Naked Gun editionprevious: >>101155492READ THE WIKI! & help by contributing:https://wiki.installgentoo.com/wiki/Home_server>NAS Case Guide. Feel free to add to it:https://wiki.installgentoo.com/wiki/Home_server/Case_guide/hsg/ is about learning and expanding your horizons. Know all about NAS? Learn virtualization. Spun up some VMs? Learn about networking by standing up a OPNsense/PFsense box and configuring some VLANs. There's always more to learn and chances to grow. Think you’re god-tier already? Setup OpenStack and report back.>What software should I run?Install Gentoo. Or whatever flavor of *nix is best for the job or most comfy for you. Jellyfin/Emby/Plex to replace Netflix, Nextcloud to replace Googlel, Ampache/Navidrome to replace Spotify, the list goes on. Look at the awesome self-hosted list and ask.>Why should I have a home server?/hsg/ is about learning and expanding your horizons. De-botnet your life. Learn something new. Serving applications to yourself, your family, and your frens feels good. Put your tech skills to good use for yourself and those close to you. Store their data with proper availability redundancy and backups and serve it back to them with a /comfy/ easy to use interface.>Links & resourcesCool stuff to host: https://gitlab.com/awesome-selfhosted/awesome-selfhostedRouterOS's: https://wiki.installgentoo.com/wiki/Home_server#Customhttps://reddit.com/r/datahoarderhttps://www.labgopher.comhttps://www.reddit.com/r/homelab/wiki/indexhttps://wiki.debian.org/FreedomBox/FeaturesList of ARM-based SBCs: https://docs.google.com/spreadsheets/d/1PGaVu0sPBEy5GgLM8N-CvHB2FESdlfBOdQKqLziJLhQLow-power x86 systems: https://docs.google.com/spreadsheets/d/1LHvT2fRp7I6Hf18LcSzsNnjp10VI-odvwZpQZKv_NCICheap disks: https://shucks.top/ https://diskprices.com/Remember:RAID protects you from DOWNTIMEBACKUPS protect you from DATA LOSS
I think Cobba anon from /hsg/ is kill.
Post racks
>>101201131>Use a Broadcom / Intel / Mellanox NIC and try again. Preferably one of the latter two. I'm not personally interested to diagnose Realtek's drivers or its plausible lack of CPU offloading features.On my desktop or the server? The server's NICs are all onboard, and the only expansion slot is occupied by the RAID controller.There are some offloading settings in the device properties, should I switch any of them to disabled? Large send offload v2, tcp/udp checksum offload, ns offload, etc.Tried updating my NIC driver, no change.>If you have a managed switch in between, look at the counters for packet loss/errors. Use a good pre-terminated patch cable, connect directly with a patch cable and use static IPs if you need to test.Did that, nothing changed. I have a switch inbetween, but it's a dumb little 5port TP-link.Changed the RAID controller's cache ratio to 50-50 too, nothing.My problem is, why is NFS download the only slow thing here?Why is NFS upload as fast as SMB as a whole?>Not my favorite, but it probably won't matter.I'm poor this was good value ;_;
I was just thinking the other day that I don't need a home server but should I get one anyways? Maybe I can find a use for it later?
>>101201939sure go for it>>101201689isn't it winter there? perhaps he's hibernating until september
>>101201939>i'll buy a thing i don't need and won't usewhy
>>101201836NTA but there are a lot of possible variables that come into play here, starting with the NFS implementation.Realtek NIC's can easily saturate Gigabit connection at their default driver options. You might want to:>Run iperf on client/server, to test link speedIf this saturates the link then you might want to take a look at your I/O, if it doesn't then test your NIC's and switches>Check your HDD's health>Check your HBA/RAID health>Do some hdparm -Tt on your drives for speedIn these type of scenarios I usually reboot to a live CD or something like that to isolate any possible configuration issues I might have introduced>>101202044You'll find a use for it right at the moment you're building it, don't worry
>>101201939>I was just thinking the other day that I don't need a home server but should I get one anyways?No. Things age. And you're dealing with electronics, not some sort of vintage wine.By getting a server right away and making it gather dust, you're wasting it. And when you eventually find some practical use case for it, there are better options available for the same price you originally paid for.>Maybe I can find a use for it later?And depending on the hardware, it may be more suitable for other tasks. For example, you got something that is ideally suited for networking, but you want something to store data on. End result, you still need to get new hardware, but you also have some doing nothing more than drawing power and accumulating dust.If you have no use case for it at the moment, wait until you have a need for something. Then go looking for something to fulfill those requirements.
>>101197689unfortunately the one pci-e slot on my mobo is taken up but a wifi card
Got a few of these and they're SO FUCKING COOLIf only they had iDRAC, they'd be perfect. Gonna dig into their IPMI today and see just how bad it is. I pray they won't make me use an old version of Java.
>>101202067Link speed is fine across all hops, I even did a SpeedTest.net benchmark, and my 1G/1G internet connection can be fully utilized by the server.IOPS and overall performance is fine, if you look at >>101201144SSACLI shows no problems with RAID controller and its components, nor the HDDs themselves.I'm also starting to think that this is MS's fuckup at implementing NFS...
