this post was submitted on 23 Aug 2025
33 points (92.3% liked)

Selfhosted

50779 readers
1121 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
CannaVet@lemmy.world
Loki@lemmy.world
HybridSarcasm@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
33
Looking for lightweight homelab dashboard that can run as nonroot container and also supports OIDC (lemdro.id)
submitted 1 day ago by stratself@lemdro.id to c/selfhosted@lemmy.world
5 comments fedilink hide all child comments
 

Hi all. Per the title, I'm looking for something that:

  • Can run as an unprivileged user inside a container

  • Allows OpenID Connect authentication for a multiuser setup

  • Doesn't take hostage of my CPU

Homarr and Dashy are featureful solutions, but they can't run unprivileged in docker. Dashy closed this issue, but in fact it's not resolved. Meanwhile Homarr does work with UID/GID env vars, but starting as root and dropping capabilities is not the same as defining user: 1234:1234 from the get-go. Furthermore, they are really heavy node apps, which kinda deter me from deploying.

I neither wanna use my reverse proxy with forward auth or having an extra oauth2-proxy container, so Organizr (using forwarded auth headers) or Homer/Homepage/bunch of static pages behind a reverse proxy is out of scope.

Feature-wise I'm just looking for a beautified link keeper, preferably with multiple dashboard mapped to different user groups (ideally it could be done via custom OAuth metadata/claims). Fancy plugins like RSS and weather are not needed, but appreciated.

With all that said (and sorry if I'm too choosy), is there a current solution that fits the bills above? My IDP's UI is quite rudimentary, but I can resort to using it as a "homepage". I wanna thank in advance for any guidance

P/S: Seems like most dashboards fall into two categories - bloated fancy apps, or dead simple frontpages. It'd be nice to have something inbetween.

all 7 comments
sorted by: hot top controversial new old
[–] Sunny@slrpnk.net 2 points 1 hour ago

Not sure about one in particular, but check out the github page off guy called 11notes. He makes rootless and distroless images of popular applications. Might be something to find there ☺️

[–] bluehambrgr@lemmy.world 3 points 14 hours ago (1 children)

It’s not exactly what you’re looking for, but as an intermediate option, you may want to look into docker user namespaces.

https://docs.docker.com/engine/security/userns-remap/

It effectively transforms the containers’ root user into a non-root user outside the container (e.g. for filesystem accesses).

[–] stratself@lemdro.id 2 points 2 hours ago

Thanks for the advice. I'm already using podman rootless with custom subuid/subgid, which should achieve the same thing

[–] Yoddel_Hickory@lemmy.ca 7 points 1 day ago* (last edited 1 day ago) (1 children)

Homarr supports all of that iirc

Edit: Just saw it doesn't appear to support rootless, that sucks, my bad

[–] stratself@lemdro.id 3 points 2 hours ago

I've poked around Homarr's setup a bit, and it seems like it can run rootless after a few tweaks!

For anyone interested, I've written a POC and feature request here - https://github.com/homarr-labs/homarr/issues/3913

Hope it can be officially supported