[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / r / s / t / u / v / vg / vm / vmg / vr / vrpg / vst / w / wg] [i / ic] [r9k / s4s / vip / qa] [cm / hm / lgbt / y] [3 / aco / adv / an / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / pw / qst / sci / soc / sp / tg / toy / trv / tv / vp / vt / wsg / wsr / x / xs] [Settings] [Search] [Mobile] [Home]
Board
Settings Mobile Home
/g/ - Technology


Thread archived.
You cannot reply anymore.


[Advertise on 4chan]


File: perspective.jpg (826 KB, 1251x1107)
826 KB
826 KB JPG
Perspective edition

previous: >>102594424

Temp wiki: https://igwiki.lyci.de/wiki/Home_server

/hsg/ is about learning and expanding your horizons. Know all about NAS? Learn virtualization. Spun up some VMs? Learn about networking by standing up a OPNsense/PFsense box and configuring some VLANs. There's always more to learn and chances to grow. Think you’re god-tier already? Setup OpenStack and report back.

>What software should I run?
Install Gentoo. Or whatever flavor of *nix is best for the job or most comfy for you. Jellyfin/Emby/Plex to replace Netflix, Nextcloud to replace Googlel, Ampache/Navidrome to replace Spotify, the list goes on. Look at the awesome self-hosted list and ask.

>Why should I have a home server?
De-botnet your life. Learn something new. Serving applications to yourself, your family, and your frens feels good. Put your tech skills to good use for yourself and those close to you. Store their data with proper availability redundancy and backups and serve it back to them with a /comfy/ easy to use interface.

>Links & resources
Cool stuff to host: https://gitlab.com/awesome-selfhosted/awesome-selfhosted
RouterOS's: https://igwiki.lyci.de/wiki/Routers
https://reddit.com/r/datahoarder
https://www.labgopher.com
https://www.reddit.com/r/homelab/wiki/index
https://wiki.debian.org/FreedomBox/Features
List of ARM-based SBCs: https://docs.google.com/spreadsheets/d/1PGaVu0sPBEy5GgLM8N-CvHB2FESdlfBOdQKqLziJLhQ
Low-power x86 systems: https://docs.google.com/spreadsheets/d/1LHvT2fRp7I6Hf18LcSzsNnjp10VI-odvwZpQZKv_NCI
SFF cases https://docs.google.com/spreadsheets/d/1AddRvGWJ_f4B6UC7_IftDiVudVc8CJ8sxLUqlxVsCz4/
Cheap disks: https://shucks.top/ https://diskprices.com/
PCIE info: https://files.catbox.moe/id6o0n.pdf
>i226-V NICs are not suitable for servers
>For more SATA ports, use PCIe SAS HBAs in IT mode
Cockpit is nice for remote administration

Remember:
RAID protects you from DOWNTIME
BACKUPS protect you from DATA LOSS
>>
File: 1702248568531078.jpg (4 KB, 259x194)
4 KB
4 KB JPG
First for Haswell
>>
>>102636438
based. sold my Haswell-E to a neighbour earlier this year and still chugs along
>>
For a basic nas fileserver should i be using ZFS or BTRFS? or is there something else better?
>>
>>102637353
Anything but BTRFS.
LVM is good and so is ZFS
If your a hipster try bcachefs
>>
>>102637364
literally nothing wrong with btrfs
>>
>>102627141
Admit you got conned by a seller to make you pay the seller to take their e-waste (which went EOL March 31, 2024) into a trash bin. You fool.
>>
>>102629117
Wrong choice of hardware (desktop), and that only supports client operating systems. Proxmox VE is unsupported by Lenovo.
Yet, you are still planning to create more chaos and introduce more risks to your environment with potentially incompatible and non-validated (third-party) components.
Wake up, sheeple.
>>
>>102629160
There are only 1 GbE and 10 GbE RJ45 copper server NICs, none 2.5 GbE. Those 10 GbE NICs have thermal and heat dissipation concerns.
>>
>>102636256
> 14:53 <schizo> Anonymous 09/30/24(Mon)19:13:56 No.102627371
> 14:53 <schizo> >>102619549 (You)
> 14:53 <schizo> >avoid wireguard because uhhh this other one is better becaues it does all this other shit you dont need just to use plex/jellyfin over the internet
> 14:53 <schizo> most retarded post in this thread
> 14:57 <anon> I agree with the person calling you retarded
> 15:00 <anon> https://i.4cdn.org/g/1727781614610136.jpg thread pic is antienterpriseschizoposting
>>
>>102631268
Hypervisor boot on redundant RAID1 SSD boot drives. VMs on a separate RAID10 (ZFS striped mirrors) array.
>>
>>102637778
No filesystem repair tools for corruption.
Free space is an estimation; snapshotting and then filling the drive to full will corrupt the filesystem.
No functional RAID5/RAID6.
Red Hat dropped it.
>>
>>102637353
XFS is also a fine choice for scale.
>>
is there a good selfhosted solution for remoting into your home?
basically i want to expose a website to the web on that website i can authenticated and it connects me to a vm.
>>
>>102638242
>EOL hardware should be free
Get a load of this commie
>>
>>102638453
RAID5 and 6 are perfectly functional. The writehole is a meme that's been effectively fixed. For starters, to invoke the writehole, you need a power failure, followed by a disk failure before you can perform a scrub. On top of that, it only affects metadata blocks. Metadata is like 1% of your total data. RAID5 your data blocks, RAID1 the metadata blocks, you are immune from the dreaded writehole. ZFS has similar vulnerabilities in edge cases when you poorly configure your array as a joke anyway, so I'm not sure why people fixate on this one.
>>
File: Discord_ZTKllhgtBq.png (39 KB, 545x174)
39 KB
39 KB PNG
Hey bros I'm a server and VM noobie but proficient in just about everything else computer wise. I just built a 7950x3D server and have 2Gb down and 1Gb up fiber at my house.

I have the intention of renting this out or splitting it into multiple VMs for game servers to rent to people, but really it seems like DDOS protection is the main concern (considering people will have my fucking IP).

Other than figuring out that, which suggestions are welcome, what other big picture bullshit do I need to worry about?

Is my idea of renting this to GTA RP communities simply naive? It seems like pricing wise it makes sense, but it's all the other vulnerability bullshit I'm worried about.
>>
>>102638586
You're going to have to be more descriptive than that. RDP, VNC, SSH, some IdP login for a web service, a VPN, access your hypervisor's management panel for an emulated display?
>>
>>102638767
>7950x3D server
That's not a server, it's a desktop computer a desktop processor. It does not have an AMD EPYC 4004 equivalent. Know your place.
>I have the intention of renting this out or splitting it into multiple VMs for game servers to rent to people
Please don't. https://grumpy.systems/2023/please-dont-sell-space-in-your-homelab/
>what other big picture bullshit do I need to worry about?
See above. You also don't have server hardware, validated for the purpose of running VMs 24/7.
>>
>>102638586
i dont really care what the underlying method is.
the end result is i want to visit a website, authenticate and gain access in the browser to a vm on my network.
>>
>>102638586
>>102638831
What is the VM's interface that needs to be accessed? See >>102638792.
>>
>>102638831
meant to quote >>102638792
>>
>>102638846
a windows vm on a proxmox host.
it can be done via vnc, rdp or whatever else there is.
i want a solution that makes it dead simple.
>>
>>102638767
HA? Redundancy? If you're selling a service, people aren't going to be happy if your shit goes off line. No redundant internet uplink? What are you going to do when your ISP decides to reboot the ONT? It's one thing if some buddies are paying you to host something, but renting out a service like this to randos is a bad idea.

>>102638830
>That's not a server
OP is a faggot but you're an even bigger faggot

>>102638831
Is there any reason you need username/password authentication? Are you going to be accessing this from arbitrary public devices? Do not do that. Set up wireguard.
>>
>>102638885
>Are you going to be accessing this from arbitrary public devices? Do not do that. Set up wireguard.
id use a 2fa method preferably.
id prefer the solution to be vpn-less for now.
>>
>>102638909
>id use a 2fa method preferably.
An unimportant distinction.

