Today I set up my old laptop as a Debian server, hosting Immich (for photos), Nextcloud (for files), and Radicale (for calendar). It was surprisingly easy to do so after looking at the documentation and watching a couple videos online! Tomorrow I might try hosting something like Linkwarden or Karakeep.
What else should I self-host, aside from HA (I don’t have a smart home), Calibre (physical books are my jam), and Jellyfin (I don’t watch too many movies + don’t have a significant DVD/Blu-ray collection)?
I would like to keep my laptop confined to my local network since I don’t trust it to be secure enough against the internet.
edit: I forgot, I’m also hosting Tailscale so I can access my local network remotely!
- Paperless if you want to keep your digital documents organized.
- Jellyfin/Navidrome for music streaming if you have a collection.
- AudiobookShelf for streaming & tracking progress of audoobooks if you have a collection.
- Kitchenowl for organizing your household (expenses, shopping lists, recipes, planning meals)
- FreshRSS for RSS-Feeds (News, Blogs etc)
- LinkDing for Bookmark Management
- Game-Servers (like Minecraft or others)
EDIT:Added Linkding & GameServers
Are you using Kitchenowl for storing recipes? If so, what’s your experience with it?
I’ve tried Tandoor, the common suggestion for recipe management, but I’ve found it too clunky to add recipes to. I like the concept, but it would take a long time to move all my recipes into the specific format they use, and the web UI does not make things easier.
Worth checking out Mealie, too. Can’t say how it compares to Tandoor or Kitchenowl but I’ve been happy with Mealie for years now.
My experience with the function is limited, but I think it’s decent. Markdown support, import from websites etc. If you add the items to the recipe with their amounts and then write them out in the text it automatically give you the amount you need based on the portions specified.
On app.kitchenowl.org you can create a demo-user and household. Within that, you can try the recipe function. Sign up requires a mail-address, but it does not need to be a valid one.
- AdguardHome/Pi-Hole (for DNS Filter)
- DrawIO (MS Visio equivalent)
- Invidious (Youtube privacy frontend)
- SearxNG (Google Privacy frontend)
- Vaultwarden (Self-hosted Bitwarden server)
- Miniflux (RSS Reader)
- linkWarden (Link aggregator)
Also, checkout https://selfh.st/apps/
- SearxNG (Google Privacy frontend)
SearXNG is more than just a front end for google search, it’s an aggregator, if configured properly can collect results from Bing, Startpage, Wikipedia, DuckDuckGo, Brave.
Yacy is a web crawler/search engine that IIRC you can self host and use as a SearXNG backend
That’s correct. Thanks for the correction.
I’m no expert, but I read that self hosting your own instance doesn’t actually help with privacy since the search providers still track those requests and if you’re the only one using it, that’s just tracking you with extra steps.
Of course if you use a public instance, you have to then trust that the instance isn’t tracking you
Unless you are routing traffic through a VPN.
I just recently started routing mine through a gluetun container, but now I’m hitting timeouts pretty consistently. Not sure if there’s a solution to that or just deal with it.
For which self-hosted app? Invidious?
While true, they still collect data on the results hosting your own instance can prevent you from hitting rate-limits as often.
How safe is it to self host something that you open up to the web? I’ve been thinking about a keepass self host, but I need it to be accessible from anywhere… I’m just really worried what that does once you open up your local server to the world
If you want to expose a container based service just for yourself over internet, you can -
-
If you have static IP4 or IPV6 - Setup Wireguard VPN on your homelab/server, and wireguard client on client devices[1].
-
If you are behind NAT or CGNAT - either Cloudflared Tunnel[2] or Tailscale[3].
In either scenarios, you need to setup firewall of your server to allow connection from LAN to port of your docker container/services. By default you should set your firewall to block all incoming request from anywhere except LAN.
I’m personally using Cloudflared Tunnel, but planning to migrate to Tailscale.
[1] https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04
[2] https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/
-
Host a pangolin reverse proxy on a free oracle cloud VPS! It’s super nice to redirect online traffic to a LAN resource, that way you can share your home lab with friends and family without having to forward any ports or loosen your security posture.
https://blog.thetechcorner.sk/posts/Connect-to-your-homelab-over-CGNAT-with-tunnels-homelab-2-0/
I also highly recommend this suite of tools for downloading and streaming legal media via torrent because I would never endorse piracy.
