Oktoberfest is coming to #Munich soon. But I will not participate. No alcohol for the next few weeks. I have to write Bind zonefiles for my Cute Homelab. And as we all know — It's Always DNS. So wish me luck ;)
#homelab
21 posts19 participants3 posts today
Day two of my vacation and my power goes out at home.
So I can't catch up on the movies I wanted to because some of my proxmox nodes in my #homelab haven't popped back up.
I recently discovered a project called #Jellywatch. It's an Android app that lets you manage your #Jellyfin server(s). It's not open source so I'm hesitant to use it and give it access to my server, but its user interface looks a bit more polished than the default Jellyfin app and they've got extra paid features and support.
I don't know a ton about it, but it's pretty cool to see decent quality alternatives. They're even on Mastodon over at @jellywatch .
Replied in thread
| wörk 
I use https://github.com/linuxserver/docker-wireguard and followed the "Usage" to install and start my personal #wireguard #VPN server(s) - at #homelab and on my cloud servers at german datacenter provider #Hetzner #hetznercloud
This took me only some minutes to have a running VPN for my mobile devices and laptops for everyone in the family.
Important: to reach my VPN at home a #portforwarding from ISP router to my homelab linux server is needed.
WireGuard does authenticate devices - not users! So you need a config for each devices!
GitHubGitHub - linuxserver/docker-wireguardContribute to linuxserver/docker-wireguard development by creating an account on GitHub.
Oauth working for Kubernetes authentication and authorization.
Very satisfying, if fiddly.
The nerd dilemma. "Let's spin up a container with $COOLSOFTWARE in my homelab. Oh, I also want to have it secured with https. So, oh, I want to do that LetsEncrypt style, so I need to setup my own Certificate authority that supports ACME. Oh, now I need a DNS server because my home router doesn't do CNAMEs. Oh, and why not use the dns-01 challenge? Oh, I can create S/MIME certificates with this?" A FEW DAYS LATER: "What was the $COOLSOFTWARE I wanted to try called again?" ;)
Good Morning Homelabs
Freitagsgrußküsse von dem 
verschlafenen 
annnyway, new place, new in-wall panel of cat6 terms and a 5GbE symmetric fiber line. I cleaned up the initial mess in June, second iteration this past week/ish. Generally, most of this hardware should be in one of the office racks (1U switch + 2x 0.5U patches + 1U UPS), specifically NOT in my walk-in closet. It's a work in progress.
#GitHub alternatives, software updates and launches, a spotlight on #BrickTracker - a platform for tracking #LEGO sets, and more in this week's #newsletter recap!
selfh.st · Self-Host Weekly (15 August 2025)
More from 
selfh.st (Self-Host)
|
Blog-Update: Von #Ghost zu #WriteFreely gewechselt!
Nach jeder Menge manueller Anpassungen und viel Custom CSS habe ich nun einen schlichten Blog mit funktionalen Codeblöcken, 8 Callout-Typen, Medien-Anbindung per privatem „CDN“ und Bloganbindung für meine eigene Instanz per RSS-Feed. 
WriteFreely ist im Grunde eine Aneinanderreihung von „Das geht nicht“ → „CSS-Hack“ → „...okay“.
Aber hey: Am Ende ist es sauschnell, funktioniert mit dem Fediverse (außer aktuell #GoToSocial und #BookWyrm) und sieht richtig gut aus! 
Blog: https://blog.klein.ruhr (@matthias)
Manchmal sind die besten Lösungen die, die eigentlich nicht so gedacht waren! 
Matthias KleinMatthias Klein
Number of days since the last shell expansion incident: 0
Add Google Authenticator to your SSH in 5 steps
Install packageapt install libpam-google-authenticator
Generate keysgoogle-authenticator -t -f -d -r 3 -R 30 -w 3 -l user -i servername
Replace user and servername.
Scan the QR code shown in your terminal using an OTP app (e.g. Google Authenticator, FreeOTP, Aegis, Authy, etc.).
Save your secret key & emergency scratch codes in a safe place.
Edit PAM config /etc/pam.d/sshdAdd after @include common-auth:
auth required pam_google_authenticator.so debug nullok echo_verification_code [authtok_prompt=Enter your OTP:]
After you confirm that all users can log in with OTP, remove debug and nullok for better security.
Create /etc/ssh/sshd_config.d/00-google-authenticator.confKbdInteractiveAuthentication yes # OpenSSH ≥ 8.6
PasswordAuthentication yes
ChallengeResponseAuthentication yes # For older OpenSSH < 8.6
Restart SSHsystemctl restart sshd
Done! Your SSH now has 2FA login protection.TL;DR: apt install libpam-google-authenticator && google-authenticator ... && edit PAM & sshd config → scan QR code → restart SSH →
2FA enabled!#Linux #SSH #SysAdmin #Security #2FA #MFA #DevOps #SelfHosting #Homelab #ubuntu #debian #Openssh
Hi! This is my new #Introduction on my temporal new account.
My main account is @Appeasing3819, this is a server I've created for myself so I can test how it is to have a single-person mastodon instance.
Feel free to follow my another account, I'll post the same on both.
About myself! I'm an European citizen, 32 years old. I work as a sysadmin by day and by night i play #videogames and have a #HomeLab (it never stops).
I'm a big fan of the small personal internet
Does anyone understand this #cookie Notice? There's one button which says "Sorry!! accept all cookies" on the @iscdotorg ISC's #DHCP doc's website, does anyone understand what that means? I can't see any other buttons, can that be translated as "sorry we have to track you, there's no details and no consent, yolo!"
Replied in thread
Storage/HomeLab tooters!
I am trying to migrate my NAS from TrueNAS Core to Scale (aka Community). I have questions that the docs don't answer. Where is the best place you know of to get TrueNAS help?
Thanks.
Continued thread
This week's home IT upgrades:
- dry all the filament desiccant in the oven (need to hurry up and finish the dehumdifier)
- update docker host's kernel and utiltiies, reboot (Raspbian)
- update Home Assistant
= Terminal
= Supervisor
- optimize TP-Link Omada Wi-Fi -- it keeps adjusting the APs' power levels by a couple of dB
Still stuck on the TrueNAS Core -> Scale migration
Now when my #SynologyNAS is off and all family photos and files are in #iCloud, I’m replacing WD Green with WD Red in my DIY NAS. One by one, because they are in a #ZFS mirror.
Stop exposing your homelab to the internet! 
There are much safer ways to get remote access.
I wrote a new guide comparing the top 4 methods for 2025: The Easy Button (Tailscale) The DIY Powerhouse (WireGuard) The Web Gateway (Cloudflare) The Sysadmin's Tool (SSH)
Find the perfect fit for your setup: https://homelabdad.com/secure-your-homelab-top-4-remote-access-methods-for-2025/
Home Lab Dad · Secure Your Homelab: Top 4 Remote Access Methods for 2025
More from 
Home Lab Dad
Question: How are people managing rotation of their personal or #homelab #SSH & #GPG keys? Maybe other secrets too.
At work I am forced to rotate everything every 3 months but they have entire systems to remind & facilitate it, finally they have support engineers who can reset my password. If I mess up in my personal life, I'd be really stuck.
Dear #family #homelab'ers: When do you update your shit? For me, updating #Proxmox means no internet in the home and no #HomeAssistant. How do you handle that shit? Wait until everyone is at sleep and hope the night doesn't get too long? Randomly during the day hoping nobody will complain/notice?