>>101200395Anyone have a guess as to why this is happening?I've messed with the options in the SMB share a bit but nothing seems to work and now I'm back to not even being able to copy files over
>>101202430Stop using that crap, you will be better with pure Debian and Samba or do like everybody and move to TrueNas.
>>101202329>I'm also starting to think that this is MS's fuckup at implementing NFS...I wouldn't be surprised, might as well test Linux's NFS under a live environment. I have the feeling you might (not) get a surprise
>>101202175>wifi nasplease no>>101201254>don't use AsMedia/JMicron SATA controllers, only AHCI SATA or SAS HBAs (they work with SATA too)asmedia controllers are fine, at least the not-ancient onesits when the chinks combine them with jmicron sata port multipliers that you run into serious reliability issues, as in they start writing garbage data to drives. All port multipliers should be avoided, as well as anything made by JMicron, who mostly specialise in USB devices.but yeah as long as you dont use them with port multipliers, asmedia sata controller is completely fine.>>101202430never used OMV and havent used samba in a decade but sounds like parent directory permissions arent cascading to new subdirectories, use setgid/setuid on the parent directory.looks like you should check inherit acl or permissions but thats just a guess.
>>101202430Select the share and go to ACL, change Others to Read/Write/Execute
>>101202566>just chmod 777 brodont do this wtfadd whatever user you login with to the samba group (in that image its "users")
>>101202665I dont wantvtovstart creating users this is for home use only and dontvwant to have to login each time I want to use a folder or directory.>>101202566I did that already and it still didnt allow me to move folders with content
currently my router + minipc server + external hdd are on the ground and want to move it somewherewould getting a server rack cabinet + 1u shelf and panel with two fans for it a good idea
>>101202892>I did that already and it still didnt allow me to move folders with contenttick recursive>this is for home use only and dontvwant to have to login each time I want to use a folder or directoryok but you should know its really dumb besides you would only need to login once on each device and not at all for read-only access
>>101202964I ticked recursive and when I save and enter the settings again its unticked
>>101202920yeah exactly get a 42u
>>101202453>pure Debian and Samba>TrueNasYou'll hurt yourself with both of these options. Make better decisions.
>>101202920Mounting them all in a single rack is a reasonable idea the same way that placing your motherboard and all the connected hardware in a single case is a reasonable idea.However, if none of the devices have rack mounts, a more efficient option would be getting a shelf. Not some rack mountable one, just a regular shelf.If you don't have to remain within the Rack Units, you have a lot more options to choose from.Or if you don't want a shelf, look for wall mounts for your devices. There's no need for an enclosure mostly full of empty space if the same function (getting them of the floor) can be achieved with a few screws in the wall.
>>101202210Good luck finding any Bios or BMC firmware for QCT systems I have 4 D52B-1U and there is zero firmware or anything for them online aside from a CPU refresh package from 2019 and I know that there are newer firmware versions. If they use Java for the KVM's and you are on Windows try OpenWebStart I have had some luck with running old ass Java KVM's via that
>>101202494>as long as you dont use them with port multipliers, asmedia sata controller is completely finethe exact card i've tested in the post (>>98065723) is Axagon PCES-SA2N using a single ASM1061 with no port multipliers. I'm lucky i've used ZFS with RAID, i'm assuming i'd get silent memory corruption on plain ext4.
>>101202920what are you going to buy, a 2u rack?if you don't have multiple pieces of rackmount equipment, don't get a rack
anything useful i can shove into a pci slot?(non express)
>>101201656where / how do you guys store your storage mediums IRL?
>>101204117tv tuner card
>>101204117https://www.startech.com/en-us/cards-adapters/pciusb3s22
>>101203998but it looks cool
I have no idea what self hosted stuff would be useful because I usually won't use it.
>>101203793Yeah i know, but as long as there's no bugs I'm not too worried, as these servers will never be exposed to external traffic.>WindowsI don't have a single Windows machine lol
>>101205027>I don't have a single Windows machine lolRookie mistake.
>>101202430Is there a similar web ui I can use for my existing samba server?
>>101201656Can one of you serverGODS please help me identify what model servers these are? They look like optiplexes.
>>101203983I do wonder if its a firmware issue. bit worrying if not, company i used to work for used a lot of asmedia chips in their products.even if not they're still miles ahead of jmicron. fuck jmicron.>>101206717they're ancient optiplex 780 desktops, not servers.think intel core/core2 era
>>101204191in a server
>>101206936>I do wonder if its a firmware issueor maybe Axagon fucked up the circuitry around the ASM1061 somehow?It's one more issue i see with those AsMedia/JMicron/Marvell SATA controllers: fragmentation of cards, there's just so many models and manufacturers who use those chips, it's hard to find any reliable info on them, and they come and go. For example the mentioned PCES-SA2N model is already deprecated and replaced with a JMicron based model.LSI HBAs come only in a couple OEM variants (like Dell, Fujitsu, Supermicro) and those had and still have huge userbase in datacenters worldwide (especially now with the raise of software RAID like ZFS), it's easy to find testimonies and reviews of them.Shame, 2x SATA on PCIe x1 is the one niche those SATA controllers could fill, but i just can't put my trust in them.>>101204191here's the cold backup i sync every month
>>101207807Question, are you gay
how can this 2.5 gigabit nic be powered by a pcie 2.0 x1 lane when pice 2.0 x1 caps out at 500megabits? is the card throttled?
