I’ve used SNMP a lot together with nagios so I should be able to handle it. :D
#nobridge
I’ve used SNMP a lot together with nagios so I should be able to handle it. :D
I’ll have a look! Cheers!
Cheers! I’ve heard of Prometheus/Grafana but VictoriaMetrics was a new one. Gonna look into it!
I consider client devices to be a big risk factor and if I can keep them from having direct access to the Backup NAS and the IoT I consider that a big win. A simple ransomware attack on a client device would find any NFS/SMB shares the client can access and start encrypting - having the Backup NAS on a separate VLAN that only the server can access stops most of those from affecting the backup and makes restoring a lot easier. I would definitely recommend having an offline backup of the NAS as well in case of the server being breached.
I agree with this, protecting everything behind a VPN is the way to go. I help friends setup their vpn client to my stuff if I want them to access an internal service.
Draw up some plans beforehand, quick example where I forgot your video doorbell that would be on a separate SSID/VLAN through the APs if it uses WiFi. Which is kind of the point with drawing it up. It helps you find out what you missed.
edit: And that is just an example on how to draw it up. I imagine you want your security camera and doorbell to save video on the NAS, so then their vlan need to be able to communicate with the NAS vlan, as another example of missing stuff in the drawing.
Now let’s look at Office. Open an Excel spreadsheet with tables in any app other than excel. Tables are something that’s just a given in excel, takes 10 seconds to setup, and you get automatic sorting and filtering, with near-zero effort.
I mean you have the same functionality in LibreOffice Calc, the automatic sorting and filtering is called AutoFilter and the table style is chosen from AutoFormat Styles.
If you go for SSD another thing to think about is the TBW on them. Buying a low endurance SSD might save some electricity but will cost more in SSDs over time. Example:
Crucial P3 Plus M.2 NVMe SSD 2TB (2.67W on your link) has 440TBW compared to Kingston Fury Renegade M.2 NVMe SSD Gen 4 2TB (4.92W on your link) with 2000TBW.
Those few watts you save on using the Crucial P3 Plus will be less than the extra cost in buying new SSDs earlier.
The site I checked TBW on has the Kingston Fury at $9.4 more than the Crucial P3 Plus.
I think proper datacenter 3.5’’ HDDs will give you the most efficient Wattage per TB disk space
Seagate Exos X20 Harddisk ST20000NM007D 20TB SATA-600 7200rpm is supposed to have
Power Consumption 5.4 Watt (idle) | 9.4 Watt (random read) | 6.4 Watt (random write)
Regarding management UIs I’m a fan of Cockpit (https://github.com/cockpit-project/cockpit https://cockpit-project.org/)
Regarding management UIs for docker I believe most use either portainer (https://github.com/portainer/portainer https://www.portainer.io/) or dockge (https://github.com/louislam/dockge https://dockge.kuma.pet/).
Regarding Samba most NAS devices simplify it a lot, but it isn’t that complicated to do on Fedora either and once you’ve got it setup it’s not gonna need a lot of tinkering. (https://docs.fedoraproject.org/en-US/quick-docs/samba/)
Whether you invest in a NAS or not I recommend you invest in a USB disk large enough to act as a backup for the storage disks. That’s not an investment for later but one you want right away. And do make certain it takes backups, not replicates data. A popular option is Borg Backup (https://github.com/borgbackup/borg https://www.borgbackup.org/)
If I went for a NAS I would Borg Backup the laptop to the NAS and then use the NAS own backup software to backup to the USB.
deleted by creator
If you liveboot Fedora or something with USB - how’s the upload then?
Should be a quick way to determine if it’s software or hardware based.
edit - Seems that others have had upload troubles with latest Proxmox and fixed it by downgrading:
https://old.reddit.com/r/Proxmox/comments/19d0bf7/slow_upstream_thru_proxmox81/
So… no need for a DE :)
No real need for me to remove it either, but your point stands. :)
Cockpit
I do know about and use Cockpit with said virtual machine manager but I mostly use it as a shutdown/boot/restart app in my phone and a convenient service monitor and log viewer when troubleshooting.
Wireguard/OpenVPN
I really should try out Wireguard sometime but currently OpenVPN is fast enough for my bandwidth and I was already proficient with setting it up before Wireguard.
The WebUI definitely looks useful.
For linux this is as easy as script <filename>, ex:
[user@fedoragaming ~]$ script 20240313InstallingJellyfin.log
Script started, output log file is ‘20240313InstallingJellyfin.log’.
[user@fedoragaming ~]$ exit
exit
Script done.
edit: and for Windows I recommend using putty, it can also save sessions to logs.
My Debian Hypervisor do have a DE (GNOME) to be able to easily access virtual machines with virt-manager if I mess up their networking, my Debian VMs run CLI only though.
Regarding your last section I agree strongly - I only expose my vpn with no other incoming ports open. You also don’t need to invest in a domain if you do it this way.
I don’t mind helping my friends install their openvpn client and certificate and it’s nice to not have my services bombarded with failed connection attempts.
I definitely agree on starting to tinker right away and to setup snapshot/backup for your stuff and then break it. It also makes one learn how to roll back and restore which is as important as setting up the snapshot/backup in the first place.
Basic knowledge that makes selfhosting easier
Yeah getting stuck behind CGNAT IPv4 and no IPv6 would break setting up your own vpn server. That would cause me too look for another internet provider.
I only got 100mbps at home so I’m still running openvpn as I don’t gain anything worthwhile from wireguard.
I honestly prefer selfhosting my home vpn using Wireguard or OpenVPN.
Gonna check it out!
Is it easy to setup automatic responses to the alerts, f.e. restarting a service if it isn’t answering requests in a timely manner?
Have you used it together with Windows Servers too?