I host:

Fedi servers

• lemmy.world
• mastodon.world
• calckey.world
• pool.social
• musicworld.social
• akkoma.nl
• ruud.social
• fotofed.nl
• fediland.nl
• blog.mastodon.world
• play-my.video

Software I use

• Nginx Proxy Manager
• Portainer
• Kimai
• Xwiki (3 of them)
• Cryptpad
• Grafana
• Hedgedoc
• Matrix/Synapse
• Thelounge
• Vaultwarden
• Gitea
• Nextcloud
• Paperless-ngx
• Zabbix
• Zammad

Probably forgot some…

My long and mostly complete list:

• Audiobookshelf (GH)
  • Using for audiobooks. Ebooks, comics, and podcast support in early stages.
• Authelia (GH)
  • Using for two-factor authentication in front of all of my services. Critical infrastructure.
• Bazarr (GH)
  • Using for automated subtitle management. Have not needed to rely on it much.
• Code-Server (GH)
  • Using for a plethora of things. I could write an entire post on this alone.
• Courier
  • Using (occasionally) for package-tracking from various carriers.
• EmulatorJS
  • Using for retro-emulation.
• Gitea (GH) x2
  • Using as a git repo server, package repository, and for CI/CD automation. Is critical infrastructure in my lab. Could also write an entire post on this one.
• Headscale with Headscale-UI. Tailscale clients on various VMs LXCs, etc.
  • Using to securely network with my remote servers.
• Homepage
  • Using as a “single-pane-of-glass” to get an overview of service health with links to the various services.
• Invidious
  • Using in-place of YouTube.
• IT-Tools (GH)
  • Using for the myriad of various useful tools it offers.
• Jellyfin (GH)
  • My media player of choice. Using for movies and television, but supports music, ebooks, and photos in addition.
• Kopia Server (GH)
  • Using for data backups to my Minio instance on local NAS and Wasabi. Simple, fast, and reliable.
• Librespeed (GH)
  • Using for the occasional speedtest to my remote servers.
• Matrix stack using Conduit back end and Element-Web front end
  • Federated Discord essentially. Using as a private instance for friends and family.
• Minio
  • Using primarily as a gateway to storing backups, also serves git-lfs for Gitea.
• N8N (GH)
  • Using for home-automation, backing up my Reddit saved posts to a database, deal-alerts, and part of a CI/CD pipeline.
• NTFY (GH)
  • Using for infrastructure notifications mostly. Very simple and versatile alerting solution.
• NZBGet
  • Using for getting “usenet articles”.
• Paperless-NGX
  • Using for document archival. Important receipts, documentation, letters, etc. live here.
• Portainer (GH) with multiple agents on VM’s LXCs and VPSs
  • High level management of my various docker containers.
• Prowlarr
  • Using to provide torznab API to websites that dont natively have it. Integrates with Radarr and Sonarr
• Radarr (GH)
  • Using for movie management.
• Radicale
  • Using for contacts and calendar server.
• Raneto (GH)
  • Using as a knowledge base. Lab documentation, lists, recipes, lots of things live here. Using with with code-server and Gitea.
• Readarr (GH)
  • Using for book management
• Recyclarr (GH)
  • Using for Radar and Sonarr to sync search terms for their automations. Very useful, hard to summarize.
• Requestrr
  • Using (very rarely) as a requests bot for Radarr and Sonarr.
• SFTP-Go
  • Using mostly in-place of Nextcloud. Used to back up phones mostly.
• Shaarli (GH)
  • Using as a read-it-later service. Went through lots of these, and Shaarli has been good enough.
• Singlefile-Archive
  • A hacky way of presenting pages saved with the singlefile browser extension. Not exactly happy with the solution, but for my ocasional use it does work.
• Sonarr (GH)
  • Using as TV series manager
• Speedtest-Tracker (GH)
  • Using to get periodic speedtests. Plan to automate results to blast my ISP if my service speed gets too low.
• Traefik (GH) on each seperate host
  • Using as a web proxy in front of my various services. Critical infrastructure.
• Transmission (GH)
  • Using to get “Linux ISOs”
• Uptime Kuma (GH)
  • Using to monitor site and services status along with a few others. Integrated with NTFY for alerts.
• Vaultwarden
  • Using as my password manager. Have been using for years, cannot recommend enough.
• A handful of static websites served with NGINX
  • The old standby, its been reliable as a webserver.