>id prefer the solution to be vpn-less for now.
...why?
>>
>>102638870
Use RDP. The integration to local accounts, Active Directory or Entra ID is already there.
For remote access to your network, terminate a VPN at your home network edge firewall. IKEv2/IPsec is the most supported one. You can integrate that with Active Directory or in some cases Entra ID too.
>>
>>102638921
>...why?
because its for an idiot who barely is able to visit a website.
>>
>>102638870
>>102638936
I'm equally confused what this Windows VM has to do with websites.
>>
>>102638830
>That's not a server, it's a desktop computer a desktop processor.
I'm fucking aware, I got it because it was on sale for like $350. I'm not gonna buy a threadripper or epyc because I don't need to spend 5x just for more PCIe lanes I won't use. You can play semantics, but a fucking celeron can be a server.

>https://grumpy.systems/2023/please-dont-sell-space-in-your-homelab/

I appreciate the link.

>HA? Redundancy? If you're selling a service, people aren't going to be happy if your shit goes off line. No redundant internet uplink?

Fair enough. Sounds like this is only really for my own personal businesses and shit and isn't worth the trouble all things considered. Thanks.
>>
>>102638952
basically i want someone to visit a website.
they then log in to that website.
that website then provides some way to connect to that vm maybe a rdp client in said website.
im looking for something that provides this kind of thing.
>>
>>102638976
>I'm not gonna buy a threadripper or epyc because I don't need to spend 5x just for more PCIe lanes I won't use.
You're mistaken, the EPYC 4004 series is a rebrand of Ryzen processors with additional server hardware and ECC memory support validation.
>>
>>102638885
OP replied: >>102638976
>>
>>102639002
For my light use cases I am not worried about cosmic bit flips causing issues nor want to pay more for a rebranded Ryzen. 32 threads of Zen 5 for $350 makes a great home server for many things, even now that renting it out seems way too far fetched.
>>
>>102639019
Talk for yourself, but I have no interest in a desktop platform without remote management (BMC) and validated configurations as a server. I can't call that setup "a great home server". Know your place.
>>
>>102639041
Thank you gatekeeper, very helpful. The equivalent epyc is exactly double the cost and the server sits in my 1000sqft laundry room. At work I've ran several desktop-grade cpus as servers for over 7 years and never needed any additional features, I will be fine. Thanks for shitting up the thread though.
>>
>>102639102
Thanks for affirming and doubling down on my "know your place" statement, chat.
>>
>>102639102
Gatekeeping is based, don't call him a gatekeeper. He's just a retard.
>>
>>102638830
>https://grumpy.systems/2023/please-dont-sell-space-in-your-homelab/
I am currently selling server space to my friends and there is nothing you can do about it.
you think my neighbor will sue me for gdpr?
>>
>>102639041
Show me "validated configurations" for a home server
>>
>>102639371
you have to buy exactly what the buy in enterprise datacenters, except without the benefit of a service contract and you're only getting a slight discount on ebay because anything too old (and therefore actually cheap) is "e-waste"
>>
>>102639471
Not true. You can buy new 1Us for cheap, single socket processors from Xeon E-2400 or AMD EPYC 4004 series.
>>
>>102639616
>1U
>home server
boy I sure hope you like having jet engines in your house
>>
>package with HDDs was supposed to get delivered yesterday
>marked as delivered and signed for
>no package
there's like $950 worth of HDDs in that thing and USPS is dicking me. I just wanna finish building my NAS
>>
Alright, are these cute ass things /hsg/ enough for ya? For clarification, the rack, not the fag next to it lol
>>
File: 1000001907.png (762 KB, 919x946)
762 KB
762 KB PNG
>>102640175
Fucking a the pic didn't attach
>>
>>102638453
red hat only uses xfs over btrfs because they have no btrfs engineers, there's no other reason
>>
>>102640196
Why didnt you just crop the faggot out?
Those setups are way too overkill
>>
>>102638401
where was this chat? i want to chat there too
>>
>>102639932
muttland yes, but they bring the packages inside my building and put them in a locked package locker. never had anything stolen before. I think USPS just fucked up somewhere along the line
it was marked as delivered and signed for but I didn't sign for shit, so I think they fudged the delivery and it's probably sitting in a truck somewhere. hopefully I can find it
>>
>>102637778
Literally nothing right with BTRFS.
>Reliability
Use ZFS or LVM
>Speed
Use mdadm , bcachefs or xfs
>features
ZFS , LVM or bcachefs

BTRFS fits no usecase
>>
>>102641025
this will be true when (if) bcachefs is actually feature complete and stable, but we're not there yet
>>
>>102638981
If you're already running proxmox why not use that? Give them an account that is limited to only be able to access the windows VM.
>>
>>102638586
Vpro through a VPN
>>
does anyone have that huge list of cases that you could filter by number of bays and formfactor etc?
>>
>>102641240
Also interested in this.
>>
>>102641240
idk which specific one you're talking about but pcpartpicker has that
https://pcpartpicker.com/products/case/
>>
>>102638830
Any computer you can connect to and access files from is a server, prove me wrong.
>>
>>102641304
it was posted here and I can't find it in my history for the life of me, it was more complete than pcpp's and on a dark blue background
>>
>>102641038
Still has more features than BetaFS
>>
Whats the recommended way of handling .qcow images for virtualmachines and the directory used for bitorrenting on ZFS? i heard they cause issues unless you do certain tweaks to the subvol/directory they're on
>>
>>102641038
btrfs and bcachefs have been saying the same thing for the longest time: that they will have feature parity with zfs before zfs changes it's licensing and can be shipped with the kernel.
I'm not holding my breath. It's more likely that both never happen. Meanwhile, it's getting easier and easier to use zfs with linux.
>>
>>102641676
qcow is a copy of write file, so you wouldn't want to double up on that. for zfs you should use a raw file or(ideally) a zvol. libvirt let's you specify a dataset for zvols as a storage pool.
for torrents just don't preallocate, it's copy on write. no need to preallocate when that doesn't do anything different on a cow filesystem.
>>
>>102641984
i heard that zfs zvols as a storage pool can cause some issues with libvirt vms?
>>
>>102638401
that's weird because I was the (You) and I don't chat with any of you weirdos
>>
>>102642186
why you asking here if you heard it from someone else
https://libvirt.org/storage.html#zfs-pool
>>
I'm trying to remember a software it was like raid 5 but worked with different HDD sizes and kept the most parity on one HDD with the ability to lose any one drive with no issues. Anyone know what I'm talking about?
>>
>>102642507
Unraid does that. Not 100% free though.
>>
>>102642600
I found it. I was thinking of SnapRAID
>>
>>102637364
Isn't btrfs useful because you can just add drives? I want to expand storage easily.
>>
>>102638586
you want host a Wordpress in a NAS with openvpn remote access?
>>
once again asking about >>102635205
(consistently shits iself at 403mb written in raid 0)
I've used those drives before and completely filled them at least twice just a couple months ago
>>
>>102636256
Hi guys, I have an HP DL180 G6 server from the stone ages I'm using as a file/Jellyfin server (go eat a dick enterpriseschizo), but I've been using its shitty P410 RAID controller for storage controlling. The server itself has a SATA controller, I'd just like to know if anything bad would happen if I switched from RAID to SATA. I don't want to keep using the RAID card because I don't use its features to begin with (I don't use RAID and just span between drives with LVM), because it's a pain in the ass to set up new hard drives for it. Would I need to reformat and reinstall the OS on the server if I switched from a RAID to using its SATA controller? I couldn't find any information about this online so I figured I'd ask here.
>>
Enterprise schizo, I need your wisdom. Is it common practice to install stuff in the host OS rather than VMs? For example in Proxmox or ESXI itself? Contemplating if I should do it. From what I read it's really not recommended and everything should be in a VM or container and I should leave the host alone.
>>
>>102638586
cockpit plus Tailscale maybe?
>>
>>102644135
You don't want Enterpriseschizo's wisdom. He's a very unhelpful person.
It depends on what you're doing. If you need just straight performance and don't care about sandboxing or whatever. It's not common to install stuff on Proxmox or ESXi in bare-metal because those are VM hosting operating systems. I do stuff on bare metal but that's because my server runs Ubuntu Server.
>>
>>102644172
Well, I want to monitor my hardware so I would install something like smartctl exporter and have Prometheus and Grafana in a VM so it's all in one place.
And I need something that can shut down my host when my UPS tells it that it's low on battery.
I can't do these on a VM.
>>
File: 1713260150358775.png (132 KB, 1002x585)
132 KB
132 KB PNG
>>102643149
No . its no better than any other raid like LVM or ZFS
>>
>>102638586
I have this set up without a VPN, but only as a side benefit of having a public facing loginwall so I can share services with friends and family. I don't know if I'd go through the hassle just for management interfaces.

nginx <-> oauth2proxy <-> IDM (I use kanidm, but authentik, keycloak, etc should work)
|
v
resource

So you hit nginx, and it sends an auth request to oauth2proxy. Oauth2proxy inspects your cookies and sees if you have an active session cookie. If so, it approves the request and sends it back to nginx.