>>101207807hope that's anti-static
>>101207807>Axagon fucked up the circuitry around the ASM1061 somehow?unlikely, theres not that much going on for thatcould be heat though, thats a big problem for the jmicron chips and I don't see a heatsink.anything using ASM1061 should be deprecated anyway its over a decade oldi thought firmware because I know some asmedia chips had major issues a few years ago causing hundreds of smart errors in a matter of hoursanyway you're always better off, except budget-wise, with a sas hba, even with sata drives.
>>101207966pcie 2.0/2.1 is 500MB/s per lane not 500Mb/sthats 4Gbit.
>>101207931let's see your storage, straight guy
can i just disable ipv6? is there any downsides specifically wrt mail servers?my isp doesn't give static ipv6 and my modem has no way to configure port forwarding for ipv6. so at least for now i can't configure it properly.is no ipv6 preferable to misconfigured ipv6?
I need suggestions on how to get Zabbix alerts to mobile. Is Gmail SMTP —> carrier SMS gateway the way?
>>101206717those optiplexes aren't worth the power they are consuming, literally would be better to buy three pi 4's
hello, I upgraded my PC some years ago and I have a motherboard with an old 4th gen i5 + 16 ddr3 ram memory. Can I begin my home server journey with this? What should I buy/upgrade next?
>>101209469what is your budget and goal?that's plenty to get started learning linux and running a few services, learn docker, etc.
I was looking into Thinkcentres with the pcie riser slot to cram a U.2 into one but found some beat up P340 i5-10400 SFF for $150+tip instead.You get cockblocked out of a second fat due to the optical drive however.>All listings for the tinies are $300The fucking internet knows. And I can't locate the psychos that soldered on the slot in one that's unpopulated.>>101202892I only ever need to login once on a fresh boot because I don't make it save the password. You probably don't need to login if it's the exact same user name and password as windows.There also happens to be a way to make samba allow any NT login from the correct workgroup if you need it to automagically manage users, but you need to give it a set of uid/gid to use and that means diving into the mess of samba documentation. Probably won't have a webui way to set it up either.>>101206717optiplex SFFI thought the gen is impossible to tell since Dell never fucking updates anything about the front, but that's definitely from before their current look. Don't get one that old.>>101209469Give it an ssd for the OS and throw it in a case with some disks.It won't be efficient compared to newer stuff but you already have it lying around. Assuming you don't have to buy more shit to get it working first.Once you start hitting limitations in what you want to do, you can find something else to get or upgrade.
>>101209557>budgetI can't measure very well to dollars my budget due to my country having so many different taxes on hardware but lets say 500 USD. >goalMostly making use of my old hardware lying around, store college research stuff (which uses alot of space, currently hitting almost 260GB) that I put on google drive and the many movies I download and like to watch.
>accidentally got 5-20P UPSsWell fuck, guess I can't procrastinate on getting those new circuits installed anymore
>>101209469That's exactly what I have. I added another 16gb ram, added an HBA and put it in a FD r5 case to hold more drives.4 cores can handle a lot. I have databases, monitoring, full torrenting stack, jellyfin transcoding, nextcloud and more running on it just fine. You won't need to upgrade for a long time.
>>101209469>Can I begin my home server journey with this?No, not a good idea.Not all 4th generation Intel Core i5 processors support VT-d extension. This is e-waste anyway, no TPM for Windows 11 and arguably the last officially supported client operating system would be Windows 8.1 (or Windows 10).If you must, use it as a client for testing your Windows environment (e.g. Active Directory).Intel 8th generaration desktop and later is not e-waste (yet). Intel Xeon SP 2nd generation (Cascade Lake) and later is not e-waste yet. Intel Xeon SP 1st generation (Skylake) is on the edge of being e-waste (due to hardware vulnerabilities) but can be upgraded to 2nd generation.
What should I use the edsff connector in my home server for?
Are you keeping your home servers up to date, /hsg/?
>>101211178I don't there is no point.I upgrade my servers only because my desktop/laptop configuration has moved on and is using new nixos release, and I need to change something on one of my servers(rarely). My server config is quite stable so I barely ever touch them.I see no point in keeping up with upgrades for hardware that's hidden in a LAN and doesn't expose anything publicly, only via zerotier VPN.
>>101212607A home server that holds some movies, photos, music, and maybe some research materials into female homosexual relationships, does not need a weekly upgrade schedule and CVE monitoring like some banking servers. Calm down.
>>101209469My current desktop is basically still this except with 32Gb ram. I'm in the process of upgrading next month and when I do this will become my new home server. >>101210717MY board and prcessor does support VT-d etc but I also run servers at work that are twice as old as this and completely antiquated but it all just depends what you're doing with it. A little file share/archive requires no processing power or modern tech.
How do you large volumes of datacleanup, /hsg/?I just had a hdd recovered, but it came with 3 copies of every file, it's fairly easy to see which copies are corrupted but doing this manually is pretty tedious and haven't found a script that adresses this.>write it yourselfI'm a bashlet/UIslut I can't do that shit
>>101205027Well if you have a Ubuntu/Debian machine I know that OpenWebStart should work on there with no issues.
