I am immensely grateful to the Fediverse for all the encouragement I got here to embark on a #selfhosting journey.

#YunoHost has empowered my digital life in immeasurable ways.

My way of giving back - and fighting the broligarchs of Big Tech - is to create a guide that demystifies the process. I have compiled all my posts so far in a single page:

🔗 : https://blog.elenarossini.com/a-newbies-guide-to-self-hosting-with-yunohost/

If you're curious about self-hosting but you haven't taken the leap yet, I hope my articles will be helpful to you ❤️

#Introduction ― I'm a 6th year #medicine student, aspiring #neurology
resident. Some topics I'm interested into:

#neuroscience #cognitivescience #neuroimaging #pathology #virology
#bioinformatics #socialism #pacifism #minimalism #collectivism
#cooperatives #environmentalism #climatechange #sustainability
#permaculture #vegan #existentialism #posthumanism #postmodernism #scifi
#cyberpunk #foss #unix #netbsd #sdf #gopher #privacy #bbs
#decentralization #selfhosting #lisp #retrocomputing

Congrats to the Ghost team for notifying everyone of the 6.19.1 release, which fixes a critical SQL-injection flaw, while the official Docker image is still only on 6.18.2

#ghost #selfhosting

If you self-host services on the internet, you may have seen waves of crawlers hammering your websites without mercy.

To annoy them and protect my services from DDoS, I decided to setup an iocaine instance, along with NSoE... And it worked... Too well.

Recently, they started flooding my VPS so much it started choking.
If you followed me here on Fedi, you saw my journey to find a way to relieve my server.

This is a rant about LLM crawlers, and some observations & conclusions, along with some techniques to help you protect your own services.

Read it here: https://xaselgio.net/posts/26.poisoning-knowledge/

#selfHosting #iocaine #indieWeb

Another reason for #SelfHosting: You get to define your own error pages!

This is what my #Elk, #Nicolium and #Invidious sites look like if I forgot to VPN home:

Alt...

A screenshot of a web browser, showing an almost blank page, except the "Confused Travolta" meme GIF is shown at the centre of the page.

Just received an email from my mail server administrator. They sent me a link to change my password because it's 'insecure'.

My mail admin is so efficient...

...hey, wait a minute... I AM my mail administrator! 🤦‍♂️

#Phishing #SelfHosting #SysAdminLife #SecurityFail #InfoSec

"We are currently clean on UPTIME"

#selfhosting #uptimekuma

Alt...

Screenshot from Uptime Kuma, showing all green status for Adguard Home, Grafana, Home Assistant, Immich, InfluxDB, Nextcloud, Uptime Kuma and Vaultwarden

#sysadmins #mastoadmin #mastoadmins #selfhosting questions re: DNS...

Has anyone hosting their own instance seen a massive increase in DNS queries to their domain.

I don’t host my own DNS, and my DNS provider can’t give me logs of requests, so I can’t even check which subdomain it might relate to.

I’m not sure what I could do to avoid it – the overage is not a large amount of money, but it’s recurrent and annoying, and started when I started this instance.

I changed the TTL to 2 weeks and it didn’t make a difference.

I’m not sure what else to check.

Can anyone recommend a DNS provider I could use temporarily that I could get logs from?

I don’t want domain hosting or web hosting, or masto hosting.

Thanks!

like/favorite if this appears in your feed please :)

#selfhosting #snac2 #openbsd

Since my home server not intended for use by any people outside of my city (plus some VPN endpoints in other countries) — it is ok to ban some unwanted countries and cities from which I don't expect anything good, except attempts to hack my box to use my resources or set me up .

So I added some GeoIP blocking to the npf with script to update GeoIP list — I blocked China, Iran, North Korea, etc and Moscow (because there are a lot of government and commercial backed bots coming from here). Results are good — the bots don't disappeared completely but the speed of adding new IPs to the blacklist is decreased

Sadly, I was unable to add USA and UK to the list, because looks like there are some limits (not found how to increase them ), which disallows to load a lot of CIDRs for these countries to the blacklist.

#NetBSD #npf #bots #selfhosting

Alt...

Graph of the count of banned IPs per week. There are two red tangents on the two points — before and after the GeoIP bans were enabled. And the two red lines, parallel to the X axis. The resulting derivatives are 0.59 and 0.38, so the speed of raising the values (count of blocked bots) are decreased.

Alt...