If you don't have an active session cookie, oauth2proxy redirects to your OIDC enabled IDM. You log into the IDM (if you don't have an active cookie with them), and it checks your permissions.

If you have permission to access the resource, it sends you back to oauth2proxy with a confirmation, oauth2proxy makes you a cookie for it and redirects you to the resource you want. If you don't have permission, then your IDM gets you a permission denied message.

The downside is, if you want separate permissions per page then you need a separate oauth2proxy container per page because oauth2proxy doesn't currently support multiple tenants. They're working on it, but it's not there yet...

For me this works out well because I have a bunch of services I share with friends and family, and they all have permissions set up in my IDM for those pages, but then I have additional permissions to access the service pages.
>>
>>102643149
you can, and you can do general array-reshaping stuff too. Some guy mentioned the one gotcha upthread which is that thou shalt never use raid56 for metadata, only for data. Other than that it works well these days, but people like the guy you're replying to formed their impression back when it genuinely was unreliable. But this was like, kernel 3.2, over a decade ago.
>>
>>102644205
I heard you could just re-balance after adding a drive, whereas with zfs you can't add to a vdev
>>
>>102644393
Ive never seen this claim about BTRFS
I think what you want is snapraid
>>
>>102644393
Those sounds like unraid or snapraid+mergerfs.
>>
>>102644597
I've seen it mentioned lots. There seems to be a lot of information on adding disks to an existing btrfs system. Is it all just fake stuff or something? I haven't tried it.
>>
>>102644713
I believe you are confused
See >>102644668
>>
File: 1696746997426593.png (56 KB, 1298x526)
56 KB
56 KB PNG
>>102644724
Well it says it in the distro documentation.
>>
>>102644755
I dont believe that operation will give you more space but I'm not a BTRFS expert .
More info about that feature here though
https://btrfs.readthedocs.io/en/latest/Balance.html
>>
>>102644597
>Ive never seen this claim about BTRFS
Then you know literally nothing about btrfs and shouldn't be talking about it.
>>
Price being equal, new 6TB consumer drives (3 year warranty), or renewed 14TB NAS drives (5 year warranty)?
>>
>>102644597
lolwut

have you ever even used btrfs
>>
>>102644797
It says right in the image 'to add disk space'
>>
>>102644882
If you're buying multiple drives to go into an array with redundancy, 100% stick with the renewed 14TB NAS drives and just increase your redundancy by the small amount needed to compensate for any expected higher failure rates. You'll come out with a larger and more reliable array for the same money.
>>
>>102643805
bump
>>
>>102645125
That's what I was thinking but follow up, if I buy 2 drives and put them in RAID 1 would I be able to put in another 2 drives and switch to RAID10 later?
>>
>>102636256
is enterprise entirely ZFS or do they use other filesystems (e.g. XFS) for perf reasons (for databases for example)? If so, how do they handle silent data corruption/bitrot, drive failures, backups/snapshots etc.?
>>
Does anybody here use Traefik instead of nginx? I'm getting really annoyed at how nginx caches DNS results, it only caches it on load so if I have other containers with dynamic IPs that it references by hostname I have to restart nginx every time I restart the other container. So i move to full static IPs on everything but it's just a pain in the ass to keep track of everything, hostname was much easier...
>>
>>102645579
btrfs was heavily backed by Facebook. Lots of freebsd based (Netflix) would probably use zfs. just look at who is contributing to the project.
>>
>>102645059
Yeah, ignore him. btrfs arrays can be freely expanded by adding the disk then rebalancing. You could even reduce the number of disks in the array if you really wanted to. The balancing process might take a while depending on the operation, though.
>>
>>102644882
refurbished disks are almost always a better value in terms of disk-hr/$. Yes they will likely fail faster than brand new disks, but they're so much cheaper per TB that it doesn't matter. Assuming you're running a RAID, anyway, and can simply replace failed disks.
>>
>>102636256
I'm getting an Intel NUC n100 gen 12 mini PC to run as my porn komga server and torrenting with qbittorent. Is 8GB DDR4 ram enough for my purpose or should I get 16GB ram? My porn comic server is rather large but I will be the only one using it.
>>
File: 1727467856709248.jpg (282 KB, 738x483)
282 KB
282 KB JPG
>>102646711
>>
>>102646305
Why do I always get negative answers about btrfs? Are there people that opposed to it that they want to poison things?
>>
>>102646905
There was a time when btrfs was very unstable, but people have never actually bothered using it since then and parrot information that has been out-dated for years.
>>
>>102647142
Oh okay, glad to hear it's not a malicious reason.
>>
>>102638767
>Proficient in just about everything else computer wise
>What about the scary DDOS
>Oh no people will have my IP
>Can I host game servers and rent them out for money on my single desktop PC
Bro, the fact that you felt the need to say "I'm proficient at everything else" should have been enough for me to stop reading but I had a morbid curiosity desu.
>>
>>102645531
Sure, but how difficult and safe that is will depend on your raid implementation.
>>
Are there any noticeable power savings between running Debian headless and running it with no peripherals plugged in (such that I could more easily pull up a monitor/mouse/keyboard if need be).
>>
I'm considering hosting one of those server-side VSCode forks. I'm changing machines very often and having to rely on neovim being available everywhere or being able to install the jetbrains suite is annoying. Is it worth the trouble?
>>
>>102647870
There will me a very small difference due to lack of usb peripherals mainly, but personally the biggest wattage difference (still small) in my case was DE vs no DE due to a whole bunch of like 50 extra processes booting and running in the background waking up the cpu.
Also use powertop ofcourse. With "powertop --auto-tune" at startup you dont even need to unplug usb peripherals, they go to sleep and they wake up only when you click/press keyboard button, you type in stuff, then kb goes back to sleep as if its turned off. Go ahead and test it
>>
>>102646905
The "instability" is using raid 5/6 with a power loss and corrupted metadata, so now metadata is recommended to be mirrored. I've been using btrfs mirrors on my desktop for 3+ years without problems. also without any significant features either since I've taken probably thousands of automatic snapshots and never had to use one.
>>
File: (2024-10-02=01,47,19).png (244 KB, 321x432)
244 KB
244 KB PNG
I currently have 32gb RAM on my server, I'm using PROXMOX and have various VMs

I want to upgrade to 64 gb RAM...

I currently have:

VM1 Ubuntu - 8gb
VM2 Ubuntu - 16gb
VM3 WIN-Server - 4gb
VM4 Debian - 1gb

I was thinking whether or not I should keep it as is but whaddaya guys think?
>>
>>102648389
Mostly this depends on how many vm you run at the same time. There are people with 30 vm's on 8g ram because they only boot one or two small ones at a time. If I were you I would go for it just for the peace of mind, no point in starting to sweat profusely everytime you might need them all at once + something extra.
>>
File: (2024-10-01=01,31,23).png (198 KB, 230x395)
198 KB
198 KB PNG
>>102648426
Makes sense, yeah...

I want to use JellyFin maybe Nevidrome and many other things since I found out about this board/thread and I'm already spread thin running all of these VMs at the same time

Thankaranya
>>
I'm looking at miniPCs to host a simple NAS/Jellyfin/arr/media server. Main consideration is power, just deciding between a N100-esque system being good enough or maybe future proofing a little and stepping up to an i5 or something.
>>
>>102648566
>miniPC
>NAS
every fuckin' time
>>
>>102648566
I got an elite prodesk 600 g2 and it's been doing wonders
>>
>>102648613
This, rack and stack it or give up and just buy a synology or something if you haven't got the balls or brains to run a real server
>>
>>102636256
My dynamic DNS is down again, fuck this shit I'm going to move it to Cloudflare. I already have a subdomain I can use for this so it shouldn't be too difficult.