I have a bunch of old SATA SSDs. Can I just put them all in an older PC that I could then just run as a NAS? Or is it a waste of SSD space?No RAID unfortunately since they're all different sizes (250gb, 500gb, 1-2tb etc.)
>>101210648>4 cores can handle a lot. I have databases, monitoring, full torrenting stack, jellyfin transcoding, nextcloud and more running on it just fine.not that anon but could a 4-core i5 from 2017 handle all these tasks just as well. I'm thinking of turning an old PC I got into a NAS + Torrent box through proxmox but still have relatively little idea what the "proper" way to go about it is.
>>101213598>No RAIDI wouldn't. And if they're consumer grade SSDs, they'll be gone physically worn in only 12-15 months, becoming unbearably slow, TRIM or not.
>>101213652>And if they're consumer grade SSDs, they'll be gone physically worn in only 12-15 monthsmeaning? I've used them in my PCs for years, why would them being in a NAS make them go bad?
>>101213652>samsung>physically worn in only 12-15 monthsnah
Everything in this hobby is a pain in the ass.>got an itx mobo because I wanted a small, quiet, power-efficient NAS>it even supports bifurcation for the pcie slot; however if I want to utilise the slot I need a pcie riser, which means I need a rackmount case because no one seemingly makes a riser that wont orient pcie cards parallel to the mobo (ie. they run perpendicular into the side of a normal tower case), which means I can't have a small quiet NASWhile I'm having a whinge, what the fuck is with all the counterfeit HBA cards? I knew it was a thing for SAS expanders but apparently I can't even buy a simple SFP+ NIC card without having to study the fucking silk-screening and yottamarks. Or if they haven't omitted the fact it's a Dell/Lenovo/HPE rebrand and I'm not getting what seems to be an Intel OEM card where the drivers will actually work, vs buying a brick because the firmware updating process on the former is vendor-locked (just like HDDs).
I have a truenas server running the canned Nextcloud container but it's really brittle and I'd like to move the app to another container host and get the data out of the bizarre directory truenas keeps it inhave any of you done this before?
>>101215559>buy motherboard without enough slots>doesn't have enough slotsalso buy mellanox NICs
>>101211178ye, a bunch of shit broke and i spent all weekend fixing
>>101213619My 4 core i5 is from 2014 it's a 4690k running proxmox.The proper thing to do for proxmox would be mirrored ssds for hosting your hypervisor and vm/container os, separate disk array for storing data, and enough ram to cover your services plus zfs arc cache if you use zfs.32gb ram, 1tb mirrored ssds for os, raidz1 hdds with your choice of size will go further than you think. Checkout proxmox-helper-scripts if you want easy deployment of services like torrent/arrs.
>>101218262>proxmox-helper-scriptsnice
>why yes I use portainer, how could you tell?
>he doesn't have saints interceding on behalf of his dataNGMI, not even ECC will protect you from the power of the devil
>>101219640what's the saint of data?
>>101219649Saint Paisios the Athonite (who's icon that is) has become something of a patron saint of contemporary society, especially of its technology
>>101201656how much ram do you recon i need to run the following in separated virtual machines?- 1 firewall- 1 media server (Kodi + mStream)- 2 linux servers for work, run docker, with remote x-server- 1 storage + backup server- 1 more random shit for playing aroundi think 16 or 32GB should be enough, as i'm not going to be compiling huge C++ projects or processing video or anything like that, and the media server shouldn't get more than 1-2 connections max
>>101219640Are those HDD's upside down? Surely that will invite the demons...
>>101219737Minimum 16GBYou'll want:>1 for firewall (even 512MB)>4 for media>2 or 4 for dockers>2 for storage/backupOf course you might want to scale those dockers according to the load. I'd personally go for 32 to be safe
>>101211178>The following packages will be upgraded: cups-client cups-commonyay
should I use deluge? transmission? qbittorrent? im overwhelmed and need a magic quadrant
>>101221881best upload speeds with a few torrents? delugehundreds of active torrents? transmissionthousands of active torrents? rtorrentretard? qbittorrent
Podman or Docker?
kubernetes
>>101215559Time to get lost in the magical world of chinkshit parts. Guarantee they have some weird ass riser for whatever it is you're bitching about. If not them, then the mining community does.Or you get a card using oculink or the other pcie sff connectors and put the ends wherever.Otherwise you get someone to design your riser card in the form factor that nobody uses due to atx standards. What sort of case are you even using that you think you can put cards wherever but didn't bother getting a matx instead?
>>101218262>32gb ramThis is so little to do anything useful.>Checkout proxmox-helper-scriptsDon't do this, it makes mustard gas.
