Hey everyone,

My personal server of choice is a DiskStation right now, and I'm using the default reverse proxy for all my subdomains. I went through a few stages to secure them, and now that I'm finally finished (famous last words heh?!) I thought I'd document my approach and provide some configs and code. I've seen a few unanswered questions here and there about how to do this on Synology, so hopefully this helps a few people.

The guide covers limiting access to local IPs, as well as adding Basic or SSO authentication. The main goal is to integrate well with the GUI and access control profiles, and to leave all existing and autogenerated files untouched, so updates and changes via the GUI still work as expected.

Here is the basic idea:

The nginx server config is located in /etc/nginx/, and the reverse proxies are defined in the sites-available/server.ReverseProxy.conf file inside that folder. There's one server directive for every proxied site, and the DSM config adds a include .acl.<random string>.conf* directive if you set up an access control profile for a site. That * at the end there is crucial, because it means we can manually add more configuration files with the same prefix, and they will automatically be included and applied to all sites using this access control profile.

There are also include directives for the main and http scopes, as well as for the default DSM server directives. This means we can inject configurations in these places, just by adding correctly named files to the conf.d folder.

For Single Sign-On (SSO) authentication we run a Vouch-Proxy instance to handle the communication between nginx and the OIDC server. We also need to spin up another nginx reverse proxy and forward requests to it, because the built-in one doesn't support the required auth_request directive. Its container script just copies the default reverse proxy configuration with some modifications, and it is set up to reload whenenver the original file changes.

Link

cross-posted from: https://lemmy.world/post/15565311

It was a long running project, but I finally did it. I built what I'm calling a smart mailbox that communicates locally with Home Assistant via ESPHome.

Parts:

• Pine plank roughly the width of my mailbox
• Treated pine plank for mounting
• Thin sheet of perspex or similar transparent plastic
• 2x VCNL4010 proximity sensor
• ESP32 dev board with antenna
• Bigger antenna
• Prototype board
• 2.54mm pitch JST connectors
• 2.54mm pitch pin header sockets
• 18650 battery
• 18650 Type-C charging module
• Battery holder
• 2x 5V 1.5W solar panels
• MCP1700-3302E LDO regulator
• 100uF electrolytic capacitor
• 100nF ceramic capacitor
• Resistors... I think I ended up using a 1 MOhm and a 330 kOhm
• Weatherproof junction box
• Nylon screw spacers
• Cable glands
• 12mm waterproof button
• Various cables and wires
• Paint and polyurethane spray to weatherproof the wood

Tools:

• Soldering iron
• Router for cutting grooves in wood
• Drill and hole saw bits
• Various files and sandpaper

For a start, I followed this guide to get me started on the power delivery portion, but I ended up using much higher valued resistors since I found that I was losing more battery charge through the voltage divider than I was from the ESP32 or proximity sensors.

Once I'd tested the concept with the parts just laying in a jumble on the table, it was time to get to work.

I started by cutting a plank of pine to fit my mailbox, chamfering the ends to make space for the metal joins. I routed out some spaces for the tops of the bolts that hold the mailbox down.

Measured out where the sensors should go, along with a surrounding space to screw down some little perspex windows to cover them. The idea I wanted was for the mail to be able to slide over the sensors without getting caught on them, as well as to protect them from dust.

Routed out the dents and cleaned them up with a chisel and sandpaper. Cut the perspex to shape for a test fit.

On the other side, I routed out a notch for the cable to access the sensors.

I had originally planned to just solder wires into the sensors, but then I realised JST connectors would fit perfectly into the sensors. This meant I had to widen the holes somewhat, which I did with a small chisel and file.

I got a bit lazy with making screw holes to hold down the perspex, so they're not in as neat a place as I'd like. If I did this again I'd measure properly for their placement. Still, with countersinking they hold down the perspex well and nothing sticks up for mail to get caught on.

I also got started on making a housing for the solar panels. I used the router to carve out a 1-2mm area for them to sit in, and a much deeper ditch linking the two terminals, which you'll see in a later picture. For now, here's how they look sitting in it.