Part of the script to update npf blacklists. Script contents: # List of blocked countries: # AE - United Arab Emirates # AF - Afganistan # BY - Belarus # CN - China # CU - Cuba # HK - Hong Kong # HU - Hungary # IR - Iran # KP - North Korea # KW - Kuwait # PK - Pakistan # PS - Palestine # TW - Taiwan # UA - Ukraine /usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \ --retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \ --show-error --proxy http://127.0.0.1:20172 \ -o - "$GEOIP_COUNTRIES_SOURCE" | \ /usr/bin/egrep '^[0-9.,]+((AE)|(AF)|(BY)|(CN)|(CU)|(HK)|(HU)|(IR)|(KP)|(KW)|(PK)|(PS)|(TW)|(UA))$' | \ /usr/bin/awk -F, '{ print $1, "-", $2 }' | \ /usr/pkg/bin/iprange > /usr/share/npf/blacklist.countries.new if [ "$?" -ne "0" ]; then echo "Failed to update countries blacklist" rm -f /usr/share/npf/blacklist.netset.new \ /usr/share/npf/blacklist.countries.new exit 3 fi # List of blocked cities: # Moscow /usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \ --retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \ --show-error --proxy http://127.0.0.1:20172 \ -o - "$GEOIP_CITIES_SOURCE" | \ gzip -d | \

#snac is a pretty cool #fediverse #activitypub server software!

Super lightweight, no database, easy to set-up.

I will not replace my main #mastodon instance with it, but i really have some other use cases for it, for example some bots or so.

And from what I saw, the code also is pretty nice to learn things from it. (me, a c programming noob)

Edit: Totally dumb of me to NOT post the Git repo in the first place 🤦‍♂️
https://codeberg.org/grunfink/snac2

#foss #lightweigt #c #server #selfhosting

Just published a deep dive on self-hosting CryptPad on FreeBSD using VNET jails, PF NAT, and Caddy.

End-to-end encrypted collaboration, fully isolated networking, no direct internet exposure for the app jail, and a few real-world gotchas (including the infamous “Loading…” issue).

If you like FreeBSD, jails, and privacy-first self-hosting, this one’s for you.

https://blog.hofstede.it/self-hosted-cryptpad-on-freebsd-with-vnet-jails-and-caddy/

#FreeBSD #SelfHosting #Privacy #Jails #CryptPad

@lproven @theregister

Great article. I noted FB a while back but at least in #Fediverse #SelfHosting chatter, Yunohost gets way more attention. Any idea why that is?

Re #ZeroNet, IIRC blockchain just for a user to have a unique ID not dependent on a 3rd party & rest is Bittorrent-based #P2P. Re complication, I installed & had my own ZN site in no time with no special knowledge, OS or hardware (I found Cheapskates thru ZN). I still haven't been brave enough to try selfhosting. Reverse proxy?😱

It seems there are fully hosted and self-hosted options for ATProto/Bluesky now, I stand corrected on that front.

Out of curiosity I looked into what it would take to build my own social media service on top of ATProto. The technical architecture is interesting, but... what would I actually gain?

I chose Mastodon back in 2022 when Bluesky was still invite-only and had no self-hosting story. ActivityPub is a W3C standard. Mastodon gGmbH is a non-profit. The Fediverse has years of proven independent operation across thousands of instances.

Bluesky PBC is a US for-profit company that controls protocol development, although they have made statements about wanting independent governance. Yet the network remains heavily centralized with most users on bsky.social.

Running my own Mastodon instance already gives me sovereignty. ATProto doesn't offer more of that, arguably less given the current state of things. Not saying people shouldn't build on it. But for someone already running independent Fediverse infrastructure, it's hard to see what value it would add. I didn't see the appeal back then and I don't see it now.

#Bluesky #ATProto #Decentralization #SelfHosting #SelfHosted

I self-host my own e-mail servers for ~25 years now. Just finished he migration to a new system today.

- OS: FreeBSD 15.0-RELEASE
- MTA: Postfix 3.10
- IMAP: Dovecot 2.3
- Filter: Rspamd 3.14

I used Imapsync to migrate the content of my Mailboxes from the old to the new system. Worked absolutely fine.

Having the E-Mail Jail and the mailbox data on an encrypted ZFS dataset (AES256) that's manually unlocked with my passphrase after rebooting the system. Backups are done via ZFS send/recv to by backup server (-w for raw send to ensure, data is encrypted at rest)

- SPF: ✅
- DKIM Signing: ✅
- DMARC Reporting: ✅
- E-Mail delivery to major providers: ✅
- IPv6 working and actually being used: ✅

All working perfectly well. In about a week, I'll decomission the old Debian based system, that I used since 2017!

