OpenZiti is a self-hosted zero-trust networking platform that lets you access services without VPNs or exposing ports.
Each connection is identity-based, end-to-end encrypted, and limited per service.

Instead of full network access like traditional VPNs, it only allows access to specific services -- reducing attack surface.

👉 https://github.com/openziti/ziti
👉 More tools like this: https://digital-escape-tools-phi.vercel.app/

#OpenSource #SelfHosting #ZeroTrust #Networking #Privacy #DigitalMinimalism

Alt...

Screenshot of OpenZiti GitHub repository showing: 3.9k stars, build status, Go reference, Discourse forum link, Apache 2.0 license, and description of the zero-trust networking platform.

Self hosters, do you use Cloudflare in front of your hosted services?

#cloudflare #selfhosting #privacy #security

How to Host Your Own #Mastodon Server on a #VPS (5 Minute Quick-Start Guide)

This article provides a guide for how to host your own Mastodon server on a VPS.

Running your own Mastodon server on a VPS is an excellent way to enjoy an efficient and secure Mastodon experience.
What is Mastodon?
Mastodon is a #decentralized social media platform that enables users to post ...
Continued 👉 https://blog.radwebhosting.com/how-to-host-your-own-mastodon-server-on-a-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #rubyonrails #activitypub #installguide #selfhosting #rubygems #selfhosted

Thinking of setting up a mail server.

I really want to avoid ending up blacklisted, does anyone have any advice about running their own mail server?

please boost.

#askfedi #selfhost #selfhosting

@mastodonmigration We should probably be pushing things like #Friendica and #Pixelfed and other free Fediverse servers over things like Ghost.

Even pushing free wiki software would be a win over a proprietary platform.

But yes, escaping commercial platforms is a critically important idea, and the first step to #selfhosting.

I'm Blake — reintroducing myself as I'm back on the timeline.

I'm a Cloud Engineer working in Site Reliability and DevOps in the healthcare industry. I design and build highly scalable, resilient infrastructure that powers modern healthcare systems. Day-to-day I work with .NET, JavaScript, and TypeScript to deliver reliable platforms.

Outside of work, I build with Go — creating tools that prioritize performance, privacy, and user empowerment.

A couple things I'm working on:

RideAware — A cycling training platform for building structured training plans, analyzing ride data, and completing indoor workouts all in one place.

Arcline Hosting — A self-hosted web hosting service for people who want to know exactly where their data lives. It runs on hardware I own and operate — no AWS, no Cloudflare, no third-party CDN. Shared, WordPress, and VPS plans with personal ticket and email support.

My core interests span SRE, cloud infrastructure, DevOps/automation, and network engineering. I spend a lot of time with Linux, Docker, Kubernetes, Terraform, and enjoy digging into routing, firewalls, and secure network design.

I'm here because I care about privacy, self-hosting, and building things that give people more control over their own data. Good to be back — looking forward to reconnecting with this community.

#reintroduction #CloudEngineering #SRE #DevOps #Go #Golang #Linux #Docker #Kubernetes #Terraform #SelfHosting #HomeLab #Privacy #DataSovereignty #WebHosting #Cycling #HealthcareIT #FOSS #BSD

I have deployed and run infra since the noughts, through some wild turns in geo/techno-political history, and will say that now more than ever, #selfhosting is an act of resistance.

Depopulate. Defund. Disempower.

If you've got Home Assistant automations that are based on the IP address of a device, make sure you give those devices a static IP. You'll save yourself a ton of headache later on. Ask me how I know /s

#homeassistant #selfhosting

solidtime is a modern open-source time tracking app built for freelancers and teams.
Track work hours without sending productivity data to SaaS platforms , a privacy-respecting alternative to traditional trackers.
GitHub : https://github.com/solidtime-io/solidtime

More privacy-friendly tools curated at https://digital-escape-tools-phi.vercel.app/

#Privacy #OpenSource #FOSS #TimeTracking #SelfHosting #DigitalFreedom

Alt...

