I wanted to install Pi-Hole on my server and noticed that port 53 is already in use by something.

Apparently it is in use by systemd-resolved:

~$ sudo lsof -i -P -n | grep LISTEN
[...]
systemd-r    799 systemd-resolve   18u  IPv4   7018      0t0  TCP 127.0.0.53:53 (LISTEN)
systemd-r    799 systemd-resolve   20u  IPv4   7020      0t0  TCP 127.0.0.54:53 (LISTEN)
[...]

And the solution should be to edit /etc/systemd/resolved.conf by changing #DNSStubListener=yes to DNSStubListener=no according to this post I found. But the /etc/systemd/resolved.conf doesn't exist on my server.

I've tried sudo dnf install /etc/systemd/resolved.conf which did nothing other than telling me that systemd-resolved is already installed of course. Rebooting also didn't work. I don't know what else I could try.

I'm running Fedora Server.

Is there another way to stop systemd-resolved from listening on port 53? If not how do I fix my missing .conf file?

So I am working on my home server. I installed docker and use a dnsmasq container as my dns server to resolve local ip adresses.

Laptop and server are both linux (ubuntu LTS 24.4)

What works:

• 'resolvectl status' shows the ip of my dns server
• i can ping the ip of the dns server (that will run other stuff like nextcloud soon as well)
• i can use nslookup to resovle server.local to the correct ip address (even after changing the entry, so its not the cache in my laptop)

what does not work:

• i can not ping server.local (- for testing i have to stop the systemd-resolved.service to run the dnsmasq server, or else there are port collisions, but that should not be the problem i guess. I am happy to hear your solution :))
• i can also not use ssh to log in to server.local, ip address works

What am i missing?

Thanks a lot already! BTW: ZFS is crazy nice :D

I am looking to get into self hosting, for setting up a simple plex + nextcloud server. However I also would like to buy a nice desktop pc soon which I would like to access at at least two locations, I think I should be able to combine this with a home server but I unsure what the best way to do this/what are the right software tools for this. The situation currently is: I have a television in my living room on which me and my partner regularly game (for now using an hdmi cable and a shitty laptop) and we have a study room where we work and play games involving a keyboard (currently also on laptop). I would like to be able to access the compute of the desktop in both locations, for this I see two options:

1. Setup a small mini pc that is also connected to the tv, use it to always run nextcloud + plex, set the main pc in the study and use steam link to forward just games to the tv.
2. Put the pc in the living room connected to the tv and use it as a home server, and setup a small pc in the study connected to the monitors and other peripherals. Then connect to the main pc with a different tool.

Option 1 seems more simple but a bit limited, while option 2 should give a more powerful home server but also increase power draw (I have been thinking if there could be a good solution to this using wake-on-lan when it is not in use) but also needing a more refined way of connecting the two pcs. For sharing the computational power I have found steamlink, a remote desktop (like anydesk/teamviewer), and I have some experience with using SSH which is nice for coding but doesn't seem to work well for anything graphical. Any advice or insight what would be a good way to set this up would be appreciated!

I've tried a few options over the years, including SMB and NFS, XBMC as well as HTML with javascript I found online.

I don't have a large collection of music (fewer than 100 albums), so hand coding things was actually one of the quicker options to setup. That's despite then hassle of hand coding the URL to each FLAC file as well as the album art. But sometimes the javascript doesn't handle large collections of FLAC and each implementation I tried had different quirks so I've sunk a lot of time into that in other ways without a satisfactory result.

I've heard of Emby, Jellyfin, Plex, Roon and Servio. I just need something that's simple to set up and access. I don't need fancy features beyond the ability to play the music with a pleasant UI that can be accessed from the web (HTTP, not HTTPS). I'd be running this from a Raspberry Pi 3B which already has the lighttpd server running.

I'm also considering just getting a portable, 128GB FLAC player with a minijack connection and moving on with my life without getting involved in networking at all.

Any recommendations for an uncomplicated way to approach to doing this?

