A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Public services: my social network(hubzilla), Email(mailcow), Matrix chat, Peertube.
Private: my media (jellyfin, audiobookshelf, calibre, homeassistant.
I enjoy the freedom that comes with this and its like having your own home on the internet. I have a very modest setup but its enough to host my friends and family so nothing fancy like k8s. Just a refurbished optiplex running docker :)
(How/) Do you access your private stuff from outside your home?
@0x0 headscale/tailscale. I have a VPS that gives me a public IP so i use that to host a headscale control plane.
I self host jellyfin, nextcloud, owncast, tandoor, komga, photoprism and searxng. I use nginx proxy manager for a reverse proxy and SSL cert automation. Works great for me but I would like to get into traefik sometime.
I self host for privacy reasons, also it's fun, it's a learning opportunity and sometimes self-hosted services are functionally better than the other options out there.
I use nginx proxy manager for a reverse proxy and SSL cert automation. Works great for me but I would like to get into traefik sometime.
I got tired of the NPM and went to traefik for 2 reasons.
NPM kept locking me out of my account (admin), like 4 times during the time I was using it. That meant that it was not reliable enough for daily use.
From what I heard is that the NPM project only has 1 developer and so they can't really respond and fix security flaws in a proper timeframe.
I'm using traefik now for internal traffic while VPN in if I need internal services while out and about.
Jim's Garage has a great YouTube video on setting it up.
From what I heard is that the NPM project only has 1 developer and so they can’t really respond and fix security flaws in a proper timeframe.
It's mostly just nginx with a webui. You can even see the nginx config files if you bash into the container. It has the same bugs as upstream nginx. Do not expose the management port to the internet.
Plus compared to normal nginx, it's harder to misconfigure it. Most of my services are just the default config, so I can't mess it up accidentally.
About lockouts: Once also happened me, but that was just a messed up update, next update fixed itself. If you lock yourself out you can usually edit the db directly, it defaults to sqlite, but I used it with mariadb.
...except email 😑
I self-host email, it certainly isn't something I'd recommend
Yeah hosting email as a company is a pain. I can't imagine selhosting it. At least in a company people can search you online.
The worst part really is just getting off the damn spam lists. There is almost no documentation anywhere for do's and dont's. I ultimately had to setup a sending relay for the mail on my status monitoring VPS because my residential IP triggered most spam filters, but I only found out that that was the problem from forum posts investigating the same problem. I check with stuff like mail-tester, get back perfect scores and yet most of my outgoing emails have a good chance to land in the spam folder anyway (but at least they get delivered so that's a plus I guess)
As others in other threads have said: Google and Microsoft have killed the ability to self-host email simply by black-boxing their spam filters. As a user you have no real way to fix your mail server such that your emails get delivered into the inbox reliably.
I feel ya. And this doesn't take in account users who put one of you mail in spam and it blacklist you for the whole org...
(Preface: almost all of this is handled in a single Nix config, and no docker in use at all)
At home, in a two-hosts Proxmox cluster:
On a bare metal machine at a reputable cloud provider:
Wishlist:
If you want to keep everything inside a singular Nix configuration while still using Docker, you can check out the NixOS option virtualisation.oci-containers - essentially, a declarative way of managing docker/podman containers (similar to docker-compose) but with Nix.
Any chance you could share any of your Nix config? I'm curious how it's being used with Proxmox (I'm using ansible and terraform right now).
I thought about adding a link, but am a bit hesitant to de-anonymize myself on here 😅
But it's basically this:
TBH this sounds way more complicated than it is / feels to use 😄
I've seen a few mentions of PiHole and AdguardHome, I started on PiHole, then moved to AdguardHome for adblocking. Then I heard about and have been using TechnitiumDNS server which is sort of overkill for our needs, but with the right ad-lists, it is fantastic at blocking advertisements on my home network. Super fast install too, even on a Raspberry Pi 2 :) I run that along with Proxmox-VE (Protected behind OIDC Login) and several other containers on my cranky old Dell Desktop server.
Mostly Vaultwarden, and a few other services for home private use such as PairDrop for inter system sharing and a self destructing file sharing server for when we need to send documents to our Attorney's (rarely but sometimes we need to) office via Pingvin.
I also run:
With Authentik setup, I can login to things like my Fresh Tomato Router TechnitiumDNS (Both use HTTP Auth headers) and Memos which uses OIDC/SSO. It's meant to replace our Google Keep notes.
docker logs -follow command.I still use Portainer-CE and am happy there, I may try Dockage or the others, but it's fine for what I need it for (It's also protected by OIDC)
I'm sure I may have missed a few, but this post has gone on long enough. :)
A bunch of people recommend dozzle in this thread.. I've been using Dockge. I wonder how they compare. I'll have to check that out later.