An image of the solidtime open-source time tracker dashboard. The top bar shows the license (AGPL-3.0), test coverage (8.9%), build status (passing), and PHPStan level 7. The main interface is divided into sections. On the left, “Recently Tracked Tasks” lists tasks like “Competitive Research” and “Change Button Color” under “Landing Page Design.” In the center, an “Activity Graph” shows tracked hours for “Today” (6h 25min), “Yesterday” (2h 59min), “Tomorrow” (4h 25min), “Next Week” (1h 03min), and “Last 7 Days” (26h 59min). On the right, “Team Activity” displays tasks assigned to Gregor Vorstek, Konstantin Graf, and John Doe. Below, the tagline reads: “solidtime is a modern open-source time tracking application for Freelancers and Agencies.

This seems like a good time for people to move off of giant corporate email providers. Surveillance capitalism needs to be shown the door. We're going to need to be able to trust our communications.

Related: I wish the US locality system hadn't collapsed after Jon Postel passed. (Rest in peace.)

#selfhosting #email

I self-host a lot of stuff. Nearly everything that I use. FOSS and self-hosting is a massive part of my computing experience.

I love reading about people enjoying / exploring self-hosting stuff.

I struggle when people advocate "just self-host it", without giving due consideration to the costs, risks, security considerations, and so on.

I know that I've posted this a few times now, but this discussion seems to pop up quite a lot. So:

https://neilzone.co.uk/2022/07/self-host-it-is-not-the-answer/

#SelfHosting #FOSS #blog

I am immensely grateful to the Fediverse for all the encouragement I got here to embark on a #selfhosting journey.

#YunoHost has empowered my digital life in immeasurable ways.

My way of giving back - and fighting the broligarchs of Big Tech - is to create a guide that demystifies the process. I have compiled all my posts so far in a single page:

🔗 : https://blog.elenarossini.com/a-newbies-guide-to-self-hosting-with-yunohost/

If you're curious about self-hosting but you haven't taken the leap yet, I hope my articles will be helpful to you ❤️

#Introduction ― I'm a 6th year #medicine student, aspiring #neurology
resident. Some topics I'm interested into:

#neuroscience #cognitivescience #neuroimaging #pathology #virology
#bioinformatics #socialism #pacifism #minimalism #collectivism
#cooperatives #environmentalism #climatechange #sustainability
#permaculture #vegan #existentialism #posthumanism #postmodernism #scifi
#cyberpunk #foss #unix #netbsd #sdf #gopher #privacy #bbs
#decentralization #selfhosting #lisp #retrocomputing

If you self-host services on the internet, you may have seen waves of crawlers hammering your websites without mercy.

To annoy them and protect my services from DDoS, I decided to setup an iocaine instance, along with NSoE... And it worked... Too well.

Recently, they started flooding my VPS so much it started choking.
If you followed me here on Fedi, you saw my journey to find a way to relieve my server.

This is a rant about LLM crawlers, and some observations & conclusions, along with some techniques to help you protect your own services.

Read it here: https://xaselgio.net/posts/26.poisoning-knowledge/

#selfHosting #iocaine #indieWeb

Just received an email from my mail server administrator. They sent me a link to change my password because it's 'insecure'.

My mail admin is so efficient...

...hey, wait a minute... I AM my mail administrator! 🤦‍♂️

#Phishing #SelfHosting #SysAdminLife #SecurityFail #InfoSec

What's your self-hosting platform of choice? Proxmox? Unraid? TrueNAS? Something else?

#homelab #selfhosting

like/favorite if this appears in your feed please :)

#selfhosting #snac2 #openbsd

Last minute call to join Tunnel, starting in a few days. For those of you interested in learning about #selfhosting, with a focus on network and server security, this your ideal strong start. No prior experience necessary, no comp-sci degree needed.

Best of all, you get to walk out with your very own fast and powerful Virtual Private Network, for which dozens of configs can be handed out as QR codes to give to fam, friends and colleagues.

https://courses.nikau.io/tunnel

Alt...

Title image for Tunnel, featuring that text in caps against a duo-tone image of a medieval brick tunnel system

Since my home server not intended for use by any people outside of my city (plus some VPN endpoints in other countries) — it is ok to ban some unwanted countries and cities from which I don't expect anything good, except attempts to hack my box to use my resources or set me up .

So I added some GeoIP blocking to the npf with script to update GeoIP list — I blocked China, Iran, North Korea, etc and Moscow (because there are a lot of government and commercial backed bots coming from here). Results are good — the bots don't disappeared completely but the speed of adding new IPs to the blacklist is decreased

Sadly, I was unable to add USA and UK to the list, because looks like there are some limits (not found how to increase them ), which disallows to load a lot of CIDRs for these countries to the blacklist.

