What's on your personal server?

sebastiancarlos@lemmy.sdf.org to Linux@lemmy.ml – 123 points –

Either self-hosted or cloud, I assume many of you keep a server around for personal things. And I'm curious about the cool stuff you've got running on your personal servers.

What services do you host? Any unique stuff? Do you interact with it through ssh, termux, web server?

89

Lenovo ThinkStation P330 Tiny. Debian + Podman systemd quadlets, running these services:

  • Jellyfin
  • Sonarr
  • Radarr
  • Qbittorrent w/ VPN
  • Linkwarden
  • Calibre Web
  • Immich
  • Lidare
  • Postgres
  • Prowlarr
  • Vaultwarden

P330 tiny is so good I just wish there was a ryzen version with a pcie slot. Quicksync is great but I hate Intel.

Do you have any tips (or examples) using quadlets? I tried using them but I couldn't wrap my head around them.

I used this guide https://www.redhat.com/sysadmin/quadlet-podman

I have a folder on my in my home folder called containers symlinked to /etc/containers/systemd with my .container files. This is my jellyfin.container for using the Nvidia Quadro on my server.

[Unit]
Description=Podman - Jellyfin
Wants=network-online.target
After=network-online.target
Requires=nvidia-ctk-generate.service
After=nvidia-ctk-generate.service

[Container]
Image=lscr.io/linuxserver/jellyfin:latest
AutoUpdate=registry
ContainerName=jellyfin
Environment=PUID=1000
Environment=PGID=100
Environment=TZ=America/St_Johns
Environment=DOCKER_MODS=ghcr.io/gilbn/theme.park:jellyfin
Environment=TP_THEME=dracula
Volume=/home/eric/services/jellyfin:/config
Volume=/home/eric/movies:/movies
Volume=/home/eric/tv:/tv
Volume=/home/eric/music:/music
PublishPort=8096:8096
PublishPort=8920:8920
PublishPort=7359:7359/udp
PublishPort=1900:1900/udp
AddDevice=nvidia.com/gpu=all
SecurityLabelDisable=true

[Service]
Restart=always
TimeoutStartSec=900

[Install]
WantedBy=default.target

I use sudo podman auto-update to update the images to utilize the AutoUpdate=registry option.

Two old HP thin client PCs configured as 4TB SFTP file servers using vsftpd on Debian. Each one uses software RAID 1 with both an NVMe and SATA SSD internally, and are in two separate locations with a cron job which syncs one to the other every 24 hours.

People who actually know what they are doing will probably find this silly, but I had fun and learned a lot setting it up.

tell me about the cron thing. im thinking of doing just that on mine for backup.

are you scping them together?

I am using lftp and mirror. One server functions as the "main" server, which mirrors the backup server to itself once per day at a specific time (they both run 24/7 so I set it to run very early in the morning when it is unlikely to be accessed).

In my crontab I have:

# # * * * /usr/bin/lftp -e "mirror -eRv [folder path on main server] [folder path on backup server]; quit;" sftp://[user]@[address of backup server]:[port number]

til about lftp. i'm gonna be testing that one out thanks

No problem! Glad I could be of help, and best of luck on your project.

On my Raspberry Pi 4 4gb with encrypted sd is:

  • pihole
  • wireguard server
  • vaultwarden
  • cloudflare ddns
  • nginx proxy manager
  • my website
  • ntfy server
  • mollysocket
  • findmydevice server
  • watchtower

Pi is overkill for this kind of job. Load average is only 0.7% and ram usage is only 400M

can you tell us how you got this running with an encrypted SD card?

That was really hard to do. I created a note for myself and I will also publish it on my website. You can also decrypt the sd using fido2 hardware key (I have a nitrokey). If you don't need that just skip steps that are for fido2.

The note:

Download the image.

