I use wildcard certs. I don’t know if this completely fixes the issue, though.
I use wildcard certs. I don’t know if this completely fixes the issue, though.
Yup, I have a domain I purchased and on my lan I use PiHole and Caddy. All my apps and services use the format app.mydomain.com. PiHole forwards all requests for *.mydomain.com to Caddy, which handles the LE certificate (via DNS challenge) and forwards the requests to the proper IP:PORT. I started using this for everything, my Proxmox hosts, printer, my APs…
Immich does have a pretty robust user management… https://immich.app/docs/administration/user-management/
Depends on your needs. I have a couple LXDs that only need 512MB each… But I did upgrade mine to 16GB.
Yeah, one of the USFF or whatever they call them.
I got an HP ProDesk 400 G2 with an i5 6500T, 8GB of RAM and a 512GB SSD for 99€. Works beautifully, and while it’s not as efficient as a raspberry pi, it idles around 6-7w and can run a bunch of VMs with Proxmox.
I got a few HP Elitedesk/Prodesk computers. One with an i5 9500T for ~200€, a couple with i5 6500t for about 100€ each (one small factor, the other a bit larger, with a PCI slot for a GPU). Not the most recent or powerful, but more than Enough for a homelab with a handful of VMs. Power consumption sits around 36-50w for the 3 machines, a small dlink switch and a Synology NAS with 4 drives.
Details?
Right, and all of these are optional or block-able. I guess it depends on the use case.
But, like others suggested, you could also go the custom nas way. That way it’s completely under your control.
If you are concerned, you could just not allow it to talk to the outside… I use pihole, and didn’t see any “talking” from it.
NAS… I have a Synology with 4x18tb drives.
RAID is not backup :) And yes, it happened to me for 4 drives in a 16 drive system to fail in the span of just a few days (same batch).
Not only for Nextcloud, but I recommend setting up crowdsec for any publicly facing service. You’d be surprised by the amount of bots and script kiddies out there trying their luck…
Does ViMusic support Android Auto? That’s a nifty find, thanks!
deleted by creator
I would recommend just setting up iptables & crowdsec. Open only the ports your services need, and add the relevant plugins to crowdsec. Nothing should come through.
If you have services that allow people to upload files, that’s a different story.
It’s been a while since I looked at benchmarks (https://www.phoronix.com/news/Linux-5.14-File-Systems). It could be these days.
To be honest, I don’t see a benefit for btrfs (or zfs). I prefer plain ext4 (no LVM). It’s simpler and faster. I have no need for snapshots. Proxmox handles my vms and my working machines are just a collection of dot files… But that’s just me. It’s good that there are choices.
I’m an arch user, and also have a small proxmox based homelab. I always have a live Ubuntu around, the latest desktop version available. Good for troubleshooting. Also, latest proxmox, opnsense, pfsense, debian.
Additionally, I have a small USB drive on my keychain with both USB C and USB A, where I keep some encrypted backups of important stuff, and I can access that from both my laptop and my phone.