schmonz.com is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.
This server runs the snac software and there is no automatic sign-up process.
Anyone out there running a backup MX that I could add my domain to for a few days? My only internet connectivity right now is tethering my phone, and I can't route incoming email server connections that way (afaik). #selfhosting
European institutions seem to be all in when it comes to introducing age verification mandates for citizens in member states: https://digital-strategy.ec.europa.eu/en/library/commission-sets-out-common-approach-eu-wide-age-verification-technologies
I now have daily anxiety thinking about the future of the fediverse.
So how do I channel this fear and turn it into something constructive? I'm going back to writing #selfhosting guides for newbies.
It's a great distraction, which gives me a bit of hope. Especially the next guide, which will cover my favorite fediverse software - #GoToSocial (which is powering this instance) - and how to install and configure it. Your own little home on the fediverse! Lightweight and features-packed.
Surely something like this would fall outside the scope of regulation. Right? Right?
#MySoCalledSudoLife #YunoHost #VPS #AgeVerification #privacy #EUBigTech
In addition to platforms like Mastodon & PeerTube, we are exploring whether we can also use an #OpenSource platform for newsletters.
We are looking for something privacy-friendly, self-hostable and sustainable over the long term. Right now, Keila and Listmonk are on our list.
Have you used (either of) them or other alternatives? We'd love to hear about your experience: what worked well, what didn't and which one you'd recommend? Thanks!
*Update: PeerTube not Pixelfed
@labellaragassa It's a bunch of tradeoffs. There are acceptable solutions where trust is warranted, but they're less convenient, and require more #SelfHosting skills. How far down the rabbit hole of inconvenience are you willing to go, to satisfy more of your ideals?
Doing a mastodon *minor* update is still a mess in 2026 requiring manual steps to trigger db migrations pre and post update. And that's using docker. Without containerization its even more steps to do. Just in case anybody is still wondering why people do not "just self-host"...
Building a immich only box thinking of going debian and btrfs any other ideas or tips?
It's a 8th gen nuc
Tia
I haven't turned on this raspberry pi 4 8gb of ram in like 3 years. I've been feeling like resurrecting it and setting it up again.
What services should I install on it?
What casing or peripherals should I use?
RE: https://mastodon.bsd.cafe/@subnetspider/116758330967344651
Bastille makes a great self-hosting platform! Look at this absolute list of self-hosted software ⬇️
nsd, unbound, acme, adguard, gitea, haproxy, homebox, mail, netbox, nextcloud, plex, rustdesk, samba, syncthing, tor, unifi, vaultwarden, and more on one box.
#FreeBSD #BastilleBSD #selfhosted #selfhosting
New blog post: Do-the-work instead of proof-of-work, for Git hosting
https://blog.legoktm.com/2026/06/14/do-the-work-instead-of-proof-of-work-for-git-hosting.html
On https://git.legoktm.com/ I am now running a fully client-side Git repository viewer; on the server-side it is entirely static hosting, which makes it super cheap.
I hope this is a useful proof-of-concept as an alternative to (IMO wasteful) solutions like Anubis and provides better user privacy in the process.
It is surprisingly easy to get a locality domain.
I followed this guide and had one in 18 minutes:
https://fredchan.org/blog/locality-domains-guide/
Kinda postmortem:
1) The maximal log size before rotation and count of gzipped logs to store should be increased in the newsyslogd configuration. This should be applied to any service, which is looking into the void^WInternet. So, I will not loss log records, related to the start of attack…
2) Also, Asterisk log should be added to newsyslogd configuration first. It weren't added here, so *.log files became too big (> 1 Gb) and of course fail2ban ate a lot of memory while parsing these big logs. If they were rotated properly, then fail2ban will not eat so much memory, parsing small enough files.
3) Since start of attack in logs were lost, then I could only imagine possible root cause of an attack. By default, any IP, which once failed to provide the proper credentials to login somewhere in my kitchen server, is banned immediately and forever.
But somehow those attackers managed to use just 2 IPs to make an attack and they weren't banned before manual intervention 
According to fail2ban logs they were banned, but they were obviously not banned by npf. So, I think, they started attack right in time when my blacklists were successfully updated and npf was reloading — as a result their IPs appeared as "banned" in the fail2ban, but the fail2ban failed to ban them via npf, so "IRL" their IPs still weren't banned. Time to revisit my script to update blacklists 
4) Looks like I need to install some Intrusion Detection System (possibly snort
since it is mature enough). It isn't good to rely only on one mechanism (fail2ban + blacklists + npf) to protect my precious machine.
