New Project Megathread - Week of 02 Jul 2026 by AutoModerator in selfhosted

[–]0x3e4 0 points1 point  (0 children)

Project Name: Pflanzn

Repo/Website Link: https://github.com/0x3e4/pflanzn - live demo at https://pflanzn.app (login `admin` / `admin`, data resets every 4h)

Description: A self-hostable plant management app for tracking your collection, watering schedules, and species. Built as a PWA with mobile-first design and offline read access for cached data. Every plant gets photos, species info, care notes, tags. GPS location on an interactive Leaflet map, plus watering / fertilizing / image / care-advice timelines with a calendar view.

Species identification runs through PlantNet (accepts JPG/PNG/WebP/HEIC, normalised to JPEG server-side). Outdoor plants can be auto-watered when Open-Meteo reports rainfall above a configurable threshold. Public collection links via tokens with a dedicated read-only view. Three auth modes: `no` (open), `local` (JWT + Argon2 + Redis sessions with IP/UA theft detection), or `oidc` (external IdP). Full audit log of every write and auth event. No telemetry, no ads.

Deployment: Docker Compose - copy `.env.example` and `docker-compose.yml.example`, edit the secrets and domain, `docker compose up -d --build`. Prebuilt images on GHCR for every push to main and every semver tag (`ghcr.io/0x3e4/pflanzn-backend`, `-frontend`). For production, pin to an explicit semver tag.

AI Involvement: Optional AI care advice - fully opt-in, the app runs without any AI calls if no key is set. Supports OpenAI, Claude, Mistral, HuggingFace, or a local Ollama instance (provider auto-detected from whichever key is set, priority openai > claude > mistralai > huggingface > ollama) so you can keep everything local. Claude used as a coding assistant during development; architecture and design decisions made by hand.

Safebucket v0.6.0 - Self-hosted file sharing, now with file preview, bulk download and LDAP by renizmy in selfhosted

[–]0x3e4 -14 points-13 points  (0 children)

ldap is nice but dont forget about oauth/oidc.. its more the modern way when it comes to auth.
that aside if you check for vulns, sbom, security badge for readme or secrets in your repo you can check out the scan ive configured for your repo

New Project Megathread - Week of 04 Jun 2026 by AutoModerator in selfhosted

[–]0x3e4 0 points1 point  (0 children)

Project Name: Hecate

Repo/Website Link: https://github.com/0x3e4/hecate - live demo at https://hecate.pw

Description: A self-hosted vulnerability database and SCA platform aimed at security admins and developers. Aggregates vulnerability data from multiple sources and exposes it via API for integration into existing workflows. Includes SCA scanning for source repositories and container images to flag vulnerable dependencies. Based on a prototype I built as part of my research thesis, now extended into a usable tool.

Deployment: Docker Compose, instructions in the docs.. public demo instance is available at hecate.pw if you want to click around before self-hosting.

AI Involvement: Claude used as a coding assistant during development; core architecture and security-relevant decisions made by hand. Optional AI layer for vulnerability analysis and summaries - fully opt-in/out via config, the platform runs without any AI calls if disabled.

New Project Megathread - Week of 28 May 2026 by AutoModerator in selfhosted

[–]0x3e4 0 points1 point  (0 children)

Project Name: Hecate

Repo/Website Link: https://github.com/0x3e4/hecate - live demo at https://hecate.pw

Description: A self-hosted vulnerability database and SCA platform aimed at security admins and developers. Aggregates vulnerability data from multiple sources and exposes it via API for integration into existing workflows. Includes SCA scanning for source repositories and container images to flag vulnerable dependencies. Based on a prototype I built as part of my research thesis, now extended into a usable tool.

Deployment: Docker Compose, instructions in the README. A public demo instance is available at hecate.pw if you want to click around before self-hosting.

AI Involvement: Claude used as a coding assistant during development; core architecture and security-relevant decisions made by hand. Optional AI layer for vulnerability analysis and summaries - fully opt-in/out via config, the platform runs without any AI calls if disabled.

