this post was submitted on 19 Jul 2025
96 points (99.0% liked)

Selfhosted

49669 readers
479 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
CannaVet@lemmy.world
Loki@lemmy.world
HybridSarcasm@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
96
My Ultimate Self-hosting Setup (codecaptured.com)
submitted 2 days ago by mirdaki@lemmy.ml to c/selfhosted@lemmy.world
26 comments fedilink hide all child comments
 

Hey y'all, I know getting a setup that feels "right" can be a process. We all have different goals, tech preferences, etc.

I wanted to a share my blog post walking through how I finally built a setup that I can just be happy with and use. It goes over my goals, requirements, tech choices, layout, and some specific problems I've resolved.

Where I've landed of course isn't where everyone else will, but I hope it can serve as a good reference. I’ve really benefited from the content and software folks have freely shared, and hope I can continue that and help others.

Happy to answer questions!

top 26 comments
sorted by: hot top controversial new old
[–] Urist@lemmy.ml 2 points 1 day ago* (last edited 1 day ago)

Nice writeup and a fun read! Never thought I would encounter a fellow NixOS and FoundryVTT user in the wild, but I realize the Venn diagram of these kinds of users do have more overlap than I thought.

With regards to your point about Foundry needing more power than a cheap VPS: I have it working fine on an Oracle cloud free tier VPS (unfortunately not the ARM-cores). That being said, it does want a little more power.

I am not running it with NixOS though. I am renting a temporary space, so I do not own or want to do too much locally right now, and Oracle OCI was only sort of working with NixOS. I did manage to install it with nixos-infect, but think I messed up the SSH with my reverse proxy and had no way to fall back to a previous version, which begs the question how would you?

You linked to "NixOS friendly hosters", do those give you access to boot options to recover from such a case? Since I did not have that option I determined the risk of failure too great for setting up NixOS on that particular VPS provider.

I also note that you use the nix-foundryvtt module and was wondering how your experience with it was. Does your sops define your login to the website such that it fetches the package automatically or do you have to manually install them?

[–] MoonRaven@feddit.nl 1 points 1 day ago

I've used Authelia and Authentic. I personally switched to pocket I'd recently. You can integrate lap and groups easily and I'm amazed at how freaking fast it is. Might be a nice experiment next :)

[–] Libb@piefed.social 15 points 2 days ago* (last edited 2 days ago) (4 children)

Thx a lot for sharing.

I'm a 50+ non-geek Linux user myself, and selfhosting is the one computer 'thing' I would love to be able to setup one day but I'm too afraid to seriously start doing as I'm way too afraid of being that 'low hanging fruit' you mentioned in your post.

I said I was not a geek in the sense that, after almost 40 years using only Apple computers, I've switched to Linux to use it like I used... my Mac. Sure, I've learned to understand a little bit of Linux workings and I would not want to go back to the Mac, no way, I can also write simple bash scripts (with a lot of trials and errors) but that's about the full extent of my computer 'expertise'.

So, even though your post is well written and informative, it was still way beyond my limited skills, I'm afraid. I'm not saying that as downer, it was a really interesting read and very informative with all those useful links, but hopefully as away to let you know there are... extremely... odd users like myself that are very much interested in the idea but also are as clueless as an oyster comes the time to buy a pair of sneakers :)

In regards to self-hosting, my conclusion so far is that it's a much safer choice for someone like me to not do it. The risk is too real to get into some serious issues. And that I'm better off using the few paid services I rely (all in the EU, many of them small companies I can have have direct/human discussion with) as I know by experience I can trust their expertise a lot more than I woudl ever trust my desire to ever become not completely in competent in those fields ;)

[–] mirdaki@lemmy.ml 7 points 2 days ago

Hey, I appreciate your openness. Self-hosting is a really deep and wide domain to get into and that is really intimidating. If I may give my two cents, being a geek is about the love and interest in something, not your skill with it. The fact you know what a bash script is, let alone can write one, means you're more aware of this space than most folks

If you're comfortable using and supporting paid services, I think that's great! It supports the broader ecosystem and that's a good thing

But if this is a space you want to tinker with, I think you should try a small project. The security concerns I mentioned are basically zero if you only host something on your home network. Grab an old computer and try running something like Jellyfin (or something else you're interested in) on it with Docker. Things wont go perfectly, but that's OK, it's a learning experience. Keep at it till you get it working. If you like the experience, try more things. If not, great, you've scratched an itch and it's no longer there

Regardless, appreciate your kind words and sharing your perspective!

