If you self-host services on the internet, you may have seen waves of crawlers hammering your websites without mercy.

To annoy them and protect my services from DDoS, I decided to setup an iocaine instance, along with NSoE... And it worked... Too well.

Recently, they started flooding my VPS so much it started choking.
If you followed me here on Fedi, you saw my journey to find a way to relieve my server.

This is a rant about LLM crawlers, and some observations & conclusions, along with some techniques to help you protect your own services.

Read it here: https://xaselgio.net/posts/26.poisoning-knowledge/

#selfHosting #iocaine #indieWeb

Another reason for #SelfHosting: You get to define your own error pages!

This is what my #Elk, #Nicolium and #Invidious sites look like if I forgot to VPN home:

Alt...

A screenshot of a web browser, showing an almost blank page, except the "Confused Travolta" meme GIF is shown at the centre of the page.

Just received an email from my mail server administrator. They sent me a link to change my password because it's 'insecure'.

My mail admin is so efficient...

...hey, wait a minute... I AM my mail administrator! 🤦‍♂️

#Phishing #SelfHosting #SysAdminLife #SecurityFail #InfoSec

Techies of mastodon, what hardware under £50 would you recommend if I wanted to host home assistant and a pi hole instance on it?

Happy to grab something off eBay, my current pi keeps corrupting SD cards.

#Tech #selfhosting

RE: https://bahn.social/@MeierUli/116006925873414629

@jwildeboer About SELFHOSTED EMAIL

Email is a good idea to solve for ourselves - even as a sentiment or practical / political action - but I need also somewhere I can go when I get stuck which will for sure happen (half-way through maybe) and past just my sentiment phase I'd need to go to the finish with someone.

I think it's getting better... or exists! ? !

Looking at #email hashtag and #selfhost / #selfhosting / #selfhosted

"Mailserver: mox is great fun."
https://www.xmox.nl/

"We are currently clean on UPTIME"

#selfhosting #uptimekuma

Alt...

Screenshot from Uptime Kuma, showing all green status for Adguard Home, Grafana, Home Assistant, Immich, InfluxDB, Nextcloud, Uptime Kuma and Vaultwarden

What's your self-hosting platform of choice? Proxmox? Unraid? TrueNAS? Something else?

#homelab #selfhosting

#sysadmins #mastoadmin #mastoadmins #selfhosting questions re: DNS...

Has anyone hosting their own instance seen a massive increase in DNS queries to their domain.

I don’t host my own DNS, and my DNS provider can’t give me logs of requests, so I can’t even check which subdomain it might relate to.

I’m not sure what I could do to avoid it – the overage is not a large amount of money, but it’s recurrent and annoying, and started when I started this instance.

I changed the TTL to 2 weeks and it didn’t make a difference.

I’m not sure what else to check.

Can anyone recommend a DNS provider I could use temporarily that I could get logs from?

I don’t want domain hosting or web hosting, or masto hosting.

Thanks!

like/favorite if this appears in your feed please :)

#selfhosting #snac2 #openbsd

Since my home server not intended for use by any people outside of my city (plus some VPN endpoints in other countries) — it is ok to ban some unwanted countries and cities from which I don't expect anything good, except attempts to hack my box to use my resources or set me up .

So I added some GeoIP blocking to the npf with script to update GeoIP list — I blocked China, Iran, North Korea, etc and Moscow (because there are a lot of government and commercial backed bots coming from here). Results are good — the bots don't disappeared completely but the speed of adding new IPs to the blacklist is decreased

Sadly, I was unable to add USA and UK to the list, because looks like there are some limits (not found how to increase them ), which disallows to load a lot of CIDRs for these countries to the blacklist.

#NetBSD #npf #bots #selfhosting

Alt...

Graph of the count of banned IPs per week. There are two red tangents on the two points — before and after the GeoIP bans were enabled. And the two red lines, parallel to the X axis. The resulting derivatives are 0.59 and 0.38, so the speed of raising the values (count of blocked bots) are decreased.

Alt...

Part of the script to update npf blacklists. Script contents: # List of blocked countries: # AE - United Arab Emirates # AF - Afganistan # BY - Belarus # CN - China # CU - Cuba # HK - Hong Kong # HU - Hungary # IR - Iran # KP - North Korea # KW - Kuwait # PK - Pakistan # PS - Palestine # TW - Taiwan # UA - Ukraine /usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \ --retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \ --show-error --proxy http://127.0.0.1:20172 \ -o - "$GEOIP_COUNTRIES_SOURCE" | \ /usr/bin/egrep '^[0-9.,]+((AE)|(AF)|(BY)|(CN)|(CU)|(HK)|(HU)|(IR)|(KP)|(KW)|(PK)|(PS)|(TW)|(UA))$' | \ /usr/bin/awk -F, '{ print $1, "-", $2 }' | \ /usr/pkg/bin/iprange > /usr/share/npf/blacklist.countries.new if [ "$?" -ne "0" ]; then echo "Failed to update countries blacklist" rm -f /usr/share/npf/blacklist.netset.new \ /usr/share/npf/blacklist.countries.new exit 3 fi # List of blocked cities: # Moscow /usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \ --retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \ --show-error --proxy http://127.0.0.1:20172 \ -o - "$GEOIP_CITIES_SOURCE" | \ gzip -d | \

Just published a deep dive on self-hosting CryptPad on FreeBSD using VNET jails, PF NAT, and Caddy.