Wiring up the prototype board was next. Again, see the article I linked above for how this works. I used pin headers to allow the ESP32 dev board to be slotted in and out, just in case I ever needed to take it out for replacement or reprogramming. Also the JSTs on the prototype board are for connecting the battery (top left), connecting the solar panels (bottom left), providing power to the sensors (bottom right) and clock and data lines for the sensors (top right). Since the sensors are both using the same I2C bus address and cannot be configured otherwise, I had to run two clock and data lines, but if I'd found sensors that could have different addresses I could have just used one of each. I didn't take a photo of the board at this stage, but I later added another header to connect a button to reset the ESP32 from the outside.

I also made the data and power cable for the sensor board.

The solar panel housing and 'sensor plate' were both painted and treated with polyurethane spray to protect them from rain and humidity.

I drilled holes in the weatherproof box to fix the cable glands and the weatherproof button. In the case of the solar panel wire, I had opted to buy speaker wire since I figured it would be easier to run in the channel between the two solar panels, being flat. But that also made it not really fit the cable glands that great. I ended up stripping some of the outer sheath off some 2 wire power cable I had, and wrapping that around the part of the speaker wire that gets clamped in the glands, just to make a reasonable seal. These all were on the side I decided I would mount at the bottom, so water wouldn't be able to easily fall into the box.

Final test fit. I later used epoxy glue to glue down the nylon headers and the battery holder inside the box.

The mailbox itself also needed a hole in the bottom for the sensor cable to come out. After drilling a hole and filing it into a square shape, I cut some rubber grommet strip to size and fitted it around the hole, with some marine silicone adhesive to protect the sharp metal edges from water and to hold the grommet strip in place.

I'd drilled some holes in the brick wall my mailbox sits upon for masonry anchors, and this piece of treated pine got the last of my polyurethane spray, just in case.

Using a two pieces of the leftover perspex glued together, I made an internal mount for the antenna, figuring it would be best to not have the thing either floating around freely inside the box or sticking out the side where people could potentially break it off.

Finally, after weeks of off and on work, it was ready to install.

The ESPHome coding used my VCNL4010 component, and if anyone is interested I can share it but it's kinda a large file.

I have been backing up the photos folder for my immich. Something weird happened with one of my hard drives so i had to restore. It has a folder for each year and inside there is a folder for each day. immich doesnt support the ability to drag and drop the year folder into the UI. What's the best way to get all my media back into immich?

Hello.

I have home server with Home Assistant and small VPSes. I want to monitor one of the VPS in Home Assistant. I know that Glances could be the best choice here, but I cannot connect Glances wuth Home Assistant (I can access to web interface hosted directly on VPS, but I cannot connect it to Home Assistant). Is there a light alternative that I can quickly install on VPS server (ubuntu) and connect it with Home Assistant? I don't need a lot of metrics - only CPU, RAM, Load and maybe net traffic. I am open to standards like MQTT.

Hey selfhosters!

I recently discovered Tribler - anonymity focus torrent client. It made some rounds on hackernews and I'd never heard of it before.

I installed gui and was not impressed - it ran terribly on macos. However, I was able to test download and its anonymity features - it uses TOR inspired onion routing. I saw they had API available - and thought it would be perfect for my selfhosted *arr stack usage. However, *arr apps did not integrate tribler API (understandably, it's a niche client)

I dug in a bit and thought it would not be so difficult to create a shim that pretends to be some better integrated torrent client.

I picked qbittorrent.

You can check the link. I run it in docker. Add it to sonarr / radarr as qbittorrent client (username and password is irrelevant, as tribler shim integrates with tribler through API key) It's not the most secure approach - but managing torrents wihout authentication in my home network is an acceptable risk.

I was not able to download anything with more than 1 hops in between - ie it does hide your real IP address, but only uses one relay in between. It's not perfect, but seems to work as designed. I run my services mostly in Kubernetes, so there's likely something in my networking that. I will poke around more to see what could be the issue.

For now, the torrent management works through arr apps using the shim, however, the category is not implemented. Therefore, you can only use one category for both sonarr and radarr for example, and you will see downloads of both of those.

I torrent to a seedbox, and said seedbox has great access tools and you can install plenty of useful applications like Resilio Sync, Syncthing, etc.

