Linux

LibreCMC, a fork of OpenWrt, running on my home gateway that also acts as my personal server: Nextcloud, aMule, qBittorrent, Samba, dynamic DNS updater, certbot and a DNSCrypt client.

Multiple hosts. Win2024/hyperv and proxmox

• domain/dns/dhcp/ncp 2x
• pihole
• iobroker (smarthome)
• sonarr/radarr/orowlarr
• emby
• sabnzbd
• vpn-vm for torrent/soulseek
• searxng
• dav for calendar
• caddy (for emby/dav from outside)
• firefly (banking)

And some minor, less important ones.

All backup to a central server, which does a daily backup of the backup onto another nas. In case of emergency,just grab nas.

Media server: Jellyfin, qBittorrent, Radarr/Sonarr/Lidarr/Prowlarr, and OpenVPN/Traefik/WireGuard

Misc: PiHole, Vaultwarden, HashiCorp Vault, and FreeIPA

VMware ESXi for the VMs, but I'll be switching to Proxmox soon.

All running in Docker or Podman containers on their own VMs. I'm trying to automate the deployment and configuration of each of these services via pipelines in GitLab CI using Ansible and Terraform right now. I also have a couple of Kubernetes clusters for testing and dev stuff on this server.

Accessed via SSH or an NGINX reverse proxy. I'm using certificates where possible, but a lot of the traffic between VMs is still unencrypted. I'll eventually force everything local to use Traefik, but for now, only a few services are using it.

There are a lot of projects on awesome-selfhosted and selfhosted that I've been meaning to get around to installing. Home Assistant and AdGuard Home are two of them.

OpenStack has a really good Ansible hardening project for securing servers that I try to always use. I also have a Red Hat developer license, so I try to use their OS when possible because of their FIPS and other security profiles. Some services just don't work with any of the newer RHEL versions though, and I usually fall back to CentOS Stream or Ubuntu whenever that happens.

Some vegetables

Pi-hole on an ancient pi zero w.

I've got a little MSI box with 16GB of RAM, 500GB SSD, and a quad core i3 running Proxmox. Home Assistant is in its own VM, I have a VM for a bastion host/jump box of sorts for a client's network (yes, I know VPNs exist), and then a VM running a few Docker containers: CheckMK, Dozzle, Uptime Kuma, and The TP-Link Omada Controller software. I intend to migrate those to Podman eventually.

On my desktop in Podman, I'm running Dashy, Redlib, and Dozzle regularly. Sometimes I run other services but those are pretty persistent. I use Podman on my local machine for my development work and it's just handy to have Redlib and Dashy right here.

I tend to interact with things via SSH unless it's a webshit.

Self-hosted machine. It was basically my old computer I bought back in '09. It's a i5-750 on a Asus P5P77. It started with the 4 GB RAM I hadn't sold until I upgrade to 8. I used a borrowed Nvidia GT730 and a 1 TB HDD at first until I upgrade my main PC GPU and bought a new HDD for the server so now it runs in a 4 TB HDD and my old GTX 1060 3 Gb. It's a beast for my needs.

• Jellyfin is the main reason I started my server. Initially it was so my mother could easily watch shows I would never illegally download. Until a realized it would be great for me too and friends. To not watch them...I mean, because that would be ilegal!

• Qbittorrent...shit...oh well :)

• Nginx, when I realized I could host my own development server and personal website

• Komga, when I realized I could have the same benefits of Jellyfin with books and comics.

• Tailscale, allows me to, among other things, use it as an online or LAN hard drive for me and people I like.

• Samba, see above. It also works to keep a nice share folder between my main PC and my laptop

The more time passes the more I realize self-hosting is the best idea ever. I get new ideias every day.

-Jellyfin: for playing media that I totally own and surely did no obtain by any obscure way.

-Qbittorrent: for reasons completely unrelated to the previous one.

-Amule: see above.

-Synapse (matrix server): overly complex way to send myself notifications from the server to my phone.

-FreshRSS: to have a self hosted RSS feed server. Could I use an android app for the same thing? Sure. But it's more fun and headache inducing this way.

-TubeArchivist: Because I want to offload some of that cost inducing bandwidth that is making those poor YouTube executives to keep pushing more aggressive ads on their platform. I'm just that nice.

-Caddy: because I'm just lazy.

-Crowdsec: Because I'm just paranoid.

