schmonz.com is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.

This server runs the snac software and there is no automatic sign-up process.

Search results for tag #selfhosting

[?]Yehor 🇺🇦 » 🌐
@yehor@mastodon.glitchy.social

I’m thinking about turning my in a node and adding it to my cluster. All other nodes are at my home. They will communicate through . How bad is this idea? Anyone tried this?

    [?]michel.recondo » 🌐
    @michel@blog.recondo.com.br

    #ssg #bssg #selfhosting

    <p><a href="https://blog.recondo.com.br/tag:ssg" class="hashtag"><span>#</span><span class="p-category">ssg</span></a> <a href="https://blog.recondo.com.br/tag:bssg" class="hashtag"><span>#</span><span class="p-category">bssg</span></a> <a href="https://blog.recondo.com.br/tag:selfhosting" class="hashtag"><span>#</span><span class="p-category">selfhosting</span></a> [...]</p> [SENSITIVE CONTENT]

    #ssg #bssg #selfhosting

    New site generator

    When Stefano (@stefano@bsd.cafe) announced his own static site generator, the BSSG, I couldn't let it pass and went to give it a try and start to plan my site's migration, from hugo to BSSG.

    First impressions: it's awesome! Simple but complete. It comes with all available themes in the package and it even comes with a tool to generate a page to sample all of them!

    What I like: it's not something new but I find the commands to create and edit content very useful. I'm used to open a vim session and work from there but the ability to enter ./bsgg.sh edit <filename> or ./bssg.sh post and it simply asks for the title and opens the default editor. Simple. And when you save and close your file, it rebuilds itself to update your content.

    What I want (not need): the admin interface. Not for me, since I was born in the command line, but for the common folk that I want to convert to the simple world of static sites.

    So far, it's one of the best tools that I came across :)

    OBS. One issue that I found is that when using pandoc to render the pages, the standard list format is not rendered in the HTML. It works with commonmark.

      [?]Michael Jack » 🌐
      @mjack@mastodon.bsd.cafe

      I've cleaned up my Raspberry Pi selfhosting setup a bit. I'm using two, each in an Argon ONE V5 case with a 1TB NVME drive, running Raspberry Pi OS.

      'one' is serving Nextcloud All-in-one, Immich and Vaultwarden via a Caddy reverse-proxy. All using Docker containers, Caddy as a custom build with my domain DNS provider added.

      'two' is used as remote borg backup destination for 'one', and later a few monitoring tools.

      All three sites are using a wildcard certificate for my domain, and I connect via WireGuard (on the router) when away from home.

      Path of least resistance:

      I've tried Podman, AlmaLinux, and running a manual install of Nextcloud on Ubuntu. This setup follows recommended installations methods, and gives me fewer things to worry about.

      Photo of whiteboard with green text and drawings.

Left: WireGuard, Caddy, Vaultwarden, Nextcloud, Immich and BorgBackup, each with a check mark.

Right: a simple illustration showing server 'one' and 'two' and borg backup flow.

      Alt...Photo of whiteboard with green text and drawings. Left: WireGuard, Caddy, Vaultwarden, Nextcloud, Immich and BorgBackup, each with a check mark. Right: a simple illustration showing server 'one' and 'two' and borg backup flow.

        dch :flantifa: :flan_hacker: boosted

        [?]Forkmesh » 🌐
        @forkmesh@mastodon.social

        ForkMesh was registered 06/14 — just 3 weeks ago — and we’re already building in public: local-first distributed Git hosting, community mirrors, signed issues/patch PRs, encrypted repo rooms, and resilience beyond any single platform.

        We think we’ve found our home on Mastodon. Thanks for helping shape it 💜

          Amélie boosted

          [?]Elena Rossini 🌈 » 🌐
          @_elena@mastodon.social

          The amazing folks at @yunohost are running a fundraising campaign to cover their operating costs for 2026.

          I personally make a monthly recurring donation to them but wish I could give more 🥲

          If you use their services and you can afford it, please consider donating to their project. Every Euro / Dollar / Yen counts:

          🔗 : yunohost.org/donate.en.html

            [?]viq [he/him] » 🌐
            @viq@social.hackerspace.pl

            Is this the moment where I get annoyed enough with state and quirks of configuration management tools, and switch my boxes to somewhat more hands-off ? 🤔

              Jay 🚩 :runbsd: boosted

              [?]Dragon of BSDCafe :freebsd: [he/him] » 🌐
              @evgandr@mastodon.bsd.cafe

              Pretty funny that the most often requested file from my small kitchen-server is "/robots.txt". Pretty surprising, since a lot of LLM-bots usually ignores this file :drgn_sigh:
              The other requested files are just some js crap, which is obviously don't exist on my server — possibly some script-kiddies tried to find some entrypoint (see "config.js" and "env.js").