[–] irmadlad@lemmy.world 11 points 2 days ago (1 children)

I’m a 50+ non-geek Linux user myself, and selfhosting is the one computer ‘thing’ I would love to be able to setup one day but I’m too afraid to seriously start doing as I’m way too afraid of being that ‘low hanging fruit’ you mentioned in your post.

Dude, 70 here. Just do it. You're going to make mistakes along the way, you'll learn along the way. You're already a Linux user, so you've got a leg up there. Even if you walk away from selfhosting thinking it's probably better for you to use those small companies, you'll have had an enriching experience. I find selfhosting to be rather rewarding in many aspects. For one, it's one of my hobbies that keeps my mind busy which is a good thing. I'm always digging for something new to learn.

If you are the only user of your server, tying it down becomes a lot easier. allow.host / deny.host, tailscale, ufw, and fail2ban will get you very far and safe so you won't be that low hanging fruit. I am quite certain there are people here would love to help you on your way. I'm one. I'm an expert at nothing, but I don't mind sharing the knowledge (?) I've learned along the way.

[–] SidewaysHighways@lemmy.world 4 points 1 day ago (1 children)

really?? 70? that is really awesome. things have changed so much since you came into this world.

[–] irmadlad@lemmy.world 2 points 1 day ago

LOL You gave me a belly laugh. Yes. Really 70...well soon to turn 71 ifn' the creek don't rise. I have that same reaction sometimes too. Damn! I'm really 70!? Yes, the world has changed so much since I was born, and frankly, I am glad it has. I am thankful that technology and music have walked along side me all these many years. It's been a good life.

[–] Fedegenerate@lemmynsfw.com 7 points 2 days ago

Don't start here. Get something tiny: some ewaste, a rPi3/4 or an n100.

Build a Pihole to block ads, malicious sites and trackers on your network

Risk free, tonnes of learning opportunities, huge utility, tonnes of documentation and guides to help.

Once you've built a couple Piholes (break and rebuild then) you'll have an idea of what you might want to do next and what is achievable for you.

[–] non_burglar@lemmy.world 3 points 2 days ago

I'm a lifelong Linux user (or since 1999, so half my life), but I was a mixed mac and windows user before that. Anyway, I understand the reluctance you're facing.

You don't need to endanger any part of your current experience to start self hosting, you can just start adding to it. The stakes can be very low if you want to learn that way.

[–] SidewaysHighways@lemmy.world 7 points 2 days ago (3 children)

this is great! i was intrigued by nix and nixOS early into my linux venture and this has probably pushed me to start moving my stuff from Debian, though i am kinda addicted to proxmox.

but the way you're doing truenas is how I'm running my stuff too. way more planning on your end really cleans it all up!

[–] smiletolerantly@awful.systems 8 points 2 days ago (1 children)

Funny - same thing here. Got 3 proxmox hosts running, all virtual machines are NixOS though.

I'd love to go full Nix, but between my GF and I, we kinda split the responsibilities: hardware is hers, applications are mine. And there's not a chance she'll give up her Proxmox hosts 😄

Got it automated to a single "provision" command though that will spin up any of my nix VMS unanttended, so I'm happy with that.

[–] mirdaki@lemmy.ml 4 points 2 days ago (1 children)

Oh that provision command sounds interesting! Did it take a bit of tinkering to get right?

[–] smiletolerantly@awful.systems 5 points 2 days ago (1 children)

Yeah, but no dark magic involved.

  • build image
  • copy to proxmox ISO store
  • import, resize disk
  • start, wait to come online
  • read ssh pubkey, save it
  • rekey secrets
  • rebuild VM

The only "magic" parts are two nix modules for handling proper networking and hardware setup, and exposing required attributes to the script.

Works really well, zero manual config (beyond the services you want to run...) required on nix or proxmox side.

[–] mirdaki@lemmy.ml 4 points 2 days ago (1 children)

Nice! No dark magic being involved is always a good thing haha

[–] smiletolerantly@awful.systems 4 points 2 days ago

Btw, nice read OP. Always great to see more Nix "in the wild".