These services are the result of years of development and administrating my lab and while there is still some cruft, it’s mostly services that I think have real utility.

As far as hardware:

• Running pfsense on a toughbook laptop as a router-firewall.

• A SuperMicro 24 bay disk-shelf with Proxmox and ZFS for NAS duties and a couple services.

• Lenovo Tiny boxes with a Proxmox cluster for the majority of my local services.

• Dell managed switch

• A few Raspberry-pi’s with Raspbian for various things.

• Linksys AP for wifi

Edit: Spelling is hard.

As an offensive security worker… I can’t help but read people listing out their attack surface 😂

Oh my jesus, does this thread really have 400+ comments

Edit: respectfully as an atheist

• Plex and Jellyfin for movies and TV shows. I want to switch from Plex to Jellyfin but it is not quite there yet. It‘s very little effort to keep Jellyfin running in parallel though. I am keeping it around to regularly compare the two and re-evaluate.
• Tube Archivist for archiving and watching YouTube videos.
• Miniflux for reading feeds.
• Nextcloud, mainly for calendars and contacts; occasionally for sharing files with others.
• Syncthing for syncing files.
• Financier for budgeting.
• Paperless-ngx for managing documents.
• Qbittorrent for downloading and sharing Linux ISOs.
• Prowlarr for searching Linux ISOs.
• Copyparty for sharing Linux ISOs with friends.
• Shaarli for saving bookmarks.
• Jekyll for statically generating my personal blog.
• Caddy as HTTP server / reverse proxy for all of the above. Automatically provisions certificates from Let‘s Encrypt.
• PostgreSQL as database for Nextcloud and Miniflux.
• Simple Nixos Mailserver for emails with Postfix, Dovecot and rspamd.
• Dehydrated for getting certificates from Let‘s Encrypt for the mail server.
• Btrbk and Restic for backups.

Most of this stuff runs on my server at home (ASRock J4105-ITX, 8 GB RAM , 250 GB SSD, 18 TB HDD). The mail server and the blog run on a cheap VPS (1 vCPU, 2 GB RAM, 20 GB SSD). Both servers run NixOS.

Currently all LAN only, still in the experimental stage finding out what’s useful/preferable to me and what I want to keep:

KEEPING
Pi-Hole - ad/malware/tracker blocking
Portainer - Easy Docker
Syncthing - Sync folders between devices
Planka - Kanban board
I.T. Tools - Handy I.T. Tools
Bookstack - Personal documentation
Mealie - Recipe manager/meal planner
Jellyfin + usual accompaniments - Media Management
Navidrome - Music library
Changedetection - Stock monitoring
Gotify - For push notifications from other apps
Filebrowser
That Word Game ;)

UNDECIDED (may swap for alternatives or just remove)
Organizr - Homepage
Jump - Homepage
Homepage - Yup, another homepage!
Linkding - Bookmarks
Shiori - Pocket replacement
Etebase - CalDAV & CardDAV
Whoogle - Google without the crap
Photoprism - Photo management
Libreddit (not being used now!)
QBittorrent - for Linux ISOs
Uptime-Kuma (for when I do open a few services to family)
Ryot (beta) “Roll Your Own Tracker” - Media Tracker

PLANNING TO ADD
Reverse-proxying (likely NPM) + Security (Fail2Ban, Autheilia?)
Audiobooks
Comic book management
Translation service
Document manager
Home Assistant on its own Pi4 when I can get hold of one

• Matrix Synapse
• Paperless-ngx
• MediaTracker
• Lychee
• Immich
• AudioBookShelf
• Baikal
• Monica
• Nextcloud
• Calibre-web
• Piwigo
• Pinry
• Prosody
• Shaarli
• Wallabag
• mygpodder
• Peertube
• Mealie
• Mastodon
• Firefox sync
• Seafile
• Dokuwiki
• The Lounge
• Redmine
• Gitea
• Castopod
• Portainer

This assortment is run under a combination of Proxmox LXC containers, docker containers, and Yunohost. Mostly I use it to play around, but most are heavily used by my wife and I. I’m planning to rebuild everything and making things more “official”. Looking to convert from a “lab” to actually making it “production” with solid failure routes and backups. I am looking to move anything currently under Yunohost to docker/lxc and to start making use of podman. Recently saw CosmOS and think it might be a good alternative to portainer.