My local server is running Fedora Server OS. I'd like to get an automated 1-way sync up and running, but I'm having a lot of trouble. I was using Syncthing in the past, but it's really not meant for one way syncs and caused some issues. I've been trying to set up Resilio Sync, but on Linux I cannot figure out how to get access to the web UI. Resilio's own documentation is frustratingly obtuse - it's great for setting up the service under systemd but then basically has nothing about how to actually get webui access from another machine on the local network, excrot for a reference to a command that doesn't actually exist.

If anyone either 1) knows how to set up Resilio Sync on a Linux machine such that I can hit the web UI from another machine on my local network or 2) had a better way to set up 1-way sync between my seedbox and my local server, I would love to learn!

I've been interested in self-hosting for a while, but didn't really know where to start. I've never messed with Linux before and wanted to jump ship from Windows since Microsoft decided to start putting ads everywhere. I came across this post [https://lemmy.world/post/6542543] which was exactly what I was looking for to start, and seemed like a straight-forward guide. I have two laptops, one I want to act as my media server with Docker and the other as my everyday device. Except I've been met with setback after setback from the start. I tried installing Ubuntu Server on the media server laptop but just could not get it up and running. I was suggested to try using a more beginner-friendly distro, so I went with Mint. I also liked the idea of a GUI I can mess around with.

Docker was a success, but then I got to the Adguard part and when I try the docker-compose.yml step, grub just hangs. Decided to skip that part and go onto Jackett. Nope, more errors. Tried Prowlarr, different errors.

I don't want to give up on this because its something I really want to get going for my media, home automation, cameras, etc etc. But I feel like I'm flying blind here.

I have a lot of homework to do to learn Linux, but is there a different, beginner-friendly guide out there for me to follow for now?

-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.-~.

Edit: I appreciate everyone's comments. Although I have no Linux experience, I know my way around Windows pretty well. I understand file systems and in one of my errors that was asked, I was getting a "No File or Directory exists" error. I edited the username to fit my what I have, but was still getting the error. I even created a new user named Prowlarr when attempting the Powlarr install to follow the steps word-for-word, no luck. It got frustrating so I gave up for the day.

I admit I do have a lot of learning to do, and I am really grateful some of you have provided start-points for my Linux journey. I'm also grateful for the "Self-hosting For Dummies" recommendations, like Yunohost and YAMS. I plan on looking over all of this info today to get a solution up for now and start my path down the Linux rabbithole. Its kinda exciting to start embarking on something like this.

Anyway, thanks to everyone who gave me great feedback!

Hello everyone,

I am running some services like Jellyfin, Radarr, QBittorrent, Jellyseerr and some others on my Raspberry Pi 4. The problem is that it is already struggling to run those, since it has only 2GB of RAM. I wish it was possible to do a RAM upgrade to the Raspberry Pi but the RAM is soldered to the motherboard. I don't want to buy another Raspberry Pi with more RAM because they are quite expensive and I don't want to have two of them. So can you recommend something for around or under 100€?

Thanks in advance.

I want to undo some of my setup on my network so I can redo it in a different configuration on the same machine. The first thing I wanted to do was disable my Adguard server, making sure I could still use the internet after.

I thought I had cleared out all of the settings in my router that made it use Adguard for DNS, but when I shut down Adguard afterward, all outside connectivity fell apart. I could still get to websites if I knew their specific IP address, but nothing that needed DNS worked. When I booted Adguard back up, everything started working again.

I have tried several options in the DNS server settings in my Asus router (TUF-AX5400). Is there something I need to do in Adguard first to make this work? Or is this maybe something I need to reset in my Asus router and then give it time and a few reboots to work?

I try to follow the docs but somehow it doesn't work as expected. How does your compose file look and what to choose in the settings?

My current setup: (Not working)

services:
  # original source: https://jellyfin.org/docs/general/installation/container/
  jellyfin:
    image: docker.io/jellyfin/jellyfin:latest
    container_name: jellyfin
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Berlin
      - JELLYFIN_PublishedServerUrl=https://my.url
    volumes:
      - ./config:/config:Z
      - ./cache:/cache:Z
      - ./media:/media:rw
    ports:
      - 8096:8096
# no need for https since reverse proxy and no local discovery
    restart: always
    device:
      - /dev/dri/:/dev/dri/:Z
      - /dev/dri/renderD128:/dev/dri/renderD128:Z
    group-add:
      - 105
    privileged: true

I do not want a privileged container but I'm experimenting.

