Skip to content

Blog has migrated..

Custom domains now available

Until today, all your ElfHosted services could only be served on https://<user>-<app>.elfhosted.com. After some development effort, we now have the pieces in place to allow you to access your apps on your own custom domain name, so instead of https://funkypenguin-uptime-kuma.elfhosted.com, you might prefer something like https://status.funkypenguin.co.nz (see how it works?)

The elfhosted.com URL will continue to work, and your dashboard will remain pointing to the ElfHosted link (in case the DNS record goes away again).

How do custom domains work? ๐Ÿ™‹โ€โ™‚๏ธ

How does this work? Like GitHub Pages, if you create a DNS CNAME record on your domain (mattermost.spankypants.com) and point it to your ElfHosted URL (spankypants-mattermost.elfhosted.com), we can request a LetsEncrypt certificate for that domain, validate it, and serve your app on that URL using our Traefik ingress controller.

Which apps can get custom domains?

Custom domains don't make sense for all apps, and I've not tested the impact on SSO (since auth cookies are domain-based), but as I add the option to apps, you'll find custom domains available at https://store.elfhosted.com/product-category/custom-domains/, and instructions added to the docs for the various apps.

For example, here are the instructions for using a custom domain with Uptime Kuma!

Notifiarr notifies again!

Today we found a bug which has existed since our code was originally Seedplicity, which prevented the Notifiarr client UI from properly authenticating you, a necessary step towards configuring notifications for local services such as Radarr, Jellyfin, etc.

If you're unfamiliar with Notifiarr, it's worth a look - check this out:

Tada, it's Tdarr! ๐ŸŽ‰

I was trying to catch up on my 1080P movie backlog on my laptop recently, only to discover that Jellyfin would transcode the movie since the 5.1 audio track apparently won't work on modern Firefox on my modern Macbook (grr, why? ๐Ÿคฆโ€โ™‚๏ธ)

Rather than just watching on my nVidia Shield (which plays everything I throw at it), I instead spent about 6 hours (I never even got to watch the movie!) adding Tdarr to our platform, with a mind to having a 2-channel audio track added to my existing media.

So, we now have Tdarr available! ๐Ÿฅณ It works as advertised, although it turns out to be quite tricky to configure, and even trickier to make work with the Quick Sync Video hardware transcoding support in our 9th-gen Intel nodes.

Screenshot of Tdarr

A few peculiarities to our implementation:

  1. While Tdarr can support multiple, distributed worker nodes, we just use one worker node, paired with the Tdarr server, for easy resource isolation, and because our transcoding "scratch" volume is actually a 200Gb ephemeral NVMe-backed disk, which only exists for as long as the pod does.
  2. We don't actually want to significantly increase our CPU usage across the platform - rather, we want to leverage Tdarr for spare capacity on hardware-based transcoding. Each Tdarr pod has minimal CPU, and enough RAM to run the server, plus one hardware transcode, but will crash and restart if trying to do more than one transcode in parallel (because mooar transcodes requires mooar RAM)

I've pre-configured a working Tdarr setup, so you won't be starting from scratch when configuring it, and I've added more specifics to the app page.

Get your 24h trial / subscription at the store!

What will we do about Plex blocking Hetzner IPs?

Plex recently sent notices to users hosted on Hetzner IP ranges, indicating that from 12 Oct 2023, their hosting provider will be blocked.

Although the letter didn't mention Hetzner by name, it's pretty clear that they're the target, presumably due to their affordable (woo!) pricing, and the prevalence of "Plex Shares" services using it.

This presents an issue for ElfHosted, since we're using Hetzner for the same reasons (the price is nice).

Luckily (ironically) due to Hetzner's infamous zero tolerance of DMCA notices, we've already built out the infrastructure to add VPNs to pods, and allow users to "BYO VPN". This is how our torrent clients work - you've got to bring your own VPN credentials to play.

So, come 12 Oct, when Plex blocks Hetzner's IP ranges, it may be necessary to BYO VPN in order to keep using your Plex instance.

Worst-case, if you're a Plex user who wants to continue beyond 12 Oct, you'll want to cancel your Plex subscription, and add one of the Plex BYO VPN alternatives from the store.

Of course, the other solution would be (like half of r/selfhosted currently), to loudly bemoan Plex's behaviour, and rage-switch to Jellyfin or Emby ;)

Introducing Joplin Server

Today's new app is a fresh request from one of our fellow elfies.. Joplin is a 100% open-source , markdown-driven note-taking app, similar to Obsidian or Logseq. There are apps for Mac, Windows, and Linux, even a terminal app!

