* previous thread: >>102294680

I fucking hate zabbix
shit breaks every other os update

>>102340915
Why don't just use prtg?
Why owuld you be updating the os so often?

repostan:

Looking to buy a rackmount NAS enclosure. It's got a backplane with mini SAS on it, as well as cables that breaks the SAS out into SATA. I'll probably need a PCIe SAS card, and those seem to come with cables that break the SAS out into SATA as well. Can I just get a single mini SAS cable and hook the PCIe card up to the backplane? Will that work? My assumption is yes, but I've got no experienced with SAS so I don't know if there's some fuckery involved.

File: Untitled.png (8 KB, 718x123)

8 KB PNG

Starting unRAID after switching from Proxmox. Hope this shit works. I'm tired switching from one thing to another.

File: IMG_8935.png (644 KB, 800x760)

644 KB PNG

Anyone here has a .pdf of "ISO/IEC TR 14763-2-1:2011 Information technology Implementation and operation of customer premises cabling Part 2-1: Planning and installation - Identifiers within administration systems" or "ANSI/TIA-606-B Cable Labeling Standards"?

>>102340976
https://gp1.wpc.edgecastcdn.net/00AC62/documents/datasheets/ANSI-TIA-606-BWhitePaper_US_DOC.pdf

>>102340953
How many drives are you talking?

>>102340930
Prtg has a cost associated with it
zabbix just seems fragile. Probably because I host the db on the same machine and not on a separate db vm

>>102340969
>I'm tired switching from one thing to another.
Why did you leave proxmox?
What other shit have you used?

>>102341001
How much shit do you need to monitor that the free 100 sensors don't cover it?

File: GARW2siWkAAwTEW.jpg (11 KB, 540x381)

11 KB JPG

Voice of advice to those even trying to think about using any USB Ethernet adapter: DO NOT.

I just had a bad experience today with one: It is a USB-C dock hub with onboard ethernet and alluminium body that normally works fine but today overheated and I lost connection while doing some critical shit.
To put this into "muh server context": This fucker shat the bed with minimum workload, now imagine under a standard homeserver load.

>>102340998
The one I'm looking at is 12-bay. I'm not really worried about bandwidth, I just want to know if the connection will function.

>>102341064
No one would use a usb ethernet adapter on a server anyway

>>102340997
or this?

https://d37iyw84027v1q.cloudfront.net/Common/Datacom_Guidebook_Europe_English.pdf

>>102341090
Of course, but that question gets asked quite frequently here

File: 1668195856099.jpg (341 KB, 1564x1073)

341 KB JPG

>>102340969
>Paying for Linux

>>102341002
Needed something that could work as a NAS while being able to run VMs, all in one machine.

I tried OMV, works great with mergerFS and SnapRAID. Kinda of a pain to set up but it works really well for my storage use case. Problem is it can't run VMs.

Proxmox: High traffic corrupts the data. I download a file, say 6GB to my main machine then I copy that file to my Proxmox machine hosting OMV as a VM. I would get NETDEV WATCHDOG errors whenever I transfer large and multiple files to and from the network. I know it's corrupted since I would compare checksum of the files I just transferred to the files I have in my main machine. I don't really know how to fix it.

TrueNAS: I don't want to use it.

>>102340969
Anon what are you talking about, Proxmox is fucking piss easy to configure/setup and it works almost everywhere

>>102341175
I see, well, I have that exact same setup you're mentioning
>Proxmox
>OMV as a VM for NAS
>Myriad of other VMs
Been running smooth stable for 2 yeras now
Oh and my workstation/shitposting machine is also a VM inside Proxmox

File: Untitled.png (384 KB, 1116x837)

384 KB PNG

>>102341186
Please, help me fix this then. Googling the problem doesn't really lead me to a fix. Some say it's a driver issue, except I don't use that driver. Some say to just get a different NIC but some users say that even with a different NIC their problems persists. Turning off tso in ethtool kinda makes it work but I still have to restart the system every day, not to mention it kills me 250MB/s speed of my drives down to 40MB/s.
Proxmox is honestly perfect for me but this problem is ruining it.

>>102341327
Okay then.
Have you tried with a different NIC to see if problems persist?
Have you tried reproducing the issue with a different distro?
You do know that gigabit is 125MB/sec max, right?

File: Ethernet.png (50 KB, 1038x262)

50 KB PNG

>>102341327
By the way, this is the integrated ethernet controller, according to unRAID. I am okay with buying a NIC but I need to know if it actually works. And some people in the forum say even if they buy one they still had the same problem.

>>102341405
>Have you tried with a different NIC to see if problems persist?
No, not yet. I will buy a NIC if I can confirm that it's the problem and not something else.
>Have you tried reproducing the issue with a different distro?
I mean, it worked fine on OMV baremetal. It's why I'm assuming it could be because OMV is running as a VM.
>You do know that gigabit is 125MB/sec max, right?
Yes.

>>102341459
Alright, you might want to try the following in any combination:
>disable Wake on LAN in your BIOS
>disable ASPM in the linux kernel (google it)
>disable any sleep feature in BIOS
>disable any low power ethernet feature in BIOS

File: ODROIDH4Plus2_1389x1000_jpg.jpg (593 KB, 1389x1000)

593 KB JPG

what do you guys think of an odroid h4 plus?
A few years I played around a bit with a pi4 as a nas, but the speeds were complete shit.
I am intrigued by the sbc form factor.
why are i226-v nics not suitable for servers?

>>102341175
>>102340969
why not just use vanilla debian with libvirt?

>>102341510
>disable Wake on LAN in your BIOS
Already tried.
>disable ASPM in the linux kernel (google it)
Already disabled.
>disable any sleep feature in BIOS
Already did. Including hibernation and everything.
>disable any low power ethernet feature in BIOS
None in my BIOS.

>>102341527
Depends on use case. It's ok for simple stuff but I don't think it can run modded minecraft servers.

I'm personally against non-m/ATX form factors due to repair-ability (living in shit world country, fairly difficult to get SBC's and shit)

>>102341544
Ack, try this
Add to
/etc/modprobe.d/e1000e.conf

options e1000e SmartPowerDownEnable=0

Might as well rebuild initrd

>>102341604
It's too late. I'm already testing unRAID. And I don't want to stop the parity sync since it takes fucking forever.
If I still get the same problems I'll come back to Proxmox and troubleshoot the problem some more.
If I can't fix it I'm going back to OMV. It sucks I can't run VMs but if I had to lose either a NAS solution or running VMs I would rather lose being able to run VMs.
And lastly if this shit still happens in OMV then I'm shit out of luck. Maybe just go back to a USB to SATA adapters and copy paste files manually.

>>102341527
>why are i226-v nics not suitable for servers?

https://www.anandtech.com/show/18755/intel-shares-stopgap-solution-for-intermittent-connection-drops-on-700series-motherboards

https://www.techpowerup.com/303854/psa-intel-i226-v-2-5gbe-on-raptor-lake-motherboards-has-a-connection-drop-issue-no-fix-available

https://community.intel.com/t5/Ethernet-Products/Intel-I226-V-Connection-Issues/td-p/1465810

>>102341064
it's fine i have a usb wlan failsafe

you see so many users endlessly distroswitching when in most cases it's the distro that should be userswitching

If you work on anything related to *arr, know that your software is fucking horrible and you're a piece of shit. Fuck you and kill yourself.

>>102341327
what version of proxmox?

>>102341696
>And lastly if this shit still happens in OMV then I'm shit out of luck.
you could always buy new hardware. what kind of machine is this anyway?