• VAAPI is selected
• VA-API device: is set to /dev/dri/renderD128
• enable hardware decoding for : H264, HEVC, HEVC 10bit and VP9 10 bit
• enable hardware encoding
• allow encoding in HEVC

to get the group I ran getent group render | cut -d: -f3 on the host which returned 105.

$ podman exec -it jellyfin /usr/lib/jellyfin-ffmpeg/vainfo
Trying display: drm
libva info: VA-API version 1.21.0
libva info: Trying to open /usr/lib/jellyfin-ffmpeg/lib/dri/iHD_drv_video.so
libva info: Found init function __vaDriverInit_1_21
libva info: va_openDriver() returns 0
vainfo: VA-API version: 1.21 (libva 2.21.0)
vainfo: Driver version: Intel iHD driver for Intel(R) Gen Graphics - 24.2.1 (0593864)
vainfo: Supported profile and entrypoints

This command returns VA-API does that mean I can only (or I should) select this method? Or is QSV also possible? What's better?

podman exec -it jellyfin /usr/lib/jellyfin-ffmpeg/ffmpeg -v verbose -init_hw_device vaapi=va -init_hw_device opencl@va
ffmpeg version 6.0.1-Jellyfin Copyright (c) 2000-2023 the FFmpeg developers
  built with gcc 12 (Debian 12.2.0-14)
  configuration: --prefix=/usr/lib/jellyfin-ffmpeg --target-os=linux --extra-version=Jellyfin --disable-doc --disable-ffplay --disable-ptx-compression --disable-static --disable-libxcb --disable-sdl2 --disable-xlib --enable-lto --enable-gpl --enable-version3 --enable-shared --enable-gmp --enable-gnutls --enable-chromaprint --enable-opencl --enable-libdrm --enable-libass --enable-libfreetype --enable-libfribidi --enable-libfontconfig --enable-libbluray --enable-libmp3lame --enable-libopus --enable-libtheora --enable-libvorbis --enable-libopenmpt --enable-libdav1d --enable-libsvtav1 --enable-libwebp --enable-libvpx --enable-libx264 --enable-libx265 --enable-libzvbi --enable-libzimg --enable-libfdk-aac --arch=amd64 --enable-libshaderc --enable-libplacebo --enable-vulkan --enable-vaapi --enable-amf --enable-libvpl --enable-ffnvcodec --enable-cuda --enable-cuda-llvm --enable-cuvid --enable-nvdec --enable-nvenc
  libavutil      58.  2.100 / 58.  2.100
  libavcodec     60.  3.100 / 60.  3.100
  libavformat    60.  3.100 / 60.  3.100
  libavdevice    60.  1.100 / 60.  1.100
  libavfilter     9.  3.100 /  9.  3.100
  libswscale      7.  1.100 /  7.  1.100
  libswresample   4. 10.100 /  4. 10.100
  libpostproc    57.  1.100 / 57.  1.100
[AVHWDeviceContext @ 0x55ef07507480] Trying to use DRM render node for device 0.
[AVHWDeviceContext @ 0x55ef07507480] libva: VA-API version 1.21.0
[AVHWDeviceContext @ 0x55ef07507480] libva: Trying to open /usr/lib/jellyfin-ffmpeg/lib/dri/iHD_drv_video.so
[AVHWDeviceContext @ 0x55ef07507480] libva: Found init function __vaDriverInit_1_21
[AVHWDeviceContext @ 0x55ef07507480] libva: va_openDriver() returns 0
[AVHWDeviceContext @ 0x55ef07507480] Initialised VAAPI connection: version 1.21
[AVHWDeviceContext @ 0x55ef07507480] VAAPI driver: Intel iHD driver for Intel(R) Gen Graphics - 24.2.1 (0593864).
[AVHWDeviceContext @ 0x55ef07507480] Driver not found in known nonstandard list, using standard behaviour.
[AVHWDeviceContext @ 0x55ef07538b40] Failed to get number of OpenCL platforms: -1001.
Device creation failed: -19.
Failed to set value 'opencl@va' for option 'init_hw_device': No such device
Error parsing global options: No such device

within the container:

# ls -l /dev/dri
total 0
crw-rw----+ 1 nobody nogroup 226,   1 May 17 13:22 card1
crw-rw-rw-. 1 nobody nogroup 226, 128 May 17 13:22 renderD128
# whoami
root
# 

$ getsebool container_use_dri_devices
container_use_dri_devices --> on

$ sudo lshw -c video | grep driver
       configuration: driver=i915 latency=0

if privileged is set to false:

$ podman exec -u root -it jellyfin /usr/lib/jellyfin-ffmpeg/ffmpeg -v debug -init_hw_device Device creation failed: -2.
Failed to set value 'drm=dr:/dev/dri/renderD128' for option 'init_hw_device': No such file or directory
Error parsing global options: No such file or directory

if privileged is true.

$ podman exec -u root -it jellyfin /usr/lib/jellyfin-ffmpeg/ffmpeg -v debug -init_hw_device drm=dr:/dev/dri/renderD128 -init_hw_device vaapi=va@dr
ffmpeg version 6.0.1-Jellyfin Copyright (c) 2000-2023 the FFmpeg developers
  built with gcc 12 (Debian 12.2.0-14)
  configuration: --prefix=/usr/lib/jellyfin-ffmpeg --target-os=linux --extra-version=Jellyfin --disable-doc --disable-ffplay --disable-ptx-compression --disable-static --disable-libxcb --disable-sdl2 --disable-xlib --enable-lto --enable-gpl --enable-version3 --enable-shared --enable-gmp --enable-gnutls --enable-chromaprint --enable-opencl --enable-libdrm --enable-libass --enable-libfreetype --enable-libfribidi --enable-libfontconfig --enable-libbluray --enable-libmp3lame --enable-libopus --enable-libtheora --enable-libvorbis --enable-libopenmpt --enable-libdav1d --enable-libsvtav1 --enable-libwebp --enable-libvpx --enable-libx264 --enable-libx265 --enable-libzvbi --enable-libzimg --enable-libfdk-aac --arch=amd64 --enable-libshaderc --enable-libplacebo --enable-vulkan --enable-vaapi --enable-amf --enable-libvpl --enable-ffnvcodec --enable-cuda --enable-cuda-llvm --enable-cuvid --enable-nvdec --enable-nvenc
  libavutil      58.  2.100 / 58.  2.100
  libavcodec     60.  3.100 / 60.  3.100
  libavformat    60.  3.100 / 60.  3.100
  libavdevice    60.  1.100 / 60.  1.100
  libavfilter     9.  3.100 /  9.  3.100
  libswscale      7.  1.100 /  7.  1.100
  libswresample   4. 10.100 /  4. 10.100
  libpostproc    57.  1.100 / 57.  1.100
Splitting the commandline.
Reading option '-v' ... matched as option 'v' (set logging level) with argument 'debug'.
Reading option '-init_hw_device' ... matched as option 'init_hw_device' (initialise hardware device) with argument 'drm=dr:/dev/dri/renderD128'.
Reading option '-init_hw_device' ... matched as option 'init_hw_device' (initialise hardware device) with argument 'vaapi=va@dr'.
Finished splitting the commandline.
Parsing a group of options: global .
Applying option v (set logging level) with argument debug.
Applying option init_hw_device (initialise hardware device) with argument drm=dr:/dev/dri/renderD128.
[AVHWDeviceContext @ 0x55e56e90b480] Opened DRM device /dev/dri/renderD128: driver i915 version 1.6.0.
Applying option init_hw_device (initialise hardware device) with argument vaapi=va@dr.
[AVHWDeviceContext @ 0x55e56e90b8c0] libva: VA-API version 1.21.0
[AVHWDeviceContext @ 0x55e56e90b8c0] libva: Trying to open /usr/lib/jellyfin-ffmpeg/lib/dri/iHD_drv_video.so
[AVHWDeviceContext @ 0x55e56e90b8c0] libva: Found init function __vaDriverInit_1_21
[AVHWDeviceContext @ 0x55e56e90b8c0] libva: va_openDriver() returns 0
[AVHWDeviceContext @ 0x55e56e90b8c0] Initialised VAAPI connection: version 1.21
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x41524742 -> bgra.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x42475241 -> argb.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x41424752 -> rgba.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x52474241 -> abgr.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x58524742 -> bgr0.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x42475258 -> 0rgb.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x58424752 -> rgb0.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x52474258 -> 0bgr.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30335241 -> unknown.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30334241 -> unknown.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30335258 -> x2rgb10le.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30334258 -> x2bgr10le.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x36314752 -> unknown.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x56555941 -> unknown.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x56555958 -> vuyx.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30303859 -> gray.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x3231564e -> nv12.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x3132564e -> unknown.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x32595559 -> yuyv422.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x59565955 -> uyvy422.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x32315659 -> yuv420p.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30323449 -> yuv420p.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x50313134 -> yuv411p.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x48323234 -> yuv422p.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x56323234 -> yuv440p.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x50343434 -> yuv444p.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x33434d49 -> unknown.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30313050 -> p010le.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x32313050 -> p012le.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x36313050 -> unknown.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30313259 -> y210le.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x32313259 -> y212le.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x36313259 -> unknown.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x30313459 -> xv30le.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x32313459 -> xv36le.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x36313459 -> unknown.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x50424752 -> unknown.
[AVHWDeviceContext @ 0x55e56e90b8c0] Format 0x50524742 -> unknown.
[AVHWDeviceContext @ 0x55e56e90b8c0] VAAPI driver: Intel iHD driver for Intel(R) Gen Graphics - 24.2.1 (0593864).
[AVHWDeviceContext @ 0x55e56e90b8c0] Driver not found in known nonstandard list, using standard behaviour.
Successfully parsed a group of options.
Hyper fast Audio and Video encoder
usage: ffmpeg [options] [[infile options] -i infile]... {[outfile options] outfile}...