Format SD card to new DOS table:

  • Boot: 512M 0c W95 FAT32 (LBA)
  • Root: 83 Linux

As root:

xz -d 2023-12-11-raspios-bookworm-arm64-lite.img.xz
losetup -fP 2023-12-11-raspios-bookworm-arm64-lite.img
dd if=/dev/loop0p1 of=/dev/mmcblk0p1 bs=1M
cryptsetup luksFormat --type=luks2 --cipher=xchacha20,aes-adiantum-plain64 /dev/mmcblk0p2
systemd-cryptenroll --fido2-device=auto /dev/mmcblk0p2
cryptsetup open /dev/mmcblk0p2 root
dd if=/dev/loop0p2 of=/dev/mapper/root bs=1M
e2fsck -f /dev/mapper/root
resize2fs -f /dev/mapper/root
mount /dev/mapper/root /mnt
mount /dev/mmcblk0p1 /mnt/boot/firmware
arch-chroot /mnt

In chroot:

apt update && apt full-upgrade -y && apt autoremove -y && apt install cryptsetup-initramfs fido2-tools jq debhelper git vim -y
git clone https://github.com/bertogg/fido2luks && cd fido2luks
fakeroot debian/rules binary && sudo apt install ../fido2luks*.deb
cd .. && rm -rf fido2luks*

Edit /etc/crypttab:

root            /dev/mmcblk0p2          none            luks,keyscript=/lib/fido2luks/keyscript.sh

Edit /etc/fstab:

/dev/mmcblk0p1    /boot/firmware  vfat    defaults          0       2
/dev/mapper/root  /               ext4    defaults,noatime  0       1

Change root to /dev/mapper/root and add cryptdevice=/dev/mmcblk0p2:root to /boot/firmware/cmdline.txt.

PATH="$PATH:/sbin"
update-initramfs -u

Exit chroot and finish!

umount -R /mnt

You might like to search this community, and also \c\self_hosted, since this question gets asked a lot.

For me:

  • Audiobookshelf
  • Navidrome
  • FreshRss
  • Jellyfin
  • Forgejo
  • Memos
  • Planka
  • File Storage
  • Immich
  • Pihole
  • Syncthing
  • Dockge

I created two things - CodeNotes (for snippets) and a lil' Weather app myself 'cause I didn't like what I found out there.

how do you like freshrss? do you use it on mobile too?

I love it. I do use it on mobile, in my browser too. I've been meaning too see what other clients are available for android.

I have an orangepi zero 3 with pihole

Then an ITX PC with

  • mealie (meal planner, recipe parser, grocery list maker with a bunch of features and tools)

  • immich for self hosting a google photos alternative

  • *arr stack for torrenting Linux ISOs

  • Jellyfin for LAN media playing

  • home assistant for my VW car, our main hanging renovation lights, smoke and CO monitors, and in the future, all of the KNX smart systems in our house

  • Syncthing for syncing photo backup and music library with phone

  • Bookstack for a wiki, todos, journal, etc... (Because I didn't want to install better services for journals when I don't use it much)

  • paperless-ngx for documents

  • leantime for managing my personal projects, tasks, and timing

  • Valheim game server

  • Calibre-web for my eBook library backup

  • I had nextcloud but it completely broke on an update and I can't even see the login fields anymore, it just loads forever until it takes down my network and server, so I ditched it since I never used it anyway

  • crowdsec for much better (preemptive) security than fail2ban

  • traefik for reverse proxy

As a person that actually torrented a Linux iso on Friday, thank you! Lol

Minetest server, arr suite, plex, Pihole, calibre, homesssistant, Nextcloud.

Interact with it through a Homarr webpage and all of it is virtualized through proxmox.

I've been a software engineer for 8 years and I've had my own Jellyfin server (and before that, Plex) set up for 4 years on a server that I built myself.

Despite this, I don't have a damn clue what "virtualized through Proxmox" means any time I read it.

They are just running things in VMs. They may even have a cluster with some sort of high availability.

1000002710

Or containers, but lxc instead of docker-like. They’re like full VMs in operation but super lightweight. Perfect for some needs.

I personally find that LXC really isn't better than a VM.

U crazy! lxc is incredibly lightweight compared to a vm, I’m often amazed at what it can do with just a few hundred MB of memory.