You may or may not be a developer, but I would like to vote for Gitea/Forgejo. Should you ever get a grasp of git, a git forge is great for keeping code and even plain text documents recorded. It’s my favorite self-hosted service by far.
It can even operate as an OIDC server, so you can create a single login for all your services (that support OIDC).
I’ll also recommend Grist, an alternative to Google Sheets (and Notion, I believe?). It’s a web interface to spreadsheets that supports Python code as formulas. (I’ve also tried Nocodb, another Notion alternative, and I much prefer Grist.)
update: I’ve installed forgejo! Super easy once I figured out I had to create a new user. I’ve set up a second origin for my repos called “local”, since it will be a nice local backup for all my code.
I am, indeed, a developer. I might try locally hosting Gitea/Forgejo as an extra backup. I assume you can have multiple “origins” in git, right? That means I can back my repository to both codeberg and server.
Grist seems pretty cool too.
Absolutely! I have used multiple origins for posting my projects to Gitea/Forgejo and GitHub. You can also mirror repositories from one site to another, too, although it requires a clean slate for pulling from another remote.
The biggest use case for me is documenting (as code) my home network setup on my private forge.
Should I get Gitea or Forgejo? Forgejo seems to be a more free/libre fork of Gitea, the latter of which is influenced by a for-profit company. Is Forgejo functionally equivalent to Gitea, and if not, what are the differences? If they are basically the same I would probably go with Forgejo over Gitea. Is Forgejo’s documentation and setup similar, better, or worse than Gitea?
I haven’t looked much into the differences, but from my brief research, it appears that Forgejo has just recently updated such that migration from Gitea is no longer possible. I knew that they had become a “hard” fork last year but it has now diverged.
From a feature standpoint, I know that Forgejo is working on Fediverse integration. Beyond that, I think the differences are less apparent.
So to answer your question, I use Gitea and have for a long time. They’ll still remain MIT-licensed even if it’s no longer fully open source. However, the owning company can (and may) cease open source development. If I had known of Forgejo breaking away earlier, or if I were a new user, I would have probably started with Forgejo. That’s my recommendation.
Forgejo is a fork from gitea that is made for us. Forgejo is the new gitea.
There was some licensing or something, some kind of disagreement I don’t recall. Forgejo is the one that is still free and open source.
can I ask what is the advantage of radicale over nextcloud calendar sync?
I hosted radicale first so already had my events sorted out. Wasn’t really bothered moving them again. Also, I like radicale, it’s simple and it works.
I run a small setup on a seperate server segment (2nd router behind my main router) so it is on the internet. I run nextcloud, an dendrite and conduit instance (matrix chat-server servers), a mastodon and go-to-social instance (fediverse), bitwarden (password manager), and others.
If there is a service that you do not want to be publically accessable by everybody but you do want to access from everywhere on the internet yourself, check out client-side TLS (https) certificates. The server does is accessable from the internet put only people who have a TLS certificate on their client signed by you can access it. For services that do not require incoming connections from other machines (e.g. nextcloud, bitwarden, … but no federated services like matrix-chat or the fediverse) that is a very good option to protect your servers.
Little subquestion how fast is your nextclous instance? Cause mine is pretty slow don’t really know why
As you mentioned Immich, Nextcloud and Radicale - don’t forget to make regular backups. If you haven’t automated them, that’s your next project now ;)
Yes, back up your stuff regularly, don’t be like me and break your partition table with a 4 month gap between backups. Accomplishing 4 months of work in 5 hours is not fun.
that seems quite important, I’ll do that then!
And don’t think that you can just back up using a file-copy process. These things have databases that also need to be backed up. It’s not as simple as it first seems.
Source: been selfhosting for an embarrassingly long time without any backup!
Just a quick add on: not only do and automate backups - do also test them every now and then.
How do I set up backups for Immich, Nextcloud, and Radicale? I see lots of different options, I can’t pick!
I only host Nextcloud in an old setup (read pure PHP, MariaDB, Apache - no docker, etc.)