#NetBSD #npf #bots #selfhosting

Alt...

Graph of the count of banned IPs per week. There are two red tangents on the two points — before and after the GeoIP bans were enabled. And the two red lines, parallel to the X axis. The resulting derivatives are 0.59 and 0.38, so the speed of raising the values (count of blocked bots) are decreased.

Alt...

Part of the script to update npf blacklists. Script contents: # List of blocked countries: # AE - United Arab Emirates # AF - Afganistan # BY - Belarus # CN - China # CU - Cuba # HK - Hong Kong # HU - Hungary # IR - Iran # KP - North Korea # KW - Kuwait # PK - Pakistan # PS - Palestine # TW - Taiwan # UA - Ukraine /usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \ --retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \ --show-error --proxy http://127.0.0.1:20172 \ -o - "$GEOIP_COUNTRIES_SOURCE" | \ /usr/bin/egrep '^[0-9.,]+((AE)|(AF)|(BY)|(CN)|(CU)|(HK)|(HU)|(IR)|(KP)|(KW)|(PK)|(PS)|(TW)|(UA))$' | \ /usr/bin/awk -F, '{ print $1, "-", $2 }' | \ /usr/pkg/bin/iprange > /usr/share/npf/blacklist.countries.new if [ "$?" -ne "0" ]; then echo "Failed to update countries blacklist" rm -f /usr/share/npf/blacklist.netset.new \ /usr/share/npf/blacklist.countries.new exit 3 fi # List of blocked cities: # Moscow /usr/pkg/bin/curl --connect-timeout 30 --fail --interface re0 --ipv4 --silent \ --retry 3 --retry-connrefused --retry-delay 5 --retry-max-time 90 \ --show-error --proxy http://127.0.0.1:20172 \ -o - "$GEOIP_CITIES_SOURCE" | \ gzip -d | \

Can anyone tell me why I constantly am getting 522 errors on my personal mastodon instance ever since deploying ElasticSearch? Even when I've disabled the search, the errors continue (yes I set the value back to `FALSE` in the .env). It's all running in Docker. No clue what's going on and it's really frustrating.

#selfhosting #fedihelp

Just published a deep dive on self-hosting CryptPad on FreeBSD using VNET jails, PF NAT, and Caddy.

End-to-end encrypted collaboration, fully isolated networking, no direct internet exposure for the app jail, and a few real-world gotchas (including the infamous “Loading…” issue).

If you like FreeBSD, jails, and privacy-first self-hosting, this one’s for you.

https://blog.hofstede.it/self-hosted-cryptpad-on-freebsd-with-vnet-jails-and-caddy/

#FreeBSD #SelfHosting #Privacy #Jails #CryptPad

I self-host my own e-mail servers for ~25 years now. Just finished he migration to a new system today.

- OS: FreeBSD 15.0-RELEASE
- MTA: Postfix 3.10
- IMAP: Dovecot 2.3
- Filter: Rspamd 3.14

I used Imapsync to migrate the content of my Mailboxes from the old to the new system. Worked absolutely fine.

Having the E-Mail Jail and the mailbox data on an encrypted ZFS dataset (AES256) that's manually unlocked with my passphrase after rebooting the system. Backups are done via ZFS send/recv to by backup server (-w for raw send to ensure, data is encrypted at rest)

- SPF: ✅
- DKIM Signing: ✅
- DMARC Reporting: ✅
- E-Mail delivery to major providers: ✅
- IPv6 working and actually being used: ✅

All working perfectly well. In about a week, I'll decomission the old Debian based system, that I used since 2017!

#linux #freebsd #sysadmin #selfhosting #email #postfix

Alt...

Console output, showing FreeBSD Jails, running E-Mail related services.

New blogpost:

"Testing Radicale, a self-hosted FOSS CalDAV and CardDAV Server"

Setting it up was easy.

Importing my calendar appointments history was not.

It doesn't have calendar sharing, and I'm on the fence as to whether this will be a deal breaker.

https://neilzone.co.uk/2026/01/testing-radicale-a-self-hosted-foss-caldav-and-carddav-server/

#FOSS #selfhosting #Linux #Radicale