>>102341896
Proxmox 8.2-2
Kernel version was 6.8.12 I believe. I downgraded to 6.8.8 and 6.8.4 because I read that it could fix the issue. Nope, still happening.

>>102341924
>you could always buy new hardware
I don't really want to spend more. It's a ThinkStation P510. I got it pretty cheap locally, like $50.

>>102341946
what cpu?

>>102341982
Tried a E5-1620 v4 and an E5-2690 v4.
RAM is 64GB of ECC memory if that's the next thing you're going to ask.

>>102341937
>6.8.12
>I downgraded to 6.8.8 and 6.8.4
you call that a downgrade? bro thats not even a full minor version. knock that shit down to 5.xx

>>102341871
coincidentally, any alternatives to radarr other than going the custom route?

>>102342030
If unRAID has the same problem I'll go back. So gotta wait a while before I try. If it works I'm sticking to unRAID, if it doesn't work I'm going to troubleshoot Proxmox.

>>102342062
well to be 100% clear, the issue is clearly with the kernel, not the host OS. if unRAID works but you prefer proxmox, then i suggest you just downgrade the proxmox kernel to whatever version unRAID is using.

>>102342096
>well to be 100% clear, the issue is clearly with the kernel
How can you tell?
I believe the OMV kernel is running at 6.1.x but I'm not 100% sure on that. You say to downgrade to 5.x.x but I have had no problems with OMV running baremetal on the machine.

>>102342143
>>102342143
>How can you tell?
theres a lot of ways you could tell, the easiest is probably just recognizing what the linux kernel message buffer looks like.
https://en.wikipedia.org/wiki/Dmesg
>You say to downgrade to 5.x.x but I have had no problems with OMV running baremetal on the machine.
i didnt say you had to stay at 5.x.x forever, you can work your way up. or dont. ubuntu 22 runs 5.15, and your cpu is a decade order than that.

>>102342247
Hmm. Alright. I'll try that once unRAID finishes in 11 hours. I still have a couple spare HDDs that I can test this on.

>>102341871
yeah they should rewrite that shit instead of forking it

>instead of a pcie slot, onboard multiple port 2.5gbe nic
why is every sbc like this, 2.5gbe is cuck shit

why are there zero low power boards with at least a single pcie 4x slot

>>102342660
futro s940 has a variant with pcie 2.0 x4

>>102342708
that's a 1x slot buddy

>>102342660
>low power
>demanding pci-e lanes
heh

>>102342889
the lanes are there, they're just wasted on shit I don't want

n100 has 9 lanes of pcie gen 3, but it's always like 2.5gbe shit, sata, 2 single lane nvme slots, a 1x pcie slot

File: S9ac4b6c05a58487fb7f568d3(...).jpg (270 KB, 800x1049)

270 KB JPG

>>102343085
oh wait, just found one, done complaining

it still has a fucking i226 nic and the form factor is weird but it says there's a 4x slot

anyone else have the shittiest internet in the world? i live in Austin and i get 10Mbps up on a good day. whoever was laying down fiber seemingly deliberately cut out the block that my office is on; theres fiber for a mile in any direction while my ass is stuck on copper. how do you guys cope?

>>102340763
>ZFS_DEBUG_MODIFY
this is a meme right

Does anybody who uses Podman use Quadlets instead of podman compose? I've been really unhappy with podman compose, and RHEL advertises Quadlets as the replacement for compose but it looks like a wildly different thing.

>>102343246
starlink?

>>102343862
not interested in Yet Another Asymmetrical ISP. this is the home server thread, i need a connection ready to serve, dammit.

>>102340763
Bump on this >>102330298
I changed to Asrock B550M Pro4, found a really nice deal on the 4650G PRO (~72$ converted) and per anon's suggestion opted for 16GB Kingston ECC UDIMMs.
2 mirrors is a great idea and on longer thought actually fits my usecase perfectly (one for family stuff, 2nd for own hosting + copy of family stuff)
Anything else I should worry about/any more suggestions? Thanks for the tips once more

File: file.png (65 KB, 659x633)

65 KB PNG

How can I make connections between the two different subnets in my network? Do I set up a static route on the firewall and it should just work?

>>102344126
Also: upon closer inspection the PSU I already own is a System Power 9 500W 80+ Bronze. Don't think that matters at all though.

>>102342660
Don't some have a PCIe HAT available? Raxda x4 has an m.2 with pcie 3.0 x4 capability from what I recall (and the afformentioned cuck 2.5gbit with unknown chipset)

>>102344188
Static route on firewall AND probably on google wifi too.
I had 2 devices like that but I just ended up disabling the DHCP server on the router (your google wifi) so the devices on the router side got 10.0.1.xxx address too, try it

>>102344274
Can't disable DHCP on the google wifi without killing mesh functionality (the only reason I'm using it) and it doesn't support static routing.
I guess I'm SOL until I can ditch the google wifi.

>>102344303
If the firewall gives your google wifi a 10.0.1.x address on its wan port it probably doesn't require a static route

>>102344321
It does give it that IP, but still can't communicate from one side to another.

>>102344126
>Anything else I should worry about/any more suggestions
Get a bequiet psu because its quiet
That cpu cooler is loud. Find something with a 120mm fan at least. Good luck.

>>102340836
>I don't get the issue with using a shell script over a yaml file, they're doing the same thing
There's no issue, I just like bringing up and down sets of containers in 1 command and defining them all clearly and legibly in a way I can follow. This also makes them easier to migrate to any host. I could probably do this with a shell script too, I guess, but I don't know if it would be as easy to follow and as easily modifiable.

Probably a stupid question, but how do you guys access VMs running on your server from afar, especially if your server has no DE? I don't understand how the VM DE is propagated over LAN. Is it all Remote Desktop/VNC/similar?

>>102344624
That PSU is a be quiet! one (System Power 9 500W 80+ Bronze)
I'll look a bit more into the CPU cooler.
Thanks!

>>102345007
you mean SSH...?

>>102345162
I don't think so, isn't ssh just for accessing the vm or host through a terminal? I'm talking about interacting with the vm de directly. I think you can send display output over ssh, but what would do the actual displaying?

>>102345274
Just a remote desktop tool would do.
What do you need to do on the VM?
Earlier reply wasn't wrong, SSH for manager servers from afar is the right way to go for most things.

if you want to remote desktop on linux look into remmina

Anon who is trying to direct stream 4k remuxes to his friend's house from his jellyfin server here. I'm still not sure why librespeed (running directly on the media server) does not estimate real world streaming performance. My working theory is that the peering between my gigabit fiber residential IP and his gigabit download DOCSIS residential IP is poor/not prioritized and throttles especially when there is heavy traffic (I think this could especially affect his DOCSIS connection, particularly since the traffic is constant). Any thoughts? I am using wireguard to link us, so I do not think the VPN performance is an issue.
One thing I do notice with file transfers is that transfer speed is not static but goes in waves/chunks (starts high, drops, gets high again, drops) sort of like a torrent, but I thought this was because I was transferring with smb over wireguard.

>>102345274
X-over-ssh exists. It works, it simply sends the X draw instructions over SSH and the client does the rendering. It works seamlessly on Windows.
BUT it's incredibly fucking slow and inefficient. It's decades old tech that was designed for simple shapes and lines rather than full blown constantly updating raster apps.
Internet claims it can be sped up somehow but I never bothered. Someone could correct me here.

I'm no sysadmin but I guess your answer then is any flavor of VNC, probably with software rendering (maybe with Xvfb?). I used it on cheapo VPSes in the past with some success.
For Windows I guess it's just RDP.