Also you can map storage straight from the host and increase allocation instantly, if needed. Snapshotting and replication are faster too.

I’m always bummed when I’m forced to run a VM, they seem archaic vs PVE CTs. Obviously there are still things VMs are required for, though.

Proxmox is a hypervisor, like VMware. They are just running containers and / or VMs. Procmox is the management interface.

Plex, transmission, home assistant, some SSH tunnels, some custom home automation endpoints.

ATM I have the following running:

  • Caddy
  • NextCloud
  • Webpress
  • Plex
  • Actual Budget
  • Portainer
  • Vaultwarden
  • Grafana
  • Stable Diffusion
  • QBT
  • *arr stack
  • 4 Debian instances with differing bits and bobs on
  • MIT Scratch
  • Neon KDE (Drives lounge TV)
  • Win10 and 11 vms
  • TrueNAS
  • OpnSense
  • Homepage
  • Navidrome
  • SoulSeek

Curious about the specs of your machine.

it's an i5 13xxx with 64GB ram and a HBA passed through to TrueNAS with 7 disks on it and a second network card passed through to OpnSense for WAN/LAN

All the above runs in Proxmox and has a bit of room for expansion still ;) This was a 50th to myself to replace an IBM M4 space heater

I use Docker and (currently) VMware and host whatever I need for as long (or short) as I need it.

This allows me to keep everything separate and isolated and prevents incompatible stuff interacting with each other. In addition, after I'm done with a test, I can dispose of the experiment without needing to track down spurious files or impacting another project.

I also use this to run desktop software by only giving a container access to the specific files I want it to access.

I'm in the process of moving this to AWS, so I have less hardware in my office whilst gaining more flexibility and accessibility from alternative locations.

The ultimate aim is a minimal laptop with a terminal and a browser to access what I need from wherever I am.

One side effect of this will be the opportunity to make some of my stuff public if I want to without needing to start from scratch, just updating permissions will achieve that.

One step at a time :)

NUC 8i5, 32GB, 500GB NVMe (host), 8TB SSD (data), Akasa Turing fanless case, running Proxmox:

  • samba
  • syncthing
  • pihole
  • radicale
  • jellyfin
  • minidnla

I also have a Pi 4 running LibreElec for Kodi on the home theater. Nothing fancy yet and it more than meets our current needs. Most maintenance done over SSH.

Would like to eventually get a proper web and email server going (yes, I know).

Just Jellyfin and modded Minecraft right now. Nothing super interesting, but great fun.

I'm using SSH to interact with the Minecraft server in tmux, and the web interface for Jellyfin.

here is my deploy

https://github.com/simone-viozzi/my-server

Are you using Kavita for your books as well? I have my books on Calibre, but I'm seriously considering putting it all under Kavita.

yes i use kavita, i have a couple hundred books.

I guess that's going to be the way. I'm moving all the services I have under UnRaid to ProxMox, and wanted to lower the app count. Thanks for the tip.

For local use only I use Docker Rootless hosting:

  • SearXNG (with some modifications, like not using Redis nor Caddy)
  • FreshRSS
  • Jellyfin (for my small collection of series and movies)
  • Gotify
  • Stirling-PDF
  • PiHole (more as an experiment, rather than looking for a complete DNS solution since I can't change my router's DNS)
  • Paperless-NGX (I don't use it much, it's more as an experiment)
  • Homer
  • DokuWiki

I've found problems using Docker Rootless and Tumbleweed as my server's OS, since some configurations are different and some containers don't even work, but I've also learned a lot :)

I can't change my router's DNS

Do you mean you can't change the DNS server in the DHCP settings or the server the router itself uses? In the first case you might be able to use Pi-Hole's DHCP server instead, while for the latter it shouldn't be an issue - I actually usually leave upstream servers configured there to avoid loops. BTW, you might also be able to flash OpenWRT to your router

What do you use as a replacement for Caddy and Redis?

