Hi everyone!

Postiz is an open-source social media scheduling tool that offers scheduling on:

Instagram, YouTube, Dribbble, LinkedIn, Reddit, TikTok, Facebook, Pinterest, Threads, X, Slack, Discord, Mastodon and BlueSky.

Check it out here :)
https://github.com/gitroomhq/postiz-app/

I have been working on mostly bug fixes lately and improving the platforms, some of the latest things:

• Many failures of posting on small things like character limit or uploading size.
• Fix problems in LinkedIn not loading pages.
• Team invite was fixed :)
• A bunch of docker changes to make it super easy to load. It's now live on: Coolify, Ptah soon Cloudron

But the most important thing in the roadmap here is what I was mainly asked:

• Add and an option to schedule stories on Instagram and add music to them
• Public API
• YouTube community posts schedule
• Google Business schedule
• Auto Plugs (I'm super excited about this one): Once tweets get X likes, they will auto-repost, add comments to tweets, and so on; this will be sent to all social media.
• SSO

I am happy to hear about more requests.

One clarification after seeing many comments over and self-hosted: Postiz will always be apache-2, no weird dual license thingy, and no enterprise-only SSO.

Postiz is not making much money. Today we are on a product hunt. If you can help me out, it would be amazing, but if not, I love you anyway :)

Thank you so much for this community for helping me with every post!

https://www.producthunt.com/posts/postiz

Just a thought: I think we need a security flair in here as well.

So far I just use the official images I find on Docker Hub and build upon those, but sometimes a project has their own images which makes everything convenient.

I have been thinking what some of these images might do with internet access (Telemetry/Phone-home, etc.) and I'm now looking at monitoring and logging all outbound requests. Internet access doesn't seem necessary for most images, but the way the Docker network is set up, does actually have this capability.

I recently came across Stripe Smokescreen (https://github.com/stripe/smokescreen), which is a proxy for filtering outbound requests and I think it makes sense to only allow requests through this so I can have a list of approved domains it can connect to.

How do you manage this or is this not a concern at all?

Hi Selfhosted!

After an overwhelming response from the homelab/selfhosted community requesting enterprise features (especially external OIDC support), I’m super excited to announce the release of our latest update. All Enterprise features are now free and do not require a license (within certain limits).

Limits should be more than sufficient for home, small business, and student use. More details here.

Further improvements:

🔐 Ability to use external OIDC for secure remote enrollment and Desktop client configuration

🔏 External OIDC now supports code authorization flow - extending Custom OIDC support to Okta, JumpCloud, Zitadel and others..

🛜 Fixed IPv6 configuration in the Location settings

🔬Our focus for the next release:

- Developing ACLs per user and/or per group for granular access

- Encrypting the whole Desktop Client (as another MFA factor)

More details on the release page: https://github.com/DefGuard/defguard/releases/tag/v1.1.0

If you would like to get notified about updates please sign up to our newsletter at: https://defguard.net

Happy testing! Robert.

A little over a month ago I made a post about my guide on the *arr apps, specifically on a Synology NAS and with a VPN (for torrenting). Then last week I made a post to see if people wanted me to make one for UseNet purposes. The response was, well, mixed. Some would love to see it, other deemed it unnecessary. Well, I figured why not.

So, here it is. A guide on most of the arr suite and other related things including, but not necessarily limited to: Radarr, Lidarr, Sonarr, Prowlarr, qBitTorrent, GlueTUN, Sabnzbd, NZBHydra2, Flaresolverr, Overseerr, Requestrr and Tautulli.

It also includes some hardware recommendations, tips and ticks and what providers and indexers I recomennd for UseNet. It cover both the installation in docker, and the complete setup to get it all up and running. Hope you enjoy it!

Check it out here: https://github.com/MathiasFurenes/synology-arr-guide

I'd like to buy a super cheap domain for the express purpose of using it for dynamic dnd for remote vpn access on a dynamic host. Looking to buy a 5-10 year block.

I don't care if it is 4958473.weeb

I just want it to be super cheap

Any suggestions?

Hey all!

About three weeks ago, I introduced ChartDB to this community and received a great response with tons of positive feedback and feature requests. Thank you for the amazing support!

recap of ChartDB:

For those new to ChartDB, it simplifies database design and visualization, similar to tools like DBeaver, dbdiagram, and DrawSQL, but is completely open-source and self-hosted.

https://github.com/chartdb/chartdb

Key features:

• Instant Schema Import - Import your database schema with just one query.
• AI-Powered DDL Export - Generate scripts for easy database migration.
• Broad Database Support - Works with PostgreSQL, MySQL, SQLite, MSSQL, ClickHouse, and more.
• Customizable ER Diagrams - Visualize your database structure as needed.
• Open-Source & Self-Hostable - Free, flexible, and transparent.