Is there a DNS update program that supports that?

I could do this easily myself with API calls but rather than re-invent the wheel I'm wondering if anyone knows of any existing software for this.
>>
>>102648984
It turns out I already started something like this before. I hacked up this script for now. It does the job:
#!/bin/sh

if ! myip="$(curl -s -L -4 https://icanhazip.com)"
then
exit 1
fi

zone="XXX"
name="server-MYDOMAIN.MYTLD"

for rec_type in A AAAA
do
if ! json="$(curl -s -L -X GET "https://api.cloudflare.com/client/v4/zones/${zone}/dns_records?type=${rec_type}&name=${name}" \
-H "Authorization: Bearer XXX" \
-H "Content-Type:application/json")"
then
continue
fi

if ! cloudflare_ip="$(printf "%s" "$json" | jq -r '.result[0].content')"
then
continue
fi

if ! dns_record_identifier="$(printf "%s" "$json" | jq -r '.result[0].id')"
then
continue
fi

case "${cloudflare_ip}" in
"${myip}")
:;;
*)
# static IP for IPv6 I can hardcode this
[ "$rec_type" = "AAAA" ] && myip="2001:XXX::XXX"
curl -X PATCH "https://api.cloudflare.com/client/v4/zones/${zone}/dns_records/${dns_record_identifier}" \
-H "Authorization: Bearer XXX" \
-H "Content-Type: application/json" \
--data "{\"type\":\"${rec_type}\",\"name\":\"${name}\",\"content\":\"${myip}\",\"ttl\":1,\"proxied\":false}"
;;
esac
done
>>
>>102649126
I don't like having to query icanhazip to get my v4 address though. I wonder if I can make Bind9 running on my OpenWRT router publish the IP addresses of its PPPOE interface?

Also why is /hsg/ so useless. Do none of you use dynamic DNS? Or is it just a bad time?
>>
File: hnngg.jpg (12 KB, 282x224)
12 KB
12 KB JPG
>converting a workstation into a dozen proxmox vm's & gpu passthrough
gonna be a long day
>>
>>102649782
Do it slowly. It ain't that hard. I mean, I did it and I barely knew anything about servers, let alone Linux.
>>
>>102649135
I use DDNS. never had a problem with it.
I wonder what the problem >>102648984 has with DDNS. I've never had it go "down" on me once since I set it up
>>
>>102650007
The problem is the upstream provider. Which host do you use?
>>
>>102650027
>>102650007
Basically the upstream resolver (which is hosted on AWS, it could have been an Amazon fuckup for all I know) stopped responding to queries.

It's working again now but I've already shifted to Cloudflare. I need something reliable.
>>
>>102650036
By upstream resolver, I mean their nameserver. It might have been under attack, but any amount of downtime even on a DDNS service I get for free is unacceptable.
>>
>>102650027
namecheap for me. been great for years
>>102650036
ah yeah, doesn't sound like a you problem. sounds like a provider problem. who was your provider? I guess they use route 53 in the backend. plus I'm happy to blame amazon for things
>>
>>102644135
Is enterprise schizo in this server with us right now, chat?

>Is it common practice to install stuff in the host OS rather than VMs?
Generally, no. The host OS should be easily replaceable and configured within the limits of unattended install or an Ansible playbook, dedicated to only one role.
>For example in Proxmox
Proxmox Container Toolkit (PCT) is alright for adding stuff onto Proxmox VE hosts, in a migrateable way. Such as NFS.
>ESXi
There aren't really ways to extend ESXi easily, however you can extend vSphere with plugins. Say you have i.e. a Starwind VSAN virtual machine on an ESXi host to do software RAID and 2-node replication for you, you export iSCSI LUNs there and import them in ESXi.

If you install Windows Server bare-metal and then enable the Hyper-V role for example, well that's just a feature flag to enable it, but that could also be considered as "installing" something onto a server. That's fine.
But it's not best practice to install anything but the Active Directory Domain Services on an AD server; install the DNS server and whatever else you need separately in another VM (unless you have some really silly Windows Server licensing limitations that you shouldn't have).

>From what I read it's really not recommended and everything should be in a VM or container and I should leave the host alone.
Correct.
>>
>>102644200
Sure, it's fine to install an exporter to the host OS. Try to automate this. Maybe a container on the host OS would also work for you?
>>
>>102645579
vSAN snapshots, distributed filesystems. Possibly backed by Pure Storage or something. Guest OS filesystem may be whatever the underlying most supported filesystem is (typically ext4 or XFS for GNU/Linux). ECC memory for resiliency against data corruption/bitrot, backups for disaster recovery.
I've not seen people talk much about T10 PI Capability at the hardware level.
>>
>>102646711
2 GB RAM per physical core is anemic for any server. Nevermind the N100 NUCs are not servers, and have the typical I226-V NIC issues.
>i226-V NICs are not suitable for servers
>>
>>102647870
A server isn't mean to have any peripherals plugged in, except for troubleshooting and recovery when no other remote option is available. They're typically managed remotely with a BMC.
>>
>>102648566
>miniPCs
>to host a [...] server
Anon that's a desktop computer.
>N100
Unsuitable NIC.
>i5
Desktop CPU. You will not find validated configurations for server operating systems and workloads with it, from the hardware manufacturer (OEM).
>>
>>102650319
home servers are typically managed remotely with a BMC?
where do you get this info? link me pls
>>
>>102649126
You shouldn't store secrets in shell scripts. Query a HashiCorp Vault or something for an authentication token.
>>
>>102650271
The mini PC box I have in mind uses i225-V. Is it fine? I don't intend to do anything demanding with it.
>>
>>102636256
what can I do with an old i5-7400 lying around? This shit doesn't have ECC support and isn't very powerful either. Probably eats more power than it should, too.
>>
>>102650271
>i226-V NICs are not suitable for use
ftfy
>>
>>102650359
You're right but this is stored in /root and owned and executed by root and the token is scoped so can't affect anything else on Cloudflare.

I've got bigger problems if somebody has root on my box.
>>
>>102650388
>Probably eats more power
nah, still great in idle
get one of those Fujitsu industrial 1151 itx boards, add two mirrored drives and and you're good to go
>>
>>102650388
Throw it in the bin. EOSL since March 31, 2024.
>>
>>102650386
Same issues as with I226-V, but worse if you get an early hardware revision. The I226-V is supposed to be a revision of I225-V's last hardware revision with firmware updates which disable EEE as a workaround.
>>
about to dive into this
What home NAS solution do you guys recommend?

Is it best to go with a NAS distro or set something up inside a regular server distro in a vm or something like that? It'd run jellyfin too ideally though at this point I just wan to figure out the NAS part
>>
>>102647235
>DDOS and IP are the only things mentioned
Yes, I am proficient in just about everything else lol except literally certain things on how the internet works. I started and run a multi-million dollar tech company, but we are B2G and do everything except shit over the internet, so it's where I lack knowledge.
>>
File: 1727057080344414.png (138 KB, 746x746)
138 KB
138 KB PNG
>>102650557
must have been having some really lucid dreams anon
>>
>>102650514
>What home NAS solution do you guys recommend?
https://www.ebay.com/itm/146017587263
>>
File: 1699631677238451.jpg (1.98 MB, 3226x2419)
1.98 MB
1.98 MB JPG
I need some low power consumption machine to have offsite backups over my parents home and give them a plex server or whatever any smart TV can watch
Is plex the best option?
How reliable are those refubrished 12TB drives from amazon?
Is a random 100€ chink N100 thing my best option for this or is there something else coming out?
Not really a big hurry since I have here some old dell with a 2400 that should be nuff to leave it on for the time being
Size or noise is not a problem just the cost/power bills I'm on the country with literally the most expensive electricity of europe
>>
>>102650631
thanks for the (you) enterprisophrenia post but it was a simple software question
>>
>>102638767
DDOS protection is your ISPs concern. As long as they can keep forwarding traffic, it's not your problem.

Unless you're concerned about the beefy server you've just built being unable to handle it. You can't really do anything about that, no home server hoster can. It's trivial for someone with a much bigger link capacity to flood your shitty home connection with more traffic than it can physically handle. Anyone can go and rent a 10gb/s or 100gb/s, etc, server and do this to you.
>>
>>102650514
Personally I'm just exposing the storage pool via samba. I never got the point of running a dedicated OS just for a filesystem and file sync.
>>
Does anyone here have experience running a pfSense VM with a network card passed through?

