This Week in Self-Hosted (18 August 2023)

Industry Activity

It's 2023 and Cloudflare Can't Believe People Still Regularly Fall for Phishing Attacks

Cloudflare published their 2023 phishing report this week, which is an interesting read for any self-hosters publicly exposing services for their users (regardless of whether you utilize Cloudflare's DNS capabilities). The report summarizes three key tactics behind most successful phishing attacks – deceptive links, identity deception, and trusted organization impersonation. selfh.st will never ask you for your credit card information – but se1fh.st might...

Stop Trying to Make 'Zoom' Happen

Zoom has been a hot mess since earlier this year after they updated their terms of service to note that user participation in meetings and calls might be used to train AI models. They've since backtracked and amended their terms to state they'll no longer do so, but the damage has already been done. Now all sorts of open-sourced software foundations are calling on communities to abandon Zoom in favor of more privacy-friendly software. Jitsi Meet, Nextcloud Talk, or MiroTalk, anyone?

How exactly does Mastodon work, anyway?

Like many of us also trying to escape Twitter X, Sebastian Jambor didn't completely understand the underlying protocol behind ActivityPub, so he did what any normal person would do – educated himself and wrote an in-depth series of blog posts about it. Sebastian does a great job at breaking down the various aspects of ActivityPub in a way that's easy to understand, and in the most recent post published earlier this week, he explores how replies, boosts, and likes work on Mastodon.

Software Updates

• Ghost v5.59.0 | Content Management: Header card improvements, support for relative links in e-mails, various minor fixes
• GoToSocial v0.11.0 | ActivityPub: New support for hashtags, account notes, and markers, updated list reply policies, various performance tweaks
• Homarr v0.13.2 | Dashboard: New notebook widget, choose city times to display on dashboard, weather locations, more layouts for DNS hole
• Immich v1.73.0 | Photos: Optimized album viewing experience, options to configure thumbnail generation and toggle visibility of memory reel, better quality for thumbnails and generated videos
• LocalAI v1.24.0 | Open-Source AI: Four new backends – Bark, AutoGPTQ, Exllama, and Diffusers; API keys, enhanced galleries, and LocalAGI
• Midarr v4.0.0 | Media Server: Kodi add-on release, removed Playlists and Continues page, Radarr/Sonarr webhooks, OIDC/OAuth 2.0 support, API tokens, and history page
• Netbird v0.22.4 | Wireguard Mesh: Always-on VPN connectivity for Android, new dashboard version, edit groups from main view
• Nextcloud | Cloud Collaboration: Smart Picker now ready for mainstream release
• Novu v0.17.1 | Unified Notification API: Multi-provider integration support, multi-tenancy support, cookbook section in docs, and notification center updates
• ntfy v2.7.0 | Notifications: Markdown and right-to-left language support for the web app, bug fixes
• Outline v0.71.0 | Wiki: Find and replace in documents, rebuilt code blocks and Mermaid diagrams, rich hover cards for external links, new syntax highlighting, fine-tuned permissions for viewer insights, view tracking for outgoing e-mail notifications
• Ryot v2.7.1 | Tracker: Custom measurements, light mode
• Tandoor Recipes v1.5.5 | Recipe Manager: Added ability to set base unit for units to improve conversion ability, set external website URLs for foods, back description field for food editor, improved system information page
• Umami v2.5.0 | Analytics: New insights and retention reports, updated navigation menu, search abilities within tables
• WebMesh v0.2.1 | WireGuard Mesh: App daemon for external solutions, Campfire implementation, cluster role updates for increased scalability

New Software

• BetterNote: Simple, fast secure note-sharing services
• LlamaGPT: Self-hosted chatbot powered by Llama 2
• Reiverr: Web interface for Jellyfin, TMDB, Radarr, Sonarr, and Overseerr
• SwiftWave: Lightweighth PaaS solution for deploying applications to a VPS
• tautulli-notification-digest: Discord notifications for media events via Tautulli
• TPlinkDeviceScraper: Scrape devices from TP-Link routers to display in webviews

Featured Community Content

How we reduced the cost of building Twitter at Twitter-scale by 100x

I’m going to cover a lot of ground in this post, so here’s the TLDR: We built a Twitter-scale Mastodon instance from scratch in only 10k lines of code. This is 100x less code than the ~1M lines Twi…

BlogNathan Marz

Privacy friendly ESP32 smart doorbell with Home Assistant local integration – Tristam

Tristam Plays with tech.tristam

Celebrating 500K Downloads: The Podman Desktop Journey 🎉

Hello Podman community! Today is a special day for all of us – we’ve officially hit 500,000 downloads of Podman Desktop! We want to say a big thanks to each and every one of you. …

stack of multi-colored septagons, top one has a large CStevan Le Meur

Self-Hosted Spotlight: OliveTin

Meet OliveTin, an application that allows users to execute pre-defined shell commands via touch-friendly buttons from a web interface. The project's repository lists two primary use cases for OliveTin: Server administrators can utilize it to give non-admin users and guests access to basic commands (restart Plex, etc.) or to simplify complex commands used on a frequent basis (ping specific devices via MAC address, etc.).

Features include a touch-friendly UI for on-the-go access, easy configuration via a YAML file, multiple options via dropdown menu, dark mode, and low resource usage. As a bonus, the team provides a number of options for running OliveTin – bare metal, Docker, Kubernetes, and more.

Note: Please consider and research the implications of exposing administrative commands to non-admin users before exposing OliveTin externally.

Links: Site, GitHub

Privacy Corner

Share Your Content in a Future Newsletter

We're always looking for new and existing self-hosted content to share in our newsletter. Reach out using the link below if you'd like to have your own content featured or have a suggestion for content types you'd like to see featured in future newsletters.

Support selfh.st

Our team works hard to compile self-hosted content from across the web to be delivered to your inbox each week. Please consider making a recurring or one-time donation to show your support and help offset the costs of operating the publication.