tag: #selfhosted

Scoped forward-auth for homelab services using tinyauth.

Self-hosting SearXNG - architecture, gotchas, and threat-model honesty.

Production-grade public MCP server

Running endlessh-go as a Docker container on Strato VPS, deployed via Ansible

Running Cisco WLC 2504 and Aironet 3600 access points in a homelab for under 300 CHF

How to run WireGuard through CG-NAT and UDP-blocking networks by wrapping it in WebSocket with wstunnel, using a Raspberry Pi as a permanent LAN gateway and a Strato VPS as the public relay.

Proxmox on VRTX - fix the megaraid_sas hang.

The project formerly known as bitwarden_rs renamed to Vaultwarden last month, completing the rebrand at the request of the Bitwarden team. Six weeks in, the new name is settling. The underlying project remains what it always was - the right way to self-host Bitwarden if you want full control of your password infrastructure.

Caddy v2 released six weeks ago. It is not v1 with new features — it is a complete rewrite, with a new configuration model, a new module system, and a real architectural argument for why a modern web server should look different from nginx and Apache. After six weeks of running production sites on it, here is what it actually delivers.

Debian 10 released a month ago, ending Stretch's two-year run. The headline change is nftables replacing iptables as the default firewall framework. The deeper changes — secure boot, default AppArmor, Wayland coming into focus — are what will matter over the next two years.