Nothing for Redis since it's optional and I had problems running SearXNG with it. For Caddy, I forgot to mention that I use Nginx-Proxy-Manager as my reverse proxy for HTTPS hehe

You could turn off the DHCP server on your router and let your server handle it. You can then tell your clients to use Pi hole via the DHCP running on your server

  • HomeAssistant and a bunch of scripts and helpers.
  • A number of websites, some that I agreed to host for someone who was dying.
  • Jellyfin and a bunch of media
  • A lot of docker containers (Adguard, *arrs)
  • Zoneminder
  • Some routing and failover to provide this between main main server and a much smaller secondary (keepalived, haproxy, some of the docker containers)
  • Some development environments for my own stuff.
  • A personal diary that I wrote and keep track of personal stats for 15 years
  • Backup server for a couple of laptops and a desktop (plus automated backup archiving)

Main server is a ML110 G9 running Debian. 48G/ram. 256 ssd x2 in raid1 as root. 4tb backup drive. 4tb cctv drive. 4x4tb raid 10 data drive. (Separating cctv and backup to separate drives lowers overall iowait a lot). 2nd server is a baby thinkcentre. 2gb ram, 1x 128gb ssd.

Edit: Also traccar, tracking family phones. Really nice bit of software and entirely free and private. Replaced Life360 who have a dubious privacy history.

Edit2: Syncthing - a recent addition to replace GDrive. Bunch of files shared between various desktops/laptops and phones.

I settled on a Fujitsu Q920 with 16 GB of RAM and a 1 TB SSD. Runs FreeBSD 14.1 and each service has its own Jail.

Services:

DNSmasq - local DNS and adblocker Wireguard Navidrome MPD - Media server Vaultwarden - password save Radicale - cardav and caldav server TinyRSS - RSS aggregator Zabbix - server and service monitoring Postgresql Gitea - git repository Emby - jellyfin alternative Mariadb Bhyve VM with Debian running 2 apps (invoiceplane and leantime) which use a quite old php version and I never had time to port to Freebsd.

A second machine that starts daily and creates a backup of machine 1 by using ZFS autobackup.

Nothing fancy but it does what I need.

I've got servers all over the place. A sample of what I have running on all of them:

  • YaCy
  • SearxNG
  • Kodi
  • Shaarli
  • Huginn
  • Part-DB-server
  • Bookstack
  • Cyberchef
  • Efflux

Current setup:
Main server (HP ProDesk 600 G3 MT):

  • 2fauth (not finished)
  • Some stuff for the local breweries website
  • Nextcloud (includes KeePass.kdbx)
  • Some stuff for a flea market event in the near future
  • Gitlab
  • Gotify (notification sevice to notify of failed systemd services)
  • Jellyfin
  • Lemmy
  • AbuseIPDB contributor badge (for more API calls)
  • Piped
  • Some stuff for my dad
  • Synapse (Matrix)
  • Uptime-kuma (not finished)
  • WebODM (Drone mapping)
  • Postfix
  • Dovecot
  • Self written DynDNS

Workstation (HP Z440):

  • Gitlab runner
  • NodeODM (Webodm processing node)
  • pict-rs
  • Service to archive+compress+encrypt backups (uploaded to the workstation by the other devices hourly) daily and upload them to google drive + Hetzner

Soon I'll move to a setup where the Workstation runs all services, and there are two servers (HP ProDesk 600 G3 MT) whose only purpose is to run a DHCP+DNS server (one authoritative) as well as a Wireguard bridge to connect the two servers, located at two different networks (and cities), together. I'll also set up Jellyseerr, Vencloud (settings sync for the Discord Client Vencord), revamp the backup system and introduce my Laptop to the ecosystem.

Headless server accessed via SSH. Hosting Jellyfin, FoundryVTT, a Discord bot that I just mess around with, and also use it to run an IRC client inside screen.

  • OrangePi with HomeAssistant and PiHole.
  • Old gaming PC turned 24/7 server with Jellyfin, V-Rising server
  • Hetzner cloud with Matrix server for Messenger and Discord bridging.
  • Synology NAS for SMB and sharing stuff with others through Synology Drive, which also serves as a seedbox for Redacted.ch, with Headphones and Transmission.