#linux #freebsd #sysadmin #selfhosting #email #postfix

Alt...

Console output, showing FreeBSD Jails, running E-Mail related services.

New blogpost:

"Testing Radicale, a self-hosted FOSS CalDAV and CardDAV Server"

Setting it up was easy.

Importing my calendar appointments history was not.

It doesn't have calendar sharing, and I'm on the fence as to whether this will be a deal breaker.

https://neilzone.co.uk/2026/01/testing-radicale-a-self-hosted-foss-caldav-and-carddav-server/

#FOSS #selfhosting #Linux #Radicale

I've been wondering about Bluesky's decentralization again. I can't think of any reason why I'd want to self-host Bluesky in its current form. I cannot 100% self host "my own Bluesky".

Their main selling points for building their own protocol were easier migration and better discoverability, but right now there's no simple way to migrate my Bluesky account to my own instance. And hosting the centralized parts yourself isn't really possible, or if it were, not affordable, they haven't made that feasible, by design, it seems.

Even if you self-host a PDS, Bluesky's Relay only indexes up to 10 accounts from it. You can run more, but they won't federate, the central infrastructure decides what gets seen. They control this (source: https://docs.bsky.app/blog/self-host-federation#:~:text=For%20a%20smooth%20transition%20into,for%20everyone%20in%20the%20ecosystem.). You can self-host a PDS (Personal Data Server), but you still depend on Bluesky's centralized Relay and AppView. There's no production-ready alternative infrastructure from what I gather.

It feels like I'd be renting a room in a hotel that someone else is running anyway, when I want my own hotel.

If Mastodon gGmbH vanishes tomorrow, my instance keeps running and federating with everyone else. If Bluesky PBC vanishes, the ecosystem would need to scramble to stand up replacement infrastructure that doesn't really exist yet.

ATProto keeps getting evaluated on its promises while other systems get evaluated on their merits. The "portability" selling point depends on infrastructure that isn't mature enough to actually catch you if Bluesky falls.

I trust W3C, the builders and fathers of the World Wide Web, ActivityPub and the Fediverse.

#Decentralization #SelfHosting #SelfHosted #Mastodon #Fediverse #Bluesky #Servers

@eff That's encouragement to get into self-hosting if anyone needed the bump.

#selfhosting

New post:

"A newbie's guide to self-hosting with YunoHost. Part 3: Let’s install NextCloud"

🔗 : https://blog.elenarossini.com/a-newbies-guide-to-self-hosting-with-yunohost-part-3-lets-install-nextcloud/

And sorry for repeating myself, but the path to digital independence and empowerment is easier than you thought.

My self-hosted #NextCloud has fully replaced WeTransfer, Google Drive and Dropbox for me... and it's only the tip of the iceberg.

I hope this visual guide will help fellow newbies.

#SelfHosting #YunoHost #MySoCalledSudoLife #FOSS #blog #resist

Running Mastodon on FreeBSD? Stop using wrapper scripts that break service status.

I've refactored the init scripts for Sidekiq, Puma, and Streaming to be fully production-grade:

- Clean privilege dropping (no su wrappers)
- Native signal handling for log rotation
- Correct PID tracking & status reporting.

I published the scripts and the reasoning behind them in my Codeberg gists:

https://codeberg.org/Larvitz/gists/src/branch/main/2026/20250115-FreeBSD_Mastodon_rc.d.md

I use those to run a Mastodon instance and they're working great so far!

❤️ 🦣

#FreeBSD #Mastodon #SelfHosting #mastoadmin #runbsd #OpenSource

Alt...

Screenshot showing the service status of several Mastodon services on FreeBSD

Jeff Bezos is saying the quiet part out loud. They want to kill local computing.

You will own nothing and be happy. You will rent your computing power from the cloud. You pay a subscription for the privilege of using a computer.

AI demand is artificially spiking DRAM prices and Big Tech is pushing "AI PCs," the squeeze is on to force us into a rental model.

Reject this future.

Keep your hardware local.

Run #Linux.

Own your data.

The "cloud" is just a landlord for your data.