>>101221881What does this have to do with servers (besides magic quadrants)?>>>/g/sqt
>>101223423>This is so little to do anything useful.kys enterpriseschizo
>>101223428because it will be running headless on a server. pretty retarded question for someone linking to sqt
32 GB:>50% (~16 GB) reserved for high availability for evicted workloads from your second server>10% (~3.2 GB) reserved for ZFS ARC>20% (~6.4 GB) reserved for the hypervisor host32 GB - 25.6 GB = 6.4 GB.Wow you can run 2-6 Ubuntu VMs or 1-8 Windows Server 2022 VMs. You can't fit even one 1k users GitLab reference architecture instance, and that's if you're not even running vSAN or VCSA. And that's assuming a KVM hypervisor!https://ubuntu.com/server/docs/system-requirementshttps://learn.microsoft.com/en-us/windows-server/get-started/hardware-requirements?tabs=ramhttps://learn.microsoft.com/en-us/windows-server/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services#ramhttps://docs.gitlab.com/ee/administration/reference_architectures/1k_users.htmlVCSA requires 14 GB minimum RAM for write API (for Terraform). Minimum!https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-vcenter-upgrade/GUID-752FCA83-1A9B-499E-9C65-D5625351C0B5.htmlI won't go into vSAN RAM requirements.And then the StarWind VSAN Free CVM (KVM), minimum 8 GB RAM, default 16 GB RAM, to have software RAID storage on ESXi.In total, on ESXi, hypervisor (? GB) + 14 GB (VCSA) + 8-16 GB (VSAN Free) = ~22-31 GB RAM used before deploying any VMs to get started.64 GB RAM is the bare minimum for virtualization, recommended at least 128 GB RAM considering the above, before getting into the big boy things like vSAN ESA (512 GB RAM, or 256 GB RAM with the revised vSAN-Max-XS).
>>101223566>All that writing just to be ignored as always
>>101223566This is one of the most retarded walls of text I've read in a while.
Who makes good AP's but not ridiculously expensive ones? I'm buying a netgate 2100 and for the moment the AP will have to just sit ontop of the router as it can't be installed. Eventually I'd like to have it ceiling mounted though. Very typical home use with at most 3 people on at once and even then not streaming heavily. Everything else will be hardwired like the TV and IP cams etc.
>>101223693https://www.gartner.com/doc/reprints?id=1-2GUUIAOL&ct=240307&st=sbAnything but Ubiquiti.
>>101223693I can suggest TP-Link ones, they have a line of AP-only devices which also support PoE, these ones are preferred since they come without the routing shit that can be offloaded to a better router. There are also the standard shit ones with routing but they can be configured into AP-only as well (I have these), they do the job. These are cheap, at least where I live.That said, I live in a shit world country so I don't get a lot of different networking devices except the chink/cheap ones.Hope it is useful to you.
>>101201656Okay fellas. I've had my media server up and running and it's going great. Movies, tv shows, music, even some ebooks. Problem is now I'm starting to max out my space. Is there a handy docker container I can add to my stack to visually see which files are taking up the most space and delete them if I'm done with them?
>>101224524Can't you do that very easily manually? Watch a 4k whatever and delete it after?
>>101224945I have a handful of people that can add content and I just want to keep tabs on file size every so often. Something like windirstat would be nice. I found qdirstat but wasn't sure if there was a more popular option.
I love you, home server general anons.
>>101223566>You can't fit even one 1k users GitLabi don't even know 20 niggers, much less 1k
>>101225722That doesn't change things much. 7.2 GB or 8 GB required RAM (minimum) is still more than 6.4 GB RAM available, while 16 GB is recommended.https://docs.gitlab.com/ee/install/requirements.html#memoryhttps://docs.gitlab.com/ee/tutorials/install_gitlab_single_node/#before-you-begin
>>101225772>8GB of RAM to commit to a git repo twice per day, and serve a website with less than 10 hits per houri'd rather not install trash
What's the best way to handle docker containers in proxmox? Throw everything into a single debian vm?
>>101225978GitLab is so much more than a Git server. The memory requirements are reasonable by today's standards (my thoughts have changed over the decade).>trashlol
>>101226001Kubernetes. If you're not using Kubernetes, then one container per VM to ease backup and restore.
>>101226085>Kubernetes...or OpenShift.
>>101224524>needing a docker container just to check disk usagedo containercels really? Just run `ncdu`, it's like windirstat, but TUI (no dependency on GUI, you can use it on headless servers etc.).
vikunja fucking sucksi think the only way forward is to write my own todo app
>>101227075the ultimate todo app
>>101225151 (me)I don't need replies, but I hope I encourage you all. You are the ones who introduced me to OPNsense and it has made my home network safer. I will keep posting that I love you all as long as the following conditions are met:1) I keep browsing /g/2) the /hsg/ thread is new and I haven't posted in it yet3) OPNsense keeps workingMy gratitude cannot be understated. Thank you /hsg/ anons. My respect is yours.
would you use XCP-ng to orchestrate your virtual machines? does it have any issues?
>>101227370what does OPNsense do compared with pfSense? just a fork but both are similar?
>>101227432I cannot say on the technical side of things, but my understanding is that Pfsense has taken a more predatory route towards people trying to use it.
>>101227418as far as i know, Xen is better than KVM at everything except it can be annoying to setup USB devices, but if you don't use those there's no downsides
>>101227432pfSense has more support available than OPNsense.OPNsense uses end-of-life ISC DHCP server. It's also bleeding edge, no LTS release. No benefit over pfSense.