Nothing yet, I'm still trying to figure out how to get my orange pi working... not much progress yet because I am just starting and making a server is very intimidating 😅 For now I'd like to just get it working so I can access a hard drive, and if I manage that and feel very daring, then pihole, jellyfin and home assistant.

Self-hosted machine. It was basically my old computer I bought back in '09. It's a i5-750 on a Asus P5P77. It started with the 4 GB RAM I hadn't sold until I upgrade to 8. I used a borrowed Nvidia GT730 and a 1 TB HDD at first until I upgrade my main PC GPU and bought a new HDD for the server so now it runs in a 4 TB HDD and my old GTX 1060 3 Gb. It's a beast for my needs.

  • Jellyfin is the main reason I started my server. Initially it was so my mother could easily watch shows I would never illegally download. Until a realized it would be great for me too and friends. To not watch them...I mean, because that would be ilegal!

  • Qbittorrent...shit...oh well :)

  • Nginx, when I realized I could host my own development server and personal website

  • Komga, when I realized I could have the same benefits of Jellyfin with books and comics.

  • Tailscale, allows me to, among other things, use it as an online or LAN hard drive for me and people I like.

  • Samba, see above. It also works to keep a nice share folder between my main PC and my laptop

The more time passes the more I realize self-hosting is the best idea ever. I get new ideias every day.

On an orangepi5, managed via webUIs and SSH: -Home Assistant and associated programs (notably zigbee2mqtt and nodered) -Pihole

8TB Unraid NAS managed via Unraid's webui -Whooole *arr stack -Jellyfin -Mealie

Thinking about nextcloud for the next one.

  • Prosody XMPP server (might move to ejabberd) with Movim front-end
  • Murmur VoIP server
  • Miniflux feed reader
  • Nix remote builder & substitutor
  • Upterm terminal sharing
  • Some small static sites on Nginx
  • Darcs, Pijul, Git hosting (no forge, basic SSH + HTTPS)

-Jellyfin: for playing media that I totally own and surely did no obtain by any obscure way.

-Qbittorrent: for reasons completely unrelated to the previous one.

-Amule: see above.

-Synapse (matrix server): overly complex way to send myself notifications from the server to my phone.

-FreshRSS: to have a self hosted RSS feed server. Could I use an android app for the same thing? Sure. But it's more fun and headache inducing this way.

-TubeArchivist: Because I want to offload some of that cost inducing bandwidth that is making those poor YouTube executives to keep pushing more aggressive ads on their platform. I'm just that nice.

-Caddy: because I'm just lazy.

-Crowdsec: Because I'm just paranoid.

Self hosted retro private EQemu, I also use the server for Jellyfin, just for music.

I used to use it to control my window AC from work too, but sadly the smart plug I use for that died over the winter, was nice to pair with those tuya-alternative through http since my cheapo phone needs to save all the storage it can. Its on a very old rig, so I'm always impressed that it still works.

Multiple hosts. Win2024/hyperv and proxmox

  • domain/dns/dhcp/ncp 2x
  • pihole
  • iobroker (smarthome)
  • sonarr/radarr/orowlarr
  • emby
  • sabnzbd
  • vpn-vm for torrent/soulseek
  • searxng
  • dav for calendar
  • caddy (for emby/dav from outside)
  • firefly (banking)

And some minor, less important ones.

All backup to a central server, which does a daily backup of the backup onto another nas. In case of emergency,just grab nas.

truenas: plex/jellyfin, *arr stack

working on another (debian) machine to run nextcloud and immich, plan is to have a failover. Redundant machine would ideally be wake on LAN to save power. I already have commodity hardware for these two identical machines, otherwise I'd probably just go for a more robust single machine.

Mikrotik routerboard out front providing wireguard for one subnet. pi4 providing pihole on the wireguard subnet. This is a new router and I'm very happy with it. This coming weekend the goal is to correctly implement mangle rules (policy based routing) to combine my two WAN connections seamlessly.