Edit: Thanks so much for the helpful and enthusiastic comments! I tried Navidrome and had it up and running in ten minutes thanks to this tutorial video: https://invidious.nerdvpn.de/watch?v=7V5UUJlSknY

I had to install docker-compose on the RPi. Then I got an error which turned out to be because I also needed a separate docker daemon which I installed following these instructions: https://www.simplilearn.com/tutorials/docker-tutorial/raspberry-pi-docker

In just 10+ minutes I had my music collection accessible from all my devices - thanks again!

This may be more of an Android issue than self-hosting, but i run Radicale on my personal server to host caldav/carddav services. I want to login with uname&pword with a certificate. I found this video in Davx5 github page showing that a user can select the cert:

video

I generated a self-signed cert from my server and installed that to my Android phone via Settings > Security&Privacy > Encryption&Credentials. But i dont get the same as the video. It keeps telling me No certificate found

Clicking the install button and selecting my cert will say

Install CA certificates in Settings This certificate from null must be installed in Settings. Only install CA certificates from organizations you trust.

Hi there, I've just done the switch from NextDNS to PiHole. Simply because I want to test it out + self-host my DNS. I set up PiHole+Unbound two days ago, and yesterday the amount of "Queries blocked" was much higher that it is now. But this morning the number was down back to 100ish. Is this normal behaviour, is it supposed to reset the counter? I'd rather it didn't. Let me know if this is my fault or a setting I've managed to miss.

Thank you.

Has anyone got some experience/advice for choosing between the options? It seems like they are:

• Minio
• Garage
• SeaweedFS

My usecase is just to have a local single instance for testing apps against. I prefer to spin stuff up in Docker on the homelab.

I've been watching some One Marc Fifty stuff on YouTube. I can follow him well, and I'm decent at much of the hardware stuff. At least I can compile OpenWRT or do a basic Gentoo install with a custom kernel. I dread staring at NFTables, but can hack around some. I don't fully understand networking from the abstract fundamentals. Are there any good sources that break down the subject like Ben Eater did with the 8 bit bread board computer, showing all the basic logic, buses, and registers surrounding the Arithmetic Logic Unit? I'm largely looking for a more fundamental perspective on what are the core components of the stack and what elements are limited to niche applications.

I just realized I want to use self signed client certificates between devices. It was one of those moments where I feel dumb for the limited scope of my knowledge about the scale of various problems and solutions.

Hey, I’m using Jellyfin and AndroidTV as client.

Everything is usually working fine using direct play. But for a few files, when using subtitles, I will get the message "burning subtitles" and the server will start transcoding it. I haven’t really figured out what format is causing it, but it only happens when enabling subtitles.

Anyone else having this issue? Can I do anything to fix it?

Howdy Everyone!

As I am setting up my infrastructure at home using docker I wanted to ask, is it better to have DNS, something like pi-hole, on my main docker swarm or would it be better to have it on a dedicated machine/docker host separate from the rest of my infrastructure?

Thanks for the input!

I'm curious what the benefits are of paying for SSL certificates vs using a free provider such as letsencrypt.

What exactly are you trusting a cert provider with and what are the security implications? What attack vectors do you open yourself up to when trusting a certificate authority with your websites' certificates?

In what way could it benefit security and/or privacy to utilize a paid service?

And finally, which paid SSL providers are considered trustworthy?

I know Digicert is a big player, but their prices are insane. Comodo seems like a good affordable option, but is it a trustworthy company?

Hi there!

Wondering what types of setup people have that allow them to, while the internet is down, still watch/stream media from their servers. I have a stacked Jellyfin library that, and would like to see this feature/setup in my own house. My Unraid server is on the other side of the house from where the living room is. Is there actually a sane way to achieve this?

Hello!

currently i use Jellyfin for my music library but i am not really happy with it. I used to use Plex and it was wonderful but... here we are...

I already tried Navidrome but for me a crucial feature is to be able to import spotify playlists and rebuild them with my local library.

For jellyfin there is a plugin that does that and it works 90% of the time. But even after finding several scripts and docker-composes i could host i was never able to properly import my spotify playlists into navidrom. Reason why that is so crucial is that i use spotify to build playlists, make song-radios and add them back into the playlist and then i download this playlist using various tools.

