Skip Navigation

vegetaaaaaaa

@ vegetaaaaaaa @lemmy.world

Posts
18
Comments
307
Joined
3 yr. ago

  • Does anyone self host Kiwix (offline wikipedia)?

    Jump

  • Yes. This is my ansible role that deploys it

  • Ubuntu 26.04 Allows "sudo apt install rocm" But It's Months Out-Of-Date

    Jump

  • This is fine as long as upstream supports a convenient way to get the latest versions of software for which you actually need latest (APT repositories)

    Stable base, only explicitly allow selected unstable/bleeding edge components.

    This is what I do for ROCm and a few other things which need to be constantly updated (yt-dlp). Sometimes stable-backports repositories are enough, but not always.

  • Ollama Server Component Recommendations

    Jump

  • I suggest using llama.cpp instead of ollama, you can easily squeeze +10% in inference speed and other memory optimizations from llama.cpp. With hardware prices nowadays I think every % saved on resources matters. Here is a simple ansible role to setup llama.cpp, it should give you a good idea of how to deploy it.

    A dedicated inference rig is not gonna be cheap. What I did, since I need a gaming rig; is getting 32GB DDR5 (this was before the current RAMpocalypse, if I had known I would have bought 64) and an AMD 9070 (16GB VRAM - again if I had known how crazy prices would get I'd probably ahve bought a 24GB VRAM card). The home server runs the usual/non-AI stuff, and llamacpp runs on the gaming desktop (the home server just has a proxy to it). Yeah the gaming desktop has to be powered up when I want to run inference, this is my main desktop so it's powered on most of the time, no big deal

  • AI/LLM providers

    Jump

  • There is https://www.infomaniak.com/en/euria (Switzerland)

    And https://mammouth.ai/ (France), though they're more a "middleman" for various providers (including providers serving open-weights models)

    And of course you can still run models locally with LLM hosts like https://github.com/ggml-org/llama.cpp (there are hundreds of derivatives, but llama.cpp is the OG/underlying library for most of them). A decent gaming PC can now run local LLMs on par with SOTA proprietary models from 6-12 months ago (qwen3.6 is a beast). https://old.reddit.com/r/LocalLLaMA/ is a decent subreddit for news and discussions about this, I didn't find a real equivalent on lemmy.

  • Linux @lemmy.ml
    vegetaaaaaaa @lemmy.world

    Hello old new “Projects” directory! – Ximions Blog

    blog.tenstral.net /2026/04/hello-projects-directory.html

  • Notifications from the server?

    Jump

  • Email

    Most applications/services offer mail as notification channel. Even old school unix utilities such as cron support sending mail (through the system MTA). I use msmtp. Then configure K-9 mail or any decent mail client on your phone, setup filters so that mail from your services ends up in a high priority folder in your mailbox with notifications enabled.

    I want to be able to receive notifications both on mobile and desktop, this is the only reasonable option I found and have been running with it for > 10 years.

  • How Do you keep your services updated?

    Jump
    • use APT repositories when possible -> then unattended-upgrades
    • For OCI images that do not provide tagged releases (looking at you searxng...), podman auto-update
    • for everything else, subscribe to releases RSS feed, read release notes when they come out, check for breaking changes and possibly interesting stuff, update version in ansible playbook, deploy ansible playbook

  • Kitchenowl creator has been flagged without warning making all of their repositories return 404, while in their settings all of the repositories still look normal with public visibility.

    Jump

  • It can protect APIs as much as any other URL. Or more simply you could disallow any unauthenticated API access in gitea or at the reverse proxy level?

    cannot protect against bot traffic coming from many different residential proxies

    It can block anything that doesn't pass the proof-of-work/JS challenge. Most bots don't interpret JS.

  • Kitchenowl creator has been flagged without warning making all of their repositories return 404, while in their settings all of the repositories still look normal with public visibility.

    Jump

  • The scraping/bandwidth abuse problem can easily be worked around.

    But there still are actual good reasons to not host a public forge.

    For example, as long as pull requests are allowed (which is required for actual contributors), anyone can abuse the PR feature to fork your repository, then start pushing random shit into their fork (since the fork is an actual separate git repository).