Sup hsgIs the method in this video safe for remote tunneling? I ask because port forwarding is usually a big nono and you have to do it hereI dont want to pay for something like cloudflarehttps://m.youtube.com/watch?v=hQMMA1AW-7w
Patch your SSH servers. Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems (CVE-2024-6387).>>101226818
>>101227151it doesnt send me notifications when some is due
>>101207807me in the middle
>>101211178don't upgrade unless you directly benefit from new features, others you just risk breakage for no reason
>>101201656is it normal for DNS propogation to take like 20 hours? Namecheap.
>>101223566tl;dr
>>101224524https://github.com/BytesCo/docker-ncdu
>>101228189>32 GB RAM is too little>128 GB RAM is good
>>101228157Last time i used namecheap years ago yea, they were pretty shit
Putting a second fw on my network.I am a step closer to the meme
>>101228157Yes.>>101228348Gandi has silently closed their live chat support several months ago according to Twitter user complaints, several users are unable to get any support from Gandi via tickets or chat.Day 13 and no response to my open ticket yet, I have not been able to change my glue records for several weeks (which worked ~3 weeks ago) but nobody at the domain registrar (Gandi) has acknowledged the issue.If you thought Namecheap is bad, lol.
>>101228477>DNS propagation: 13 days and counting...
>>101227432This >>101227654 also pfSense has better documentation
what are good softwares to draw diagrams of my home network?
>>101228925draw.io and Microsoft Visio are the two big ones.
good invisible VPN to avoid indians pinging your ssh? >>101227843WireGuard is still the name of the game? or is there something better now?
>>101228925https://www.networknotepad.com/index.shtml
Okay fellas. I've had my crypto server up and running and it's going great. Crypto, moonshots and nfts. Problem is now I'm starting to max out my wallet. Is there a handy docker container I can add to my stack to visually see which blockchain are taking up the most capital and sell them if I'm done with them?
>>101229102>downloading entire blockchains
running multiple zpools on usb drives on my tinymicro sue me
>>101228469which brand
>>101229812Well I have a PA440 I have been runningAnd I am studying for my JNCIE-SEC so I am breaking my SRX300 out as a transparent firewall.It will be the test bed for some weirder configuration.
Wtf is this magic quadrant shit?
>>101227654>pfSense has more support availableCool so if my network goes down, I can pay them $200/hr to remotely troubleshoot it without an internet connection? What a steal!
>>101201656>Low-power x86 systems: https://docs.google.com/spreadsheets/d/1LHvT2fRp7I6Hf18LcSzsNnjp10VI-odvwZpQZKv_NCIany of those recommended for virtualization of 4-5 machines? or not powerful enough? i want something not too load and not.wasting too much electricity, initial cost is not much of an issue
>>101219640>>101219649Blessed Carlo Acutis is on track to become the patron Saint of the internet
>>101230113most of themi wouldnt pay that much attention to that spreadsheet though, a lot of them are measuring DC load which is after where most of the inefficiencies and idle power draw come from
>>101230113Something like thishttps://www.ebay.com/itm/225895721929https://www.ebay.com/itm/166320836563
Am I dumb if I install immich, nextcloud and syncthing on the same server?
>>101230707>Am I dumbYes
anyone having list of urls that the chinese bots try to accessneed some material for honeypots
proxmox or XCP-ng?
>>101231496I never heard of the latter, let me see>Opt for Proxmox VE if your environment demands a blend of virtual machines and containers, with sophisticated storage and backup solutions. Choose XCP-ng if you value a straightforward, Xen-based virtualisation platform and do not require Nvidia vGPU support.Lmao I think the answer is clear
>>101229102Whatever faggot have your fun. At least I'm being genuine and learning. You're just a coward.
>>101231513i'm not planning on running dockers on the orchestrator, just inside the VMs, also don't have a nvidia GPU, more interested in which one has better performance and is easier to use, has more tools
>>101231644Proxmox is more widely used and provides the same and more features, that should be enough
Redpill me on WoL Should i WoL or not? Ideea of WoLing devices from my phone sounds cool
>>101230833Mean
>>101232844Nonce
>>101230707No . I only have one server that runs like 25 different things
>>101233109I meant more because they do similar things.
>>101232827No. IPMI.
>>101233144You'll just need a reverse proxy or use different ports to connect to them with
anyone using unikernels here? if so what for
>>101229834Nice
>>101233396they're way more conceptually appealing, but the industry went for containerization instead
>>101230707Why nextcloud tho
>>101235349Seemed like a good idea at the time. Kinda regretting it now, I don't see much of a reason to use it over syncthing, other than thumbnails loading faster in the nextcloud app than via the DAV connection (I don't wanna sync any files to my phone, I just wanna browse them and use the ones I want, which is why this is relevant).
Need some rack recommendations. Must be at least 30U, enclosed, deep, and have an AC duct intake.
>>101226079>The memory requirements are reasonable by today's standardsThey're not.>(my thoughts have changed over the decade)Do you even code?
>>101226079>gartnermqfigure1.png>Source: trust us bro, we made a Magic Quadrant
>>101235847let's see your quadrants
>>101202430If you want to log in to an smb share you can't leave it as public.Set public to no
>>101237234Then under users you have to set the shared folder permissions.