>>102345375
I want to run a mac OS vm, with gui and DE, on my headless linux server. It does have a GPU. It does not have to be as good as a native experience but I would want it to be at least usable, and as good as possible.
>>102345441
Yes, this seems closer to what I am reading elsewhere.
>software rendering
Tbh I had no idea this was possible for an entire VM.

>>102345274
If you use XCP-ng and install a Xen Orchestra VM, the Xen Orchestra webtop has a built in VNC feature for each VM that is kind of okay. Easy to use, at least.

File: file.png (416 KB, 1891x1178)

416 KB PNG

>>102345274
>>102345627
Pic related. I accidentally selected a DE when installing this VM when it doesn't need it and always forget to recreate it without it. Oh well.

>>102345654
As the other anon mentioned, does this tax the VM resources much? Like if you have stuff moving on the screen

>>102345749
It's definitely software rendering, so yes, it's pretty intensive and slow. But it's something.

Does anyone sell rack mount cabinets? Not like a cabinet with rack mounts on it. They have rack mount drawers. I want something like that, but a couple U tall, so I can stick shit like cable modem in without it being ugly on a shelf.

>>102337926
>Minecraft
Fine. I have no idea why you are playing a children's game, but buy what ram you need.

>>102337936
It's not a home server if you are serving customers.

>>102346001
>It's not a home server if you are serving customers.
>plex
>minecraft childrens game
>customers
do hsg morons really?

>>102340953
Mostly confident: SAS cable = Direct Attach Storage (DAS), not Network Attach Storage (NAS). Get a PCIe SAS HBA card *flashed to IT mode* and everything will be plug and play on Linux.

>>102341327
Tried using a virtio NIC instead of emulated e1000e?

>>102345007
I use tigervnc vncserver if I want to start a full DE in a headless VM. systemctl start vncserver@1.service - make sure it's listening on localhost only and do ssh port forwarding

>>102346267
Who are you serving? Do you even know what the word "home" means?

>>102346361
>Tried using a virtio NIC instead of emulated e1000e?
Hi, I am using the VirtIO NIC. It only shows e1000e as default for all VMs. Also it seems my integrated ethernet port uses e1000e anyways.

>>102346568
I probably can't help either way but double check that your libvirt domain/vm config says

<interface type="network"> <model type="virtio"/> </interface>

and not

<interface type="network"> <model type="e1000e"/> </interface>

>>102346472
you don't belong in this general

File: lspci-nnk-virtual-nics.png (21 KB, 807x125)

21 KB PNG

>>102346568
>>102346650

>>102346650
>>102346833
I do this in the Proxmox host or the VM?
I'm assuming VM?
But still, can't do it yet. Already testing unRAID and I don't want to stop the parity sync.

>>102346777
Maybe you could start a "public server general" if you want to.

>>102346907
>>102346777
excuse me, this is a 'love server general'

>>102346903
The XML configures the VM on the host. Run the `lspci -nnk` command inside the VM to confirm that the virtualized hardware is correctly configured on the host.

>>102346962
Thanks friend-o. Will try it once unRAID finishes in another 6 hours.

Can someone explain to me how a HDD's max speed is like, 270MB/s but their lowest speed is like, 140MB/s? That is such a huge difference. How does that work?

made any good deals lately, halal savings general?

>>102347433
random access where the heads need to move erratically, vs sequential where it barely has to move.

and obviously the outer edge of a disc is faster than the inner one.

what i don't get is why a 9 platter disc doesn't show 9x the sequential performance of a 1 platter disc.

Using TrueNAS. Why are my write speeds so slow?
I tested the drives before and it showed my the max speed of 240MB/s and average of 160MB/s but when I try transferring multiple files it slows down to 2-3MB/s.

>>102341041
Isn't each data point a sensor? You can easily hit 100 with multiple sensors on a couple of devices
anyway I upgraded zabbix to 7 and Ubuntu to 24.04 and there was a little bit of messing with it required but only an hour so I guess it lives to see another day

>>102346001
>It's not a home server if you are serving customers.
Do you know what "server" means? Retard

Right now I'm using dyndns with ssh to connect to my PC for general reasons and cloudflare tunnels to access apps like immich or Plex. Would using tailscale add anything I'm missing?

I just tried bringing up some docker-compose files with Podman and they worked fine so that's nice. Imma test a bit more and evaluate a migration, I rather use software from the main repos

>>102351140
you have SSH publicly exposed to the Internet?
idk much about tailscale but it looks like it's basically just a wireguard VPN under the hood. I have wireguard into my home network and then I SSH from there. it's generally a very good practice not to expose SSH even if you do certificate authentication

>>102351247
I use public key auth and a non-standard port, I suppose wireguard is a good idea to add eventually but networking is my least favorite part to deal with.

>>102341064
>>102341090
I've been using a ETH -> USB for a year on my server for a year. No issues

>>102342055
bump?

>>102351378
>>102351247
I've had ssh exposed for years without issues. SSH Guard helps and so does using a non standard username and password

>>102351461
I tried using it thinking it would fix my issue, but it added more issues, like my computer would hang for a bit before starting again. Was annoying and had to stop using it.

>>102351516
>>102351378
it's true, you probably won't have too many issues especially if you do key or cert auth. but I always do it over VPN out of an abundance of caution. security autism and all that
but I am of the opinion that non-standard ports don't really do much in the realm of security. that's not anything nmap -p1-65535 can't find, you know? I figure, put it behind a VPN and then nobody even knows you're running SSH

>>102352049
>non-standard ports don't really do much in the realm of security
Correct. Security through obscurity is not security. That said, a lot of russian / chinese bots don't even bother with portscanning, so it definitely reduces the attack volume.

>security autism
Yeah i think i have that aswell. Have you played around with honeypots? For me its really fun to look at all the stuff thats coming from the internet. Right now im using tpotce which has a really cool dashboard, but it also produces a shit ton of logs

>>102351516
>using a non standard username and password
Is there a particular reason why you have password authentication enabled?

I have a question, how come Proxmox doesn't boot UEFI and uses legacy boot? Whenever I try UEFI boot it just restarts itself.
I know I have UEFI boot enabled as I was able to boot unRAID in UEFI.

>>102341090
>>102341120
Based enterprisefrens.

>>102340969
>>102341175
I have never seen Unraid listed as a supported operating system on OEM servers. Proxmox VE neither.
Find the list of supported operating systems for your server and follow it religiously.

>>102341430
>i218-LM
Anon, that's not a server NIC.

>>102352932
nah

>>102341527
Not a server platform.
I226-V EEE bugs. Packet loss or single-stream undirectional TCP rate limiting to low-power 100 Mbps Ethernet speeds when EEE is enabled and supported by the upstream switch.

>>102341946
>bought a workstation instead of a server
>spent $50
>installed a bunch of non-supported operating systems
>have a problematic NIC (because Lenovo/OEM has not validated server OSes on this platform)
>come to a server general to discuss about a workstation, not a server
>"I don't really want to spend more."
>bawwww
This is a PC for Windows 7 or Windows 10. Not server operating systems.
Sucks to suck, dude.

>>102342660
Intel set the chipset platform rules/guidelines.

>>102342660
>>102343085
>>102343212
How is this discussion server related? There's >>>/g/csg you know.

>>102344126
ECC support may not be validated or reporting ECC errors correctly on that motherboard. PRO or not.
It's not a server motherboard.