Hardware:

• Node 1: Lenovo m93p tiny with 16GB RAM and 250GB SSD - Proxmox
• Node 2: Lenovo m93p tiny with 16GB RAM and 250GB SSD - Proxmox
• Node 3: Gigabyte Brix with 16GB RAM and 500GB Sata SSD, 128GB m.2 SSD - Proxmox
• Node 4: Trigkey Green G3 with 16GB RAM and 1TB Sata SSD - Proxmox
• TPLink managed switch
• TerraMaster 2-bay NAS with 2x 2TB HD (NFS host for containers)
• Synology ds220j NAS with 2x 8TB HD (backup of home desktops, laptops, cell phones, and lab systems)

• Lemmy Instance
• VaultWarden - Password manager
• Jellyfin - Movies/TV Shows
• Roon / Roon ARC - Music
• OneDev - Used to use Gitlab but couldn’t afford the self-hosted instance anymore and want the paid features, which this mostly has.
• Dokuwiki - Used to use as a wiki, switched to…
• Trilium - Similar to Obsidian but open source.
• Kavita - Comics/books
• TubeArchivist - YouTube video downloader/viewer
• PodGrab - Podcast manager
• Wallabag - Website article saver/bookmarker etc. If anyone has a better suggestion for FOSS bookmark management please let me know!
• Mealie - Recipe manager (grabs recipes from a ton of different sites)

I use TrueNAS Scale for my NAS and Ubuntu server for my VM’s/home server. I probably am forgetting something, but, that’s what’s listed in my Portainer :).

Too many things:

Management:
Proxmox
Portainer

Services:

Pihole with Unbound
Matrix
cryptpad
seafile
Vaultwarden
mailcow
pterodactyl running Minecraft, Valheim, and Terraria servers
emby though I am planning the switch to Jellyfin
Paperless-NGX
Photoprism
SearxNG
Wallabag
Ghost
Miniflux
PrivateBin
Calibre-web and Kavita
Nitter and Troddit (for now…)
Home Assistant and Frigate
YOURLS
Code-server
Linkding
Changedetection.io
LanguageTool
Uptime Kuma

And more, but those are what I use the most.

Oh jeez… there’s quite the list. I have a Ceph cluster of 3 nodes with 15x HDD’s and 3 SSD’s… on that cluster I run some VM’s that in turn run a Docker swarm. All Ubuntu 22.04, all commodity hardware. Currently I’m running;

• NGINX which proxies all my web facing services on multiple websites.
• Wordpress for my personal site which sync my Instagram pictures to it as well
• MariaDB Galera cluster
• Nextcloud for file sharing but also provides lots of plugin services like a password manager, email client and so on
• Photoprism for my photos… I use the Nextcloud client to automatically upload new pics from my phone to Nextcloud then Photoprism is attached to that same library
• OnlyOffice as a plugin to Nextcloud to allow O365-like functionality
• ElasticSearch plugged into Nextcloud for full-text searching
• OpenProject for project management in my own businesses
• Jellyfin and Plex both attached to the same media library
• E-Mail using Docker-Mailserver… so Postfix with a bunch of ancillary tools for 3 domains
• Droppy as a quick-and-dirty file repo for when I need to get files to people easily
• FreePBX (Asterisk) with 4 extensions around the house
• MeshCentral for managing my family’s PC’s and also doing remote tech support for family, friends and customers as necessary
• FOGProject for imaging PC’s and VM’s as necessary
• ReactiveResume
• Docker Registry set up as a caching proxy
• YoutubeDL-Material
• Karaoke Eternal for those nights when you just get drunk enough to karaoke

Then there’s a whole host of ancillary services; BackupPC, Unifi controller container, piHole on a couple of Raspberry Pi’s, ts-dnsserver for internal DNS management… probably a dozen other containers and tools I’m forgetting.

