krash

I've seen a lot of posts for a lot of different homepage for selfhosters: homepage, homer, homarr (which has an 700 MB image!).

I was after something lightweight, simple and easy to configure and get up and running without all the frills and flashy features. And I found a hidden geml in envlinks - a really simple dashboard that is supersimple to configure (just env-variables in the compose file) and still customisable enough for my needs.

Hope it will satisfy the need of other minimalists out there :-)

Hello selfhosters.

We all have bare-metal servres, VPS:es, containers and other things running. Some of them may be exposed openly to the internet, which is populated by autonomous malicious actors, and some may reside on a closed-off network since they contain sensitive data.

And there is a lot of solutions to monitor your servers, since none of us want our resources to be part of a botnet, or mine bitcoins for APTs, or simply have confidential data fall into the wrong hands.

Some of the tools I've looked at for this task are check_mk, netmonitor, monit: all of there monitor metrics such as CPU, RAM and network activity. Other tools such as Snort or Falco are designed to particularly detect suspicious activity. And there also are solutions that are hobbled together, like fail2ban actions together with pushover to get notified of intrusion attempts.

So my question to you is - how do you monitor your servers and with what tools? I need some inspiration to know what tooling to settle on to be able that detect unwanted external activity on my resources.

Hello selfhosters.

I'm considering to buy a SFF PC to act as a docker host. The main services / applications I'm going to run is going to be Immich. Filebrowser, Samba-share and eventually Paperless-ngx. I've been eyeing PCs with a N100 / N200 specifically to run quiet, and to conserve on energy consumption. I am most likely going for an Asus PN42 and will have an SSD in it to keep the moving parts to a minimum.

To those who are running machines with this CPU and similiar workloads, how has your experience been?

Hey all, I got a giveaway promo code for this game. I'm not into the Apple ecosystem at all, so I won't have any joy out of it. Grapefrukt usually produces quality games, so whoever gets to this code first - enjoy!

More info about the game here: https://apps.apple.com/us/app/subpar-pool/id1546080553

To get the code:

• multiply all numbers by 3
• CAPITILIZE ALL LETTERS
• remove all dashes
• Enjoy!

PS: I miss the old "play it forward" community, so this will be my first contribution in that spirit here on Lemmy.

Release notes:

New features in 23.10 Updated Packages

add-apt-repository now adds PPAs as deb822 .sources files (Improvements to PPA management in 23.10 116).

Linux kernel :penguin:

Ubuntu 23.10 includes the new 6.5 Linux kernel that brings many new features.

Notable upstream changes:

Intel’s “Topology Aware Register and PM Capsule Interface” (interface that provides better power-management features).
arm64 permission-indirection extension (technology to set special memory permissions).
RISC-V now supports ACPI.
The Loongarch architecture now supports simultaneous multi-threading (SMT).
Support for unaccepted memory (protocol by which secure guest systems accept memory allocated by the host - Seeking an acceptable unaccepted memory policy 5.
The io_uring subsystem can now store the rings and submission queue in user-space memory.
Ability to mount a file system underneath an existing mount on the same mount point; useful in container scenarios (Merge tag ‘v6.5/vfs.mount’ of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs 5).
New cachestat() system call (query the page-cache state of files and directories).
Usual set of changes to support new hardware.

Notable Ubuntu-specific changes:

zstd compressed modules (LP: #2028568 11) to shorten boot time.
New Apparmor/Stacking LSM patch set.
Updated shiftfs patch set.
Enabled multi-gen LRU page reclaiming by default (LP: #2023629 1).
.config tuning of the low-latency kernel for desktop-oriented tasks (LP: #2028568 6).
New zfs 2.2.0~rc3.
Ceph support for idmapped mounts.

systemd v253.5

The init system was updated to systemd v253.5. See the upstream changelog 6 for more information about individual features. Netplan v0.107

The network stack was updated to Netplan v0.107 3, introducing support for dummy and veth devices in addition to providing Python bindings to libnetplan in the python3-netplan package. Toolchain Upgrades :hammer_and_wrench:

GCC was updated to the 13.2.0 release, binutils to 2.41, and glibc to 2.38.
Python :snake: now defaults to version 3.11.6, and 3.12.0 is available in the archive.
Perl :camel: at version 5.36.0.
LLVM now defaults to version 16, and 17 is available in the archive.
Rust :crab: toolchain defaults to version 1.71.

Let's be honest, the rankings of gnome-look are weird at best and there is no good resource to gauge what icons / cursors / themes people like to use in their everyday DE.

So please share what icon-pack / cursor theme / GTK|QT theme you use, and why.

Hello all. I'm trying to change the SSH port on an Oracle VM, but I'm getting nowhere and I don't know where to solve the issue.

I have changed the SSH port:

edit /etc/ssh/sshd_config

Entered the port info:

Port 5522

I restarted the service:

sudo systemctl restart ssh

And made sure that the port is open:

ss -an | grep 5522
tcp   LISTEN 0      128                                                                               0.0.0.0:5522                0.0.0.0:*            
tcp   LISTEN 0      128                                                                                  [::]:5522                   [::]:*    

I also allow incoming traffic to 5522:

sudo ufw allow 5522/tcp comment 'Open port ssh tcp port 5522'

AND just to make sure, I allow 'routed':

sudo ufw default allow FORWARD

And make sure the FW config is valid:

sudo ufw status verbose
Status: active
Logging: on (medium)
Default: deny (incoming), allow (outgoing), allow (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW IN    Anywhere                   # Open port ssh tcp port 22
5522/tcp                   ALLOW IN    Anywhere                  
22/tcp (v6)                ALLOW IN    Anywhere (v6)              # Open port ssh tcp port 22
5522/tcp (v6)              ALLOW IN    Anywhere (v6)              # Open real ssh tcp port 22

Yet, I cannot connect to this server. Trying to ssh -vvvv -p 5522 [ip-adress] yields this:

OpenSSH_9.0p1 Ubuntu-1ubuntu8.4, OpenSSL 3.0.8 7 Feb 2023
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname 129.x.x.5 is address
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/home/x/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/home/x/.ssh/known_hosts2'
debug3: ssh_connect_direct: entering
debug1: Connecting to 129.x.x.5 [129.x.x.5] port 5522.
debug3: set_sock_tos: set socket 3 IP_TOS 0x10
debug1: connect to address 129.x.x.5 port 5522: No route to host
ssh: connect to host 129.x.x.5 port 5522: No route to host

I can connect just fine when the port is at 22, but as soon as I change it to 5522, i get the 'no route to host' error.

I've made sure I have rules on Oracle cloud that allows ingress and egress traffic to 0.0.0.0/0 on all protocols, no matter the destination / source.

What am I doing wrong? It feels that this problem is host (server) based rather client based, since I'm getting a routing error. Do I need to configure the routing for that port specifically, and if so how?

PS: Also, connecting to localhost:5522 from the server itself works fine. So the problem is not in the configuration, but likely network related.

EDIT: This issue is solved, solution written on this post: https://lemmy.ml/comment/2787074

I'm pretty new to selfhosting, but one thing that I know to take seriously is log collection. Since there are a lot of different type of logs (kernel log, application logs, etc) and logs come in many different formats (binary, json, strings) - it's no easy task to collect them centrally and look through them whenever neccessarly.

I've looked at grafana and tried the agent briefly, but it wasn't as easy as I thought (and it might be a too big tool for my needs). So I thought to ask the linuxlemmy community to get some inspiration.

We have bookwyrm.social, which does an excellent job at replacing the need for goodreads (which is owned by Amazon). But is there an alternative to imdb.com?