>>102353065
Meanwhile
>Build custom non-validated, non-ECC e-waste desktop shitbox
>Install server OS's
>It just works
???

>>102353094
Gotta agree with you on this one, that's not server related discussion, not even desktop e-waste server

>>102344188
Why is there no router-on-a-stick topology with L2 switches?

>>102352452
>Have you played around with honeypots?
running a hellpot is fun if you've got any internet-facing services

>>102353081
No where does Intel dictate you NEED multiple NICs or it has to be i225v
It's just manufacturers chasing the softrouter crowd

Anon didn't even mention it being an Intel SBC in the first place.

>>102344730
Ansible.

>>102345007
RDP / VNC for graphical environments.
SSH / WinRM for CLI.

>>102345749
If you have an (expensive) SR-IOV capable graphics processor, you may be able to improve the experience with hardware acceleration.

>>102351108
It's not server at home, it's home server (it serves the home - not customers).

In the same vein, homework is not work from home.

>>102346472
Enterprise hardware and software at home.

we don't need a home server general
if you run into trouble just call your platinum level enterprise service

>>102350410
Are you over 80% RAM utilization? Minimum RAM allocated for ZFS, ~1 GB RAM per TB of storage?
Consumer grade SSDs that can't sustain performance after their cache runs out?

>>102351516
>ssh exposed for years without issues

>regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

File: Untitled.png (24 KB, 986x96)

24 KB PNG

>>102346833
Yup, already knew it was using virtio. But here's proof. Used lspci -nnk in the VM.

i want to server a php web application on my local computer with custom domain in a quick way possible help me bros

>>102352719
Could be whatever cloud image or ISO you're trying to boot. For example, TrueNAS SCALE (ISO) does not support UEFI boot.
Sometimes it's the chipset setting. IIRC Amazon Linux 2 works with both BIOS and UEFI with an emulated Intel 440FX chipset, but not Q35 (no secure boot).

>>102352452
>russian / chinese bots don't even bother with portscanning
I could totally see it. no sense in making millions of requests which will probably get your IPs put on blacklists when you could just check out shodan.io and have all the heavy lifting already done
>honeypots
at work, yes. at home, it's on the to do list. and at work it's mostly identity-based honeypotting like active directory accounts and such. businesses are always concerned with identity and AD is the bane of my existence
>tpotce
>T-Pot installation needs at least 8-16 GB RAM, 128 GB free disk space
this looks like a great tool I'd love to build out but I'm afraid I need to add another server to my proxmox cluster. those requirements are pretty heavy. so not today, but it's going on the "tools to check out" list for when I get off my ass and buy some more hardware

>>102353174
you really can't be this stupid

>>102353234
unattended updates probably fixed this before you got targeted by bots
however if you don't have a good reason to expose sshd you might as well not do it
how many exploits against vpns are there compared to ssh btw
you could also harden security by only allowing your ip range

>>102353315
Honestly I don't even see the point in exposing SSH. Just set up wireguard and be done with it.

>>102353264
pay someone to write a docker container according to your needs

>>102352452
>Is there a particular reason why you have password authentication enabled?
I treat all my machines as ephemeral. If one computer dies, or I need to reinstall an OS, I don't need to fuck around with keys. No one and their bots are gonna guess my credentials in 1000 years.

>>102353135
See the following examples:
https://www.intel.com/content/www/us/en/products/docs/chipsets/desktop-chipsets/z790-chipset-brief.html
https://www.intel.com/content/www/us/en/products/docs/chipsets/desktop-chipsets/w680-chipset-brief.html
https://www.intel.com/content/dam/www/public/us/en/documents/platform-briefs/xeon-scalable-processors-c620-chipset-embedded-iot-brief.pdf?asset=14605#page=5

>>102353273
>IIRC Amazon Linux 2 works with both BIOS and UEFI with an emulated Intel 440FX chipset, but not Q35 (no secure boot).
If I was mistaken, then it was linux-kvm 5.15.0.1065.61 on Ubuntu Server 22.04.x LTS. Specifically

ubuntu-22.04-server-cloudimg-amd64-disk-kvm.img

, instead of the generic

ubuntu-22.04-server-cloudimg-amd64.img

with linux-image-virtual package. linux-kvm is very stripped of features and hardware support.

File: Screenshot_20240912-123706.jpg (103 KB, 1080x320)

103 KB JPG

>>102353234
this is weird. Apparently this version of ssh is affected, but there is no update available

>>102353450
My Z590 Aorus Master baord has a single NIC that's an Aquantia 10G
Intel isn't mandating multiple NICs nor specifically their I225V

>>102353450
there's an easy fix
get another nic with that chipset and set them up with channel bonding

>>102353325
Except you're not supposed to setup WireGuard, for the reasons that are repeated daily in /hsg/:
>experimental
>no FIPS mode (if you work for the U.S. government)
>no Red Hat support
>no support in enterprise firewalls (FortiGate, Palo Alto Networks)
>no native software integrations in major client operating systems without third-party software
>Android and enterprises use IKEv2/IPsec

Requesting input on Thunderbolt networking, curious if anon had tried this in the past and how it worked out.
I'm reading that it's a cheap way to get point-to-point throughputs greater than 10Gbps

>>102353140
I've heard about this, but it seems more for situations where you need something like AD for a bunch of servers and need to preserve your entire configuration because you deploy it so often. I want to easily backup my config, but I'm not sure I need Ansible's level of agility in a home server that realistically will not change that often. Thoughts?

File: Intel-Z590-Chipset-Block-(...).jpg (195 KB, 686x667)

195 KB JPG

>>102353537
They mandate a 1 GbE NIC. 2.5 GbE is optional. Whatever OEMs are doing with 10 GbE, they're feeling clever and likely taking some PCIe lanes from somewhere.

Anyway, these chipsets are not server related, but were meant to be illustrative.

>>102353634
Stick to compose files, they're used for bringing up multiple containers with a single command, exactly your usecase. Ansible is for orchestrating multiple hosts and multiple users

>>102353634
Store your config in Git along with your Ansible playbooks. It's for so much more than AD.

>>102353533
actually it looks like you're patched
1:8.9p1-3ubuntu0.10 is ubuntu's patched version, specified here:
https://ubuntu.com/security/CVE-2024-6387

>>102353553
this is bait

>>102353656
NTA but it seems that those "mandatory" onboard NIC's have their own dedicated/specialized lanes?
So, motherboard manufacturers have the option to provide the on-spec onboard GbE and provide the available lanes to the user as actual PCI-e ports, or, provide their own onboard 10Gbe by routing lanes that should've been meant to be actual ports.

I rather have the second, give me the option to add any PCI-e card

>inb4 not server related
yah we know

>>102353608
SFP+, SFP28, QSFP+ are already quite affordable for anyone.

>>102353533
>openssh-server set to manually installed.
Use

apt-mark auto openssh-server

now.

>>102353719 (me)
To be fair, I like the current spec of providing 2.5GbE AND 1GbE. I know it should be 10GbE but hey, it's progress

>>102353533
Is this a fresh VM? Why is it not attached to Ubuntu Pro?

>>102353762
There's no use case for 10 GbE copper NICs. Too much power draw and heat. Additionally, it's very expensive to recable existing enterprise offices to Cat6a for the full 100 meters of 10 GbE over copper, that it'll never make sense financially over fiber installation.
No consumer grade 10 GbE SFP+ NICs have been made, only server grade. Consumers are too dumb to know how to use fiber.