              The funny part: the referrer URLs. Hope, the default content of NetBSD /etc/passwd from inside the sandbox was made someone happy :drgn_blush_giggle:

              A cwm with 3 windows. On the top window there is an xterm with ssh client connected to the my server. Inside the window there are some lines from /var/log/nginx/ from inside sandbox (mostly the list of files and gzipped files in this catalog). On the middle window there is a GoAccess web interface with list of most-requested static files from my server. There are: /robots.txt (2.6 MiB of traffic), /config.js (1 MiB), /.env.txt (588 KiB), /env.txt (300.3 KiB), /app.js (316.4 KiB), /owa/auth/x.js (134.4 KiB).

              Alt...A cwm with 3 windows. On the top window there is an xterm with ssh client connected to the my server. Inside the window there are some lines from /var/log/nginx/ from inside sandbox (mostly the list of files and gzipped files in this catalog). On the middle window there is a GoAccess web interface with list of most-requested static files from my server. There are: /robots.txt (2.6 MiB of traffic), /config.js (1 MiB), /.env.txt (588 KiB), /env.txt (300.3 KiB), /app.js (316.4 KiB), /owa/auth/x.js (134.4 KiB).

              The screenshot of cwm with a Librewolf window on top. It displays the GoAccess web interface with a list of referrer URLs, from requests to my server. There are: https://MyIP/ (47078 hits), http://MyIP:443/ (25507 hits), https://MyIP (3018 hits), () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd (621 hits), https://MyIP/WebInterface/login.html (434 hits) and https://myhostname (291 hits). On the two other windows on the bottom there are: xterm window with ssh client connected to my server and an Emacs frame with log of actions made with server.

              Alt...The screenshot of cwm with a Librewolf window on top. It displays the GoAccess web interface with a list of referrer URLs, from requests to my server. There are: https://MyIP/ (47078 hits), http://MyIP:443/ (25507 hits), https://MyIP (3018 hits), () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd (621 hits), https://MyIP/WebInterface/login.html (434 hits) and https://myhostname (291 hits). On the two other windows on the bottom there are: xterm window with ssh client connected to my server and an Emacs frame with log of actions made with server.

                [?]josh g. [he/him/they] » 🌐
                @joshg@mathstodon.xyz

                Anyone out there running a backup MX that I could add my domain to for a few days? My only internet connectivity right now is tethering my phone, and I can't route incoming email server connections that way (afaik).

                  [?]Owl Eyes Hoo » 🌐
                  @d1@autistics.life

                  @labellaragassa It's a bunch of tradeoffs. There are acceptable solutions where trust is warranted, but they're less convenient, and require more skills. How far down the rabbit hole of inconvenience are you willing to go, to satisfy more of your ideals?

                    [?]Angelo Veltens 🏳️‍🌈 [https://my.pronouns.page/he/him] » 🌐
                    @angelo@social.veltens.org

                    Doing a mastodon *minor* update is still a mess in 2026 requiring manual steps to trigger db migrations pre and post update. And that's using docker. Without containerization its even more steps to do. Just in case anybody is still wondering why people do not "just self-host"...

                    github.com/mastodon/mastodon/r

                      [?]ay » 🌐
                      @ay@polymaths.social

                      Building a immich only box thinking of going debian and btrfs any other ideas or tips?

                      It's a 8th gen nuc


                      Tia

                      #selfhosting #immich #server #debian

                        [?]Rolle Laukkarinen » 🌐
                        @rolle@mementomori.social

                        What many people misunderstand about hosting your own content (like this social media instance) is thinking we somehow NEED a big audience or Big Tech involvement.

                        I'm perfectly fine if the world faded away and it was just the thousand of us here. It's like the early days of the web when we had small forums, nobody missed Reddit back then. Federation is a big plus, not a requirement.

                        It's the same with websites or IRC for me. I know people use Discord, but I still stick to IRC even if there are only about a hundred of us left. I know people use AI now and website visitors are dropping, but who cares? I still keep doing it for those who like to read.

