Selfhosted

59027 readers

324 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

Technitium DNS v15.1.0 released with OpenID Connect integration (github.com)

submitted 4 days ago* (last edited 4 days ago) by stratself@lemdro.id to c/selfhosted@lemmy.world

37 comments fedilink hide all child comments

Technitium DNS Server v15.1.0 has been released with support for OIDC! Now you can use your preferred identity provider to log in to user accounts, and manage your DHCP/DNS deployments with approriately granular permissions controls.

I've played around with it, and safe to say that the SSO integration works well. I've written a guide to set it up against Kanidm here. There were some OIDC/clustering bugs in prior v15 releases, and with v15.1.0 they have been squashed and solved.

The major release of version 15 also include various important changes, such as the following highlights:

A new API call for Prometheus metrics
Query Logs apps can now follow live updates
Codebase updated to .NET 10 runtime
HTTP tokens are now accepted via the Authorization: Bearer <token> header
Many other bugfixes, secfixes, and improvements...

Technitium is pretty great. Hope everyone enjoy the release :)

you are viewing a single comment's thread
view the rest of the comments

[–] unitedwithme@lemmy.today 5 points 4 days ago* (last edited 2 days ago) (2 children)

Someone should do a write up for pihole vs adguard vs technitium vs eBlockerOS

https://eblocker.org/en/ (German product?) (BTW you're all welcome that I showed you a new thing)

Edit May 7: eBlockerOS seems geared towards better packet* inspection, hidden trackers protection, and fingerprinting. You can install a HTTPS cert* on your current machine so it does MITM packet inspection where it can scan*, inspect, and reencrypt from the looks of it.

Im probably going to run this at work on my test environment to see how well it does overall. Maybe less granular control, but I like is more* than just an adblocker like pihole.

[–] KairuByte@lemmy.dbzer0.com 2 points 2 days ago

eBlocker definitely looks like an interesting project, I may end up checking that out.

[–] eutampieri@feddit.it 2 points 3 days ago* (last edited 3 days ago)

eBlocker does indeed seem German. It’s also much more than PiHole (it MITMs your packets, it seems) https://eblocker.org/en/how-eblocker-works/

eBlocker uses SSL bumping with a unique root certificate to decrypt possibly encrypted TCP/IP packets. After this deep packet inspection a pattern matching to the target URI is performed. In case of a match, the request is answered by the eBlocker (instead of being sent to the target URI).

As a slightly less accurate alternative, eBlocker uses DNS blocking for fallback, where the domains of known data collectors are blocked. This way, even devices that do not allow to install root certificates are also protected.