Oh fuck, I was mistaken — it was a real attack, not LLM bots
— someone, using machines from French hosting, was trying to connect to my Asterisk box, using various SIP endpoints.
The attack was started at Monday's night and was found only because monit reported about too much memory eaten by fail2ban 
Interesting, why fail2ban didn't banned attacker's IP, because it should do that right after failed attempt to login?
Tine to revisit fail2ban jails configs…
Kinda postmortem:
1) The maximal log size before rotation and count of gzipped logs to store should be increased in the newsyslogd configuration. This should be applied to any service, which is looking into the void^WInternet. So, I will not loss log records, related to the start of attack…
2) Also, Asterisk log should be added to newsyslogd configuration first. It weren't added here, so *.log files became too big (> 1 Gb) and of course fail2ban ate a lot of memory while parsing these big logs. If they were rotated properly, then fail2ban will not eat so much memory, parsing small enough files.
3) Since start of attack in logs were lost, then I could only imagine possible root cause of an attack. By default, any IP, which once failed to provide the proper credentials to login somewhere in my kitchen server, is banned immediately and forever.
But somehow those attackers managed to use just 2 IPs to make an attack and they weren't banned before manual intervention 
According to fail2ban logs they were banned, but they were obviously not banned by npf. So, I think, they started attack right in time when my blacklists were successfully updated and npf was reloading — as a result their IPs appeared as "banned" in the fail2ban, but the fail2ban failed to ban them via npf, so "IRL" their IPs still weren't banned. Time to revisit my script to update blacklists 
4) Looks like I need to install some Intrusion Detection System (possibly snort
since it is mature enough). It isn't good to rely only on one mechanism (fail2ban + blacklists + npf) to protect my precious machine.
New post: IPv6 Foundations.
IPv6 isn't "the future of the internet." It's the internet. IPv4 is the relic we keep alive on NAT life support.
A laid-back tour through the basics: how the addresses are built, the two rules for crushing out the zeros, a /64 per subnet so you stop counting hosts, SLAAC, and why blocking ICMPv6 is a self-inflicted wound.
And no, dual-stack isn't a destination. It's a burden.
https://blog.hofstede.it/ipv6-foundations-the-internet-protocol-you-should-already-be-using/
Huh, looks like the new ASes, with LLM-bots attacking servers, just dropped
TLDR: there are AS12876 and AS16276 — both located in France (Scaleway SAS and OVH SAS). My Asterisk self-hosted box was attacked from the next IPs: 62.4.15.81 and 51.222.38.229.
Today, after I was checked my e-mail, I found three warnings from Monit about fail2ban exhausting limits in my small server in the kitchen (Intel Atom N2800 1866 MHz and 4 Gb of RAM). First e-mail warns about fail2ban ate 200 MB of RAM, next about 500 MB of RAM and the last e-mail warns me that fail2ban ate 2 GB of RAM 
Then, I logged into my box and found that fail2ban, Asterisk and PostgreSQL aren't feeling well. The system load and the traffic amounts was unusual — the parameters are completely differs from which I used to see since server installation.
I checked fail2ban logs and found that it is still parses the data from Asterisk log which were happen at near 5 hours ago
And there were total mess in the Asterisk security.log (see screenshot) — some dumb (as it programmers
) LLM-bots were constantly trying to connect to my Asterisk server with HTTP protocol, evaluating it as a web-server, I dunno
And the Asterisk logs became enormously big — while newsyslogd wasn't invoked — they eat at near 4 GB
. I didn't specify the maximal size of Asterisk logfiles in the /etc/newsyslog.conf, because I wasn't expected a lot of lines in the PBX logs, which is in use only for my relatives.
Some graphs
from #Munin with LLM-bots attacking my kitchen server.
Graphs spans to the whole week, so on the left there is a normal state of my server. And on the right — attack is happening.
It's currently just a simplified version of my existing blog, but I'm hosting this website on my Raspberry Pi Zero for testing purposes:
We will see how things go over time, then possible port over the "real" thing 😛
We were without power for ~18 hours yesterday, but I’m still determined to eventually switch hosting my personal blog over to my local Raspberry Pi Zero
If you run your own local DNS servers at home, do you: (select all that apply)
Comment with your preferred DNS stack and privacy friendly DNS providers.