                        I don't need the whole world involved for this to feel worthwhile. It's mine, I own it, and I host it for as long as I breathe. After that, it won't matter to me anymore, but I hope other admins keep things running the way I did.

                          [?]BastilleBSD :freebsd: » 🌐
                          @BastilleBSD@fosstodon.org

                          RE: mastodon.bsd.cafe/@subnetspide

                          Bastille makes a great self-hosting platform! Look at this absolute list of self-hosted software ⬇️

                          nsd, unbound, acme, adguard, gitea, haproxy, homebox, mail, netbox, nextcloud, plex, rustdesk, samba, syncthing, tor, unifi, vaultwarden, and more on one box.

                          [?]subnetspider » 🌐
                          @subnetspider@mastodon.bsd.cafe

                          FreeBSD 15.1 is here, and my home server is already running it. :D

                          Screenshot of my home server running FreeBSD 15.1-RELEASE and all 22 jails currently running on it.

                          Alt...Screenshot of my home server running FreeBSD 15.1-RELEASE and all 22 jails currently running on it.

                            [?]Matt Brunt [He/Him] » 🌐
                            @brunty@brunty.social

                            Damn. Again?!

                            heise.de/en/news/Up-to-200-per

                            One of the servers I use would go from 7.99 to 19.49 and another from 20.99 to 62.49

                            Oof

                              Jay 🚩 :runbsd: boosted

                              [?]Dragon of BSDCafe :freebsd: [he/him] » 🌐
                              @evgandr@mastodon.bsd.cafe

                              Kinda postmortem:

                              1) The maximal log size before rotation and count of gzipped logs to store should be increased in the newsyslogd configuration. This should be applied to any service, which is looking into the void^WInternet. So, I will not loss log records, related to the start of attack…

                              2) Also, Asterisk log should be added to newsyslogd configuration first. It weren't added here, so *.log files became too big (> 1 Gb) and of course fail2ban ate a lot of memory while parsing these big logs. If they were rotated properly, then fail2ban will not eat so much memory, parsing small enough files.

                              3) Since start of attack in logs were lost, then I could only imagine possible root cause of an attack. By default, any IP, which once failed to provide the proper credentials to login somewhere in my kitchen server, is banned immediately and forever.
                              But somehow those attackers managed to use just 2 IPs to make an attack and they weren't banned before manual intervention :drgn_confused:

                              According to fail2ban logs they were banned, but they were obviously not banned by npf. So, I think, they started attack right in time when my blacklists were successfully updated and npf was reloading — as a result their IPs appeared as "banned" in the fail2ban, but the fail2ban failed to ban them via npf, so "IRL" their IPs still weren't banned. Time to revisit my script to update blacklists :drgn_wrench:

                              4) Looks like I need to install some Intrusion Detection System (possibly snort :drgn_think: since it is mature enough). It isn't good to rely only on one mechanism (fail2ban + blacklists + npf) to protect my precious machine.

                                [?]Dragon of BSDCafe :freebsd: [he/him] » 🌐
                                @evgandr@mastodon.bsd.cafe

                                Oh fuck, I was mistaken — it was a real attack, not LLM bots :drgn_lurk_nervous: — someone, using machines from French hosting, was trying to connect to my Asterisk box, using various SIP endpoints.

                                The attack was started at Monday's night and was found only because monit reported about too much memory eaten by fail2ban :drgn_cry:

                                Interesting, why fail2ban didn't banned attacker's IP, because it should do that right after failed attempt to login? :drgn_think_confused: Tine to revisit fail2ban jails configs… :drgn_wrench:

                                Screenshot of termux with opened console of my home server. There is an asterisk log in the console, showing various and constant attempts to login into my PBX via PJSIP.

                                Alt...Screenshot of termux with opened console of my home server. There is an asterisk log in the console, showing various and constant attempts to login into my PBX via PJSIP.

                                  #netbsd boosted

                                  [?]Dragon of BSDCafe :freebsd: [he/him] » 🌐
                                  @evgandr@mastodon.bsd.cafe

                                  Kinda postmortem:

                                  1) The maximal log size before rotation and count of gzipped logs to store should be increased in the newsyslogd configuration. This should be applied to any service, which is looking into the void^WInternet. So, I will not loss log records, related to the start of attack…

                                  2) Also, Asterisk log should be added to newsyslogd configuration first. It weren't added here, so *.log files became too big (> 1 Gb) and of course fail2ban ate a lot of memory while parsing these big logs. If they were rotated properly, then fail2ban will not eat so much memory, parsing small enough files.