#NoAi #FOSS #OpenSource #Privacy #SelfHost #SelfHosting #BigTech #RightToRepair #RAM #Amazon #EatTheRich

https://www.windowscentral.com/artificial-intelligence/jeff-bezos-says-the-quiet-part-out-loud-bezos-envisions-that-youll-give-up-your-pc-for-an-ai-cloud-version

Now pondering: email feudalism

#SelfHosting #EMail #lang_en

I'm getting back into #selfhosting after 20-odd years off. I keep looking at containers and kubernetes and cloud-init and feeling like they don't offer a whole lot over just writing a couple of bash scripts to provision a server (just one with everything on it) from scratch. Does anyone have anything lightweight they like for hosting a web app?

#devops

Finally (2), I have some good enough DHCP server!

Tried kea from ISC — it works but requires some additional actions to be launched under #NetBSD. It has very strange default paths for file with leases, PIDs and logs:
- /usr/pkg/var/lib/kea/
- /usr/pkg/var/lib/run/kea
- /usr/pkg/var/log/kea

BTW, it could be changed via playing with some environment variables.

Also, the default startup script uses keactrl to launch DHCP server and keactrl requires some configuration for it. So, to use "service kea start" there are two configuration files are necessary:
- /usr/pkg/etc/keactrl.conf — the main configuration file for server.
- /usr/pkg/etc/kea/keactrl.con — the configuration file for keactrl.

Then, I tried the dhcpsd — the new promising successor of ISC dhcpd, which could be configured with configuration file in Lua and conforms Unix FHS — all necessary files lies in the right places: /var/run, /var/log, etc. Sadly, it doesn't work: server starts but there are no leases for clients and no any errors in the log :-(

Then, I found cmu-dhcpd in the repos — there is a dhcpd from Carnegie Mellon University with some patches from Princeton. And, finally it works! And it also conforms Unix FHS: main configuration in the /etc/dhcpd.conf, PID-file in the /var/run/dhcpd.pid and logs in the /var/log/messages

#selfhosting #dhcp #DHCPv4 #dhcpd

Alt...

Screenshot of xterm with vi opened in it. In the vi there is a /etc/dhcpd.conf opened with some simple configuration for plain home network.

Speaking of #JDLL, some of you may remember that I had the honor of speaking at the 2025 edition, invited by the awesome @yunohost team to share my experiences self-hosting with them.

I asked my husband to tag along and bring our daughter so she could see me speaking on stage... and see that mamma does cool stuff outside the house too.

Well, my daughter brought up Lyon and the conference on the way to school the other morning. I asked her: "did you have a good time?" and her immediate response was: "I didn't understand anything you said!"

Me: "Well, it's normal, I talked about grown up stuff."

Child (4 then, 5 soon): "But what did you say?"

And then I proceeded to try to explain the concept of #selfhosting and #digitalsovereignty and how empowering it is to use a tech stack independent of #BigTech platforms... in an accessible way that she would understand.

It was SO DIFFICULT.

I probably failed spectacularly and she still doesn't understand. But it made me think that it'd be worth trying to explain this to older kids... like pre-adolescents or in their early teens? Maybe a project for another time.

Edit/add-on: my daughter asked me to speak about the Pink Panther or Bluey next time so she could understand 😂

#MySoCalledSudoLife #resist #parenting

#introduction ― I decided to create an alt account here to allow me
to connect more easily with SDF community.

My primary focus will be on tech-related things I like:
#pkgsrc on #netbsd #illumos and #slackware
#unix #sdf #gopher #smolnet #usenet #dos #c #lisp
#selfhosting #homeserver #permacomputing #lowtech
#hamradio #progrock #progmetal #ambient #postrock
#90s #scifi #cyberpunk #novels #seinen #manga

Documented my home-lab setup going into 2026:

https://danb.me/blog/2026-homelab/

#homelab #selfhosting

#SelfHosting week 0:
Phase 0. Choosing domain name for self hosting: plusbrothers.online seems available. the .net is my main website based on #WordPress
Considering also plusbrothers.community but who knows if it's possible. Something that warns users that's the same site but with other purposes.
What to do there: Mastodon instance with more than 500 characters if possible. Then Castopod, and maybe a WordPress to transfer English blog there.
Finally, choosing the most appropriate VPS server where to install #YunoHost currently confronting most famous VPS vendors' websites user interface for #accessibility - this is a showcase for customer care. Less accessible means less disability-friendly, that means "I'd prefer you don't come to us". Hostinger has an accessibility statement but it's very superficial and maybe copy-pasted from a template just because obliged by european laws, not for real care.