I then rebuild these playlists inside my music library.

Now i found Music Assistant 2.0 for my HomeAssistant and it's incredibly awesome! Being able to fully use my sonos speakers and group them on the fly is amazing! But using song radios inside it with my jellyfin as the media provider apparently uses jellyfin's "instant mix" and my goodness is that ever hot garbabe... i have my whole library being properly tagged by Picard and every song has the proper metadata and all that but Instant mix is just plain useless. For 50% of my songs it will just put the same song 5 times into the queue and be done with it. Sometimes it's actually able to build a good sounding radio but that's really hit or miss.

So to conclude, what would you guys recommend if i want a music library that:

1. Has preferably a subsonic API to maximise compatibility with different players
2. Has the ability to import and reconstruct my spotify playlists
3. Has a working song radio / instant mix feature that will not collapse as soon as you try to use it

Thank you very much!

I just started setting up a Jellyfin server and am moving all of my old DVD backups off of an ancient NAS that doesn't play well with modern TVs or Chromecast. Can't cast half the videos anymore because crhomecast says F you to certain audio and video formats, but jellyfin has zero trouble talking to my TV. It was going so well that I thought I might try to back up some of the aging DVD/BluRays we have laying around because they don't last forever and I'd hate to lose these titles. I used to use Handbrake/AnyDVD, but it seems AnyDVD is defunct these days... What are people using to back up their personal DVD collections these days? I prefer Windows apps, but I do have a good linux system that I can use to back them up with too, it's just slower than my Win PC.

But I want it so badly! All i need to figure out is:

reverse proxys (I stumbled through getting one caddy instance setup so far but gosh I struggle with that also, nginx proxy manager seems like my next step)

a rock solid backup/restore setup (but first I need to figure out where the vaultwarden alpine files live, then be able to get those off of the proxmox vm)

this is more of a vent, than a request for someone to spell it all out for me. But I wouldn't be upset if anyone had the time to point me in the right direction for me.

Would it just be easier to run a keypass XC and syncthing setup?

Hi everyone, I decided there simply were not enough docker apps for downloading Youtube videos, and so I made the situation worse :p

In all seriousness, I couldn't find one that fulfilled all my desires in a YT downloader, so I wrote my own in python using pytubefix and streamlit. It's still fairly rough, but it works, and i'd love to get your feedback. Installation is just a simple docker compose.

services:
    pytube-gui:
        container_name: pytube-gui
        image: artisanbytecrafter/pytube-gui:develop
        ports:
            - 8501:8501
        volumes:
            - /path/to/downloads:/app/downloads # set to where you want downloads to go

Please let me know if you run into any issues, or have any feedback. I do still have a long list :)

Source code: https://codeberg.org/ArtisanByteCrafter/pytube-gui

What do you recommend for an at-a-glance access log dashboard? Kibana and Grafana seem cool but overkill.

All I want is a dashboard that can ingest and parse syslogs from various services and neatly display a list of currently connected IPs and usernames if applicable as well as a IP connection history.

(I'm not affiliated with them, I just saw a post about the update)

What it is:

The Open Source Alternative To Notion

and for those not familiar with notion:

Notion is a collaboration platform with Markdown and including kanban boards, tasks, wikis and databases. It is a workspace for notetaking, knowledge and data management, as well as project and task management

About the update:

New Features

• Added a new property type, 'Files & media'
• Supported Apple Sign-in
• Displayed the page icon next to the row name when the row page contains nested notes
• Enabled Delete Account in Settings
• Included a collapsible navigation menu in your published site

Bug Fixes

• Fixed the space name color issue in the community themes
• Fixed database filters and sorting issues
• Fixed the issue of not being able to fully display the title on Kanban cards
• Fixed the inability to see the entire text of a checklist item when it's more than one line long
• Fixed hide/unhide buttons in the No Status group
• Fixed the inability to edit group names on Kanban boards
• Made error codes more user-friendly
• Added leading zeros to day and month in date format

So i've been hosting a modded Minecraft server for my friends and me on weekends. While it's been a blast, I've noticed that our current setup using LAN has its limitations. My friends have been eagerly waiting for their next "fix" (i.e., when they can get back online), and I've been replying with a consistent answer: this Friday.