    Bad actors can do it on github all they want, it's not my storage, not my server used to host potentially illegal content.

    Self-hosting public services where you are the only authenticated user and sole publisher of content is easy (using your public forge as a mirror with account creation disabled is fine), hosting other's people content is another can of worms. Think twice before you do that.

  • I prompt injected my CONTRIBUTING.md – 50% of PRs are bots

    Jump

  • The blurb is my own submission, since it was not so evident how the article was related to self-hosting. I am not the author of the blog post. I am a maintainer of awesome-selfhosted.

  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    I prompt injected my CONTRIBUTING.md – 50% of PRs are bots

    glama.ai /blog/2026-03-19-open-source-has-a-bot-problem

  • Popular self-hosting services worth running

    Jump
    • Aggregation of multiple engines
    • Per-engine weight control
    • Good UX
    • Filtering of bad domains from the search results
    • More generally, very customizable

  • What’s the currently best way to manage TOTP tokens?

    Jump

  • Fair enough.

    I decided against web/network-based password managers for my personal needs since the additional attack surface is a concern. A Keepass database file synced across machines strikes a good balance for me (requires password + keyfile to open). It's also simple to backup and protect.

    So yeah, for you use case, I'd recommend Aegis Authenticator.

  • What’s the currently best way to manage TOTP tokens?

    Jump

  • No, I’m not interested in a password manager, thank you

    Ok. But since you already use a password manager (right?), why not use its built-in TOTP management. Why do you need yet-another-separate app?

    If I really had to, I'd recommend Aegis.

    But I'll still recommend using a password manager (I use KeepassXC on desktop and KeepassDX on Android).

  • What type of computer setup would one need to run ai locally?

    Jump
    • Small 4B models like gemma3 will run on anything (I have it running on a 2020 laptop with integrated graphics). Don't expect superintelligence, but it works for basic classification tasks, writing/reviewing/fixing small scripts and basic chat, writing, etc
    • I use https://github.com/ggml-org/llama.cpp in server mode pointing to a directory of GGUF model files downloaded from huggingface. I access it it from the built-in web interface or API (wrote a small assistant script)
    • To load larger models you need more RAM (preferably fast VRAM/GPU but DDR5 on the motherboard will work - it will be noticeably slower). My gaming rig with 16GB AMD 9070 runs 20-30B models at decent speeds. You can grab quantized (lower precision, lower output quality) versions of those larger models if the full-size/unquantized models don't fit. Check out https://whatmodelscanirun.com/
    • For image generation I found https://github.com/vladmandic/sdnext which works extremely well and fast wth Z-Image Turbo, FLUX.1-schnell, Stable Diffusion XL and a few other models

    As for the prices... well the rig I bought for ~1500€ in september is now up to ~2200€ (once-in-a-decade investment). It's not a beast but it works, the primary use case was general computing and gaming, I'm glad it works for local AI, but costs for a dedicated, performant AI rig are ridiculously high right now. It's not economically competitive yet against commercial LLM services for complex tasks, but that's not the point. Check https://old.reddit.com/r/LocalLLaMA/ (yeah reddit I know). 10k€ of hardware to run ~200-300B models, not counting electricity bills

  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    Mattermost is no longer Open-Source

    github.com /awesome-selfhosted/awesome-selfhosted-data/issues/1997

  • Alternatives to Mattermost

    Jump

  • Any recommendations for a good XMPP web client?

    See my requirements in other comment.

  • Alternatives to Mattermost

    Jump

  • I'm in the same boat, running a Gitlab Mattermost instance for a small team.

    Gitlab has not announced yet what will happen with the bundled Mattermost, but I guess it will be dropped entirely, or be hit by the new limitations (what will hit us the hardest is the 10000-most-recent messages limitation, anything further than that will be hidden behind a paywall - including messages sent before the new limitations come in effect - borderline ransomware if you ask me)

    I know there are forks that remove the limitation, may end up doing that if the migration path is not too rough.

    I used to run a Rocket.Chat instance for another org, became open-core bullshit as well. I'm done with this stuff.

