Yikes, are those required? Looks very rug-shaped, perfect for pulling things. Or not. Who knows?

Yeah it’s a normal model, but BitWarden is a bit special in that their original server-side implementation was enough of a pain to self-host on a small scale that an alternative implementation Vautlwarden was created. And Vaultwarden became very popular in self-hosted circles. And now many years later BitWarden offers a Lite server which scales down. I think it’s a good thing, just a bit unusual. I’m struggling to think of similar examples.

I’m sure Vaultwarden still funnels plenty of enterprise use of BitWarden, since Vaultwarden users still use official BitWarden client.

Forward thinking venture capital funded companies are getting rarer, hence the question on motivation. Especially the last few years many VC Foss companies have squeezed harder the other way (gitea, Terraform, docker). So all kudos to BitWarden for launching Lite.

What you say a about brand dominance, or brand protection makes a lot of sense. It’s not a good look for them that a large number of people choose to use an unofficial implementation instead of theirs. And should there ever be a catastrophic security issue with Vaultwarden, it would still reflect bad on BitWarden as that kind of nuance (like “unofficial server side implementation”) tend to get lost in reporting. Having more IT workers self-host official version probably also helps pave the way for bringing enterprise-bitwarden to companies.

Valve are a bit of a unicorn though, because they are privately owned. There’s no investors demanding ROI the next quarter, which gives them freedom to think long term.
When Microsoft launched windows8 and the Microsoft Store, Valve took that as an existential threat to their whole business model (the Steam store). Valve feared that Microsoft was trying to position itself like Apple on iOS and Google on Android, where there is only one platform store, and all apps are purchased through the platform store, and the platform store takes that sweet sweet 30% cut. So Valve pivoted to ensure the Steam store would not be obsolete, and give customers a reason to still use the Steam store. And what they achieved is awesome, for Linux, for Valve and for gamers. But it took nearly a decade, which is a level of patience few companies have.

Wonder what’s the reasoning behind offering this Lite version. I don’t imagine competing with Vaultwarden is very lucrative financially.

To be honest I don’t remember why I set up gitea with MySQL instead of sqlite (or MariaDB), its quite a few years ago. And sqlite would probably be fine for my single-user instance

I just did it not long a ago. Gittea -> Forgejo10 -> Forgejo11 LTS, in Docker. Surprisingly quick, painless and smooth.

(My only issue was not Forgejo, but MySQL. Because the hardware is ancient and Docker compose pulled down a new version of mysql8 at the same time as pulling forgejo. New version of mysql8 didnt support my CPU architecture. Easy fix was to change the label mysql8oraclelinux7 in Docker compose and pull that image. There is a issue with solutions in the MySQL Docker GitHub repo)

Can attest that Folder Sync is excellent. I use it all day (in the background) for two-way sync (notes) and backup of photos videos etc

Though a small PSA on setting up:
I once set up a new share on a new phone with two-way sync, and the app decided to sync the (newer) empty directory to the server (i.e. delete everything) instead of pulling the files from the server to the phone.
Easy fix: Restore notes from backup (step 0: have backups in the first place), then do an initial 1-way sync from server to phone, then change the sync job to two-way.

Do you version your compose files in git? If so, how does that work with the dockGE workflow?

I highly recommend you use Proxmox as the base OS. Proxmox makes it easy to spin up virtual machines, and easy to back up and revert to backups. So you’re free to play around and try stupid stuff. If you break something in your VM, just restore a backup.

In addition to virtual machines, Proxmox also does “LXC containers” , which are system level containers. They are basically a very light weight virtual machine, with some caveats like running the same kernel as the host.

Most self-hosting software is released as a docker-image. Docker is application level containers, meaning only the bare minimum to run the application is included. You don’t enter a docker container to update packages, instead you pull down a new version of the image from the author.

There are 3 ways to run docker on Proxmox:

• Install docker inside a virtual machine (recommended).
• Install docker inside a LXC Containers (not recommended because of various edge cases)
• Install docker directly on the Proxmox host (not recommended for various reasons).
• (There is ongoing work for running docker images directly in Proxmox, this is in beta/preview since Proxmox 9.1).

The “overhead” of running docker inside a VM on the host is so negligible, you don’t need to worry about it.

