NFS is always cranky for me, and you can’t get it to use symlinks at all (yeah Samba’s implementation is janky but at least it exists)

It’s UID/GID 10000 on the host because you are using an unprivileged LXC container. Unprivileged means that “root” inside the container (which is just a user space of the host with access restrictions) is user 10000 on the host - this is so that files and processes inside the container don’t run with the real UID zero, where they could plant a malicious file, or run a malicious program that escapes containment that ends up with root access on the host.

Quickest way to make this work over samba is to force user 10000 and force group 10000. That way everything connecting to Samba would see the files as their own.

Honestly the better solution is to make your software inside the containers run with a local non-root user (which would be something like 10001) and then force samba to use that. Then nothing is running as root in or out of the containers. Samba will still limit access to shares based on the samba login, but for file access purposes it will still use the read/write levels of your non-root user (because of the force- directives)

Ooo, someone should do a Framework module next

Is the container running out of disk space for its DB? Is the container running out of memory during the backup process and crashing?

If Proxmox is already installed on the machine, how are you running OPNSense? If it’s not bare metal, it’s a VM, and if it’s a VM it needs Proxmox’s virtual NICs to be VLAN aware, unless you are doing PCI pass through of the entire network card.

Yeah VictoriaMetrics is the new favorite since Influx keeps reinventing their wheels and trying to move everyone to the cloud.

The whole point of matter is that it’s local-only control

Especially if they’re going to make their profit in increased game sales.

WebDAV, as others have said

That’s right, all it is is an auto-copy program. It doesn’t host a shared folder like NextCloud; it just saves you the clicks (or commands) of copying your newly-changed files to all the places you want a copy to be.

If you edit a file on your machine, and your wife edits her copy, you might even find there to be a conflict. (I don’t use Syncthing so I don’t know how it handles this)

Only on Ubuntu based distros AFAIK but sudo do-release-upgrade is the correct command

Grocy is a neat project for stuff like this. Also available as a HomeAssistant add-on, if that’s your style

And, circling back to ports, you can make firewall rules that prevent devices from talking across VLANs on certain ports. Your Nintendo Switch doesn’t need SSH access to your KNX server, to re-use your previous example, so you block your console’s VLAN from being able to talk to your server VLAN at all.

The best way to do it is to block literally everything between VLANs, and then only allow the ports you know you need for the functionality you want.

Literally the only advertisement that most people still tolerate and these fuckers are like “no! We didn’t spend money on it, it can’t be good!”

Just throwing in the usual comment that OPNSense is a pfSense fork with a nicer interface.

There should be a law in the United States - if you stop selling it, 1 year later you lose your copyright and it becomes public domain.

It would help to be explicit yeah. If only for the reason that sometimes your issue could be caused by the way you set things up.

For reference, I have some LXCs with docker as an experiment( a privileged container with nesting=1 (also fuse=1 and keyctl=1, not sure if those help) and I haven’t had problems, but they’ve never needed a restore. I think unprivileged is where you will run into problems.

For doing what you want, you’ll want to bind mount your external drive. I’d recommend not using drive letter mounts (“/dev/sdc” for example) as those can change across reboots. Instead, use /dev/disk/by-id/<find-your-disks-id-and-put-it-here> which is the same no matter when the disk is mounted on the host. To make a bind mount, you have to edit the .conf file for your container on the host at /etc/pve/lxc/<vmid>.conf where the <vmid> is the container is number and then start the container back up. The disk will then appear in the container mounted at the path you specify. Check out the Proxmox docs for LXC bind mounts for info on how to configure that.

Hell yeah! It looks so good. This got cross posted to a trek community (tenforward I think) and people dig it. Considering how much work is being done on voice control for HomeAssistsnt lately,’I’d love to see more adoption based solely on having a complete LCARS system for people’s own nerdy enjoyment 😄

Is this the LCARS theme on HACS or another solution?

I was hoping to set up a tablet at some point with it to get the WAF up (she’s somewhat of a trekker)

Besides lots of other cool stuff it can do (including monitoring for a lot of your self hosted stuff), HomeAssistsnt has the Feedreader integration, which lets you poll RSS feeds. You can then create automations to send notifications to you through the HomeAssistsnt companion app.

Feedreader defaults to polling once per hour, but you can change this in the configuration.