End-to-end encrypted collaboration, fully isolated networking, no direct internet exposure for the app jail, and a few real-world gotchas (including the infamous “Loading…” issue).

If you like FreeBSD, jails, and privacy-first self-hosting, this one’s for you.

https://blog.hofstede.it/self-hosted-cryptpad-on-freebsd-with-vnet-jails-and-caddy/

#FreeBSD #SelfHosting #Privacy #Jails #CryptPad

I self-host my own e-mail servers for ~25 years now. Just finished he migration to a new system today.

- OS: FreeBSD 15.0-RELEASE
- MTA: Postfix 3.10
- IMAP: Dovecot 2.3
- Filter: Rspamd 3.14

I used Imapsync to migrate the content of my Mailboxes from the old to the new system. Worked absolutely fine.

Having the E-Mail Jail and the mailbox data on an encrypted ZFS dataset (AES256) that's manually unlocked with my passphrase after rebooting the system. Backups are done via ZFS send/recv to by backup server (-w for raw send to ensure, data is encrypted at rest)

- SPF: ✅
- DKIM Signing: ✅
- DMARC Reporting: ✅
- E-Mail delivery to major providers: ✅
- IPv6 working and actually being used: ✅

All working perfectly well. In about a week, I'll decomission the old Debian based system, that I used since 2017!

#linux #freebsd #sysadmin #selfhosting #email #postfix

Alt...

Console output, showing FreeBSD Jails, running E-Mail related services.

New blogpost:

"Testing Radicale, a self-hosted FOSS CalDAV and CardDAV Server"

Setting it up was easy.

Importing my calendar appointments history was not.

It doesn't have calendar sharing, and I'm on the fence as to whether this will be a deal breaker.

https://neilzone.co.uk/2026/01/testing-radicale-a-self-hosted-foss-caldav-and-carddav-server/

#FOSS #selfhosting #Linux #Radicale

@eff That's encouragement to get into self-hosting if anyone needed the bump.

#selfhosting

New post:

"A newbie's guide to self-hosting with YunoHost. Part 3: Let’s install NextCloud"

🔗 : https://blog.elenarossini.com/a-newbies-guide-to-self-hosting-with-yunohost-part-3-lets-install-nextcloud/

And sorry for repeating myself, but the path to digital independence and empowerment is easier than you thought.

My self-hosted #NextCloud has fully replaced WeTransfer, Google Drive and Dropbox for me... and it's only the tip of the iceberg.

I hope this visual guide will help fellow newbies.

#SelfHosting #YunoHost #MySoCalledSudoLife #FOSS #blog #resist

Running Mastodon on FreeBSD? Stop using wrapper scripts that break service status.

I've refactored the init scripts for Sidekiq, Puma, and Streaming to be fully production-grade:

- Clean privilege dropping (no su wrappers)
- Native signal handling for log rotation
- Correct PID tracking & status reporting.

I published the scripts and the reasoning behind them in my Codeberg gists:

https://codeberg.org/Larvitz/gists/src/branch/main/2026/20250115-FreeBSD_Mastodon_rc.d.md

I use those to run a Mastodon instance and they're working great so far!

❤️ 🦣

#FreeBSD #Mastodon #SelfHosting #mastoadmin #runbsd #OpenSource

Alt...

Screenshot showing the service status of several Mastodon services on FreeBSD

Jeff Bezos is saying the quiet part out loud. They want to kill local computing.

You will own nothing and be happy. You will rent your computing power from the cloud. You pay a subscription for the privilege of using a computer.

AI demand is artificially spiking DRAM prices and Big Tech is pushing "AI PCs," the squeeze is on to force us into a rental model.

Reject this future.

Keep your hardware local.

Run #Linux.

Own your data.

The "cloud" is just a landlord for your data.

#NoAi #FOSS #OpenSource #Privacy #SelfHost #SelfHosting #BigTech #RightToRepair #RAM #Amazon #EatTheRich

https://www.windowscentral.com/artificial-intelligence/jeff-bezos-says-the-quiet-part-out-loud-bezos-envisions-that-youll-give-up-your-pc-for-an-ai-cloud-version

Now pondering: email feudalism

#SelfHosting #EMail #lang_en

I'm getting back into #selfhosting after 20-odd years off. I keep looking at containers and kubernetes and cloud-init and feeling like they don't offer a whole lot over just writing a couple of bash scripts to provision a server (just one with everything on it) from scratch. Does anyone have anything lightweight they like for hosting a web app?

