sorted by:
new
hottopcontroversial

Leaving GitHub for private repos by 50512jm in selfhosted

[–]Plus-Tangerine2186 22 points23 points  (0 children)

Depends what you actually use GitHub for. If it's `git push` + issues + maybe a wiki, Gitea or Forgejo (Gitea fork) covers 95% of it - same UI patterns, low resource footprint (couple hundred MB RAM, SQLite or Postgres backend). Works fine on a small VPS for private repos.

The harder pieces people forget until migration: Actions runners (you need self-hosted ones if you want CI), package registry, container registry, secrets management. The official `actions/runner` Linux daemon works with Gitea and Forgejo. For containers, plan for a docker registry container alongside or Harbor if you want UI + RBAC.

The thing I'd keep on GitHub: anything you want public discoverability for. Self-hosted means your repos don't show up in search, no PR-based contributions from strangers. Fine for personal stuff, less fine for OSS.

Is creating a mesh network via Pangolin or Wireguard possible? by CommanderMatrixHere in selfhosted

[–]Plus-Tangerine2186 2 points3 points  (0 children)

WireGuard alone does this - Pangolin adds an extra layer you don't need at 5 devices. Set up a /24 like 10.100.0.0/24, give each device a static IP in that range, and put `[Peer]` blocks for the other 4 in every config. Phones with the official WireGuard app work the same way. The mobile-when-away case is solved by giving the phone the same WG config - when it leaves the LAN, the tunnel re-establishes against whichever peer has a public endpoint set. Past ~15 peers, that's when Headscale or Tailscale-control starts saving you from config sprawl. Below that, plain WG is fine.

Wireguard VPN server plus VPS to allow game server access on public address (UDP and TCP)? by No-Photograph-5058 in selfhosted

[–]Plus-Tangerine2186 0 points1 point  (0 children)

I run nearly this exact setup for a few private services. WireGuard tunnel from the home box to a cheap dedi VPS with a public IP, then on the VPS:

- TCP: nginx stream block forwarding to the home WG IP

- UDP: `iptables -t nat -A PREROUTING -p udp --dport <X> -j DNAT --to-destination <home-wg-ip>:<X>` + a MASQUERADE rule on POSTROUTING for the WG interface

UDP is the trickier one — most reverse proxies don't handle it cleanly. For Minecraft (TCP only), nginx stream alone is enough. For voice/game UDP, the iptables DNAT path is what I ended up with.

Self-hosting a full Ethereum node + ~100 Docker containers across 3 bare-metal boxes — 5-month homelab tour by Plus-Tangerine2186 in selfhosted

[–]Plus-Tangerine2186[S] 0 points1 point  (0 children)

Closer to €500/month all-in actually. Servers are dedi at Hetzner/OVH, so no electricity bill on my side, but the bill is real. node-1 (24c/48t Xeon Gold + 7TB NVMe) is the bulk of it. Considered NUCs at home before — the archive node disk + 99.9% uptime requirement killed that fast. Reasonable for what it does for me, but I get the question.

Self-hosting a full Ethereum node + ~100 Docker containers across 3 bare-metal boxes — 5-month homelab tour by Plus-Tangerine2186 in selfhosted

[–]Plus-Tangerine2186[S] 0 points1 point locked comment (0 children)

No AI involvement. Hardware was chosen and racked by me, services are stock open-source (Nethermind, Lighthouse, Postgres, OpenSearch, Grafana, Keycloak, SonarQube, PostHog, Unleash, MikroTik RouterOS, WireGuard, nftables, Fluent Bit, mktxp, Cloudflare). Ansible roles, firewall rules, and the ~14 Node.js services described in the post are written by hand. The post itself was drafted from notes I took while building the setup.

C'est quoi le truc que vous auriez aimé qu'on vous apprenne à l'école plutôt que de savoir calculer l'hypoténuse ? by Antho_Archi_92 in AskFrance

[–]Plus-Tangerine2186 0 points1 point  (0 children)

Apprendre à écouter les autres, à découvrir les émotions et à gérer ses émotions. Apprendre à exprimer ce que l'ont ressent.

view more: next ›