Does the WAN interface have to have it's own dedicated port?
>>
>>102650936
>Does anyone here have experience running a pfSense VM with a network card passed through?
Yes
>Does the WAN interface have to have it's own dedicated port?
Do you mean you want to have WAN and LAN on the same wire? I think it's technically possible if there's a VLAN-capable switch upstream but I don't understand why you would ever want to do that, just plug two wires in and use one for LAN one for WAN.
>>
File: 1713766719363809.png (61 KB, 200x200)
61 KB
61 KB PNG
>>102650514
I run TrueNAS SCALE but I wouldn't call it absolutely perfect. If you're planning on not tinkering it with much aside from the webgui and simple midctl commands then it's pretty good. Trying to mess with kernel stuff is so locked down and undocumented that you're better off not touching that shit at all.
I haven't had too many issues with it in the 2 years I've used SCALE and aside from some VM issues, it's been running smooth on one of those CWWK AIO NAS boards.
>>
>>102650979
>WAN and LAN on the same wire
It definitely is possible but I really don't know why you would ever want to do that.
>>
>>102650979
>>102651006
Basically I have a miniPC with two LAN ports (unfortunately they are realtek).
On this MiniPC I run Ubuntu Server with a pfSense VM and both LAN ports passed through to pfSense. With both hardware ports unavailable to the host, I have to access the Ubuntu Server host OS over the Wi-Fi interface.

I want to know if I could maybe pass through just one LAN port to the pfSense VM, which would be used for the WAN interface (because I assume it needs a dedicated hardware port for WAN).
Then instead of passing through the second hardware LAN port, I could maybe pass down a VLAN from the Ubuntu host instead. That way I can run other services on the Ubuntu host like Tailscale and Jellyfin (with N100 transcoding) without connecting over Wi-Fi.

Of course it would be much more ideal if I had more than two LAN ports. I'm hoping AliExpress will have a good Black Friday deal for a 4-port MiniPC/Firewall, although those have the I226 controller which also has issues.
>>
>>102650995
>>102650854
sounds like running a truenas vm on a server host os is the way to go for now then, thanks for the input guys
>>
File: satasisters.jpg (14 KB, 130x405)
14 KB
14 KB JPG
Are m.2 to sata adapters a bad idea?
And on that note, what sata controller is best between JMB575 JMB585 or ASM1166?
>>
File: home-net.jpg (150 KB, 1419x900)
150 KB
150 KB JPG
>>102651155
This is a visualization of my current setup.

Again, I want to know if I could pass down a vlan to pfSense instead of a hardware port.
>>
Why is this place full of people trying to run servers on baby computers now?

Buy a fucking off the shelf NAS if you don't want to run a real server. christ.
>>
>>102651365
Nobody cares about your input you stupid, worthless idiot.
>>
>>102651236
>Are m.2 to sata adapters a bad idea?
Yes but they do work if they are your only option.
>>
>>102651365
>Why is this place full of people trying to run low power servers? just buy a Synology that idles at 55W
>>
>>102637353
BTRFS is pretty much the best we have right now. Can scale down/up, change raid levels on the fly and so on.
In the future, BCACHEFS might be better, but they don't even have Erasure Coding done yet.

I'm running a 4x18Tb BRTFS RAID5 (metadata RAID1) with a single 4Tb NVME SSD BCACHE. Works pretty great as long as you make a no-cow TMP folder for torrents. Defragmenting it is a pain.
>>
>>102650631
E-waste, and requires a lot of effort to become functional as a NAS.
>>
File: file.png (5 KB, 318x143)
5 KB
5 KB PNG
>>102651481
>as long as you make a no-cow TMP folder for torrents
>>
Any of you guys have experience with Optiplexes?

How many watts do the SFF Optiplexes consume on idle? How much do the results differ between generations? Will a coffee lake save significantly more power compared to a Skylake if idle 99% of the time?
>>
>>102651155
>>102651342
>I want to know if I could maybe pass through just one LAN port to the pfSense VM, which would be used for the WAN interface (because I assume it needs a dedicated hardware port for WAN).
Not a LAN port, a network interface. Use the proper terminology, and things suddenly start to make more logical sense.
Now, if you have two network interfaces, having a dedicated interface passed down to a virtual machine and a separate management interface is one possible way to accomplish things.
With that in mind, your setup needs a bit of a rework.
>I want to know if I could pass down a vlan to pfSense instead of a hardware port.
A VLAN is just an option on top of an interface. Whether it's a virtual or physical one, that's irrelevant. Trying to pass down a vlan to a virtual machine (doesn't matter if it's running pfSense or some other service) is the equivalent of trying to pass down an IP address. Makes no sense.
Instead, what you could be doing is turning the MiniPC into a router on a stick.
The WAN (ISP modem or whatever you're dealing with) is attached to an untagged switch port (with its own VLAN).
The "LAN" and other relevant subnets are on their own separate VLANs.
With the MiniPC, the host (previously LAN) interface is connected to the "management" VLAN on the switch (LAN for example), and no further configurations are needed on the machine.
The previous "WAN Interface" is still passed down to the VM, but it's now connected to a trunk port on the switch, containing all the VLANs, tagged. You'll need to create a bunch of sub-interfaces for that each VLAN, but they are all on one physical interface and one physical wire, leaving the second MiniPC physical interface free to use as a "management" interface.
>>
>>102651581
What does this question have to do with servers at hand? >>>/g//sqt/ is for general computing questions (desktop computers).
>>
>>102651594
Nobody cares about your input you stupid, worthless idiot.
>>
>>102651604
I asked a question, and you have mental problems of handling a simple question?
>>
>>102651535
>requires a lot of effort to become functional as a NAS
>six mouse clicks in Windows Server
sounds like an obvious U problem
>>
>>102651612
Again, nobody cares about your input you stupid, worthless idiot.
>>
>>102651616
Do you want to ban the discussion of servers here, like the Bundestag? Know where you are.
>>
>>102651641
I am more than happy to keep correctly labeling you what you are: an idiot.
All your advice is rubbish and you're a loser. Nobody cares what a useless piece of junk like you has to say.
>>
>>102651581
>Will a coffee lake save significantly more power compared to a Skylake if idle 99%
nope
haswell broadwell skylake are still the kings of idle, as measured with a cpu meter. but coffee lake is close.
paired with a itx board, ssd only storage, and a pico psu even, you're idlemaxxing hard
>>
>>102651641
>sperg unironically believes the jannies/mods will ban this thread if people talk about fucking dell optiplexes
you are an even bigger retard than i thought, sperg-kun.
>>
>>102651660
Better an idiot than a genius who thinks they’re always right for owning a mini PC!
>>
>>102651207
I'd advise against running it virtualized UNLESS you're going to be passing through a PCIE HBA or some other storage controller. Passing it virtualized disk is going to lead to some awful dogshit happening down the line.
I've also had to help one of my friends set up his virtualized TrueNAS instance and it was HELL with all sorts of bugs and other crap.
If you really want to squeeze the most out of your hardware I'd recommend switching it around, virtualizing stuff on TrueNAS itself. Although it's not good at its job, it'll do most of the stuff you need just fine.
>>
>>102651641
>pedantic sperg
>it's a germ
>>
>>102651561
Cows are prone to heavy fragmentation at tasks like DBs and torrenting.
Speaking of, I should really move all my databases to nocow.
>>
>>102645579
most companies i know use ibm flashstorage and that as a base for vsan.
>>
>>102651581
If you are a looking for low power ensure you get one with the T designation ie i5-9500T as it is there low power chips. Not a big difference from skylake to coffee lake intel was dragging ass for those generations
>>
File: 1704556875406316.png (11 KB, 731x98)
11 KB
11 KB PNG
how the hell did this tap interface get an IP, and how is it able to override the hostname for my proxmox box in opnsense?
>>
>>102652394
Only you can answer that. Where the fuck does this TAP device even come from? If you don't know what's going on with your own box then God help you.
>>
>>102652698
TAPs are some sort of black box network interfaces that allow your VMs to communicate with other network devices, but there's little to no documentation on them from what I've sourced. What really bothers me is that appeared randomly overnight after this system has been running stable for 2-3 months.
>>
>>102650708
Makes sense, thanks anon. Seems like for smaller uses it's not that crazy to rent out, but need to be cognizant of the amount and type of users to make this make any sense. Hundreds of random people connecting to the server for a game server seems to be what I want to avoid.
>>
I'm too fucking retarded to mount my NAS share to an unprivileged LXC container. I think I got it to work but when I try it checking if it's there in my docker container it doesn't work.
>>
>>102652289
T-series processors just mean they are locked to low power. You can still manually clock non-T to the same TDP in the bios.
>>
>>102650514
literally whatever linux distro you want + nfs or samba

nas distros are a stupid meme
>>
I want to make my jellyfin server accessible outside of my home. Do I need to buy any hardware to accomplish this or make it more safe like a firewall? Or would windows firewall already be enough?
>>
>>102654204
Don't. Set up a VPN.