[–] Fedegenerate@lemmynsfw.com 3 points 2 days ago (2 children)

You can pry proxmox from my cold dead hands.

I do sometimes dream of running everything in Docker though for how easy it is to update. I've got the community scripts running and still it's a bit of a maintenance job.

A TrueNAS + Docker machine is pretty tempting. If I were to migrate, that's where I'd go.

[–] SidewaysHighways@lemmy.world 2 points 1 day ago

I was truenas on bare metal for the first year or so, but now I run a truenas VM in proxmox, then use those pools as mounts onto the proxmox. it is really cool!

Until I was in the middle of figuring out how to automate backups of my vms, which paused TrueNas, which was the destination of the backup, was a fun 20 minutes getting it all back running this evening lol

[–] hoppolito@mander.xyz 4 points 2 days ago (1 children)

After having my dinky homelab machine on proxmox for a couple years, since the start of the year I am now running basically everything under a clean Debian system using incus and docker on the individual lxc guests.

Incus has completely replaced proxmox for me and it's so much easier to reason about (for me at least) that I wanted to maybe point your cold hands in that direction too ;)

[–] gaylord_fartmaster@lemmy.world 2 points 2 days ago (1 children)

What you're describing sounds pretty much exactly like how I use Proxmox at this point (everything in LXCs, most just running docker on Alpine) and I've been wanting to make the switch to Incus for a while. Did you migrate your LXCs over from Proxmox? I'm a little worried about how painful that process might be.

[–] hoppolito@mander.xyz 3 points 2 days ago

I used the recommended migration tool and it worked okay for many containers but iirc the docker ones had to have one of the security options manually changed in their config which didn't transform properly with the tool (maybe nesting enable?).

May very well have changed in the meantime or I only made a mistake, that was in my experimentation phase.

Ultimately, I did rebuild my instances from the ground since I also switched file system, and to make better use of incus profiles (e.g. one with docker provisioned, one with monitoring and so on) so I couldn't give you a long-term migration review.

For me that was (relatively) painless by just migrating the docker volumes in place and rebuilding the stacks, of course ymmv.

If you decide on migrating and stumble upon issues don't hesitate to hit me up - I'm only an amateur but maybe I can still help!

[–] mirdaki@lemmy.ml 4 points 2 days ago (1 children)

I really do encourage experimenting more with NixOS. It's the strange combination of feeling safer (because of the rollbacks) and more powerful (because of all the modules and packages already setup by the community)

I also spent a while using Proxmox. Almost went with it over TrueNAS. It was a little bit of a tossup, one is a good VM manager with ZFS support and the other good ZFS manger with VM support. I ended up just liking the interface better for TrueNAS, but both are certainly capable

[–] ell1e@leminal.space 4 points 2 days ago* (last edited 2 days ago)

A rolling back mechanism is the best thing to have for server tweaks. I achieve the same with docker. Something similar might be possible with FreeBSD Jails, podman, or anything similar like that. (Not that NixOS is a bad choice, I just wanted to share some more options for anybody looking for some to try.)

[–] BlackPenguins@lemmy.world 2 points 2 days ago* (last edited 2 days ago) (2 children)

What's your hardware setup for all of this? I've got an 8 core, 16 GB, 5TB external NUC but it starts struggling after I add a few services. BitWarden in particular so I just used their services instead. I'd love to run everything myself for same reasons but I def might need an upgrade first.

[–] MangoPenguin@lemmy.blahaj.zone 5 points 2 days ago (1 children)

Vaultwarden is the way to go for self hosting bitwarden, it's very light weight.

[–] MysteriousSophon21@lemmy.world 3 points 2 days ago

Vaultwarden is ridiculously efficient - runs on like 50MB RAM on my potato server which is the same machine that handles my audiobookshelf server for the soundleaf app I love.

[–] mirdaki@lemmy.ml 3 points 2 days ago

I'm using a AMD Ryzen 7 3700X with 64GB of RAM for my main server. Looking at it right now (so just light background activity) the services are using ~3% of my CPU and 10GB of memory. Granted my ZFS cache is using 32GB of memory, I could tune that to use less, but I have enough headroom to make that fine

I opted to just use the Bitwarden service to avoid depending on my services to get my secrets for my services, so I haven't tried running it, but I have heard good things about Vaultwarden. I'll eventually try running that as a backup