Dozzle is just log viewing plain and simple. Dockge shows more that's all I know. I tested Dockge earlier on in development and haven't been back since, I know it's grown a lot more since.
At the moment I am only doing jellyfin but I am looking to expand into pihole, audiobook shelf and some arr stack.
I want to self host more, but power draw is a concern.
So I have gone the route of running to Pi 4 8gb models as my hosts of choice.
So far I am hosting:
Non-Docker:
Docker:
There are a few other services I want to get up, but I haven't gotten around to it:
As to why:
Home Assistant
There's no fucking way I'm using a cloud service to control parts of my home, that just feels so wrong to me on so many levels
Nextcloud
There's no way I'm saving my files on someone else's computer (the Cloud). Even with encryption, it's expensive. Hard drives are cheap. Put them in a server, install Nextcloud and you have your private, cheap, independent cloud service.
Immich (currently migrating to Ente) for my photos
Jellyfin + arr Stack
I'm not paying $100/month for 5 different streaming services to have access to all the content I like.
Navidrome for my (pirated) music
Audiobookshelf for audiobooks and podcasts
Pi-Hole with Unbound set up as a recursive resolver, cause why should I trust someone else with DNS?
I also self-host Matrix or Revolt servers as well as game servers for me and my friends, because it's much cheaper than getting VPS or a hosted option, and I already have this server that I use for a bunch of other stuff, so I can also just use it for that.
PiHole, Plex and the related “*arr” apps. I also self-host my home automation platform (Home Assistant).
Me too, except it's Adguard for me.
Came in handy yesterday actually. I have a friend who works for a University which was recycling some Chromebooks.
He managed to grab 3 for me, one for myself and one for my kids.
Problem is that one of my kids is being supervised through Google Family Link which means for some reason the Play Store won't work.
So he is now unsupervised in Family Link just to get the Chromebook working.
So I've just given both my kids static IPs and pointed their Chromebooks at Adguard, then turned on Safe Search and adult content blocking.
Now I'm fairly confident they're protected from a lot of the bad shit on the internet.
I've configured my kids devices to use NextDNS, that way they are getting filtering no matter what network they use.
AdGuard does what I need internally, it's just external is the issue. VPN's are not a solution, my kids are old enough to know they can just disable it to work around it. They don't know about the Private DNS option that I have configured on their devices... Yet
Nothing federated. I respect everyone who makes it possible, and there's an actual path to me being willing to participate, unlike corporate social media, but the level of exposure/overhead to prevent having genuinely bad shit touch my server is not something I'm comfortable with. I want stuff I can ignore for a week and not have the end of the world happen, which means at most user generated content from people I know personally.
In terms of what I'm currently hosting, just some mild personal content servers and a discord bot running a couple games on small servers with friends.
I'd like to get further into a personal site, to share my pictures/videos with friends, document/share my reading in ways goodreads and available alternatives don't do, and similar things like that that I genuinely am fine if no one looks at, but I can tell a friend "yeah, these are my favorite psychology books with a blurb on each", and "these are my favorite fiction series (actually organized by series as first class citizens, because no one really does that) with quick summaries of what I like about them", etc. I do a couple of the lists on goodreads, but you can't do blurbs on series, do lists by series, it won't even display your lists ordered or with your reviews properly included any more, and ultimately I'm going to track it all anyways so I want it structured and displayed in a way that actually makes sense to me.
I don't really want social media features and I definitely don't want to try to "grow it" or any of that nonsense, but ultimately I want to better track and organize all of that and don't really love the tools available, so rolling my own and "I might as well pretty up the presentation and make some of it public facing to discuss with friends" once I get the proper structuring handled.
All of the services that I host are for private use:
And they are all behind Caddy, which reverse proxies and handles HTTPS. I'm not sure if it really counts as self-hosting, but I also use my server as a host for my backups with Borg. I also use it as a sort of central syncing point for Syncthing.
I did have a Pi-Hole at one point, but I kept running into issues with it — I may look into it again in the future.
At some point I'd like to try implementing some ideas that I've had for Homeassistant (a camera server with Frigate and some other automation things). Once federation has been implemented, I would like to host a Forgejo instance. I may also host a Simplex relay server, depending on how the app progresses. I've been considering hosting a Matrix instance, but I'm not sure yet.
It started with Emby and pihole. I'm now up to about 30 different services from Vault, email, 3CX, home assistant, firefox, podgrab etc.
I'm trying to deGoogle/deFAANG/deBigData so I try to host FOSS alternatives to every service I use on the internet, though some services won't be possible or practical (e.g., email).