What’s New in v1.20 (2024-11-17)

• Sharing Capabilities - Import and export diagrams easily for better collaboration.
• Duplicate table: duplicate table from the canvas and sidebar.
• Snap to Grid - Toggle or hold shift to precisely position elements.
• New Templates Added - Now includes templates for Laravel, Django, Twitter, and more.
• Docker Build Support - Includes OpenAI key support for Docker builds.

Bug Fixes & Improvements:

• Optimized Bundle Size - Leaner builds for faster loading times.
• Internationalization (i18n) - Added support for Korean, Simplified Chinese, Russian, French, and more.
• Improved UX - Better interactions for editing diagram titles and smoother SQL export.

What’s Next?

• More sharing and collaboration enhancements.
• Expanded templates and language support.
• New deployment options and compatibility for more databases.

We’re building ChartDB hand-in-hand with this community and contributors. Your feedback drives our progress, and we’d love to hear more! Thank you to everybody who contributed!

I’m looking for some advice for self-hosting a live stream that will run 24/7 and will be embedded on a gated site. I want to prevent people from inspecting the page and using the URL to embed it elsewhere.

I’ve come across paid hosted solutions like Vimeo and Dacast, but they include features (like recording the stream for on-demand playback) that I don’t need, making them more expensive than I’d like. Or options like cloudflare stream don’t work to restrict embedding or Mux doesn’t allow for 24/7 streaming.

I’m considering using something like https://github.com/arut/nginx-rtmp-module on a DigitalOcean droplet to handle scalability. But I have some questions about this:

• The number of viewers could ramp up from hundreds to potentially hundreds of thousands over time. What kind of load can a setup like nginx-rtmp on a cloud server handle?

• Are there better alternatives for scaling that don’t involve paying for unnecessary features?

For the physical setup, the streaming device will be a gaming PC with a webcam and OBS. I don’t have much control over this part of the process, but I’m assuming all that’s required is to provide the RTMP details for OBS. On the security side, the goal is to ensure the stream is only viewable on the gated site, preventing embedding or access from external sources. I’m looking to use allow origin headers in the nginx configuration.

Thanks in advance for your help!

Before someone ask why not just use vpn like tailscale/wireguard because the app I wanted to expose are shared to my family, and I want it to be easy for them without needing to setup anything on client side.

I use Cloudflare Tunnel for some of my not so important apps, which is fine, but now I wanted to make immich photos backup available for my family as well, which I don't feel as comfortable to trust cloudflare with since they can decrypt any traffic go through them. (Plus it's against their TOS to host non html and high bandwidth application, and they have 100mb post limit)

Which now l am looking for a better solution that check all these boxes - End to end encryption without need to trust third party not to spy on my traffic - No client side configuration

A few solutions I can think of: 1. Directly expose the service, which expose my public ip and port (which I'll probably put myself as a target for all the bot scanning and bruteforce attempt)(I am no networking expert, best I can do is setup some firewall rules, fail2ban, and use bridge network for all my container including reverse proxy, but still because I'm not expert so I don't feel like I should do this)

1. Use a cheap or even free tier VPS, install tailscale and reverse proxy on it, then at my home unraid server broadcast the ip/subnet of services i want to expose, then harden the vps as much as i know. (probably the easiest solution i can implement, but not sure if it's battle tested, or am I not knowing some kind of risk with this setup)(also I'll have to trust oracle not to hijack my vps and spy my passthrough traffic, which they probably won't but again it's technically possible for them)

2. Some other better solution or better selfhosted tunneling solution. maybe something listed on awesome-tunneling?

I'm searching for a voice and video call selfhosted app, but I've found nothing that fit my requirements:

• OIDC support
• If I call an user, they need to get notified (desktop app or browser AND mobile app)
• Screen share functionality

I only need calls, no chat. The best option I found was Nextcloud Talk, but I don't want to host the whole nextcloud stack.

Does anyone have a suggestion?

https://readwise.io

Hello,

Some time back, I shared a Python script called qBittorrent Port Update. Essentially, this script is designed to keep your qBittorrent listening port updated when paired with a Gluetun VPN container.

My script simply reads the forwarded_port file generated by Gluetun and checks if it matches the listening port listed in qBittorrent.conf. If there is a discrepancy, it will stop the qBittorrent container, update the qBittorrent.conf file with the new port and start qBittorrent again.

I have now finally gotten around to creating a Docker container that runs this script. The container has a cron job that executes whenever you want. You can set an environment variable to specify how often it should execute. This is the first Docker image I've created; however, it is based on the latest debian:bookworm-slim. I might look into creating an Alpine image later to make it a bit smaller.

Anyway, this script has been super useful to me, so I’m sharing it here with the rest of you.

You can find the script and source code on GitHub. The Docker container is available on hub.docker.com.

Hi, I'm building my first NAS and I've chosen TrueNAS Scale as my OS. TrueNAS Scale offers Docker containers, which would come quite handy. My only concern is with security as Docker runs as root and I want some of my services to be accessible from the internet. What are your best practices when it comes to security?

Are there any good MDM tools I want to make sure I can lock remote laptops for employees if they get lost or stolen. Thank you!