server/tickets
11
2
Issues 49 Projects 8 Wiki Activity

home server spin-off: preinstalled applications #192

New issue
Open
opened 2026-04-08 16:48:12 +00:00 by jonashub · 7 comments
jonashub commented 2026-04-08 16:48:12 +00:00
Copy link

We should start collecting a discussing the baseline of preinstalled applications

Goal / scope

  • Define "good defaults" for an intermediate user.
  • Keep this focused on core services and management UX (e.g. Cockpit + useful plugins), not becoming curated distro or project like Freedombox or ZimaOS.
  • Prefer well-supported, maintained components available in Fedora

This is tracking/discussion ticket, that means that it's not a final list.

Initial candidates (from current discussion)

  • File sharing
    • Samba (and possibly NFS)
  • Mail storage
    • local mail -- default
    • Mailcow (optional)
  • Cockpit (+ plugins - podman, storage, networking, SELinux, software updates) -- default
  • DLNA streaming server
    • Universal media server
    • Jellyfin
    • Gerbera
  • Calendar and todo server
    • Radicale
    • Vikunja
    • Planka
  • Epub library
    • Calibre server or Calibre-Web
  • Ansible control hub
  • Monitoring
    • smartmontools
  • Backup
    • UrBackup
    • restic, borgbackup (optional)
  • Remote access
    • SSH
    • Wireguard (optional)
We should start collecting a discussing the baseline of preinstalled applications **Goal / scope** - Define "good defaults" for an intermediate user. - Keep this focused on core services and management UX (e.g. Cockpit + useful plugins), not becoming curated distro or project like Freedombox or ZimaOS. - Prefer well-supported, maintained components available in Fedora **This is tracking/discussion ticket, that means that it's not a final list.** **Initial candidates (from current discussion)** - File sharing - Samba (and possibly NFS) - Mail storage - local mail -- default - Mailcow (optional) - Cockpit (+ plugins - podman, storage, networking, SELinux, software updates) -- default - DLNA streaming server - Universal media server - Jellyfin - Gerbera - Calendar and todo server - Radicale - Vikunja - Planka - Epub library - Calibre server or Calibre-Web - Ansible control hub - Monitoring - smartmontools - Backup - UrBackup - restic, borgbackup (optional) - Remote access - SSH - Wireguard (optional)
korora commented 2026-04-09 13:48:52 +00:00
Member
Copy link

Are you looking at the linuxserver.io images for Calibre/Calibre-Web? if so we will need to spin up a reverse proxy that can handle SSL as the image for calibre now requires SSL and it won't work without a cert of some kind

Are you looking at the linuxserver.io images for Calibre/Calibre-Web? if so we will need to spin up a reverse proxy that can handle SSL as the image for calibre now requires SSL and it won't work without a cert of some kind
sgallagh commented 2026-04-09 14:44:07 +00:00
Owner
Copy link

@korora wrote in #192 (comment):

Are you looking at the linuxserver.io images for Calibre/Calibre-Web? if so we will need to spin up a reverse proxy that can handle SSL as the image for calibre now requires SSL and it won't work without a cert of some kind

Can you reuse the Cockpit certificate for this? That might be the easiest option.

@korora wrote in https://forge.fedoraproject.org/server/tickets/issues/192#issuecomment-611679: > Are you looking at the linuxserver.io images for Calibre/Calibre-Web? if so we will need to spin up a reverse proxy that can handle SSL as the image for calibre now requires SSL and it won't work without a cert of some kind Can you reuse the Cockpit certificate for this? That might be the easiest option.
korora commented 2026-04-09 14:50:43 +00:00
Member
Copy link

@sgallagh wrote in #192 (comment):

Can you reuse the Cockpit certificate for this? That might be the easiest option.

Unsure. I've not tried, although that does sound like it would be a plausible answer. I would have to find the time to research how to do this.

