You must log in or # to comment.
Finally got the time to set up OpenCloud. It is a pain in the ass to wade through their convoluted clusterfuck of compose files, but it is worth it! Sometime next week I’ll refactor my current deployment. If I deem it fine, I might post it here for others to reference.
this is a great thread! this should be a recurring one
I managed, without ever trying, to convert a friend to swap to Linux about a month ago.
Today I’m driving over to give him my old old server so he can start self hosting. He’s super keen on getting started.
So not my success, but ours? One more person joins the community today!
proxmox backups fixed!
copyparty is really REALLY cool. (i use the phi95 theme)
self hosted gitea was much easier than expected.
jellyfin updated to latest.
fixed habitica issues (gotta have my goddamn checkmarks!)
self hosted ntfy ssh login scripts EVERYWHERE
i said fuck NUT and passed battery backup straight to truenas VM, the graphs are beautiful.
ive decided that a rclone docker set up to serve webdav will be a tool i keep on all lxcs, for moving shit around easier. turn it on, move the stuff, turn back off. (i can SCP with the best of them but this is so much easier)
i want a self hosted CA 😭😭😭
Managed to get stoat working over I2P.
My servers are up
Reconnected my light switches to home assistant. I just had to press the pairing button on the device again for some reason. But it’s inside de Switch box in the wall, not so practical. I wich they thought of another way to put the device in pairing mode, like switch one-off 10 times, something like that.
I already had Keycloak set up, but a few services don’t support OIDC or SAML (Jellyfin, Reposilite), so I’ve deployed lldap and connected those services and Keycloak to it. Now I really have a single user across all services
how did tou migrate your existing accounts to this system? or did you just make a new account from scratch?
I recreated the Keycloak account from LDAP, and then manually patched the databases for all OIDC-based services to the new account UUID, so the existing accounts are linked to the new Keycloak account.
I have two Keycloak accounts, one in the master realm for administrative purposes, and one in the apps realm for all my services, so I didn’t break access to Keycloak
Decided to buy a raspberry pi, it arrived, I installed pihole on it and put it into my dad’s house, all in a few days. Biggest win: I just took action and did it, instead of researching, brainstorming and writing down stuff for weeks and then never execute.
Following this post I installed paperless. It’s amazing.
All of my apps are running without issue. First time in months
I finally got around to installing Jellyfin. Still trying to get hardware transcoding working. I think I have it set up, but it still wants to use the CPU. I’m thinking permissions but I ran out of time.
Fun project.
I think QSV is the new “easiest” way if you have an Intel CPU. Here are some docker compose values that might help:
group_add: - "110" - "44" devices: - /dev/dri/renderD128:/dev/dri/renderD128110isrender44isvideoYou can
grep render /etc/groupto find your values.I found CPU accelerated transcoding to be as effective as using GPU acceleration for my small media server setup. Nvidia wasn’t worth it for me.
Oh thanks! I didn’t have the group_add.
I’ve been running all my apps on my NAS as docker containers, but some get ‘stuck’ occasionally, requiring a reboot of the whole machine. Using the NAS was mostly out of convenience.
I also had an old laptop running k3s, hosting a few stateless services.
This week I picked up three Wyse 5070 devices and started setting up a more permanent Kubernetes cluster. I decided to use Talos Linux, which is a steep learning curve, but should hopefully reduce the amount of ongoing work for upgrades. I’ll be deploying everything with FluxCD this time around too.
I’ve stumbled a bit with the synology-csi-driver. It didn’t work with Talos out of the box, but turns out the latest commits have a fix. The only thing remaining before I can start porting the apps over is figuring out how to spin up a new CA and generate client certificates for mTLS. I currently do that in Vault but it seems like something cert-manager could handle going forward.
Still waiting for my success. Pihole randomly doesn’t answer DNS requests in time, causing a lot of trouble between my services. It’s happening since I switched to dnsmasq in opnsense (which is upstream for my local domain for Pihole), but also for external domains. Can’t nail it down and am this short of reconsidering my whole network setup. It used to work fine for over a year though…
Opnsense dnsmasq is DHCP for my servers and also resolves them as local hosts. (e.g. server1.local.domain) and Pihole conditionally forwards there. Since the issue is also when resolving external domains, it shouldn’t be related, but the timing is suspicious. I also switched the general upstream DNS.
Pihole does have some logs indicating too many concurrent requests, but those are not always correlating with the timeouts.
I know it’s DNS, I just don’t know where yet.
Is dnsmasq rate limiting tbe pi’s IP? Or is opnsense intercepting port 53 outbound and sending it to dnsmasq anyway so all pi DNS queries are being resolved in dnsmasq?
I’ll go first: I got XMPP (Prosody) setup for the family.
Also, less this week (cheating a little), but I’ve setup all my services with SSL (self-hosted root CA), domain names, and (finally) a dashboard (Heimdall.)Edit: I can’t sepll.
Nice, same! Was also really positively surprised by how great the Android app(s) for XMPP feel.
Only thing not working yet for me is group chat creation. Oh well. Maybe this weekend.
On the other hand though, voice and video calls have worked flawlessly.
Nice, same! Was also really positively surprised by how great the Android app(s) for XMPP feel.
We’re on iOS and I wish I could say the same. Looking at the Android apps makes me very jealous.
Only thing not working yet for me is group chat creation. Oh well. Maybe this weekend.
What server software are you using? I went with Prosody and it felt pretty easy to setup the muc module for groups, but, on the other hand, I haven’t gotten around to voice and video calls.
Ah, too bad. IMO better clients would make it drastically easier to convince people to switch.
Hm, I can create groups (also with muc), and the other members are added, but writing a message triggers “x left the group” for everyone. Dunno. Probably something trivial I overlooked. But honestly… Weather is too good today to be bothered 😄
Ah, I already had a TURN/STUN coturn server set up for matrix and jitsi, so it was just a matter of telling prosody about that. So I cheated a little I guess 😄 Here is my full config for that, in the unlikely event that you’re using NixOS.
Are you using sturn/turn server? Almost always needed for calls and video, you should join prosody support channel that are really helpful xmpp:prosody@conference.prosody.im?join
Nice, had my XMPP server now running for a couple of weeks, not many users on it so far though. But my highlight of the week was managing to get the slidge whatsapp bridge with Prosody running, so I at least don’t have to use the official app anymore for all those people who resist to get off of it.