>>102353770
Ubuntu Pro requires an Ubuntu account. The ToS for such an account states you are not allowed to use Ubuntu Pro if you deface or critize Ubuntu

>>102353245
When it happens is there anything interesting in dmesg?

Google tells me that maybe other people have the a similar problem with your nic and maybe `ethtool -K eno1 gso off gro off tso off tx off rx off` (on the host) helps but I'd google it first. Off seems to mean offload, not disable

Good luck

>>102353836
He already tried that and then complained about the loss of performance there: >>102341327

>>102353836
>Off seems to mean offload, not disable
In this context it means "disable offload".
From man ehttool:

ethtool -K|--features|--offload devname feature on|off

>>102353809
>No consumer grade 10 GbE SFP+ NICs have been made, only server grade.
what the fuck are you talking about
i thought brits were bad with liocence shit
you can just buy any nic and put it in any computer that fits you know.
the only thing that 'makes' it 'server grade' (whatever the fuck that means - nothing btw) is that it is sfp+ and nobody uses that outside of servers and 'weirdos'

>>102353893
You don't belong in this general

>>102353909
It's so fascinating to me that there are a bunch of people in this thread who think you don't belong if you're using enterprise hardware, and then there's another bunch of people who think you don't belong unless you're using enterprise hardware.

>>102353822
But there's so many universe packages that require timely security updates, heck even if you're using certbot it's in the universe repo. Livepatching too.
That's a (You) problem.

File: Screenshot from 2024-09-1(...).png (219 KB, 1303x1319)

219 KB PNG

>>102353822
>>102353964
Forgot pic.
Stupid streamer, biting the hand that feeds you.

just use a different distro

File: Untitled.png (465 KB, 628x837)

465 KB PNG

>>102341327
Me again. So I tried downgrading the kernel, the furthest I could go back to was 6.1.10-1.
I had to use apt search/install pve-kernel to get it.
Well, I tried it and now I am getting this message when I read/write directly to the NAS VM.

>>102353991
You still need a Red Hat account to use RHEL for the equivalent features (except for timely security updates, Red Hat is a bit slower than Canonical).
Sorry if your message wasn't intended to me.

>>102354006
it was intended for anyone who's using a distro that makes them jump through hoops for basic package updates.

>>102353993 (me)
I'm not sure if this is a problem but I am not in UEFI boot. efibootmgr -v gives me a "EFI variables are not supported on this system." I think it was because I installed Proxmox using legacy bios. But I am not using ZFS on anything. So I don't know if that even matters.

>>102354016
Debian, Rocky Linux, they're all community maintained and rely on volunteers to do the effort. If you had browsed /hsg/ some months ago, you would've known that Debian spent–not days, not weeks–months to backport fixes to several CVEs in kernel Linux, months after Canonical had patched them in Ubuntu. I'm talking about DSA 5658-1.
If you want livepatching on community maintained distro that's not Ubuntu or RHEL, you still have to go through hoops to contract kernel livepatching support from a third-party–for a monthly fee.

Ubuntu without an active Ubuntu Pro attachment still gets 5 years of security updates for Ubuntu Main packages, but slower or non-existent, best-effort security updates for Ubuntu Universe packages.
But of course with Ubuntu Pro, it's 10 years for both repos from Canonical, their paid employees, paid work. (Available for free, for your personal use.)

>>102354063
UEFI Secure Boot should become mandatory for every PC to use. Sigh.

>>102354188
I had to turn off Secure Boot since it wouldn't even boot the older kernels.

>>102353964
>>102353979
>scoy guzzling, the posts

>>102353608
if you have two devices with thunderbolt and can't put pcie cards in them, it's better than nothing, but 40gbe cards are $15 now

>>102342660
>2.5gbe is cuck shit
sir this is a wendys
no really, most routers don't even have 2.5gbe.

Not sure if this is the thread to ask, but I want to upgrade my Music library from mp3 files to FLAC so it can be transcoded on the fly if needed. Is there a semi-automatic way to do this? The files are properly tagged already for the most part, but I don't care if these tags get overwritten by online sources in the process.

>>102355358
POSIX shell or PowerShell scripting.
>>>/g/fglt
>>>/g/sqt

>>102345437
DOCSIS is trash

>>102340763
They are selling to me thinkcenters m700 at around 30$ USD with memory ssd and power.

I want a NAS and maybe some low power stuff like Retronas. Not interested on plex. Maybe a VM or direct remote connection to Windows since I dont have a Windows PC.

Are they worth it? They have 8gb, 240gb but the processor is either celeron or pentium of the 6th gen.

>>102353920
I concur with everything you say, but this:
>and nobody uses that outside of servers and 'weirdos'
I mean, c'mon

File: Backblaze-drive-failure-r(...).jpg (49 KB, 696x535)

49 KB JPG

What are the best HD brands nowadays?
I found some cheap 8TB Seagate but I remember those days when Seagate was the disk failure king.

>>102353672
I've thought about doing something like this, along with writing proper documentation so I don't forget what I've done. But Ansible still seems overpowered for my needs.

>>102355722
>m-muh failure rate
nigga, just get a proper backup and an hdd with a good warranty. once the warranty period ends then ditch the drive

>>102355569
Buy a NAS if you need a NAS.
Buy a server if you need VMs.
ThinkCenters aren't either.

>the processor is either celeron or pentium of the 6th gen.
Toxic e-waste.

>>102355578
>>and nobody uses that outside of servers and 'weirdos'
I'm not the guy who said that.

>>102355569
Get a ThinkStation instead. You can easily repurpose old hardware into a NAS. Problem is if the hardware itself has multiple ports to support the HDD you plug in.
Ignore everyone using words like ewaste. They're LARPing as an employee in a huge data center.

>>102343609
I use docker/podman/compose for a variety of things, and imho if you need/want to start using compose for more intricate setups (as opposed to just single pod stuff) then you might as well just run k8s; there are plenty of easy single node setups. From the brief reading I've just done, it seems like Quadlets is just compose that is more integrated into systemd specifically.

>>102345007
>>102345274
VMs can be launched with different networking modes. You'll want to make sure it's bridged so that it gets its own IP address (this basically makes the server's physical NIC act like it's two). At that point you can connect to that IP however you want; ssh for cli and a VNC server for GUI are standards.

>>102345437
Since your librespeed test comes back fine, you may not actually have a bandwidth issue. For example, iirc Jellyfin will transcode by default if it detects you aren't on the same local network, and transcoding can cause really poor performance if you don't have the right hardware or have it configured correctly, ESPECIALLY if it's transcoding large 4k videos. It could also be that the connection doesn't have a stable speed like you mentioned, lots of ISPs will cheat speedtests by allowing small bursts of high bandwidth. Don't remember if librespeed is configurable, but you could try instead running an iperf server and setting an arbitrarily long test duration. Finally, it's always possible that the VPN could be causing issue, but that's probably the least likely imho. My bet is on transcoding.

>>102353129
I've had it in my head for almost two decades at this point to make a honeypot that could fingerprint attacker software to reverse exploit it.

>>102355569
>m700 at around 30$ USD
Sounds like a pretty good deal, but of course depends on what you want to use them for. A single VM or a streaming client would be fine with the 6th gens at least. You'll probably want more than 240GB for a NAS, so you already need to factor in the $ for more storage.

>>102356085
>Ignore everyone using words like ewaste. They're LARPing as an employee in a huge data center.
I want my servers to work stable with validated configurations, server workloads and secure hardware. When problems arise, I want my problems to be easily diagnosed.

