this post was submitted on 23 Feb 2026

79 points (94.4% liked)

Selfhosted

56821 readers

881 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

Using huntarr? Perhaps you shouldn't. (old.reddit.com)

submitted 4 hours ago by ieGod@lemmy.zip to c/selfhosted@lemmy.world

18 comments fedilink hide all child comments

top 18 comments

sorted by: hot top controversial new old

[–] LiveLM@lemmy.zip 12 points 1 hour ago (1 children)

From the original thread, I bring forth this comment from user sdrmme:

Huntarr2

Too good not to share.

[–] r00ty@kbin.life 10 points 1 hour ago

Not sure what you mean. I just saw asterisks.

[–] stripes@lemmy.rhys.sh 7 points 2 hours ago* (last edited 2 hours ago)

The fact we need to vet self hosted products from vibe coding is very disappointing. Like isn't part of the point security through sovereignty?

[–] infeeeee@lemmy.zip 37 points 4 hours ago (2 children)

What is/was huntarr? I love posts without any context.

[–] traches@sh.itjust.works 7 points 3 hours ago (1 children)

I guess it was supposed to be a successor to the *arr stack (radarr, lidarr , sonarr, etc). If you’re not familiar, they automate the downloading & organization process for movies, music, and tv.

[–] ITGuyLevi@programming.dev 2 points 53 minutes ago

I'm sure a successor will come around when room forms for them, I don't know of a reason any of the core *arr stack should need one. If you know of one don't hesitate to share, I'm just not really aware of any, they are awesome to me.

[–] Kirk@startrek.website 7 points 4 hours ago

I believe it was supposed to monitor your jellyfin library and look for potential upgrades.

[–] Bakkoda@sh.itjust.works 17 points 3 hours ago

Exposing any of the Arr stack to the internet is just bad practice in general IMO but bad actors will always be out there so it's even more of a reason to practice good security.

I used huntarr for a minute and found it utterly useless. Didn't trigger searches like it said it was doing. Uninstalled it after about 5 minutes.

[–] irmadlad@lemmy.world 40 points 4 hours ago

I don't run 'arr anything, but that's pretty wild.

Yeesh, in the hour since this has been posted the developer has:

Made the /r/huntarr subreddit private

Wiped and deleted their Reddit account

Deleted the GitHub repo for Huntarr

[–] Bishma@discuss.tchncs.de 30 points 4 hours ago (1 children)

Looks like Huntarr's presence on Github is suddenly gone and their sub went private.

[–] irmadlad@lemmy.world 5 points 1 hour ago

I'm not so much worried about 'vibe coding' as long as the dev actually knows the validity of the code presented in the LLM. At that point, the LLM becomes the assistant, not the dev itself. However, if I were to speculate, this dev team didn't, got called on it, didn't know how to respond or validate the code, so they closed up shop.

[–] ZeDoTelhado@lemmy.world 17 points 4 hours ago (2 children)

That is some wild shit. Anyways for anyone else somewhat new to all this: when hosting anything, try to stick to reputable projects 1st and be always wary of shady installation tactics (I believe yesterday someone posted about curl bash. This is just a single example). If you want to try something new (as in brand new project), try it isolated 1st on some VM (proxmox helps a lot with this). When you are confident and more people give an approval, then think about putting on the main environment

[–] i_am_not_a_robot@discuss.tchncs.de 1 points 1 hour ago

curl bash is not as bad as people think. Nobody downloads and reverse engineers binary packages off of these websites before running them with the same permissions.

[–] irmadlad@lemmy.world 13 points 3 hours ago

try to stick to reputable projects 1st and be always wary of shady installation tactics

One of the first things I look for are longevity, last updated/activity, and then I look at the issues posted and responses. I like mature apps because I don't possess the intelligence to audit code.

[–] gravitas@lem.ugh.im 3 points 3 hours ago (1 children)

Wow i literally just setup huntarr last night. Guess ill make sure its only accessible on wireguard.

[–] prenatal_confusion@feddit.org 7 points 2 hours ago (1 children)

This developed further. Better be done with it and stay safe. Read the linked reddit thread for info.

[–] buffing_lecturer@leminal.space 1 points 59 minutes ago

How so?

[–] brickfrog@lemmy.dbzer0.com 6 points 4 hours ago

Earlier post https://lemmy.world/post/43496203