#devops

Was mir an der Bilderverwaltung mit Immich auf dem Homeserver nicht gefällt, ist die Möglichkeit einer eigenen Ordnerstruktur. Ich sortiere seit 29 Jahren nach: Jahr - Ereignis - eventuelle Unterordner nach Monaten. Immich sortiert nach Datum. Da finde ich mich in meinen gut 25k an Bildmaterial nie mehr zurecht...
#immich #immichapp #selfhosting #homeserver #unplugtrump #unplugbigtech

Finally (2), I have some good enough DHCP server!

Tried kea from ISC — it works but requires some additional actions to be launched under #NetBSD. It has very strange default paths for file with leases, PIDs and logs:
- /usr/pkg/var/lib/kea/
- /usr/pkg/var/lib/run/kea
- /usr/pkg/var/log/kea

BTW, it could be changed via playing with some environment variables.

Also, the default startup script uses keactrl to launch DHCP server and keactrl requires some configuration for it. So, to use "service kea start" there are two configuration files are necessary:
- /usr/pkg/etc/keactrl.conf — the main configuration file for server.
- /usr/pkg/etc/kea/keactrl.con — the configuration file for keactrl.

Then, I tried the dhcpsd — the new promising successor of ISC dhcpd, which could be configured with configuration file in Lua and conforms Unix FHS — all necessary files lies in the right places: /var/run, /var/log, etc. Sadly, it doesn't work: server starts but there are no leases for clients and no any errors in the log :-(

Then, I found cmu-dhcpd in the repos — there is a dhcpd from Carnegie Mellon University with some patches from Princeton. And, finally it works! And it also conforms Unix FHS: main configuration in the /etc/dhcpd.conf, PID-file in the /var/run/dhcpd.pid and logs in the /var/log/messages

#selfhosting #dhcp #DHCPv4 #dhcpd

Alt...

Screenshot of xterm with vi opened in it. In the vi there is a /etc/dhcpd.conf opened with some simple configuration for plain home network.

Speaking of #JDLL, some of you may remember that I had the honor of speaking at the 2025 edition, invited by the awesome @yunohost team to share my experiences self-hosting with them.

I asked my husband to tag along and bring our daughter so she could see me speaking on stage... and see that mamma does cool stuff outside the house too.

Well, my daughter brought up Lyon and the conference on the way to school the other morning. I asked her: "did you have a good time?" and her immediate response was: "I didn't understand anything you said!"

Me: "Well, it's normal, I talked about grown up stuff."

Child (4 then, 5 soon): "But what did you say?"

And then I proceeded to try to explain the concept of #selfhosting and #digitalsovereignty and how empowering it is to use a tech stack independent of #BigTech platforms... in an accessible way that she would understand.

It was SO DIFFICULT.

I probably failed spectacularly and she still doesn't understand. But it made me think that it'd be worth trying to explain this to older kids... like pre-adolescents or in their early teens? Maybe a project for another time.

Edit/add-on: my daughter asked me to speak about the Pink Panther or Bluey next time so she could understand 😂

#MySoCalledSudoLife #resist #parenting

#introduction ― I decided to create an alt account here to allow me
to connect more easily with SDF community.

My primary focus will be on tech-related things I like:
#pkgsrc on #netbsd #illumos and #slackware
#unix #sdf #gopher #smolnet #usenet #dos #c #lisp
#selfhosting #homeserver #permacomputing #lowtech
#hamradio #progrock #progmetal #ambient #postrock
#90s #scifi #cyberpunk #novels #seinen #manga

Commitin programming crimes }:->

Few weeks ago I seriously looked to the mine OpenHAB installation and asked a question for myself: "Am I really need it?" Look, I have a few ZigBee devices, which are connected to the my server with the help of ZigBee2MQTT. Thusly, all necessary values and knobs are accessible through the MQTT topics.

And I'm using the OpenHAB (big Java application which eats ton's of RAM and constantly swapping) just to:
1) Read values from MQTT topic
2) Read weather forecast from Open-Meteo through simple REST API endpoints
3) Store all the data to the PostgreSQL DB.
4) Display these data in the nice Web page which works only in browsers with JS engine.

So, basically, I trade tons of RAM and processing power just for a nice web-page with few indicators. While retrieving data from my ZigBee devices processed by the another service.

After that thought, I started to think about replacing this monster with small hand-written program, which will not eat 700 MB of RAM. Just Nginx, small FastCGI script on C, which will read values from DB and display them on the simple HTML page. And another small daemon (also written in C) which will take data from MQTT topic (and from REST API of Open-Meteo) and will write them to the DB. And possibly some PGSQL procedures to analyze these data.

At least I'll have fun

#programming #C #smarthome #selfhosting

Alt...

Emacs buffer with some C code, which spews out the string with HTML, with substituted values for temperature and humidity.

Today's #FreeSoftwareAdvent is paperless-ngx, a key part of keeping us, well, paperless.

It is a document management tool, but I use it in a very basic way: it is hooked up to our scanner, and anything we scan gets automatically converted to PDF and OCRd. We then shred the paper. I try to scan, and shred, everything on the day that it arrives.

It is particularly useful around tax return time, as it means I can easily get the information I need from stuff which people have posted to us.

https://github.com/paperless-ngx/paperless-ngx

#FOSS #SelfHosting #Paperless