I came across this blog today while searching and I'm finding it very detailed, human, and instructive. For a beginner like me, this kind of resource is invaluable. What does a server failure feel like at a personal level? How do you make decisions about cost or utilizing existing hardware? These kind of thoughtful reflections along with practical walkthroughs of solutions make this a very nice resource when planning both the how and the why.

Maybe someone else will find it useful too.

Hello! I recently listened to a podcast that talked about how storing media files in .av1 format is very efficient and storage-friendly. I've been storing my files in .mkv format, but now I'm considering using Handbrake or a similar service to convert all my video files to .av1 if it's more compressed than .mkv. So;

• What format do you store your media?
• What is the optimal way of storing media?
• Do you use handbrake or similar services (feel free to suggest) to convert media files?

Hello, I'm relatively new to self-hosting and recently started using Unraid, which I find fantastic! I'm now considering upgrading my storage capacity by purchasing either an 8TB or 10TB hard drive. I'm exploring both new and used options to find the best deal. However, I've noticed that prices vary based on the specific category of hard drive (e.g., Seagate's IronWolf for NAS or Firecuda for gaming). I'm unsure about the significance of these different categories. Would using a gaming or surveillance hard drive impact the performance of my NAS setup?

Thanks for any tips and clarifications! 🌻

I thought I was going to use Authentik for this purpose but it just seems to redirect to an otherwise Internet accessible page. I'm looking for a way to remotely access my home network at a site like remote.mywebsite.com. I have Nginx proxy forwarding with SSL working appropriately, so I need an internal service that receives the traffic, logs me in, and passes me to services I don't want to expose to the Internet.

My issue with Authentik is if I need to access questionable internal websites I have to make an Internet accessible subdomain. I don't want authentik.mywebsite.com to redirect to totallyillegal.mywebsite.com. I want it to redirect to 10.1.1.30:8787.

Is there anything that does that?

(I know wireguard, tailscale and so on are the preferred options. But for some reaon I can't use any vpn atm)

I'm looking for some tunneling solution which:

-is NOT Cloudflare Tunnels

-doesn't need a VPN (so wireguard or openvpn are ruled out)

-is not SSH tunnel

I need something like FRP preferably with a luci app and automatic ssl certificate for my subdomain.

Any recommendations?

I've been using RealVNC for family computer help and have been wanting to setup a self hosted replaced for a while now, but haven't had the time. RealVNC has recently axed their free levels, so I'll use it as a reason to setup a self hosted solution.