@sgallagh wrote in https://forge.fedoraproject.org/server/tickets/issues/192#issuecomment-611696: > Can you reuse the Cockpit certificate for this? That might be the easiest option. Unsure. I've not tried, although that does sound like it would be a plausible answer. I would have to find the time to research how to do this.
sgallagh commented 2026-04-09 15:17:35 +00:00
Owner
Copy link

On a freshly-installed system (without manually-installed certificates), The cockpit-ws package uses sscg to create:

  • /etc/cockpit/ws-certs.d/0-self-signed-ca.pem
  • /etc/cockpit/ws-certs.d/0-self-signed.cert
  • /etc/cockpit/ws-certs.d/0-self-signed.key

The 0-self-signed-ca.pem can also be loaded into a client to trust this service. (It's designed in such a way that it can't be reused to trust anything but the 0-self-signed.cert.

On a freshly-installed system (without manually-installed certificates), The `cockpit-ws` package uses `sscg` to create: * `/etc/cockpit/ws-certs.d/0-self-signed-ca.pem` * `/etc/cockpit/ws-certs.d/0-self-signed.cert` * `/etc/cockpit/ws-certs.d/0-self-signed.key` The `0-self-signed-ca.pem` can also be loaded into a client to trust this service. (It's designed in such a way that it can't be reused to trust anything but the `0-self-signed.cert`.
jonashub commented 2026-04-11 10:03:57 +00:00
Author
Copy link

I wasn’t aware of the TLS requirement here. This makes sense. If Calibre/Calibre‑Web requires TLS for, reusing Cockpit’s generated certs from /etc/cockpit/ws-certs.d/ sounds like a reasonable “good defaults” approach for a LAN setup (and users who want a publicly trusted cert can still put it behind a reverse proxy later).

I wasn’t aware of the TLS requirement here. This makes sense. If Calibre/Calibre‑Web requires TLS for, reusing Cockpit’s generated certs from /etc/cockpit/ws-certs.d/ sounds like a reasonable “good defaults” approach for a LAN setup (and users who want a publicly trusted cert can still put it behind a reverse proxy later).
rafaelmcruz commented 2026-05-21 22:28:09 +00:00
Copy link

Hey guys, 👋

Don’t know if this is still open to suggestions, but I would like to propose adding an automated, lightweight Alerting & Notification system to the "Monitoring" section (which currently focus mainly on hardware with smartmontools).

The core philosophy of a Home Server is often "set and forget", I think users want to deploy their services and not worry about constant manual checking. To achieve this without waiting for a catastrophic failure to happen, to realize that something is wrong, we need a proactive approach.

I haven't personally deployed this specific stack yet, but I've been researching open-source solutions that would fit this idea perfectly, such as integrating Uptime Kuma or utilizing the Apprise library.

This setup would provide:

  1. Proactive Monitoring: Sending alerts based on thresholds (eg, when a partition hits 85% storage or a container stops responding).
  2. Easy Configuration: Users could easily bind a local webhook or link a communication channel they already use daily (like a Telegram bot, Signal, or Discord webhook).
  3. Zero-Cost Maintenance: It doesn't require any paying external SMS gateway, keeping the entire stack 100% open-source, private, and lightweight.

I'm open to researching this further, testing implementations, if needed, or helping with documentation if the team feels this makes sense for the Home Lab scope!

If I’m late and this is not the intended purpose, i’m very sorry!

Hey guys, 👋 Don’t know if this is still open to suggestions, but I would like to propose adding an automated, lightweight Alerting & Notification system to the "Monitoring" section (which currently focus mainly on hardware with smartmontools). The core philosophy of a Home Server is often "set and forget", I think users want to deploy their services and not worry about constant manual checking. To achieve this without waiting for a catastrophic failure to happen, to realize that something is wrong, we need a proactive approach. I haven't personally deployed this specific stack yet, but I've been researching open-source solutions that would fit this idea perfectly, such as integrating Uptime Kuma or utilizing the Apprise library. This setup would provide: 1. Proactive Monitoring: Sending alerts based on thresholds (eg, when a partition hits 85% storage or a container stops responding). 2. Easy Configuration: Users could easily bind a local webhook or link a communication channel they already use daily (like a Telegram bot, Signal, or Discord webhook). 3. Zero-Cost Maintenance: It doesn't require any paying external SMS gateway, keeping the entire stack 100% open-source, private, and lightweight. I'm open to researching this further, testing implementations, if needed, or helping with documentation if the team feels this makes sense for the Home Lab scope! If I’m late and this is not the intended purpose, i’m very sorry!
jpcarvalhinho commented 2026-06-15 15:14:46 +00:00
Copy link