>>102356085
In Google DCs they are just now getting rid of sandybridge based storage appliances.
Haswell or newer is new enough to be production hardware
Made me feel like my haswell based stuff is not e-waste.

>>102356061
I know, just sayin' that's why he doesn't belong here

>>102356173
>validated configurations
enterprise larper or autism, no inbetweens
>server workloads
enterprise larper
>secure hardware
no such thing; enterprise larper
>I want my problems to be easily diagnosed
has nothing to do with "ewaste"

does it make sense to watercool a general purpose home server?
I'm really happy with how quiet my gaming desktop has gotte, but i wonder if i can get away with a super steep fan curve instead

>>102341064
>Voice of advice to those even trying to think about using any USB Ethernet adapter: DO NOT.
yes sure but if i would, hypothetically, should is use it for Lan or wan?

>>102356247
bait post

>>102356247
It's one of those things wherever you can fit watercooling, you can also fit some type of big cooler or even an AIO would do fine

Personally, I'm planning a build with an SP3 EPYC and watercooling it but more because I want to rather than noctua just outright not selling a 120mm SP3 cooler.

>>102355919
Are you retarded anon?

>>102356185
haswell and broadwell are still the undisputed kings of idle, anything later or earlier idles @ 2x watts

>>102356358
what?
why?
>>102356371
Ye, i want to do a proper full atx case and mobo cause i'm tired of running out of slots

My desktop is doing triple duty as gaming + cad workstation + media server, i want to lighten the load by spreading out

>>102356389
Are you? No one should be without having 3 copies of their data. If one fails then you still have 2. So who cares about ''''''''''''''''''''''failure rates'''''''''''''''''''''''''''''''''''. If it does fail you replace it since it's under warranty.
Only poorfags probably care about it enough.

>>102356452
Nobody in their right mind takes a Dell PowerEdge or another OEM server and puts watercooling on it. It's not feasible.

>>102356392
FUD. A dual socket Dell PowerEdge R740 idles lower than a roughly equivalent Dell PowerEdge R730, and the prior has more cores. Not speaking of desktops.

>>102356356
Likely for WAN as that should have less traffic than the actual LAN, but ideally for none

>>102355358
Never transcode from lossy codecs to lossless codecs. Encode flac from an original lossless source or you are wasting space.

>>102353909
absolutely correct. i do keep a home server but the real reason i come in this thread is to make myself mad or just laugh at all the stupid bullshit you guys come up with. i'd never want to tarnish my setup with 99% of the shit you guys seem to brag about.

>>102356241
heckin' ack'd and valid

i kinda wish we had a way to have some kind of auth server for a lot of services. kind of a pain in the ass if you share your services.

>>102356842
Single sign-on and Active Directory / IdP (such as Entra ID) is not a new concept, nor difficult to setup.

>>102356531
who's talking about oem???
I imagine it's the sameas general desktops where with prebuilts you get shafted

>>102356857
i don't think jellyfin supports that, for example.

>>102356917
Jellyfin doesn't offer enterprise support, anyway. They also don't support enterprise hardware.
Software choice issue.
I'm confident a subscription to a streaming service would be a better option for home users anyway.

>>102356907
Well guess what, even Supermicro only supports their listed parts for individual servers. Now, if you wanted to watercool a whole rack, that'd be a different topic, but you're probably not Jeff Gluon or Linus Sebastian to do that realistically.

If you do the math, refurbished disks offer the highest disk-hour/$. Failure rates are kind of a meme assuming you have a proper RAID and back ups.

Is ESXI enterprise grade? If not what are some enterprise grade hypervisors?

File: Gartner2023_DHI_MQ_Approv(...).png (72 KB, 953x1024)

72 KB PNG

>>102357156
Come on man, you could've spent two minutes to look this up yourself from Gartner.

File: Gartner2021VisionGraph.png (93 KB, 818x870)

93 KB PNG

>>102357156
>>102357248

>>102357156
>Is ESXI enterprise grade?
It is, you're invoking the enterpriseschizo
>If not what are some enterprise grade hypervisors?
Aight gonna spoonfeed ya because I'm bored.
Most type-1 hypervisors are considered enterprise-grade. Examples:
>Microsoft: Hyper-V
>VMWare: ESXi
>Linux: KVM and Xen
Those are the most popular and widely used. If you're deciding which one, go with KVM

>>102357248
Appl'es not on there dude

>>102357295
>If you're deciding which one, go with KVM
No hard feelings, but it's only an alright option if you're going with Kubernetes or OpenShift (OKD) and you're never going to run Windows guests or you're too traditional to hardly ever use Terraform.

I'm new to having a home server, just installed zorin OS on a previous build and made a samba server to have a nas. Both the server and my main pc (windows) are connected via ethernet but I'm only getting 10mb/s transfer speeds. Anything I can tweak to improve speed?

>>102357353
No hard feelings but that's bullshit

>>102356758
I bet you also post on /v/

>>102356758
that's fine it's your home server you can do whatever the fuck you wanna do, the enterprise schizo is not your boss he has no power

>>102357295
>>Linux: KVM and Xen
>Those are the most popular and widely used. If you're deciding which one, go with KVM
Forgot Xen, bro.
It may not be as popular nut it was used by Citrix and it's the base o Qubes.

>>102357353
OpenStack, Cloudstack, Linode, Rackspace, EC2 and others are based around KVM.
The Windows drivers are good enough to work on, although Virtio-gpu is still a dream.
It's pretty much the reference when people talk about VFIO nowadays.
Also Proxmox is growing in the hobbyst and SOHO market.

>>102356978
>I'm confident a subscription to a streaming service would be a better option for home users anyway
What the fuck

>>102356170
>you might as well just run k8s
I do use a single compose file, I always thought kubernetes was for orchestrating containers on multiple hosts simultaneously. Would it still be useful for my use case?

>>102356170
>My bet is on transcoding
The server isn't transcoding, I checked that.
>It could also be that the connection doesn't have a stable speed like you mentioned, lots of ISPs will cheat speedtests by allowing small bursts of high bandwidth.
I think it's this. Fuck DOCSIS and my friend's shitty ISP.
>running an iperf server and setting an arbitrarily long test duration
Good idea, I will give this a shot. Thank you for responding.
>>102355485
That's true, thank you for responding. One idea I had is since I need offsite backup anyway, I could reuse an old desktop for offsite backup while also running jellyfin, radarr, and sonarr on it. I could then deploy it at my friend's house. That way, he can use it to get his content over LAN without hiccups and I can use it to improve redundancy. Does this seem like a better plan than trying to rely on a VPS to improve our peering, if it turns out the connection is the problem?

Is there any actual reason to use Windows Server at home, other than as a scuffed replacement for desktop Windows?

>>102358577
>Is there any actual reason to use Windows Server at home
None, the only reason to use Win Server is to host windows-only services or active directory, which aren't needed in a home at all

>>102358577
The support? It's great that I could just call them and get my problem fixed in an hour.

Should I be using ubuntu pro as the host distro for my server? Something else?

>>102358594
Which large language model are you using that is spewing this garbage text out?

>>102358577
why would you do this? windows sysadmins must be into CBT or something

>>102358653
This is just a question I thought of from reading the thread, not anything LLM generated. It's a genuine question.

File: Screenshot 2024-09-04 at (...).png (212 KB, 1056x816)

212 KB PNG

>>102358594
>Screenshot 2024-09-04 at 19-11-26 report-ol-state-of-oss-2024.pdf.png
But you typically wouldn't run a general purpose OS as your host, rather you'd often run a hypervisor or a container orchestration and then guest operating systems or containers underneath it.