>>101230048Nothing but the best>>101234500Should be fun, probably going to get some licensing for the SRX, and then maybe go hunting for a security director image.There are a few topics I am not sure the best way to tackle outside of virtualization, but Ill cross those bridges when I come to it.
this would be pretty cool if it becomes a thinghttps://www.youtube.com/watch?v=zKY1EzNqLDY
>$200 R730 w/ 2x E5-2630v4 & 64GB RAMhttps://www.ebay.com/itm/305650366719
>>101237591>1.6 PetabitsThat will be $50,000 plus tip, sir
>>101237653haha yeah probably and the writing equipment is pretty complex and expensive too but would still be cool if they could make a disc of couple tbs for simpler equipment so we can do backups to something durable and easy to store
Enterpriseschizo, help me
>>101222309Why is qbittorrent for retards?T. Retard (apparently)
>>101223693I can recommend TP Link wholeheartedly. I have two Eap235v3 in use for 5 years at my rental house property that is very large and concrete. It doesnt have all the meme wifi 6 beamforming mesh bullshit. Just around 20 active users streaming 24/7 to phones, laptops, macbooksz etc. Never had a single complaint or problem from tennants or myself. I used to do spot checks and it downloads around 70-80mb/s rock solid. Great coverage for the entire house and 3/4 acre property with just two AP. One in basement and other in upstairs hallway. $50 each on amazon.. smallnetbuilder does a good review of them if you think I am a shill. Omada is a decent interface for webui.
>>101238119*Eap225v3. (Typo)
Find your favorite TikTok model there:https://en.wikipedia.org/wiki/Tick%E2%80%93tock_model
What are the main drawbacks of using NTFS for a small NAS? I just want to be able just in case to shove any drive from it in a Windows machine/enclosure and be ready for read&write
>>101239020Windows doesn't have good software RAID options for NTFS.
>>101239036No, i meant ntfs on Linux (whatever the NAS runs) and in case of something i could just take the drive and use it regularly in a Windows machine.
>>101239076I think I've still answered to your question, and NTFS on GNU/Linux is still a horrible idea for performance. You have quite an untypical use scenario.
>>101210717>Intel Xeon SP 1st generation (Skylake) is on the edge of being e-waste (due to hardware vulnerabilities)How many chinese hackers you got in your LAN mate?
>>101239076>ntfs on LinuxYou could just open fdisk with a blindfold on and start mashing random keys if you want a file system corruption, no need to overcomplicate this.
wouldn't exfat be better for that?
>>101228122you should ALWAYS update as updates provide vulnerability fixes and optimizations. your server isn't a nuclear facility that needs to remain in a perfect state.
>>101202210how would these HDD's even be cooled? I can't imagine an exhaust fan doing anything since the backplane blocks the heat from escaping in the other rows
>>101240438cringe updooter. if it works there is no need to update
>>101240438>your server isn't a nuclear facility that needs to remain in a perfect state.It is pretty close though. I'm not going to updoot unless I know that what I'm getting didn't break shit. Stability and security are more important than getting the latest version of a program where they removed features.
Whats the best way to get remote access to my home server? Wireguard script or tailscale or just get a paid vpn?
>>101241677SSH
>>101241677Self hosted wireguard
>>101237591Yes let me just call up asml and order a lithography machine for writing the discs
>>101241677tailscale is just wireguard+botnet
>>101242731headscale allows you to selfhost your own tailscale server so your data is not being tunneled through them.https://github.com/juanfont/headscalewireguard requires you to port forward. tailscale/headscale works without any port forwarding.
So does OFDMA actually work now or is it still broken garbt?
>>101240263exfat doesn't have journal so it's highly prone to corruption, plus due to its licence it can't be added to the linux kernel, only as a FUSE module, which is slower, do not use exfat for this
>>101219165transition's coming along nicely, hon!
>>101219640blessed carlos acutis!!!
>>101201656what's some cool shit i can do on a college student budget? right now i have a small nas set up for hifi audio + movies and i want to go deeper into the whole home networking thing but i'm short on cash and a little tight on space.
What's the realistic performace of picrel, and are there better options for getting 25gbe to a mini itx build?
>>101243655If you have to ask then none. But I was in your position at one point in my past so, given you already have a nas:>virtualize your nas>install a virtualized router>drop your existing router for the virtual one>do shit with your virtual router>make a honeypot with another vm>make a minecraft server with another vmidk man the possibilities are endless
>>101243723why dont you try buying an actual server with pcie lanes and slots. there's no way you have fast enough storage in that itx box to make use of the full 25g anyway. did you think this through?
>tfw went into the home networking rabbithole>the more I read the less I understand>users and 'jails' for every single protocolIm not even sure if my homeserver is exposed to the internet or not
>>101245625nothing is exposed by default you have to deliberately do it via port forwarding from your router. if you cant access it from your phone's mobile network then its not exposed.
>>101245625to add;users are important because you never want to allow root to do everything. if an attacker gains access they literally have full control. if the service is never exposed eternally then it doesn't matter.jails/containers just prevent the service from touching anything on your system, so if an attacker gains access and installs ransomware it would only effect the jail.
What's /hsg/'s recommendation for monitoring my servers. Mostly interested in hardware failures and the such.
So I'm considering fucking off my TrueNAS and replacing it with Linux + OpenZFS and migrating all the jails too. Question is, should I create it as just another VM in my current ESXi setup and gradually migrate, or is there any reason why I might want to fuck that off too and just install Linux on bare metal?