>But I need--
I don't care, set up a VPN.
>>
>>102654204
other anon is right, just use a VPN
>>
>>102654204
I use plex and just use open the standard port
>>
>>102640196
The only actual rack mount gear in there is the patch panel.
If you are going to be autistic enough to buy a rack then just go all the way.
>>
>>102650557
>I started and run a multi-million dollar tech company
Embarrassing
>>
>>102654392
Ok brokefag
>>
>>102654405
I'm sure you get paid by the government, but it's not because you run a tech company
>>
>>102652289
>T designation ie i5-9500T
yea but he mentioned 99% idle
during idle there is literally zero difference between a 9500 and a 9500T
the T version caps the max watts but does not influence the idle watts
>>
Hi anons. I've figured out how to setup nginx reverse proxy and a vaultwarden self hosted password site on my server. I am proud of myself, so don't laugh.

My reasons to do this, was because google notified me of some kind of password breach, etc. from my gmail account and I want to reset all major passwords and store them here. My banking / financial account password is not written down / documented anywhere and never will be.

My question: Is a reverse proxy setup like this safe for a noob like me? My firewall has NOTHING open on it (Edge OS Er-4) except some ports for qbittorrent, minecraft server (kids) and plex.

I am a total retard, but my reading on reverse proxies with SSH certs from cloudfare domain is great. That said, you guys are more paranoid than most so roast me.
>>
>>102654805
*I meant SSL. from Lets Encrypt.
>>
>>102654824
You mean X.509 certificates for TLS. All versions of SSL have been obsolete for many years now.
>>
>>102654435
That doesn't even make sense but cope, we made just under $10M last year
>>
>>102653743
>>102654611
True. I would still go out of my way to snag one with T & Vpro. The T out of the box is ready to work with low watts no matter what with no manual configuration. Low wattage servers that are easy to manage give me a stiffy.
>>
>>102655020
I'm implying you receive government assistance, be it unemployment or disability.
I'm sure you made 6 gorrilion dollars last year, but there is no point saying it here, because you won't prove it.

Executive summary: Lurk more, and consider suicide
>>
>>102655360
>more cope because poorfag
got it
>>
>>102655374
Oh no you called me poor, I have been epicly owned
>>
>>102654981
No its a cloudfare Let's Encrypt DNS api token method.

So are x.509 certificates possible with NGINX? Quickly explain to me how using nginx proxy manager <-cloudfare SSL let's encrypt token API method is fucking me over.

Not arguing, but is this enterprise schizo moving the goalposts to Unit 8200 levels to make himself look smart?
>>
File: Capture.png (25 KB, 861x466)
25 KB
25 KB PNG
>>102655844
>>102654981

I apologize enterpise. I read the fine print and yes these (SSL) are obsolete but nginx seems to call them the old way for comfy boomer reasons apparently but are TSL.

That said, am I still fucked?
>>
>>102655020
can you buy us a small vps to host our wiki?
also an irc server to write /hsg/ roleplay and call the enterpriseguy a n-word
>>
>>102651481
What makes it better than zfs?
>>
>passthrough disks to my NAS VM
>doesn't read smart data
>okay, maybe i can use smartctl_exporter and use prometheus and grafana
>doesnt work
well then. fuck me i guess
>>
>>102656137
licensing
>>102656306
pass through the host bus if able. the entire sata controller. Not individual disks.
>>
>>102653458
Assuming you're using mount points, you've got to pass it to your docker container too as a volume.
I passthrough my zfs volume to my LXC by attaching it as a mount point. Pic related.
Then in the LXC I pass it to the container by passing it (via docker compose) as a volume:
    volumes:
- /srv/qbittorrent:/config
- /mnt/media:/mnt/media
>>
What firewalls do you guys use on your servers? UFW? firewalld? Just plain iptables?
>>
>>102656438
>pass through the host bus if able. the entire sata controller. Not individual disks.
Can't. At least not yet. Still using the one single SATA controller on the motherboard and that is connected to my OS.
Once I actually get enough HDD where I need a SAS HBA then I would do it.
I guess I'll just keep using smartctl manually instead.
>>
>>102656535
I am using mergerfs and using SMB/CIFS. I don't know how to do that.
>>
>>102656679
you could go pci OS (nvme adapter) then pass through the motherboard controller.
>>
>>102656666
ufw since I don't like working with iptables directly. Not like I can't do it I'm just that fucking lazy.
>>
>>102656830
I could, but that's just a whole new can of worms by trying to boot the host OS through a PCIe card.
>>
>>102656137
It's part of the linux kernel (i.e., any linux system can mount it) and is more flexible when it comes to adding or removing disks from an array.
>>
What do you guys use for managing all your switches and routers? Do you just go to each web interface separately ? Is there a standartized way to configure hardware? TP-Link and others are offering their centralized management solutions - is there any way to avoid vendor lock in? How do the tech giants do it? Just making a change to 3 identical APs feels tedious.
>>
got 2 1tb SAS drives and 4 drive caddies for my r630 coming friday. can't wait to get an OS loaded up and start home servering server serve'd
>>
>>102657668
nice
>>
>>102657600
SNMP? Never used it but it's the "open" standard for interoperability between network devices, if your device supports it then figure out how to implement it
>>
>>102657600
>Do you just go to each web interface separately ?
You guys use web interfaces to configure your networking equipment?
>>
>>102657668
Nice server but it's sadly Windows Server 2019, ESXi 7.0 era e-waste with no upgradeability.
>>
Anyone have any luck trying to boot from a SATA SSD using a USB adapter? Need to dual boot my laptop to run services.
I could make a VM but it's probably faster if it had its own dedicated hardware.
>>
>>102658211
>Windows Server 2019 Extended Support End Date: Jan 9, 2029
>e-waste
>>
File: 1707120832702766.png (141 KB, 1919x432)
141 KB
141 KB PNG
I've run out of storage space, I've used all 10 slots on my workstation case.

I don't want to buy disk shelf to expand because its way too big, loud and power hungry.

What are my solutions here?
>>
File: 06.jpg (371 KB, 1600x1200)
371 KB
371 KB JPG
>>102658477
>What are my solutions here?
>>
>>102658392
Xeon E5: EOSL June 30, 2022.
>>
>>102658211
2017. supports suse and redhat per dell, so presumably with a little butchering will support most others.
>>
>>102658392
iDRAC 8:
>iDRAC8 has reached the End of Sale as of December 2021 and reaches the End of Software Maintenance as of February 2024.
>>
>>102658578
>After the EOSL date, the OEM will not renew, sell or upgrade hardware maintenance contracts
what does this B2B stuff have to do with a home server?
>>
>>102658602
>End of Servicing Lifetime Date (EOSL Date)
>Intel concludes both Baseline and any offered Extended Servicing as of this date. Intel reserves the right to change any EOSL Date.
Generally there will not be microcode updates available for security updates after the EOSL date.
>>
>>102658632
Why would I need security update when I don't plan on exposing anything out of my home?
>>
>>102658600
>reaches the End of Software Maintenance
oh no I cant open a ticket with Dell support for a used server from ebay

it's over
>>
File: 716jknt8FqL._AC_SL1200_.jpg (133 KB, 1200x1162)
133 KB
133 KB JPG
>>102658477
You got USB 3.0 in that sucker? What are you hoarding fren?
>>
>>102658665
i don't even have a password on my wifi. i live in the woods nigga only people around here are lost and worried about getting deliverance'd
>>
>>102658632
>microcode updates
what are some useful microcode updates in the last 30 years where not updating means immediate loss of data in a firewalled Linux home server behind a nat?