Lets bee realistic:
So Being a fedora server user at my home server (2011 Imac) what I needed:
1- A Graphical interface like GNOME. Yes. Don't underestimate it. (it was the only way I got to "kill" the screen, keeping the computer working (But I am not a specialist, there is probably a better way, but heck I used it daily so a GUI makes sense)...
2- PLEX server (maybe jellyfin will work, but no clients for TV is a deal breaker)
3- QBit for torrenting
4- Cockpit with https (It scares the crap out of me to get to the URL and get a warning)
5- SMB
6- An easy way to ddns.
7- an improved way to work with containers: On cockpit you configure and start a container, and if you want to change one of the properties you need to insert all the properties again. it sux because let's face it, nobody gets it right at first try.

I think these were the main requirements for my case, just food for thought.

Some more notes:
"Fedora Server Home Server" is redundant. Just call it Fedora Home Server.
also If it is "home server" it will not fit SMBusinesses. They will discard it right away and opt for the other Fedora Server, so why bother with those users on this project?

Lets bee realistic: So Being a fedora server user at my home server (2011 Imac) what I needed: 1- A Graphical interface like GNOME. Yes. Don't underestimate it. (it was the only way I got to "kill" the screen, keeping the computer working (But I am not a specialist, there is probably a better way, but heck I used it daily so a GUI makes sense)... 2- PLEX server (maybe jellyfin will work, but no clients for TV is a deal breaker) 3- QBit for torrenting 4- Cockpit with https (It scares the crap out of me to get to the URL and get a warning) 5- SMB 6- An easy way to ddns. 7- an improved way to work with containers: On cockpit you configure and start a container, and if you want to change one of the properties you need to insert all the properties again. it sux because let's face it, nobody gets it right at first try. I think these were the main requirements for my case, just food for thought. Some more notes: "Fedora Server Home Server" is redundant. Just call it Fedora Home Server. also If it is "home server" it will not fit SMBusinesses. They will discard it right away and opt for the other Fedora Server, so why bother with those users on this project?
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
stg
No results found.
Labels
Clear labels   
Ansible
basic support
 Configure basic Ansible support for Server special services

  
Ansible
NFS server

  
Ansible/pxe
Support for installing and administering PXE boot based installation

  
Ansible/Wildfly
Support for downloading, installing and configuring Wildfly

  
distribution
bug
 Bug in one of our distribution files (iso,img,...)

  
distribution
release test
 test tasksfor the next release

  
distribution
rfe
 Request for Enhancement

  
documentation
improvement
 Process to improve an existing article: checking status, determine gaps, determine outdated passages, etc.

  
documentation
new
 Process to create a new docs article: planning, info gathering, etc.

  
documentation
review request
 Requesting a review as last step before final publication

  
documentation
update
 Adjust documentation to next Fedora release

  
meeting
Scheduled for the next SIG meeting

  
need info
Additional information required

  
project
backup&restore
 Major project to streamline Backup & Restore of Server as well as network clients

  
project
home server spin-off
 Major working project to create a home server spin-off appliance

  
project
LocalKDC
 Major project to integrate LocalKDC in the default Server installation

  
project
strengthening updates
 Automatically create a fall-back copy (LVM snapshot) of system area before an update

  
status
in progress
Work started

  
status
on hold
 temporarily interrupted

  
status
pending activity
 Work awaiting being taken on

No labels
Ansible
basic support
Ansible
NFS server
Ansible/pxe
Ansible/Wildfly
distribution
bug
distribution
release test
distribution
rfe
documentation
improvement
documentation
new
documentation
review request
documentation
update
meeting
need info
project
backup&restore
project
home server spin-off
project
LocalKDC
project
strengthening updates
status
in progress
status
on hold
status
pending activity
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
home server spin-off
Assignees
Clear assignees
No assignees
5 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
server/tickets#192
No description provided.