That server is set-up to be snapshotted daily. Also there’s a script running about 30 min before each snap shot that will also dump the database to disk (as otherwise the snapshot might contain a random state of the database). It’s not perfect, but it works - also because everything of this is done in the night, when I do not use the system, so chances are really low, that the snapshot of the disk and the database dump in it are not desynchronized too much.
I do not know what’s the best practice for a modern Nextcloud setup with docker is or how to handle the other two…
Mozhi its searxng of translators
I’ve got LibreTranslate installed so don’t need another translator, but Mozhi seems pretty cool though :D
Snikket is easy to host in a docker container. You would have your own internet messenger for friends and family. Snikket is based on the xmpp protocol thats been around for 20 years, is tried and tested and very lightweight and does take very few resources on your server. things like Nintendo’s messenger and WhatsApp are xmpp based).
what is your favorite app for android?
we like conversations, but our phones don’t treat it like a regular calling app. navigation and music still play over the conversation phone call.
I use conversations on android as well. I think it’s the best app for android. You can ask in the conversations support channel for help, there are very knowledgeable people around:
Run a RocketChat server for me so I don’t have to pay $8/mo anymore
But a Pi and recover the cost in under a year.
I would but I prefer a server hosted outside of my country.
That’s fair, though if you’re concerned to that degree I’d say a rando hosting it would be a silly move. That said, I realize that was a joke. ;P
I’ve been going down the slef hosting rabbit hole recently.
First, Home Assistant is worth doing - you’ve not got a smart home yet but this is the easy way to get one going. So worth it. You can buy a few cheap WiFi plugs, and plug in devices like lights or stuff you don’t want on stand by and you have the start of a smart home. A smart thermostat and smart radiator valves are surprisingly easy to set up if you want to save some money and keep your home efficient - a bit more of an investment but worth it if you find you like the ease and power of WiFi plugs.
I also recommend Pihole - it’s an ad blocker for your entire network. You can run it on Docker on x86 machines - you just point your router to use it as the DNS and it then filters all requests for you. It’s really improved my experience on all my devices.
Next, Paperless NGX - scan your documents and paperless NGX will OCR read them to make them searchable and keep them in a database for you. You can use it to go paperless. Just make sure to sort our a backup.
Joplin is quite a good note taking app which you can self host to sync your devices and keep your data secure.
Syncthing is fantastic for syncing files between devices. I sync my main PC and living room theatre PC, plus in my case my Raspberry Pi as an always on broker and local backup.
Ooh, I didn’t know you could self-host joplin sync! I’ve been using backblaze for quite a long time for that.
searchxng, libretranslate
What about AdGuard home, set your router to use your server as a DNS and get local network dns with adblocking?
I’m looking to get started with self hosting too. Could you share the links you used to get yourself set up?
Awesome SelfHosted is a great place to start looking: https://github.com/awesome-selfhosted/awesome-selfhosted
Radicale’s official documentation didn’t help me much, so I followed some youtube video (by “Awesome Open Source”) where you use a docker image instead of a python venv + pip install.
For Immich, official docs were fantastic!
For Nextcloud, I followed Learn Linux TV’s “How to Set Up Nextcloud on Ubuntu 24.04 LTS” (though I used Debian, not Ubuntu)
I went down the route of a Raspberry Pi 5 and Installing Dietpi as the OS. Dietpi has loads of recipes in its main app that makes it easy to get going, plus if you install docker you have a huge range of stuff to try.
There is a learning curve but it’s not too steep and I’ve enjoyed it.
There a million ways, and you will probably find tons of tutorials each different - Docker, Docker Compose, native install, VMWare, Kubernetes, Portainer, etc. I recommend starting with a clean machine - preferably with an attached monitor - and installing your favorite Linux distro (Ubuntu is among the easiest), getting Docker and Docker Compose running, and familiarizing yourself with these technologies.
Then you can start with a simple app like Paperless (document digitization), Vikunja (TODOs), BookStack (wiki), or PrivateBin (pastebin), getting it running and persist state over a period of time, then setting up a reverse proxy so you don’t have to use IPs all the time (with just editing your hosts file to point a URL to IP of your machine), and then it is a free world.
Of course, having the whole setup secure, independent, and easily manageable is partially eyperience and partially understanding your needs.
You will probably even find whole ready-to-deploy git repositories that are easily configurable, so you can go with that too.