please provide some examples
>>
>>102658818
Very recently Intel shipped some shit voltage controls and fixed it with microcode. I know it doesn't apply to older hardware but microcode updates arent all worthless for home servers.
>>
muh validated configurations
>>
>>102659023
sure but it's not the same thing tho
your scenario: faulty meme hardware noticeable from day 1
the scenario i enquired about: absolutely no issues for years, then some flaw gets exposed after EOSL, then i lose data because i dont update
>>
>>102651155
>miniPC with two LAN ports
Built in or you added extra one?
>>
>>102659434
It was noticeable because not every processor is the same quality. The shitty ones failed while the good ones passed validation. You could have a good one that goes a long for years until the voltage finally does enough damage. It's not the same, yes, but you've moved the goalposts already.
>>
File: b98.jpg (65 KB, 600x660)
65 KB
65 KB JPG
>>102659039
i validated the configuration of my home server against the requirements & standards that came to me in a dream after sniffing paint
>>
>>102652871
modern IT people are extremely weak in networking
>>
>>102651582
wtf did i just read
>>
>>102659618
blame cisco.
nigger if you want me to use your equipment then let me learn to use it without assraping my wallet.
>>
>>102659678
This is why I've built a lot of my own networking stuff from scratch with just linux and iptables.
>>
File: 1722997844929763.png (331 KB, 1137x860)
331 KB
331 KB PNG
>>102659618
that's good, means more job security for me
>>
>>102651155
this is a fools errand
>>
>>102659678
you can buy a 3850 on ebay for ~$50 right now and run it full featured without any licenses. it's not a problem of pricing, it's a problem of being too scared to even look.
>>
>>102659549
>but you've moved the goalposts already
no because see, you started it. in your example how exactly does a defective 14900K make you lose data?
on Linux you may get some segmentation fault in some cpu intensive operation (which could happen at any time with any piece of software. bugs exist) or a kernel panic (which happens all the time, happened to me after an update last week) or a sudden restart\shutdown (in which case if your server&data gets rekt by a sudden shutdown you got bigger fish to fry than a faulty cpu)

so if a faulty cpu fucks your whole shit up i dont know what to tell you buddy, i guess learn2backup, 321 rule and so on.
yes we're talking 'home' servers, but still servers that should be maintained under a minimal common sense etiquette.
we're not talking losing a WoW match due to a bluescreen, sorry that's not "losing data", so i dont see what the fuss is about there except a bunch of people scammed by Intel.
>>
>>102659843
okay okay i'll buy one when i get a job. sheesh
>>
>>102650557
>Started and owns a multi-million tech company
>Guys can I run a server on this desktop hardware
LMAO
>>
>>102650392
>>102650485
Wasn't it just the 225? The 226s have been rock solid in my MS-01, one is a wan port dedicated to an OPNsense VM and the other is just exposed to the OS, no issues so far with the network dropping.
>>
>>102655020
>We made just under 10M last year
>Wants a side hustle selling VPS services from his desktop PC
Lol
>>
>>102659940
NTA but this post reminded me to ask something here
Were there ever any issues with Killer Nics on Linux that you are aware of?
>>
>>102659940
And even the 225s have firmware fixes on Linux (but not Windows last I heard). It's honestly all bullshit, you'd think from this thread that Intel is shipping mass quantities of broken NICs but no, it's just this thread being autistic as usual.
>>
>>102637353
ZFS for ram and complex setups
BTRFS for simple setups and constant fear because no one can make up their mind if BTRFS works or still in beta
>>
>>102657600
there is some vendor lock in, yes, but there are also pushes towards standardized systems like sonic, and all the big boys have their own software defined networking shit, like where they deploy images to FPGAs to do their routing

at home I just use web UIs since I don't change stuff very often, and my gear is old/incompatible with anything standard

if the gear runs linux underneath and the drivers are good, you can get very far with normal linux controls e.g. https://ipng.ch/s/articles/2023/11/11/debian-on-mellanox-sn2700-32x100g/
>>
you guys like Epyc? i got like $5000 to spend on a machine for scientific computing (it will mostly be a jupyterhub vm) and i want to get the most bang for my buck. is the platform mature enough to not give me any headaches?

also, where do you guys (burgers) buy your shit?
>>
File: file.png (462 KB, 760x380)
462 KB
462 KB PNG
Ive been looking to make my own server as well but i wonder what software i should use... My goals are:
- File storage and backup + redundency
- Security camera footage storage, 1 month is enough
- VPS for Minecraft server / Web server hosting, optional docker
- VPN and DNS + ad blocking
- Jenkins build enviroment

Is there one solution for all this or do i need several applications?/ Will proxmox do the job? I really have no idea
>>
>>102662109
Ubuntu
Samba for intranet next cloud for internet for storage
Backup can be raid 1 or just run raid 5 depending on what your hdd situation is. Snapraid as well
Blue iris for cams
Docker is good
>>
Is there any way to use bonding with non 802.3ad compliant switch?

What I want to do is to create a bond between my two NICs and treat them as one interface (for performance and reliability). I don't have multiple switches available so they are both connected to one switch. This switch is unmanaged, and does not support 802.3ad. So far I've ran into dmesg telling me that I have created a loop and that switchports that the machine is connected to, are not supporting 802.3ad, although I've read that for some bonding modes I don't need 802.3ad support? I kinda don't know where to go from here, will I need to buy a new switch to support something like this?
>>
got a new mini pc that replaced my aging n3000 mini pc as my homeserver, and now i don't know what to do with it

i was thinking turning it into a router/firewall, but the only issue is the lan port is dead and i'd have to use two usb ethernet nics, how bad of an idea is that?
>>
Does samba on linux support proper file permissions yet or are you still stuck between either everything being executable (755) or being not executable (644)?
>>
>>102662109
Do baremetal at home. What else do you need? Commercial ISPs don't even change IPs anymore.
>>
>>102663965
Yea ill do my own hardware, im just wondering what software I should use for virtualization and disk raids and so on, would be neat to have a dashboard of whats happening
>>
>>102664019
>would be neat to have a dashboard of whats happening
systemctl tells you if your services are up and running
servers should solve problems, not look cool
my headless server does all that: it runs in the background without me even lifting a finger or having to check on it
if a server solves actual problems you'll be pretty fucking fast noticing if a service is down
if you don't notice that without a dashboard, it's just a time wasting distraction and not solving a problem

install mumble/murmurd, VOIP with friends. have a basic fileserver to share stuff. have network shares to move data from your desktop to it. nothing of this requires any monitoring.
>>
File: s-l1600.png (1.59 MB, 1600x1200)
1.59 MB
1.59 MB PNG
>>102663565
>two usb ethernet nics, how bad of an idea is that
Not amazingly reliable long term but personally i would get some OEM ones, still the same chinkshit but at least they went through a minimal screening
There are people on ebay selling the slightly used or unused usb-rj45 adapters that were available as addon parts for minipc's, thin clients, sff machines, and so on. Again, same chinkshit, but at least you know they worked, someone got his job done with them, instead of some aliexpress mistery meat possibly DOA possibly wake up one day and get 10mbps for no reason.
Also get an extra one for spare, dont get exactly two.
>>
>>102664066
It would be more of a hobby than solving any problems for now but I see your point, ill try just going at it like that and ill see where I end up, thanks for the advice :D
>>
>take old pc i build almost 15 years ago
>put all hdds inside i can
>slap on OMV and jellyfin for my first home server
yes or no?
>>
>>102663279
layer 3 equal cost multipath
>>
>>102664226
>slap on OMV
yea or just cockpit-storaged
>>
does anyone use freebsd/truenas over linux for their nas?
does byhve perform as well as qemu/kvm? does it support pci passthrough as well?
>>
>>102662109
You clearly need virtualization. While you could get away with Docker, Virtual Machines provide a better isolation. I suggest you Proxmox, create a Debian Bookworm template and start from there.