>>102358675
Ubuntu Pro isn't a distribution or an operating system, it's a service attachment to Ubuntu.

>>102358355
It's true. While you may lack multi-factor authentication options to the streaming service (so far), a streaming service should be convenient to use and support will be readily available whenever you'll need it.

>>102358787
lol. nice b8

>>102358787
>support will be readily available whenever you'll need it
who do i call to upload all my illegally downloaded anime to netflix?

>>102358938
It's not bait in /hsg/, just honest. If this was /g/, then I'm sure it'd be bait, but alas.

>>102358998
good one anon

>>102358728
You do know that general purpose OS can run type-1 hypervisors and are able to become fully-fledged "enterprise-class" servers, right?

>>102359102
Yes, awkwardly put. I was thinking of hypervisor distributions such as ESXi and Proxmox VE instead of Ubuntu, Debian, and so on. Windows Server, despite being generic, would also work with the Hyper-V role.

Will an i7 4790k, 24gb of ram and a Gtx 980 be enough to run a jellyfin server with thousands of movies to a few clients?

>>102359195
Yes, next question

>>102358728
>But you typically wouldn't run a general purpose OS as your host
Doesn't Ubuntu have a server version?
>you'd often run a hypervisor or a container orchestration
I don't want to virtualize too much beyond containers, I want bare metal tier performance. I don't know much about "container orchestration" but I do know about linux distros, hence why I want to start there.
>it's a service attachment to Ubuntu
Did not know that. So I can make an account and then enable it with a command? Last I checked people did not want to use Ubuntu because of snaps primarily and phoning home, but what is the alternative, RHEL or linux mint? Are those the only real alternatives?

>>102358728
>tfw my company just upgraded our serves to CentOS 7
>from CentOS 5

>>102359233
NTA but
>Doesn't Ubuntu have a server version?
Yes but you don't need it, even base ubuntu should work
>I don't want to virtualize too much beyond containers, I want bare metal tier performance. I don't know much about "container orchestration" but I do know about linux distros, hence why I want to start there.
Containers are cool and fast, I personally don't like to have all my services running on the same kernel. I rather have differnt virtual machines divided by function, each running containers if required
>what is the alternative, RHEL or linux mint? Are those the only real alternatives
The best alternative is Debian

>>102359368
Thanks.
>Debian
I thought about that but I think it is too outdated for my hardware. Even if I run ubuntu I will need the hwe kernel.

if you want to play with containers, maybe opensuse microos is worth checking out.

>>102359233
>Doesn't Ubuntu have a server version?
Yes. Though it can offer MAAS (primarily intended on the desktop; practically Linux guests only) and a k3s snap out of the box (heck Canonical even publishes some k8s service worker / control node snaps), there's less tooling for server virtualization than using a more specialized hypervisor OS/distro. It's not representative of a typical enterprise, work environment.
(virt-manager and other type-2 hypervisors exist for the desktop, but I should not get too deep into those.)
>I don't want to virtualize too much beyond containers, I want bare metal tier performance.
Performance is practically a non-concern for VMs, within 0-1%, maybe up to 3% performance loss compared to bare metal.
>Last I checked people did not want to use Ubuntu because of snaps primarily
I'm sure people initially panicked about the thought of snaps replacing .deb packages eight years ago (I did too), but that's not the case. Together with AppArmor protections, snaps are better suited for multi-arch binaries and fast release cadence programs that can't remain stable and secure under an LTS release cadence like Ubuntu. It'll help you to not break your system.
>and phoning home
People are still stuck about that Amazon thing from Ubuntu 12.10, a decade ago? It's gone.
>but what is the alternative, RHEL or
See >>102358728. Note only RHEL and Ubuntu practically offer first-party kernel livepatching service for servers, if you care.

what an absolute pain in the ass it is the make qemu virtual machines join your real network
you're supposed to make a bridge over the physical interface but it doesnt fucking work
and i have no idea how to debug this shit

>>>/g/fglt
Just follow this template

auto lo
iface lo inet loopback

# Replace eno0 with your ethernet adapter

auto eno0
iface eno0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.0.100/24
        gateway 192.168.0.101
        bridge-ports eno0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

>>102359596
NTA, you've beat me to posting this.

>>102359596
Then configure each guest's network interfaces to bridge and set it to vmbr0, there, done

>>102359570
You use MACVLAN:
https://developers.redhat.com/blog/2018/10/22/introduction-to-linux-interfaces-for-virtual-networking#macvlan

>>102359570
>>102359596

>>102359488
>It's not representative of a typical enterprise, work environment
This is for a HOME server anon, and therefore not either of those. Are you that anon who gatekeeps home servers as only being enterprise setups? What am I even supposed to use as a virtualization manager host OS if I decided to go that route?
>Performance is practically a non-concern for VMs
I see. But they still require way more RAM if I understand correctly, and seem to be unecessarily complex for my use cases. Maybe I will add a VM or two later on.

>>102359215
Ok thank you. What is a good adaptor thing to run more than motherboard supported amount of sata ports?

>>102359465
what kinda hardware do you have

>>102359613
MACVTAP should work too apparently.

>>102359651
>What is a good adaptor thing to run more than motherboard supported amount of sata ports?
LSI HBAs (Host Bus Adapter). Literally lurk more, this is asked quite often.
>Avoid cheap PCI-e -> SATA adapters
>Avoid cheap M.2 -> SATA adapters
>Avoid old hardware RAID-only cards

>>102359651
LSI SAS HBAs. If you want 4kn support make sure to check beforehand for that.

>>102359678 (me)
We should compile the most frequently asked questions and post it in the OP

>>102359693
this but its all enterprise schizo answers

>>102359658
I haven't decided on everything yet, but it will have an ARC GPU for sure and therefore I will need a newer kernel.

What is the best way to host e.g. Ollama of llama.cpp on a TrueNAS server?

>>102359596
Will this fix my issue?
>>102341327

>>102359796
>truenas
that's BSD, isn't it? it's probably a non-starter

>>102359839
doubt it, but might as well try

>>102359796
just run the container? I don't understand the question

Is ACP or Cyber power enterprise grade UPS?

>>102360739
I think only Eaton is.

>>102360828
Never heard of Eaton.

>>102360458
I am running TrueNAS Scale, which is based on Linux

>>102360595
There is no direct way to run the container

File: 2Q==.jpg (3 KB, 192x192)

3 KB JPG

the Optiplex Micro is good for home server (with Open media vault) or should get QNAP/Synology?

>>102361540
If you intend to use it for file storage, you should probably get something that supports hard drives

>>102361540
How do you connect your hard drives in it?
These mini PCs usually only have 1 SATA port in them. and barely any PCIe slots. So good luck making it work, I guess.

No FAQ in sticky?
Are there any certified non-botnet reverse DNS options or alternatives? Currently I have a script that checks my public IP and sends me an email if it has changed but that won't really work if I want to share my Nextcloud with family so they actually back up their files.

>>102361925
>reverse DNS
I mean reverse proxy of course.
Is the best option to simply buy a cheap ass domain name and then use caddy?

>>102361633
>>102361826
A single half-decent PCIe slot can easily support 6-8 HDDs with a single cheap expansion card.

>>102362425
>I mean reverse proxy of course.
Fuck me. DDNS with some cheapo domain name

>>102353312
8-)

>>102362443
Wow, that is so cool. Can the PSU on that Optiplex handle all those drives? Didn't think so.
Now you buy a new PSU which are like $50 for the cheapest one. Or cheaper used if you want a fire hazard. Or something a bit more expensive if you want a quality one. Now if you bought that Optiplex for $30 you basically doubled the cost for that PSU. And this doesn't include the cost of the HBA. And cables. And a HDD cage to mount them. And maybe a fan to keep them cool.
How much money have you spent so far trying to make that mini pc work?

