, reach out to me and I'll do what I can.

This option works but sucks as a code editor.

Hey everyone, I'm currently trying to run Jellyfin with Tailscale using docker compose and a reverse proxy through Caddy. I'm using this guide to do this. After configuring the yaml, I tried to start things up and Tailscale and Jellyfin started, but Caddy wouldn't start and it gave the following error:

Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/root/Jellyfin/jellyfin-tailscale/caddy/conf/Caddyfile" to rootfs at "/etc/caddy/Caddyfile": create mountpoint for /etc/caddy/Caddyfile mount: cannot create subdirectories in "/var/lib/docker/overlay2/325e35ec5a4c8d8bac5d7576e2deeb4b8365af027486e232ad78b458708b639b/merged/etc/caddy/Caddyfile": not a directory: unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type

I checked the Caddy Image information here, and modified the yaml to mount the Caddyfile directory instead.

New code looks like this ~/Jellyfin/jellyfin-tailscale/caddy/conf:/etc/caddy

Now when I restart the services with Docker Compose, all three start, however Caddy (and therefore Jellyfin) won't run, they continually try restarting. By looking at it with docker logs caddy, I see that it throws out this error over and over:

Error: reading config from file: read /etc/caddy/Caddyfile: is a directory

I've inspected both the Caddyfile in /etc/caddy and in ~/Jellyfin/jellyfin-tailscale/caddy/conf using file Caddyfile, and both say they're Caddyfile: ASCII text.

What am I missing and how do I fix it?

EDIT: Forgot to put in links

Of course, after than, whatever you've just plugged into it, will most likely not work

502 Bad Gateway
504 Gateway Timeout
X-Forwarded-For

The solution is probably somewhere deep in the bowels of whatever you're trying to make work

It will look obvious once you've figured out, that's why it wasn't mentioned next to the bunch of instruction you pasted into your console to install the thing

Just another day walking in the forest of papercuts

TL;DR demo

Hi all !

I would like to showcase Gosuki: a multi-browser cloudless bookmark manager with multi-device sync capability, that I have been writing on and off for the past few years. It aggregates your bookmarks in real time across all browsers/profiles and external APIs such as Reddit and Github.

Features

• A single binary with no dependencies or browser extensions necessary. It just work right out of the box.
• Multi-browser: Detects which browsers you have installed and watch changes across all of them including profiles.
• Use the universal ctrl+d shortcut to add bookmarks and call custom commands.
• Tag with #hashtags even if your browser does not support it. You can even add tags in the Title. If you are used to organize your bookmarks in folders, they become tags
• Real time tracking of bookmark changes
• Multi-device automated p2p synchronization
• Builtin, local Web UI which also works without Javascript (w3m friendly)
• Cli command (suki) for a dmenu/rofi compatible query of bookmarks
• Modular and extensible: Run custom scripts and actions per tags and folders when particular bookmarks are detected
• Stores bookmarks on a portable on disk sqlite database. No cloud involved.
• Database compatible with the Buku. You can use any program that was made for buku.
• Can fetch bookmarks from external APIs (eg. Reddit posts, Github stars).
• Easily extensible to handle any browser or API
• Open source with an AGPLv3 license

Rationale

I was always annoyed by the existing bookmark management solutions and wanted a tool that just works without relying on browser extensions, self-hosted servers or cloud services. As a developer and Linux user I also find myself using multiple browsers simultaneously depending on the needs so I needed something that works with any browser and can handle multiple profiles per browser.

The few solutions that exist require manual management of bookmarks. Gosuki automatically catches any new bookmark in real time so no need to manually export and synchronize your bookmarks. It allows a tag based bookmarking experience even if the native browser does not support tags. You just hit ctrl+d and write your tags in the title.

I'm in the process of setting up homelab stuff and i've been doing some reading. It seems the consensus is to put everything behind a reverse proxy and use a vpn or cloudflare tunnel.

I plan to use a VPN for accessing my internal network from outside and to protect less battle tested foss software. But I feel like if I cant open a port to the internet to host a webserver then the internet is no longer a free place and we're cooked.

So my question is, Can I expose webserver, SSH, WireGuard to the internet with reasonable safety? What precautions and common mistakes do I need to watchout for.

The team behind Maybe just released version v0.6.0, and with it announced a major shift: the project is officially moving away from open-source development and pivoting to a B2B-focused model.

From now on, Maybe will focus on enterprise-grade data analysis and scenario planning tools for businesses. As a result, there will be no further updates, maintenance, or community support

This marks the end of Maybe as a public, code-based personal finance tool.

If you’ve been using it personally, v0.6.0 is the final release. You can keep using it as-is, but don’t expect updates.

Hello

Note that I am only interested in the technical details and I already have alternative for remote access.

As you may know Plex made some changes recently and remote access became a paid feature.

At first I thought that only people using plex.tv who will be impacted as they are using their relay feature. But I was surprised that accessing the server by its public IP is considered as a remote access (it make sense though).

So I thought that putting Plex behind a reverse proxy in the same network will solve the issue. Plex will see a local connection from the reverse proxy and treat it as a direct access. But still Plex detect that as a remote access. I even tweaked the host and headers passed by reverse proxy with no success.

Plex even consider accessing the server using a local domain as a remote access.

So I tested tailscale, I ran it on the server and tried to access Plex using the assigned IP but my access is considered a remote access. Now I ran tailscale on the client and accessing Plex from it is considered a direct access.

At first I thought Plex was checking the url but it doesn't seem to be the case.

Can someone explain me how does Plex detect remote vs local access?

Hey y’all, I know getting a setup that feels “right” can be a process. We all have different goals, tech preferences, etc.

I wanted to a share my blog post walking through how I finally built a setup that I can just be happy with and use. It goes over my goals, requirements, tech choices, layout, and some specific problems I’ve resolved.

Where I’ve landed of course isn’t where everyone else will, but I hope it can serve as a good reference. I’ve really benefited from the content and software folks have freely shared, and hope I can continue that and help others.

Happy to answer questions!

A new open-source Single Sign-On (SSO) provider designed to simplify user and access management.

Features:

• 🙋‍♂️ User Management
• 🌐 OpenID Connect (OIDC) Provider
• 🔀 Proxy ForwardAuth Domains
• 📧 User Registration and Invitations
• 🔑 Passkey Support
• 🔐 Secure Password Reset with Email Verification
• 🎨 Custom Branding Options

Screenshot of the login portal:

I struggled quite a while to install HomeAssistant on the new Truenas Scale Incus system because there are no good guides for it. So here is one.

💾 STEP 1: Create a ZVOL

I gave mine 50GB. Minimum needed is 32GB.

Scroll down and save.

cd /tmp
wget https://github.com/home-assistant/operating-system/releases/download/15.2/haos_ova-15.2.qcow2.xz
unxz haos_ova-15.2.qcow2.xz

sudo qemu-img convert -p -O raw haos_ova-15.2.qcow2 /dev/zvol/NAS/HomeAssistant

So, I had to shutdown my mini pc home server (on NIXOS) so that it could be used for something else. Most of my data is in a pair of external hdds in a RAID configuration. However the Postgres database was in the boot drive. I still have it, but it refuses to boot anywhere else (tried some old spare laptops). How can I recover it?