I have an orangepi zero 3 with pihole

Then an ITX PC with

• mealie (meal planner, recipe parser, grocery list maker with a bunch of features and tools)

• immich for self hosting a google photos alternative

• *arr stack for torrenting Linux ISOs

• Jellyfin for LAN media playing

• home assistant for my VW car, our main hanging renovation lights, smoke and CO monitors, and in the future, all of the KNX smart systems in our house

• Syncthing for syncing photo backup and music library with phone

• Bookstack for a wiki, todos, journal, etc... (Because I didn't want to install better services for journals when I don't use it much)

• paperless-ngx for documents

• leantime for managing my personal projects, tasks, and timing

• Valheim game server

• Calibre-web for my eBook library backup

• I had nextcloud but it completely broke on an update and I can't even see the login fields anymore, it just loads forever until it takes down my network and server, so I ditched it since I never used it anyway

• crowdsec for much better (preemptive) security than fail2ban

• traefik for reverse proxy

• Prosody XMPP server (might move to ejabberd) with Movim front-end
• Murmur VoIP server
• Miniflux feed reader
• Nix remote builder & substitutor
• Upterm terminal sharing
• Some small static sites on Nginx
• Darcs, Pijul, Git hosting (no forge, basic SSH + HTTPS)

Pi-hole DNS and dhcp + home assistant and a bunch of other related containers.

Half a dozen WordPress sites

truenas: plex/jellyfin, *arr stack

working on another (debian) machine to run nextcloud and immich, plan is to have a failover. Redundant machine would ideally be wake on LAN to save power. I already have commodity hardware for these two identical machines, otherwise I'd probably just go for a more robust single machine.

Mikrotik routerboard out front providing wireguard for one subnet. pi4 providing pihole on the wireguard subnet. This is a new router and I'm very happy with it. This coming weekend the goal is to correctly implement mangle rules (policy based routing) to combine my two WAN connections seamlessly.

So very standard setup for selfhosting with the exception of two ISPs

truenas is easiest to manage through the web service, debian ssh and VNC, mikrotik's WInBox is just amazing, but it's also the first "grown up" router software I've ever used. It's so much better than managing PF through a ssh session.

Nextcloud, Syncthing, PeerTube, Vaultwarden, Gitea (+drone, drone-qemu, gitea-pages), Wireguard, FreshRSS

I started to answer your question with a list of stuff and then deleted the lot and started again:

What are you really after? Do you fancy a challenge or what?

Steam and Jellyfin torrent setup. I'm considering adding nextcloud setup for fun.

Nothing yet, I'm still trying to figure out how to get my orange pi working... not much progress yet because I am just starting and making a server is very intimidating 😅 For now I'd like to just get it working so I can access a hard drive, and if I manage that and feel very daring, then pihole, jellyfin and home assistant.

Minetest server, arr suite, plex, Pihole, calibre, homesssistant, Nextcloud.

Interact with it through a Homarr webpage and all of it is virtualized through proxmox.

On an orangepi5, managed via webUIs and SSH: -Home Assistant and associated programs (notably zigbee2mqtt and nodered) -Pihole

8TB Unraid NAS managed via Unraid's webui -Whooole *arr stack -Jellyfin -Mealie

Thinking about nextcloud for the next one.

I settled on a Fujitsu Q920 with 16 GB of RAM and a 1 TB SSD. Runs FreeBSD 14.1 and each service has its own Jail.

Services:

DNSmasq - local DNS and adblocker Wireguard Navidrome MPD - Media server Vaultwarden - password save Radicale - cardav and caldav server TinyRSS - RSS aggregator Zabbix - server and service monitoring Postgresql Gitea - git repository Emby - jellyfin alternative Mariadb Bhyve VM with Debian running 2 apps (invoiceplane and leantime) which use a quite old php version and I never had time to port to Freebsd.

A second machine that starts daily and creates a backup of machine 1 by using ZFS autobackup.

Nothing fancy but it does what I need.

@[email protected] my home one runs:

• Nginix PM
• DuckDNS
• Glances
• Home Assistant
• Jellyfin
• AdGuard Home
• Syncthing
• Paperless-Ngx with Tika and Gotenberg
• OpenMediaVault
• Heimdall

here is my deploy

https://github.com/simone-viozzi/my-server

Current setup:
Main server (HP ProDesk 600 G3 MT):

• 2fauth (not finished)
• Some stuff for the local breweries website
• Nextcloud (includes KeePass.kdbx)
• Some stuff for a flea market event in the near future
• Gitlab
• Gotify (notification sevice to notify of failed systemd services)
• Jellyfin
• Lemmy
• AbuseIPDB contributor badge (for more API calls)
• Piped
• Some stuff for my dad
• Synapse (Matrix)
• Uptime-kuma (not finished)
• WebODM (Drone mapping)
• Postfix
• Dovecot
• Self written DynDNS

Workstation (HP Z440):

• Gitlab runner
• NodeODM (Webodm processing node)
• pict-rs
• Service to archive+compress+encrypt backups (uploaded to the workstation by the other devices hourly) daily and upload them to google drive + Hetzner

Soon I'll move to a setup where the Workstation runs all services, and there are two servers (HP ProDesk 600 G3 MT) whose only purpose is to run a DHCP+DNS server (one authoritative) as well as a Wireguard bridge to connect the two servers, located at two different networks (and cities), together. I'll also set up Jellyseerr, Vencloud (settings sync for the Discord Client Vencord), revamp the backup system and introduce my Laptop to the ecosystem.