    I have a small, non-federated personal Matrix + Element instance that barely gets any use (but allows me to get a feeling of what it can do) - I don't like it one bit. The tech stack is weird, the Element frontend receives constant updates/new releases that are painful to keep up with, and more importantly, UX is confusing and bad.

    So I think I'll end up switching this one for a XMPP server. Haven't decided which one or which components around it precisely. I used to run prosody with thick clients a whiiille ago and it was OK. Nextcloud Talk might also work.

    My needs are simple, group channels, 1-to-1 chat, posting files to a channel. ideally temporary many-to-many chats, decent web UI.

    Voice capabilities would be a bonus (I run and use a mumble server and it absolutely rules once you've configured the client, but it doesn't integrate properly into anything else, and no web UI), as well as some kind of integration with my Jitsi Meet instance. E2E encryption nice but not mandatory. Semi-decent mobile clients would be nice.

    For now, wait and see.

  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    Framasoft in numbers, 2025 edition

    framablog.org /2025/12/23/framasoft-in-numbers-2025-edition/

  • How often do you update software on your servers?

    Jump

  • unattended-upgrades doesn't do that unless you explicitly specify Unattended-Upgrade::Automatic-Reboot "true"; in the config. Check /usr/share/doc/unattended-upgrades/README.md.gz

    The main configuration file is /etc/apt/apt.conf.d/50unattended-upgrades, maybe you put your config in the wrong place?

    here is mine

  • Custom Firewall

    Jump

  • I use firewalld as generic firewall and fail2ban as IPS/anti-bruteforce solution (blocks IPs using firewalld's ipsets)

  • The end of tt-rss.org

    Jump
  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    The end of tt-rss.org

    community.tt-rss.org /t/the-end-of-tt-rss-org/7164

  • Alternative to github pages?

    Jump
  • Europe @feddit.org
    vegetaaaaaaa @lemmy.world

    In Ukraine’s bombed out reservoir a huge forest has grown – is it a return to life or a toxic timebomb?

    www.theguardian.com /environment/2025/jul/22/in-a-bombed-out-reservoir-ukraine-huge-forest-grown-a-return-to-life-or-toxic-timebomb
  • Sysadmin @lemmy.world
    vegetaaaaaaa @lemmy.world

    The Great Unracking: Saying goodbye to the servers at our physical datacenter - Stack Overflow Blog

    stackoverflow.blog /2025/07/16/the-great-unracking-saying-goodbye-to-the-servers-at-our-physical-datacenter/
  • BuyFromEU @feddit.org
    vegetaaaaaaa @lemmy.world

    Overcoming barriers to Open Source procurement in the European Union

    opensource.org /blog/overcoming-barriers-to-open-source-procurement-in-the-european-union
  • Buy European @feddit.uk
    vegetaaaaaaa @lemmy.world

    Overcoming barriers to Open Source procurement in the European Union

    opensource.org /blog/overcoming-barriers-to-open-source-procurement-in-the-european-union
  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    Organic Maps migrates to Forgejo due to GitHub account blocked by Microsoft.

  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    Routeable Loopback Addresses

    etherarp.net /routeable-loopback-addresses/
  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    Consider Security First | The Changelog

    changelog.complete.org /archives/10620-consider-security-first
  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    A new home and license (AGPL) for Synapse and friends

    element.io /blog/element-to-adopt-agplv3/
  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    awesome-selfhosted.net now has subpages for each platform/language

  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    Searx is no longer maintained

    github.com /searx/searx/commit/276ffd3f01cdd823f75676c51231fad4040059d3
  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    Cryptographic Agility Part 1: Server Certificates

    scotthelme.co.uk /cryptographic-agility-part-1-server-certificates/
  • Selfhosted @lemmy.world
    vegetaaaaaaa @lemmy.world

    awesome-selfhosted.net - a list of Free Software network services and web applications which can be hosted on your own server(s)

    awesome-selfhosted.net
  • Linux Audio @waveform.social
    vegetaaaaaaa @lemmy.world

    awesome-linuxaudio · A list of software and resources for professional audio/video/live events production on Linux.

    gitlab.com /nodiscc/awesome-linuxaudio