Oh yeah, and a Synology NAS as a backup target :)

Ubuntu server(Xeon CPU E5-2650 v4 with 86 GB Ram) running k3s(My home server):

• App-daemon(Used with home assitant for more complicated automation)
• Bazarr
• Browserless(Currently used for rendering js pages for huginn)
• Dpaste
• Filerun
• Homeassistant
• Homer(My dashboard)
• Huginn
• Jellyfin
• Kaizoku(For downloading manga)
• Nzbget
• Nzbhydra
• Ombi
• Paperless
• Photoprism
• Pihole
• Plex
• Prowlarr
• Radarr
• Scrutiny(For checking my drives)
• Sonarr
• Qbittorrent with vpn
• Wiki.js
• Christmas-Community(Wishlist)
• ZwaveJS(For homeassistant)

2 Ubuntu servers running k3s(VPS used for my infrastructure services)

• Keycloak
• Offical docker registry
• Bitwarden
• Gitea
• Headscale
• Healthchecks(For checking backups)
• Uptime-kuma - Hashicorp vault

Infrastructure services runing on all servers

• ArgoCD(For deploying everything on k3s)
• Longhorn(For storage)
• Vault-secrets-operator(For getting secrets from vault into k3s)
• Traefik(My reverse proxy)

Lastly I’m hosting Lemmy on a leftover VPS, that I hadn’t used in a while. Might move to a bigger server though.

miniflux, nitter, seafile on my local RPi4

pondered pixelfed (but they don’t have docker image) and calckey (no arm one)…

I run everything in docker on Ubuntu 22.04 with the exception of Plex, which runs on bare metal on the same server. The server is a 16 core threadripper 1950, with 2 quadro gpu’s, m2000 and a p400, 128gb ram, mirrored ssd for system, platter HDD for media, CoralTPU pcie.

I also run Home Assistant on a separate Lenovo MiniPC(forget which model), I did this so I can take down the server for various reasons without losing smart home stuff. Helps with the Partner Acceptance Factor.

In no particular order the server runs:

Calibre-web - Library management

Sonarr - TV series downloads

Radarr - Movie Downloads

Lidarr - Music Downloads

QbittorentVPN - Torrents over vpn, guarantees no leaks

Jackett - tracker management and proxying

Podgrab - downloads podcasts

Frigate - NVR, camera recording with object detection

DoubleTake - Facial recognition middleware, works between frigate/homeassistant and Compreface/Deepstack

Octoprint - 3d printer spooler

Tautulli - Plex statistics

Portainer - Docker Management

Ombi - Media request app, users can request shows/movies and they can be automatically added to sonarr/radarr

MeTube - Webui for youtube-dl/dlp, useful for downloading Youtube videos for offline and ad free use

Spot-dl - parses spotify playlists and downloads them from youtube

Part of my Reddit exodus plan was to get serious about my RSS setup.

I’ve settled on:

• FreshRSS as my feed manager (supported by Reeder app in iOS and MacOS)
• FiveFilters Full Text extractor
• rss-proxy site scraper

I may experiment with some replacements for rss-proxy, as I’ve run into a couple sites it doesn’t scrape well, but FreshRSS and FiveFilters have been smashing successes.

In various clouds

• Email - Docker Mail Server (Postfix, Dovecot, Rspamd, etc.)
• Reverse Proxy cluster - frp
  • This is actually pretty neat. It is basically acting as a self-hosted ngrok, letting me expose all the stuff in my homelab without having to put my home IP out there.
• External Monitoring - Uptime Kuma
• Random sites via cloudflare workers/R2

In my homelab

Infrastructure

• DNS - PiHole fronting local Unbound resolvers
• Load Balancing/Routing - Traefik
• Storage - Gluster exposed via Samba
  • I am still searching for the right solution for storage… nothing does what I want. I have been slowly writing my own, but don’t have the time to get it to a point I trust it, haha.
• Custom traefik auto-config clients/server
  • Reads labels on containers and announces them to the server that traefik uses for HTTP service discovery
• Custom docker-compose nonsense
  • Basically lets me choose where to run docker-compose files in a simple and centralized way, including on multiple machines
  • Doesn’t do scheduling/monitoring/etc, just manually setting “this compose should run these machines”
  • I got tired of running k8s and nomad.

Services

• Authentication - Authentik
• Media - Jellyfin
• Minecraft
• Password Manager - Vaultwarden
• PKM - DokuWiki
• SCM - Forgejo (a fork of Gitea, which itself is a fork of Gogs)
• Social Media - Lemmy
• Webmail - Snappymail
• Several random little websites
• Many little things I’ve written for myself

Any service that needs non-http traffic pointed at it runs local instances of the frp client to expose that port to the reverse-proxy cluster.