I host:
I use the d.rymcg.tech framework. It's a little over my head, but the framework makes it pretty easy to use all the apps. It's a bit tricky to add new apps to the framework, but it's fun and all the source is there to learn from and the developer is really nice and really helpful.
I am also trying to degoogle/debigdata my life, but it seems we're taking radically different approaches to it. I wish you luck in your journey!
I've been considering the idea of self-hosting lately, especially for my online projects. The thought of having full control over my data and applications is appealing. It seems like a step towards independence and flexibility in managing my online presence. However, I'm still exploring the best way to go about it. I've heard about VPS hosting as a potential option, particularly in the USA where reliability and support are crucial. If anyone has experience with buy vps usa and can share insights or recommendations, I'd greatly appreciate it!
pihole, in front of my own DNS, because it's easier to have them to domain filtering.
mythtv/kodi, because I'd rather buy DVDs than stream; rather stream than pirate; but still like to watch the local news.
LAMP stack, because I like watching some local sensor data, including fitness equipment, and it's a convenient place to keep recipes and links to things I buy regularly but rarely (like furnace filters).
Homeassistant, because they already have interfaces to some sensors that I didn't want to sort out, and it's useful to have some lights on timers.
I also host, internally, a fake version of quicken.com, because it lets me update stock quotes in Quicken2012 and has saved me having to upgrade or learn a new platform.
Do you have any input on whether running your Pi-Hole as your DNS service versus how you have it, with pi-hole in front of a standalone DNS server, as to which is functionally "more better?"
I had been toying with making my pi-hole into a full DNS server using Unbound, but I had been debating if it would be better to have that service running seperately.
Unbound is incredibly lightweight. There’s no reason not to just have it running on the same box as your pihole.
I have isc-bind running behind pihole so network clients can register their own hostnames, and as near as I can tell, that's outside the scope of pihole's DHCP and dnsmasq. Pihole alone is probably fine if you only want to name static hosts, but (I understand) Unbound doesn't support ddns, either.
Unbound will take updates via API. You could either write exit hooks on your clients, or use the "on commit" event on isc-dhcp-server to construct parameters and execute a script when a new lease is handed out.
I host way more than I probably should, but everyone should have some stuff like immich, vaultwarden, and nextcloud. I also like to host gitea and 30+ other things (check out netboot.xyz, it isn't something everyone needs but why wouldn't you want to be able to boot off the network), but that's just what some people do as a hobby I guess lol.
I just setup netboot.xyz this evening as an experiment. Is pretty cool.
The actual services I host? Mail
What do you use for that?
What types of things do you host and why?
Self-hosting as in at home, nothing to the outside world and i'm still sorting a local NAS; i have a VPS with a few websites but that's not self-hosting category i guess.
I'd locally-host media stuff but not even that is that important to me atm. Next on my list is 3-2-1 backups so i can reorganize my setup and eventually selfhost a wiregard VPN to access some data.
I set up a mail stack on Rocky Linux with Postfix, Dovecot, and rspamd. I don't need a database because it's all LDAP on the backend, and I don't have webmail setup right now because I'm lazy. It's a bit of a hassle to get up and running well but it's pretty solid and I'm careful about managing my domain reputation so I don't have any issues with my mail being delivered.
The main things for me are: Wireguard, NextCloud and an NFS/SMB share and a torrent client (Deluge)
I used to selfhost more, but honestly it started to feel like a job, and it was getting exhausting (maybe also irritating) to keep up with patches & updates across all of my services. I made decisions about risks to compromise and data loss from breaches and system failures. In the end, In decided my time was more valuable so now I pay someone to incur those risks for me.
For my outward facing stuff, I used to selfhost my own DNS domains, email + IMAP, web services, and an XMPP service for friends and family. Most of that I've moved off to paid private hosting. Now I maintain my DNS through Porkbun, email through MXroute, and we use Signal instead of XMPP. I still host and manage my own websites but am considering moving to a ghost.org account, or perhaps just host my blogs on a droplet at DO. My needs are modest and it's all just personal stuff. I learned what I wanted, and I'm content to be someone else's customer now.
At home, I still maintain my custom router/firewall services, Unifi wireless controller, Pihole + unbound recursive resolver, Wireguard, Jellyfin, homeassistant, Frigate NVR, and a couple of ADS-B feeders. Since it's all on my home LAN and for my and my wife's personal use, I can afford to let things be down a day or two til I get around to fixing it.
Still need to do better on my backup strategies, but it's getting there.
For sure anything with private data involved, aside from my email.
So everything to do with images, videos, file/document storage, etc..
Also game servers because they're generally very easy to host at home, and due to generally high RAM and storage needs paying for hosting can be quite pricey.