I had never heard of dockge before, but this sounds like the killer feature for me:

File based structure - Dockge won’t kidnap your compose files, they are stored on your drive as usual. You can interact with them using normal docker compose commands

Does that mean I can just point it at my existing docker compose files?
My current layout is a folder for each service/stack , which contains docker-compose.yaml + data-folders etc for the service. docker-compose and related config files are versioned in git.
I have portainer, but rarely use it , and won’t let it manage the configuration, because that interfered with versioning the config in git.

The article introduction is gold:

In the unlikely case that you have very little RAM and a surplus of video RAM, you can use the latter as swap.

Thanks for sharing! TIL about autofs. Now I’m curious to try NFS again.

What’s the failure mode if the NFS happens to be offline when PBS initiates a backup? Does PNS try to backup anyway? What if the NFS is offline while PBS boots?

EDIT: What was the reason for bind mounting the NFS share via the host to the container, and NFS mounting from NAS to host?
I did the NFS-mount directly in the PBS. (But I am running my PBS as a VM, so had to do it that way)

I run PBS as a virtual machine on Proxmox, with a dedicated physical harddrive passed through to PBS for the data.

While this protects from software failures of my VMs, it does not protect from catastrophic hardware failure. In theory I should be able to take the dedicated harddrive out and put it in any other system running a fresh PBS, but I have not tested this.

I tried running the same PBS with an external NFS share, but had speed and stability issue, mainly due to the hardware of the NFS host. And I wasn’t aware of autofs at the time, so the NFS share stayed disconnected

SingleFile provides a faithful representation of the original webpage, so bloated webpages are indeed saved as bloated html files.

On the plus side you’re getting an exact copy, but on the downside an exact copy may not be necessary and takes a huge amount of space.

SingleFile is a browser addon to save a complete web page into a single HTML file. SingleFile is a Web Extension (and a CLI tool) compatible with Chrome, Firefox (Desktop and Mobile), Microsoft Edge, Safari, Vivaldi, Brave, Waterfox, Yandex browser, and Opera.

SingleFile can also be integrated with bookmark managers hoarder and linkding browser extensions. So your browser does the capture, which means you are already logged in, have dismissed the cookie banner, solved the capthas or whatever else annoyance is on the webpage.

ArchiveBox and I believe also Linkwarden use SingleFile (but as CLI from the server side) to capture web pages, as well as other tools and formats. This works well for simple/straightforward web pages, but not for annoying we pages with cookie banners, capthas, and other popups.

Lol, I’m just over a week in to learning NixOS and this feels so true 😂

I feel like I’m just starting on the incline, luckily I don’t have any sturdy rope on hand 😂

Reading your post again, you should start by moving your docker management from CasaOS to vanilla docker-compose files, and keep them in a git repo.

I still think you definitely should look in to NixOS and what it can offer, cause it seems like that is where your mindset is going.

But NixOS is a drastic change, you should start by just converting your individual services one by one from CasaOS management to docker-compose files. One compose file for all services is possible, but I would recommend one compose file for each service. Later you can move from Debian to NixOS while using the same docker-compose files.

I would like to have a system when I know what I did, what is opened/installed/activated and what is not

You sound like you need to to look in to Nix and NixOS. The TLDR is that everything is declared in a configuration file(s), which you can and should back up in git. The config files tell you exactly what you did , and the config file comments together with git commit history tell you why.

The whole system is built from this configuration file. Rollback is trivially easy, either by rebooting and selecting an older build during the boot manager, or reverting to an older git commit and rebuilding (no reboot required, so usually faster)

Now fair warning, Nix (and NixOS) is a big topic, very different from normal way of thinking about software distribution and OS. Nix is not for everyone.

You should also at the very least have a git repo for docker-compose files for your services. Again, that will declaratively tell you what you did and why.

Also, if NixOS is too extreme, you should also look in to declarative management tools like Ansible etc

Not a problem when self-hosting on own hardware. Especially in winter. Overly complicated spaceheater goes brrrr

Hard to say without knowing which method you used to install HomeAssistant.

But I never found mdns .local addresses to be very reliable. They work 80-90% of the time, but the remaining 10-20% are a hassle.

Instead I’d recommend you install PiHole (in a docker container is easiest). PiHole is a DNS server intended for network-level ad-blocking. But it also have a handy feature of defining local DNS entries, so you can have HomeAssistant.myhome or HomeAssistant.whatever (.local should not be used with PiHole local DNS because .local is meant for mdns)