On my unraid router, this is called DNS override

Immich.example.ca resolves to a local ip when you search for within the network. For every DNS entry on cloudflare for my domain, I have an equivalent one on my router and pihole that points to the local domain

Thats an excellent feature, thanks for the suggestion!

Thanks!

This looks fantastic! Thanks!

No but it seems perfect with the chores section. Thanks!

Web app is probably best. That makes it easy to share with other members in the family so anyone can check off a task once done. Also having tasks pile up when they are not done is also very useful so you can see the backlog. It’s close to a calendar app but not quite optimized for something like this.

Ideally tasks could have a description section that explains how to do it, like flushing the water heater could have be exact steps written for the heater tank that you have specifically avoiding the need to keep looking it up every year.

There are several good webapps like this already, but they all are paid and locked in to their platform.

Authentik handles SSO for all my apps like immich, linkwarden, owncloud etc. Openid when available but some web apps are done via forward proxy auth. Jellyfin uses LDAP via authentik which isn’t sso technically.

Other than me, no one else mounts samba shares directly. All personal files are synced to server and other devices with owncloud (OCIS).

Yes its config file only, but if you get the File editor app, it’s quite easy to just copy and paste a few lines into the editor.

Once it’s setup it never changes.

I’ve not looked for an LDAP solution but stuff like this is why i went with authentik over other solutions. Because authentik has LDAP built in, i can use this when needed (jellyfin) but then use openid for other apps (which us superior in almost every way for home lab use)

There are auth libraries that you can just plug into your app so you don’t even have to worry about that part yourself and just focus on the app

https://authjs.dev/getting-started

I use this tutorial to setup external only and internal only URLs both with SSL

https://youtu.be/liV3c9m_OX8

Borgbase has good options for Borg and restic backups.

I highly recommend using one of these 2 for proper backups. Borg with borgmatic scripts are fantastic

Borgmatic

You can self host the Borg server in docker (or bare metal) on another server if you have one (or a friends) and then borgbase offers very good paid backup storage

I use a second server locally, a friend and borgbase as backup locations.

You have angered the helmsman Charon. Your misdeeds have been noted.

If i remember correctly on my gitea (now forgejo) the default is open registration which really shouldn’t be the case for projects that are targeted towards self hosters.

My inital install was a long time ago so I don’t remember for sure

I ran nextcloud for years on good hardware and its always been the weakest self hosted app I have. I moved to seafile for a bit and then ultimately owncloud OCIS.

OCIS is a modern app that is massively better since its written with modern languages / frameworks

Borg backup runs every hour on all my docker folders

I definitely don’t need to but it also costs nothing and retention policy only keeps 5 minute backups for an hour. Then hourly back up for a day. Daily backups for a week, etc. Up to 2 years

Exactly this, I have hourly Borg backups and also since my install is entirely on a zfs array I have zfs autosnapshot every 5 mins with retention policy. Takes almost zero cpu or memory overhead extra and means and can do just about anything via command line and revert it back with ease.

That being said, I still don’t auto update. Unless having an issue, I just sit down every few months and update everything manually because if its already working why update. If you want the newest features, how will you even know what they are if you don’t at least glance at the release notes?

Traekif can reverse proxy just about anything include ssh.

That being said I don’t. For stuff like ssh I connect with wireguard first then ssh. For stuff like immich I directly expose that behind traefik so I can share images with others. For stuff like vaultwarden I have that behind traefik but internal only so you need wireguard first then you connect to vaultwarden.local.domain.com