                                  3) Since start of attack in logs were lost, then I could only imagine possible root cause of an attack. By default, any IP, which once failed to provide the proper credentials to login somewhere in my kitchen server, is banned immediately and forever.
                                  But somehow those attackers managed to use just 2 IPs to make an attack and they weren't banned before manual intervention :drgn_confused:

                                  According to fail2ban logs they were banned, but they were obviously not banned by npf. So, I think, they started attack right in time when my blacklists were successfully updated and npf was reloading — as a result their IPs appeared as "banned" in the fail2ban, but the fail2ban failed to ban them via npf, so "IRL" their IPs still weren't banned. Time to revisit my script to update blacklists :drgn_wrench:

                                  4) Looks like I need to install some Intrusion Detection System (possibly snort :drgn_think: since it is mature enough). It isn't good to rely only on one mechanism (fail2ban + blacklists + npf) to protect my precious machine.

                                    [?]Dragon of BSDCafe :freebsd: [he/him] » 🌐
                                    @evgandr@mastodon.bsd.cafe

                                    Huh, looks like the new ASes, with LLM-bots attacking servers, just dropped :drgn_aww:

                                    TLDR: there are AS12876 and AS16276 — both located in France (Scaleway SAS and OVH SAS). My Asterisk self-hosted box was attacked from the next IPs: 62.4.15.81 and 51.222.38.229.

                                    Today, after I was checked my e-mail, I found three warnings from Monit about fail2ban exhausting limits in my small server in the kitchen (Intel Atom N2800 1866 MHz and 4 Gb of RAM). First e-mail warns about fail2ban ate 200 MB of RAM, next about 500 MB of RAM and the last e-mail warns me that fail2ban ate 2 GB of RAM :drgn_shocked:

                                    Emacs Gnus with e-mail from Monit opened. In the e-mail Monit warns me about fail2ban ate 2.1 GB of RAM when the limit is 200 MB.

                                    Alt...Emacs Gnus with e-mail from Monit opened. In the e-mail Monit warns me about fail2ban ate 2.1 GB of RAM when the limit is 200 MB.

                                      [?]Dragon of BSDCafe :freebsd: [he/him] » 🌐
                                      @evgandr@mastodon.bsd.cafe

                                      Then, I logged into my box and found that fail2ban, Asterisk and PostgreSQL aren't feeling well. The system load and the traffic amounts was unusual — the parameters are completely differs from which I used to see since server installation.

                                      I checked fail2ban logs and found that it is still parses the data from Asterisk log which were happen at near 5 hours ago :drgn_shocked: And there were total mess in the Asterisk security.log (see screenshot) — some dumb (as it programmers :drgn_blush_giggle: ) LLM-bots were constantly trying to connect to my Asterisk server with HTTP protocol, evaluating it as a web-server, I dunno :drgn_think_confused:

                                      And the Asterisk logs became enormously big — while newsyslogd wasn't invoked — they eat at near 4 GB :drgn_shocked: . I didn't specify the maximal size of Asterisk logfiles in the /etc/newsyslog.conf, because I wasn't expected a lot of lines in the PBX logs, which is in use only for my relatives.

                                      top output in the terminal of NetBSD server, showing three CPU-consuming processses: python3.12, postgres, asterisk.

                                      Alt...top output in the terminal of NetBSD server, showing three CPU-consuming processses: python3.12, postgres, asterisk.

                                      Excerpt from failban log showing how it processes events from asterisk logs, happened 5 hours ago.

                                      Alt...Excerpt from failban log showing how it processes events from asterisk logs, happened 5 hours ago.

                                      Alt...Video with as fast scrolling lines -- there is a tail -f security.log for my Asterisk installation. Each three lines is an unsuccessfull attempt to break into my Asterisk from LLM bots.

                                      ls -lh in the /var/log/asterisk.
Size of asterisk.log: 1.2 Gb, queue.log: 4.4 Kb, security.log: 2.5 Gb.

                                      Alt...ls -lh in the /var/log/asterisk. Size of asterisk.log: 1.2 Gb, queue.log: 4.4 Kb, security.log: 2.5 Gb.