>>101246886>virtualized NASi do this but i'm aware the recommended way of handling it is by passing through the sata/sas controller to the vm so maybe you want to dig deeper there, not versed in esxi so i can't tell if it'll let you pci passthrough like linux does, most likely it does though
>>101246991I already do this; this has nothing to do with my question.
>>101247007>this has nothing to do with my question.it's my fucking answer and i say whatever i want
>>101247016OK sir
>>101246863ZabbixThe MIBs are pretty plug and play, which I like.
>>101247032Cool, thanks anon
>>101242750>headscale works without port forwarding I'm sure the server doesn't
>the only way to have file integrity checks in NFS is by using Kerberosfrom the sick and demented minds of IETF...I'm not even asking for super robust anti-tamper file integrity, just a basic built-in checksumming would be enough... I thought it was a common knowledge that application layer protocol can't rely on transport layer for integrity, that it should do it's own checks.Now my schizo mind can't rest because a bit flip on the network interface or a switch could corrupt my data...
no backup on prod
>>101247885Aw sweet, a 5th copy of this image for redundancy
>>101247789turns out there was a draft concerning this exact issue (https://datatracker.ietf.org/doc/html/draft-aggarwal-nfsv4-cksum-01), sadly looks like it was abandoned.And if you think you could setup Kerberos just to have file integrity, tough luck, last time i tried it was broken on TrueNAS and nobody was bothered to fix it, guess nobody really uses it anyway.
bros did you update OpenSSH ?
>overspend on home server setup for family>only one person uses one service >Never more than 6% CPU usage>it's now a glorified NFS and SMB device that could've been made with a $30 Orangepi zero/hsg/ what can I do with the leftover cpu power? What's fun?
>>101247885>coomer sitethat forum is run by retards
>>101248051setup VPN so you can secure access all your data.
>>101248051>hoarding shit>building/compiling shit for funs>minecraft server for playin with your buddies>ai bots or pornthe list goes on and on
What's the most retard proof way to set up Single Sign On and is it even worth it when there's like 6 people that'll use it? I hit a wall with authentik not working.
>>101248325god i hate reddit so fucking much
Why use VMs? Why not just run Kubernetes on bare metal?
>>101248726you need to read more kid
>>101240457How much heat do you think HDDs generate? What do you think is the operational temperature for HDDs?Hint: you're more likely to run HDDs under their operational temperature than cause them to overheat
>>101248750Nah, I think I'll just run Kubernetes on bare metal. lol
>>101248751In my SuperMicro chassis, the HDD temps would average at 55~64C if I didn't put 120mm fans in front of the case, and this is considering there's only 1 backplane in the case.
>Any good alternatives for this shit? I really like the HDMI pass through functionality but it seems like too expensive.
thinking of doing pic related>remove bedroom ap/switch which duplicates the ssid of my main router, but it isnt a mesh network>add actual mesh devices for full coverage of my house (about $170) https://www.amazon.com/dp/B09PRB1MZM>add switch with 10gbit ports so I can get rid of the dac (about $150) https://www.amazon.com/dp/B0723DT6MN/thoughts?
>>101243723The server could do 25 gig. But if there's no way to get it to my main pc there's not much of a point.
Why in the fuck does a secure wire cause a loop in my network.These firewall knobs are quite funky
>>101248051is it accessible from outside?
>>101243723a 25gbe connectx-4 pcie card is like $50
>>101250146Yes, I know. I'm debating doing 25gbe for my server and network, but I'm looking for a way to get 25gbe on my main pc when I upgrade later this year. Which I want to make a sff, so no room for pcie cards other than the gpu.
>>101227843>>101247938>mfw using dropbear instead>system isn't even compatible with glibc>>101242750Wasn't the point of tailscale to have an easy/glowing 3rd party to be the liason between a 'home' network and traveling devices?>>101250235You can still make a small/compact computer with a matx board, you just won't have access to meme sandwich cases.But you're probably going to be forced to get a deep itx board with dual 10gb and aggregate the connection. Or you get a board with oculink, which doesn't exist in consumer boards still.
btrfs or xfs for the nvme containing my root
Anyone using Apache Guacamole?https://guacamole.apache.org/The idea of accessing a remote desktop via a browser sounds nice but I am surprised by how good NoMachine is.
>>101249400bump
>>101251064ntfs
>>101247925while trying to setup NFS with Kerberos on my Gentoo boxes i locked up my PC during boot. `retry=0` normally works well with `sec=sys` and exits immediately if it can't connect to server, but with `sec=krb5` it just locks up, had to boot to my rescue USB...On another note, apparently there's RPC-With-TLS added to Linux 6.4, encryption is a bit overkill for me, but at least that includes data integrity, should be easier to setup NFS this way. If i can't make Kerberos work, i'll proceed with TLS.
Due to security concerns I was considering running my torrent client in a VM on my workstation, bridge the virtual NIC to my physical NIC and encrypt all the traffic with a SSLVPN running inside the VM. Is this retarded?
>>101254596seems like a normal setup except you are running the client in a VM instead of running it in your computer, if you plan to put more things through the VPN, you could run a separated VPN gateway-VM and just give access to the torrent-VM to that gateway, not to the normal bridge