So very standard setup for selfhosting with the exception of two ISPs

truenas is easiest to manage through the web service, debian ssh and VNC, mikrotik's WInBox is just amazing, but it's also the first "grown up" router software I've ever used. It's so much better than managing PF through a ssh session.

Pi-hole DNS and dhcp + home assistant and a bunch of other related containers.

I managed to install Nextcloud (not the docker) and I called it a success since I find nginx, ports, firewalls and port forwarding a meta headache.

I've been running my own nextcloud for around a decade now. I use it for my calendar, contacts, and file storage. It's basically replaced all the google services for me, and has been effectively zero maintenance. It just works.

Pi-hole on an ancient pi zero w.

I've got a little MSI box with 16GB of RAM, 500GB SSD, and a quad core i3 running Proxmox. Home Assistant is in its own VM, I have a VM for a bastion host/jump box of sorts for a client's network (yes, I know VPNs exist), and then a VM running a few Docker containers: CheckMK, Dozzle, Uptime Kuma, and The TP-Link Omada Controller software. I intend to migrate those to Podman eventually.

On my desktop in Podman, I'm running Dashy, Redlib, and Dozzle regularly. Sometimes I run other services but those are pretty persistent. I use Podman on my local machine for my development work and it's just handy to have Redlib and Dashy right here.

I tend to interact with things via SSH unless it's a webshit.

A lemmy server, and my experimental Tenfingers sharing protocol nodes.

How come you don't post from your own lemmy

Because I had lots of problems with my lemmy.mindoki.com server, so I shamefully uses an accunt on lemmy.world.

Just wiped the server a coupla of days ago (snif), so if everything works out well this time you'll see valmond from mindoki the next time :-)

LibreCMC, a fork of OpenWrt, running on my home gateway that also acts as my personal server: Nextcloud, aMule, qBittorrent, Samba, dynamic DNS updater, certbot and a DNSCrypt client.

AMP for game servers Plex The arrs Rss stuff Nextcloud NUT Pihole Bunch of stuff for plex like maintainer, shuffle Jellyfin and watch state sync between plex Speed test tracker Krita Excalidraw Actualserver Mealie Grav Tons of databases

One game server, seedbox, some discord bots. And I ain't telling how I interact with my servers but they are cloud.

Media server: Jellyfin, qBittorrent, Radarr/Sonarr/Lidarr/Prowlarr, and OpenVPN/Traefik/WireGuard

Misc: PiHole, Vaultwarden, HashiCorp Vault, and FreeIPA

VMware ESXi for the VMs, but I'll be switching to Proxmox soon.

All running in Docker or Podman containers on their own VMs. I'm trying to automate the deployment and configuration of each of these services via pipelines in GitLab CI using Ansible and Terraform right now. I also have a couple of Kubernetes clusters for testing and dev stuff on this server.

Accessed via SSH or an NGINX reverse proxy. I'm using certificates where possible, but a lot of the traffic between VMs is still unencrypted. I'll eventually force everything local to use Traefik, but for now, only a few services are using it.

There are a lot of projects on awesome-selfhosted and selfhosted that I've been meaning to get around to installing. Home Assistant and AdGuard Home are two of them.

OpenStack has a really good Ansible hardening project for securing servers that I try to always use. I also have a Red Hat developer license, so I try to use their OS when possible because of their FIPS and other security profiles. Some services just don't work with any of the newer RHEL versions though, and I usually fall back to CentOS Stream or Ubuntu whenever that happens.

just assume that all of these are referring to the server components of these pieces of software
  • jellyfin
  • dlna
  • syncthing
  • samba
  • ssh
  • wireguard
  • i2p
  • sunshine
  • rdp
  • miniserve - simple http server, used to use apache

Steam and Jellyfin torrent setup. I'm considering adding nextcloud setup for fun.

I started to answer your question with a list of stuff and then deleted the lot and started again:

What are you really after? Do you fancy a challenge or what?