#FreeBSD #Linux #selfHosting #DNS
| Forward to ISP's DNS servers.: | 4 |
| Forward to a DNS service (1.1.1.1, 9.9.9.9, etc).: | 17 |
| Recursively resolve from root servers directly.: | 16 |
| Encrypt my DNS using DoH, DoT, etc.: | 14 |
I know "AI" is a polarizing topic around here, but I wanted to share a small side-project I've been tinkering with to scratch a personal itch: MastoSum.
It’s a lightweight web app that listens to public streams, filters for the hashtags I actually care about, and uses an LLM to generate a daily digest of the last 24 hours. Basically, a personalized news feed to help cut through the noise.
It works reasonably well for what I need. Here’s an example of today's run: https://mastosum.linuxserver.pro/s/6q1ZdTOuHBfKyQ3aVU3dOw
It's IPv6-only. Not reachable via IPv4.
#python #fastapi #mastodon #newsfeed #selfhosting #ai #llm #ipv6
TFW you realize you've had your MX entry set wrong for over a month.
Yet somehow I've still been getting (some) mail? 🤔
So…Bitwarden quietly swapped their CEO for a PE exit specialist, dropped “Always free”, rewrote their values, then half-scrubbed a 4 year old blog post to cover it. Post still contradicts itself. I looked. There was no announcement.
https://blog.ppb1701.com/the-quiet-renovation-at-bitwarden
#bitwarden #passwordmanager #selfhosting #userhostile #privacy #blog #vaultwarden #privateequity
Anybody have fun #irc channel and #xmpp MUC recommendations? Anything involving #sysadmin, #programming, #selfhosting and maybe fun nerdy #memes?
My experience with larger IRC channels on Libera have not been great. It'd be fun to find an online hangout.
Is there anyone out there running an AMD 5650GE based system running Linux or BSD?
Can you tell us your CPU and GPU idle power numbers as displayed in btop?
Maybe this is an "easy button" of sorts to reduce power on an existing AMD AM4 system without going through the machinations of new mobo, ram, etc., etc. Get most of the way there?
#Linux #RunBSD #AMD #5650GE #PowerConsumption #Power #HomeLab #SelfHosting #SelfHosted #SOHO
Is there anyone out there running an AMD 5825U based system running Linux or BSD?
Can you tell us your CPU and GPU idle power numbers as displayed in btop?
#Linux #RunBSD #AMD #5825U #PowerConsumption #Power #HomeLab #SelfHosting #SelfHosted #SOHO
Looks like it has basic Markdown -> HTML converting. Neat.
forme.
🙂into emoji, which I don't like, though. Leave my #emoticons alone ;)And of course, no post or poll length limit :)
Almost done my custom recycled component OPNSense router. Final missing piece is this 2" PCIe riser. I may hit MicroCenter today. #opnsense #selfhosted #selfhosting #homekit
👩💻 My So Called Sudo Life - day 500: still a newbie edition 🆕
Dear Fedi friends,
Today marks the 500th day of my self-hosting adventures and I'm celebrating it with... a slice of humble pie:
Also: please remember to update your Linux system to patch the critical vulnerability that has been found.
#Linux #CopyPaste #security #MySoCalledSudoLife #SelfHosting #YunoHost
Today in #selfhosting fun. I have a mail server that's been in place for years and hasn't had any noticable problems, but today I sent the same email from two different addresses to hotmail. Both had SPF, DKIM, DMARC and the same outbound IP address. One was delivered and one went to junk. Headers on the latter show a spam score of 5 (which is sufficient for it to be diverted):
X-MS-Exchange-Organization-SCL: 5
I tried running it through https://github.com/mgeeky/decode-spam-headers but that didn't give any clues
Hi folks! I would love to hear about the non-standard physical #homelab #selfhosting security measures you've taken. From alarms to boobytraps, from customized IKEA boxes to reinforced closets. The crazier the better!
One requirement: you need to have it implemented (at some point in the past or currently). No concepts that never left the design table please.
New blog post: Self-Host Me, Self-Host Me Not
I like to self-host my services. But there are some things that I don't self-host, and I gladly pay somebody else to handle them.
https://www.crosenthal.com/chrome/2026/04/28/self-host-me-self-host-me-not.html
👩🏻💻 my so-called sudo life - day 489: new experiments edition 🧪
A blog post that chronicles what I have been up to since December... namely: advocating for the Fediverse, creating #selfhosting guides for newbies and experimenting with e-reader jailbreaks and off-grid mesh radio communications
#MySoCalledSudoLife #KindleJailbreak #KOreader #SimpleUI #meshtastic #blog #tech #resistance