However, exploring cloud providers to spin up a replica of my beloved "Dog Town" Server was a costly endeavor, at least for a setup that's close to my current configuration. As a result, I've turned my attention to self-hosting a Minecraft server on my local network and configuring port forwarding.

To harden my server, I've implemented the following measures:

1. Added ufw (Uncomplicated Firewall) for enhanced security.
2. Blocked all SSH connections except for the IP addresses of my main PC and LAN rig.
3. Enabled SSH public key authentication only.
4. Rebuilt all packages using a hardened GCC compiler.
5. Disabled root access via /etc/passwd.
6. Created two users: one with sudo privileges, allowing full access; the other with limited permissions to run a specific script (./run.sh) for starting the server.

Additionally, I've set up a fcron job (a job scheduler) as disabled root, which synchronizes my Minecraft server with four folders at the following intervals: 1 hour, 30 minutes, 10 minutes, and 1 day. This ensures that any mods we use are properly synced in case of issues.

any suggestions of making the computer any more secure, aswell as backup solutions? thanks!

--added note, what hostnames do you guys call your servers? I used my favorite band albums and singles for hostnames.

Hi, how do you run forgejo under a reverse proxy while using an ssh channel to pull/push commits?

From what I understand caddy is only able to proxy http traffic.

I’m running opnsense on proxmox with some lxc containers and docker hosts.

I’ve never done internal DNS routing, just a simple DMZ with Cloudflare proxies and static entries for some external services. I want to simplify things and stop using my IPs from memory internally.

For example, I have the ports on my docker hosts memorized for the services I use, only a couple mapped hosts in opnsense, but nothing centralized.

What is the best way to handle internal DNS name resolution for both docker and the lxc containers? Internal CA certs? External unroutable (security)?

Any tips and setups appreciated.

Hi. I am currently using google drive mounted with rsync (encrypted) to stream files over my VPS since my VPS provider charges a lot for extra storage compared to google. I have offline backups of the said data at home

I currently have a 100GB google drive plan and it's working suprisingly great. Also it's cheap in my country due to regional pricing

Now, as I learned, Google keeps your files for 2 years after you cancel your extra storage subscription. It also doesn't allow you to upload anything which locks up Gmail but that doesn't matter if it's an alt account. So, can I just create an alt account, buy a 1 month subscription, upload everything, cancel it, then read it using rclone? Does Google restrict api access (for rclone) on drives with expired subscriptions?

Yeah I know I'm stretching this a bit too far but I just wanna know

I developed an app in Laravel that uses Google authentication, it works perfectly on my localhost. When I deployed it in my nginx server (ubuntu 24.04) I get the Google login correctly and it proceeds to my main page as expected. But after that, no route is accessible. All of them throw me a 404. I've been googling it for ages but I can't for the life of me find the solution for this.

EDIT: The 404 comes from Laravel, not nginx. The weird part is if I try php artisan route:list on the ser the routes are indeed missing but on the localhost they all show. The code is pretty much the same.

Here's is my app conf file:

server {
    server_name partituras-cmcgb.duckdns.org;
    root /var/www/html/partviewer/public;

    index index.php index.html index.htm;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

    error_log /var/log/nginx/partviewer-error.log;
    access_log /var/log/nginx/partviewer-access.log;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/partituras-cmcgb.duckdns.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/partituras-cmcgb.duckdns.org/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = partituras-cmcgb.duckdns.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    server_name partituras-cmcgb.duckdns.org;
    return 404; # managed by Certbot


}

I am trying to not use any Google services for notifications and so I'd like to make a script to send notifications via ntfy based on discord messages.

How would I get access programmatically to my own discord account? Do they even support it? They have bots, but is their api for DMs?

Edit: the solution may just be a bot in servers, then not responding to DMs unless they use signal