Ideally it would be something like a web page (I have a domain and reverse proxy) where family can go, get a code or a software to run, which will then let me control their system securely.

I was considering guacamole on a pi at each location I'm likely to have to support, but this doesn't help when family is away from their home network on laptop.

What is out there for this? Have you used it? What are your experiences?

Thanks

*What rights do you have to the digital movies, TV shows and music you buy online? That question was on the minds of Telstra TV Box Office customers this month after the company announced it would shut down the service in June. Customers were told that unless they moved over to another service, Fetch, they would no longer be able to access the films and TV shows they had bought. *

I am looking to buy a new mini PC home server and I want to be able to pass through my iGPU and NIC to different VMs. Where can I find a well-maintained database of IOMMU groups so that I can pick a good match for my needs?

There exists iommu.info but that barely has any entries.

I currently have an Odroid H4C that has two SATA with two 12TB hard drives.

It's starting to get too small, so I was thinking of taking the step and move to a 4/5 bays NAS and reuse the disks (the other option was to add disks via USB).

What NAS do you recommend me to continue being able to have my *ARR suite + torrent + nextcloud + syncthing + small services(gitea, trillium notes, etc)?

I would like to already have some redundancy, can I use the hard drives as they are or will I have to do something to them besides adding other hard drives? (my idea was to add one more disk of 12 to have redundancy and already expand space with a fourth disk)

Edit:

I wan't to buy and forget, so no to build myself.

I really don't think in any budget, but as cheat as can be, without loss any funcionality that i stated before.

I run my services mostly in docker

Currently stream in my lan without any web, in samba folders but jellyfin could be interesting (not Plex, trying to FOSS to maximum)

The redundancy is for data safe

Thanks for your answers

I'm duplicating my server hardware and moving the second set off site. I want to keep the data live since the whole system will be load balanced with my on site system. I've contemplated tools like syncthing to make a 1 to 1 copy of the data to NAS B but i know there has to be a better way. What have you used successfully?

Hey all,

Almost as impressive as all the LLMs these days is the voice that ChatGPT uses with its emphasis and dramatic pauses and umms, etc.

I would love to integrate that with a self-hosted Llama3 engine.

Is there a project that y'all have heard of?

I am currently trying to create my own Lemmy instance and am following the join-lemmy.org docker guide. But unfortunately docker compose up doesn't work with the default config and throw's a yaml: line 32: found character that cannot start any token error. Is there something I can do to fix this?

The section in question is

{% for item in lemmy_env_vars %}
{% for key, value in item.items() %}
      - {{ key }}={{ value }}
{% endfor %}
{% endfor %}
{% endif %}

Hi everyone,

As always, every time I look at the AWS Glacier egress fee calculator I get fairly irked at how much they charge. Was wondering if anyone knew of any alternatives for cold storage in the cloud without such egregious charges. I will likely not access it ever because I have another offset backup, but just in case I do, I wouldn't want to fork over thousands, really.

I don't know how reliable Scaleway's service is, and Cloudflare's R2 doesn't have a Archive offering. I would be interested in the Azure if anyone can convince me that I won't go bankrupt trying to retrieve my data from them. I don't want to go with Google with the recent stuff they have been doing with data on their servers.

Thanks!

I started tinkering with frigate and saw the option to use a coral ai device to process the video feeds for object recognition.

So, I started checking a bit more what else could be done with the device, and everything listed in the site is related to human recognition (poses, faces, parts) or voice recognition.

In some part I read stable diffusion or LLMs are not an option since they require a lot of ram which these kind of devices lack.

What other good/interesting uses can these devices have? What are some of your deployed services using these devices for?

I'm a happy user of Inoreader. I like it so much I'm considering buying a premium plan. However, I'm looking for an alternative I wouldn't have to pay for. I came across FreshRSS. The only thing that's keeps me from moving is the sync. I don't want to expose it to the internet but I want to be able to access it on a move. My first idea was to use Syncthing. Is there a way to use Syncthing to sync feeds, settings (read articles, subscriptions, etc.) across different devices? By different devices I mean Linux, macOS (optional) and GrapheneOS (Android) phone.