                                        [?]Dragon of BSDCafe :freebsd: [he/him] » 🌐
                                        @evgandr@mastodon.bsd.cafe

                                        Some graphs :drgn_aww: from with LLM-bots attacking my kitchen server.
                                        Graphs spans to the whole week, so on the left there is a normal state of my server. And on the right — attack is happening.

                                        Graph of CPU usage, which going high after LLM bots attack (at near 08 Jan Monday). At near 2 CPU cores were used by LLM bots, trying to abuse my  PBX as an Web-server.

                                        Alt...Graph of CPU usage, which going high after LLM bots attack (at near 08 Jan Monday). At near 2 CPU cores were used by LLM bots, trying to abuse my PBX as an Web-server.

                                        Graph with main network interface bits per minute — before attack there were almost no data receivin/transmitting, only some cron jobs at night. But after attack there are at near 20 Mb per minute both receiving and transmitting.

                                        Alt...Graph with main network interface bits per minute — before attack there were almost no data receivin/transmitting, only some cron jobs at night. But after attack there are at near 20 Mb per minute both receiving and transmitting.

                                        Graph with PostgreSQL connections. Active connections has green color. Before the attack there are almost no active connections, but after attack there are a lot of them, since Asterisk using PostgreSQL as a main backend.

                                        Alt...Graph with PostgreSQL connections. Active connections has green color. Before the attack there are almost no active connections, but after attack there are a lot of them, since Asterisk using PostgreSQL as a main backend.

                                        Load average for my server. After attack it increased at near 4 times.

                                        Alt...Load average for my server. After attack it increased at near 4 times.

                                          [?]Jan » 🌐
                                          @js@mastodon.bsd.cafe

                                          Wait, you guys are paying people to host your private data?

                                            [?]𝙹𝚘𝚎𝚕 𝙲𝚊𝚛𝚗𝚊𝚝 ♑ 🤪 » 🌐
                                            @joel@gts.tumfatig.net

                                            :cloud: There is no Cloud!
                                            :server: Only someone else’s #selfhosting

                                              [?]Michael » 🌐
                                              @michael@mstdn.thms.uk

                                              My mastodon instance had a short downtime earlier. This was caused by a power cut.

                                              Which in turn was caused by me stupidly cutting a power cable with my hedge trimmer (thus triggering the main fuse to trip). Oops 😬

                                              The dangers of when one is a bit clumsy I suppose 😁

                                                🗳

                                                [?]BastilleBSD :freebsd: » 🌐
                                                @BastilleBSD@fosstodon.org

                                                If you run your own local DNS servers at home, do you: (select all that apply)

                                                Comment with your preferred DNS stack and privacy friendly DNS providers.

                                                Forward to ISP's DNS servers.:4
                                                Forward to a DNS service (1.1.1.1, 9.9.9.9, etc).:17
                                                Recursively resolve from root servers directly.:16
                                                Encrypt my DNS using DoH, DoT, etc.:14

                                                  [?]PurpleJillybeans :PrideDisk: [She/Her] » 🌐
                                                  @PurpleJillybeans@kind.social

                                                  TFW you realize you've had your MX entry set wrong for over a month.

                                                  Yet somehow I've still been getting (some) mail? 🤔

                                                    [?]Florian 'floe' Echtler » 🌐
                                                    @floe@hci.social

                                                    I had found a very thorough server checker (e.g. TLS, DKIM, certificates, PFS, DMARC, you name it) here on the fedi at some point and thought I'd bookmarked it, but just can't find it anymore. Any recommendations from the sysadmin crowd?

                                                      [?]Root Moose » 🌐
                                                      @RootMoose@mastodon.bsd.cafe

                                                      Is there anyone out there running an AMD 5650GE based system running Linux or BSD?

                                                      Can you tell us your CPU and GPU idle power numbers as displayed in btop?

                                                      Maybe this is an "easy button" of sorts to reduce power on an existing AMD AM4 system without going through the machinations of new mobo, ram, etc., etc. Get most of the way there?

                                                        [?]Root Moose » 🌐
                                                        @RootMoose@mastodon.bsd.cafe

                                                        Is there anyone out there running an AMD 5825U based system running Linux or BSD?

                                                        Can you tell us your CPU and GPU idle power numbers as displayed in btop?

                                                          Back to top - More...