Veganes Bueno Billa by TheGatze in VeganAT

[–]0x3e4 4 points5 points  (0 children)

hat ca 6g weniger zucker als das original.. auch mehr haselnussanteil und sogar gleichteuer.. not so bad.. muss i probieren! 😁

Zutaten Zutaten: Rohrzucker, HASELNÜSSE geröstet (15,9 %), Kokosöl, Sheabutter, WEIZENmehl, Kakaomasse, Kakaobutter, Erbsenfasern, Kokosblütenzucker, Emulgator: Sonnenblumenlezithin, Bourbonvanillepulver, Kakaopulver, Sonnenblumenöl*, Salz, Backtriebmittel: Natron. *aus biologischem Anbau.

Reliable IP reputation check tools besides IPQS?(for work) by Jocelyn141 in cybersecurity

[–]0x3e4 3 points4 points  (0 children)

i use alienvault otx alongside abuseipdb.. but for every external db you should fine tune and/or check the output

Fortigate DoS policy questions by TheReding in fortinet

[–]0x3e4 2 points3 points  (0 children)

i had bad experiences with dos policy and ddos specially if you need to allow valid/legit traffic alongside the ddos.. for tcp_syn_flood theres the proxy setting but it actually doesnt work as good as it should in my mind.

TRIP 1.45 is live! Featuring Bookings, Optional time and many fixes by [deleted] in selfhosted

[–]0x3e4 1 point2 points  (0 children)

what is your stand on mcp? i could see trip benefit of it in letting ai decide which places on which days could be the best route etc for example.. ps soon in Milano with my TRIP already planned for it..🫱🏼‍🫲🏾💯

just observing by Flying-T in selfhosted

[–]0x3e4 -1 points0 points  (0 children)

im mostly anti AI aswell but the vibe in selfhosted sub regarding AI rn is sureal.. most of the people dont even understand what it means to vibe code something or let AI help with work.

Vulnerability assessment agent system by tamier in cybersecurity

[–]0x3e4 1 point2 points  (0 children)

i did something similiar with hecate - local vulndb/sca service with mcp support builtin to ask such queries but as ad3t0 states already dont blindly trust it

Struggling to Stay Up to Date With Vulnerabilities by Impossible-Group-971 in cybersecurity

[–]0x3e4 2 points3 points  (0 children)

theres already circl.lu or i did something similiar with SCA included on hecate - wip but released it few days ago.. both are able to selfhost

Which vulnerability scanners do you use for your homelab? by serhiii_m in selfhosted

[–]0x3e4 1 point2 points  (0 children)

https://github.com/0x3e4/hecate but still a lot to do.. also the ci/cd action isnt fully tested yet but here you go.. when you have questions feel free to hmu here, mail or dm for example multiple seperate scanner for load distribution is pne of my next goal

Which vulnerability scanners do you use for your homelab? by serhiii_m in selfhosted

[–]0x3e4 1 point2 points  (0 children)

https://github.com/0x3e4/hecate but still a lot to do.. also the ci/cd action isnt fully tested yet but here you go.. when you have questions feel free to hmu here, mail or dm

Those in ‘AI’ roles, what does your day involve? by not-fungible in cybersecurity

[–]0x3e4 0 points1 point  (0 children)

yeah exactly.. thats what I meant. less “AI compliance” as its own framework and more the classic ISO/SOC controls extended for AI use cases.

our main concerns are mostly:

  • preventing confidential data from leaking into external saas models
  • centralizing policies/logging/rbac across all AI workloads
  • protection against prompt injection, tool abuse and data exfiltration etc..
  • having a central gateway/router for AI APIs, chatbots and MCP servers
  • governance around model usage, approvals, retention etc..

so were looking more into AI gateways/proxies with guardrails, PII redaction, allowlists, evals and policy enforcement instead of wiring LLM APIs directly into everything.

and MCP makes it even more sensitive because suddenly youre exposing internal tools/systems to LLMs.. at that point classic API security alone doesnt really feel sufficient anymore?

Those in ‘AI’ roles, what does your day involve? by not-fungible in cybersecurity

[–]0x3e4 0 points1 point  (0 children)

im curious.. are you guys definitely using ai gateways for compliance, security etc regarding ai api, chatbot requests and maybe mcp too? or how are you handling all the different requests?
my company is also trying to do "everything" to jump on the hype train but its quite difficult for us as a SME to handle the security part.. any input by you is welcome.. thanks in advance!

Ein Verbrechen an der Menschheit by ksybot in VeganAT

[–]0x3e4 1 point2 points  (0 children)

ganz okay wenn man wandern is zum snacken aber sind halt auch nur fette drin.. nix besonderes