Joplin Server is the open-source version of the sync engine behind https://joplincloud.com, which takes you beyond simple apps, by enabling cross-device sync, sharing, publishing, etc.

Screenshot of Joplin

Adding Joplin Server to your "Elf Stack" will let you utilize your ElfStorage (pass go, collect 100GB) for storing notes, attachments, etc.

The "publish note" feature is pretty - here's an example of what a published note looks like - it's published by joplin-server (so you can edit it with any client on any device), and it's auto-updated whenever the note is updated.

If you don't trust a seedy seedbox host with your super secret notes (and why should you?), you can enable E2E encryption in the client apps, which (like Seafile) means that all that's stored in ElfStorage is the encrypted blobs, and some metadata in the postgresql database.

When is SSO provided?

I had feedback from a user today after a recent post about exposing various app APIs without SSO, pointing out that that SSO was applied a little inconsistently across our apps. For example, Jellyseerr was exposed publically (it has strong auth and is used to share media requests), but Overseerr (of which Jellyseer is a fork) was not! ๐Ÿคฆ

This is now fixed ๐Ÿ‘

To clarify, here's how SSO is applied, based on the intended audience / purpose of an app:

  1. Apps that only you (the user) would use, are behind SSO without any native auth, where possible. This includes download clients, apps without auth (openbooks), Arrs, etc (although these can be optionally exposed to a limited degree)
  2. Apps which you might want to share (Plex, Navidrome, Kavita, Overseer, etc) and which provide their own trusted auth, are exposed without SSO, since their entire purpose is to share media / content with a wider audience than just yourself!

Introducing Miniflux

I've been a fan of Miniflux since I publicaly ditched TinyTinyRSS for it, 6 years ago. (read all about it!)

Screenshot of Miniflux

Miniflux is part of a class of apps I'm hoping to add more of - standalone apps which leverage an external database backend (like MySQL or postgreSQL). In this class we already have Seafile and Mattermost, and I hope to add NextCloud in the near future. (and hopefully eventually Radarr and Sonarr!)

Using a "real" database (as opposed to sqlite) makes backup / migration a little tricker, but I've implemented automatic daily backups for the database component (they'll go to /storage/elfstorage/backups/<app>/), alongside whatever backup / export option the app natively provides.

See more on the app page, or perform a 24h trial / subscription at the store!

More news...

Exposing Arr/Downloader apps without SSO

Until now, when a user has asked

"how can I access my media apps with NZB360 or Lunasea?"

The answer has been:

"sorry, the SSO which protects the apps relies on a browser cookie, which won't work in a separate app".

From today though, the answer is:

Change your API key / password, subscribe to an "Exposed!" service, and enjoy your exposed access!

Read further for details about how it works, and why..

New basic streaming bundles

As alluded to a few days ago, now that we can sell storage in 1TB "chunks", I've created some discounted bundles in the store for minimal streaming stacks.

For users who just want to get started with the basic toolset for media management, we now have bundles with Jellyfin/Plex/Emby, Radarr, Sonarr, and SABnzbd, with the option for 1TB extra storage bundled in.

The pricing is a bit of an experiment - feel free to send feedback re how you think these stack up :)

Why monthly, and why bundled discounts?

I wanted to make it easy(ier) for new users to compare our tools with other providers, and the bundles are discounted to make them slightly "stickier". A user unfamiliar with ElfHosted (ElfBuckz, etc) could simply purchase a bundle in one move, and then spend their $10 ElfBuckz on ancillary apps like Overseer, Prowlarr, etc.

ElfStorage refactored, 100GB free, 40% cheaper

ElfStorage is our internal storage platform, providing basic network-attached storage for new users, and users who choose not to BYOS.

Following some recent feedback, we've made the following changes:

  1. Initially sized at a puny 10Gb, all users now get 100Gb ๐Ÿ˜ storage in /storage/elfstorage for FREE with their account.

  2. ElfStorage is now a daily ๐Ÿ“† subscription (previously monthly), so that it can be added to existing subscriptions and funded with ElfBuckz, rather than being a totally separate, monthly subscription. This also makes it easier to try out with your initial $10 ElfBuckz.

  3. ElfStorage's monthly price is now 40% ๐Ÿ”ฅ cheaper, at $6/TB, instead of $10/TB ($0.20/day)

Info

ElfStorage is built with Ceph, on a collection of 1Gbps single-purpose nodes, and large HDDs (spinning rust). We store 2 replicas of each object, across two separate physical hosts, for basic redundancy.

Read more for ElfStorage questions, Seafile fixes, and app bundles..