File: Screenshot 2024-09-13 173534.png (855 KB, 1121x819)

855 KB PNG

Is the I226 LAN controller really that bad? Like worse than Realtek?

Are those AliExpress N100 Mini-ITX motherboards with 6x SATA and 4x I226 Ethernet ports a scam?

>>102363474
>Is the I226 LAN controller really that bad? Like worse than Realtek?
no they're better than realtek
just disable EEE
>are they a scam
generally no. but they're still not very good. quite bad actually.

>>102357439
Check the speed of the ports on whatever switch you're using
I had cheaped out on a secondary router and didn't realise its LAN ports were only 100Mb
Had to buy a gigabit switch

File: JMB585.png (323 KB, 462x460)

323 KB PNG

>>102363474
yes, they are, see >>98909110 >>101201254
>tldr: 4 SATA ports behind shitty controller

>>102362621
you are seriously retarded if you think that overpriced consumernas crap is any cheaper

>>102359646
>But they still require way more RAM if I understand correctly
Yes, but Xeon SP 1st/2nd generation (Skylake/Cascade Lake) caps out at 1.5 TB of RAM and 384-768 GB RAM is a typical configuration with 32 GB or 64 GB RDIMMs. RAM capacity is a non-concern before your memory bandwidth or CPU core count becomes a bottleneck.
>and seem to be unecessarily complex for my use cases.
If anything, container orchestration and Kubernetes is way more complex than managing virtual machines.

Traditional setups, without containerization or VMs for isolation, has not been the best practice for decades from a security or management standpoint. Avoid traditional setups, start with VMs, Ansible and Terraform, or preferably Kubernetes clusters from the get go.

File: Screenshot 2024-09-13 at (...).png (198 KB, 1280x720)

198 KB PNG

>>102359646
>>102364054
Forgot pic.

>>102359710
Sorry, this is a general for home server discussion, not for you to talk about a desktop / workstation general.

>>102359678
>Avoid old hardware RAID-only cards
If you don't have a vSAN storage cluster, you're practically going to need one for SAS/SATA drives with VMware ESXi or Windows Server.
Additionally, RAID cards for boot devices, such as Dell BOSS cards, are an exception.

If you have NVMe storage, yeah, forget about any hardware RAID.

>>102359796
You select a hypervisor OS/distribution and run your VMs/containers and run VM workloads underneath it, separately and aside from your TrueNAS storage cluster.
TrueNAS may be good for storage only. (Whether it's even good for storage is arguable, and dependent on use case.)

>>102360828
I can confirm this.

>>102360831
Now you have. Search "ups r/sysadmin" or "eaton r/sysadmin" or something and you'll see Eaton shilled all the time by pseudonymous "professionals".

>>102361540
That's not even a comparison. You're comparing a thin client / SFF desktop PC to a NAS appliance.
Neither are servers for virtualization or server operating systems.

>>102361925
I believe BIND9 supports configuration for RFC 2136 dynamic updates, if you have traditional DNS infrastucture (not web APIs).
There's no botnet, just use whatever is popular.

>>102363892
It's not overpriced. You're not seeing the value.
I'll give you a hint: Veeam hardened repository support and validation. (Only applicable to Synology, which is in between consumer and enterprise grade, depends on the model.)

>>102363892
>>102364182 (Me)
I forgot to mention the long warranty and support.

>>102357439
Poor fella gave no useful information to be helped. Starting from layer 1, cabling, NICs, switches, negotiated switchport speeds, TX/RX counters on switchports, EEE if i225-V/i226-V, and so on. You can't be helped.
SMB works as is out of the box, without tweaking, up to ~25 Gbps. Speeds faster than that practically requires RDMA.

Oh and Zorin OS isn't a server OS.

>>102364182
>locked down Linux 4.x kernel with no powersaving features
>very professional bro

Hello i have a freedombox setup and i want to play lan games on the openvpn i setup.
how do i achieve this?
im not sure if this is the right place to ask.

I love you, Home Server General anons.

Planning to get a msi cubie 5 12M to use as a home server.
Would the extra 4 E-cores on the i5-1235u be of any use over i3-1215u?
The price difference is almost $100 and it's putting me out of my comfort zone slightly.

I just need it to use as a vpn server and serve files from my external hdds over smb

>>102365240
>Would the extra 4 E-cores be of any use
No i think for your use case you wont be able to tell a difference. I certainly wouldn't pay 100$ extra for it

File: gpg+you+me.png (264 KB, 800x800)

264 KB PNG

>>102365191
I love you too, love anon

>>102341946
Dog you really can't bare to spend 20 dollars on an x520 to have no issues? Just buy a fucking nic bro, sheesh.

>>102364483
>right place to ask
yeah i guess so.

Your question difficult to answer, because its not very well phrased. Or incase that was actually what you wanted to ask: no, you cannot play games on your vpn.

Im assuming you want to host some sort of lan server and have someone else connect to it via a vpn. This should be fairly trivial, have your lan server listen on the vpn interface and then connect to the vpn ip address from the other side of the tunnel. If you have more specific questions, please do ask.

>>102350410
You're using a platform that uses ZFS, and it's writing from cache, then writing at the max speed of your HDDs, about 160mb/s. That's what I get on my WD Red Pro raid10 iscsi array over SMB without ZFS.

>>102352452
>that aswell. Have you played around with honeypots?
Not that guy but I should. I have port 443 & 80 exposed for certbot, and I get a ton of IPS logs.

>>102365357
Appreciate it.
Thanks

>>102365623
>port 80 exposed for certbot
Have you heard of our lord and savior DNS-01?

That aside, its probably a good idea to keep port 80 open anyways. I use HTTPS exclusively and still occasionally get people who can't connect to my website because their browser tries port 80 first and gets rejected. It blows my mind that HTTPS only mode is still not enabled by default in most browsers.

>>102353920
>a bunch of people
It's one guy don't get it twisted

>>102365686
>>102365624
>>102365623
>>102365511
>>102365470
>>102365191

new thread you guys:

>>102365814

>>102365814

>>102365814

>>102365240
>msi cubie 5 12M
>/Business-Productivity-PC/
>Windows 11 Home
>- MSI recommends Windows 11 Pro for business
Out. >>>/out/ of here now, with your desktop PC discussion.
Point and laugh at the Realtek NIC on the way.
>the i5-1235u be of any use over i3-1215u?
Not going to answer to the question about cores, but only in theoretical capacity if this was a home PC used with tier-2 hypervisors, the i5 and later has vPro features the i3 doesn't. For processor security features in virtualization.
>I just need it to use as a vpn server and serve files from my external hdds over smb
Your architecture does not take into account that those external HDDs attached to USB will have to deal with USB power saving features, those won't have proper redundancy (RAID), and there will be no S.M.A.R.T. data available.
It sucks. Post back in /hsg/ when you've lost your data.

>>102365810
It's at least three people.

>>102366454
>Your architecture does not take into account that those external HDDs attached to USB will have to deal with USB power saving features, those won't have proper redundancy (RAID), and there will be no S.M.A.R.T. data available.
>It sucks. Post back in /hsg/ when you've lost your data.
You have clearly no idea anything about low end computing.
Go jerk off with your second hand overpriced ""enterprise"" garbage.