>>102663279
>Is there any way to use bonding with non 802.3ad compliant switch?
You can, yes. There are a couple of bonding algorithms that work without the need of a 802.3ad switch. They' only work on Linux, the most popular ones are called
balance-alb
and
balance-tlb
. balance-alb is my favorite one as its allows to aggregate bandwidth even on a single connection, however it has a couple of caveats:
>It is not "smart" like 802.3ad in the sense that it is working all the time and it imposes a great strain on your switch as it uses MAC/ARP fuckery to trick the switch
>You may encounter problems with services that rely strictly on MAC/ARP instead of TCP/IP

Just for the record a simple google search could've tell you this.
>>
>>102664226
You'd be better off just using vanilla debian instead of omv
Or truenas scale, i guess it doesnt really matter
>>
>>102662109
You can probably use docker/podman or lxc to do all of this in one box. You should probably have some kind of backup system incase your main server fails
Distro doesnt really matter, you just got to make sure you look up how LXC and docker/podman works. The minecraft server / web server host might be better to be isolated in lxc or something and the rest can just be docker or from your package manager
>>
>>102659678
Nigger why are you still buying equipment for learning? It's an all-remote world now, Cisco wants you to lab remotely with CML instead of purchasing EOL hardware sourced illegitimately. And it won't cost you much at all to learn remotely.
>>
Proxmox is the most overrated bloated piece of shit ever
>>
>>102664776
Point me to the better alternative then. It's going to need:
>High Availability
>VLAN configuration per-VM
>PCI passthrough configuration per-VM
All from the web ui
>>
>>102664019
ESXi and Hyper-V are the most supported hypervisors out there. Nutanix (KVM) and KVM are behind.
>>
>>102664066
>install mumble/murmurd
Nobody uses Mumble in this age, when Signal, Microsoft Teams, traditional VoIP telephony or Cisco WebEx and heck even Discord exists.
>nothing of this requires any monitoring.
Yes it does, if you want to be a responsible being.
>>
>>102664226
No, because OMV does not have long-term support and only gives 4 months or less time to upgrade from a previous version to the latest before the previous version goes EOL. Heck it doesn't even have commercial support available, to ensure its success as a product.
Also no, because desktop PCs are not good as servers from remote management and security perspectives, and because you have a pile of hardware junk that should be taken to the bin.
>>
>>102664776
Proxmox VE is not even overrated in the enterprise space. It's not ready for medium-large enterprises for several reasons and shortcomings, even with Veeam support, when compared to Hyper-V or VMware ESXi/vSphere.
>>
>>102663565
Mini PCs are not suitable as servers, at home or not.
USB NICs are a terrible idea for any server for reliability and the likely lackluster feature support for e.g. SR-IOV or RDMA support. Repeat after me: Server grade and reliable USB NICs do not exist.
>>
>>102664627
>>102664725
>>102664799

Thank you for pointing me in a direction, I will research everything you guys have suggested!
>>
>>102662109
>>102664725
>Distro doesnt really matter
But you should probably still use Ubuntu or RHEL for guest VMs, as they are the most supported and used GNU/Linux distros with kernel livepatching support and commercial backing for their success.
>>
>>102664787
why does it need to be from a web ui?
are you that scared of using a terminal?
>>
>>102664959
NTA, vSphere is managed from either the web UI or with automation tools such as Terraform (from the CLI). Using the ESXi Shell is an exceptional event.
>>
>>102664019
>virtualization
Just use libvirt, you can install virt-manager to manage it on either another system or the same system with x11 forwarding/waypipe, theres also virtlyst and cockpit(but its terrible)
>>
>>102664845
>>102664942
>enterprise schizo
>>
>>102664959
Bro in the past I've configured my shit on the terminal every single time.

Web UI just saves time
>>
>>102664942
Im most familiar with Debian as it is my main OS however I will look into what the advantages of Ubuntu are, thanks!
>>
>>102664959
I want my wife to be able to see whats happening as well, I think it will be a good way to show her how cool tech can be
>>
>>102665087
writing config files on the terminal and backing them up saves more time than clicking through shit in a web ui
>>
>>102644078
If you want to keep the data that's on the drives now, it probably won't work unless you had each drive on the P410 controller setup as it's own RAID0 array. HP is actually great for migrating arrays between different Smartarray controller generations (I recently moved a big RAID 10 from a P410 in one server to a P440ar in a Gen 9 server with no issue) but the SATA controllers are part of the Intel chipset and won't understand the RAID configuration. I think drives setup as their own, single drive RAID 0 arrays will be detected by the SATA controller but you probably want to test that out first. HP also offered HBAs in addition to their full RAID cards, and an H220 or something similar might let you migrate easily and retain the cabling setup you have now. Just another option.
>>
>>102665224
There isnt really any advantage to ubuntu, staying on debian is fine.
>>
>>102665258
No, it's not. And you're delusional if you think so
>>
>>102664748
CML doesn't allow you to learn about data plane functions, only control plane.
>>
>>102661097
bump
>>
>>102665395
Get a used Optiplex and a RTX A6000
>>
Tangentially related story time.
>going thru all the old PCs I've accumulated over the years seeing what I have on hand for a NAS build, and tearing stuff down to base level components and inventorying. Mostly retro stuff but some serviceable stuff too.
>Find GFs old Cooler Master HAF XB Evo build
>Ryzen 1600X ASRock X370 Taichi
>She always reported weird flaky problems - Namely USB ports randomly not working.
>Did a prior cursory look at it at the time (1+ years ago) and didn't dig too far into it but blamed it on a flaky board. She had had these problems since new but they came and went and she never pushed the issue till later. Dealt with this shit for years.
>Finally upgraded this year so I got her old machine
>Doing teardown to separate out components
>Get everything removed
>Notice that the board has 10 fucking SATA ports built in.
>Welp found my new NAS board.
>Cold feet due to the flakiness reported above but if I have good backups then who cares
>Cleaning out the case, it has a little backplane board for a pair of hot swap bays on front. Why I have no idea. Because cooler master I guess.
>Go to move the SATA power cable out of the way to remove an unrelated cable
>Notice the middle of 5 soldered pins on the hot swap backplane SATA power cable was completely loose.
>2 of her hard drives would have had insanely flaky power for that PCs entire life
>Never reported any data loss or anything
Surely this was causing the other flakiness right? Especially if it was making one of the PSU rails sag due to voltage fluctuations? Surely this board is safe to load up 100TB of data on and forget about in a corner for years, right? PSU used was a 700W Thermaltake from like 2014 btw.
How much do we trust ASRock here?
Guess only way to find out is to load something up in a fresh build/case/PSU and see what happens.
>>
>>102665557
Nice, go for it
>>
>>102664995
virt-manager is deprecated in RHEL 8 and is mostly obsolete now.
>>
>>102665743
it works perfectly fine and better than whatever shitty frontend you're using
>>
>>102665269
This is untrue. Ubuntu has a much higher security standard, Canonical generally pushes out patches faster than Debian's community does.
Ubuntu Pro has tools to audit and configure against CIS benchmarks. Debian doesn't.
Debian also doesn't have first-party (free) kernel livepatching support, unlike Ubuntu (with an attached Ubuntu Pro subscription). It's a paid, third-party option in Debian.
The wider software ecosystem most often supports Ubuntu, but may not have support for Debian.
>>
>>102665297
works on my machine
people dependant on web guis because they refuse to use the cli are calling other people delusional?
>>
>>102665780
They don't need any of those enterprise features. Debian is fine.
The wider software ecosystem supports debian and then rebuild to repackage for ubuntu.
>>
>>102665770
Let the SPICE protocol and its H.264 video rest already. oVirt and anything SPICE is dead.
Any SPICE USB passthrough issues since virt-manager 8 also won't be fixed.
>>
>>102665780
Why do I need kernel livepatching on a home server
>>
>>102665900
You don't. But it's nice for nearly immediate and unattended kernel security vulnerability patching, for higher availability.
>>
>>102665825
>people dependant on web guis because they refuse to use the cli are calling other people delusional
NTA but yes
my few clicks (or taps on the phone) are always faster than you typing several paragraphs of scripts commands and parameters
>>
>>102665986
>several paragraphs of scripts commands and parameters
i don't think you've ever touch the cli before
>>
>>102665857
There's nothing wrong with spice
And for the record, proxmox also uses spice, so does cockpit.
Spice is not some virt-manager exclusive thing, i dont think you have any idea what you're talking about.
>>
>>102666115
i dont think you ever made you own web UI with a menu where every button is associated with a different bash script that you wrote and thoroughly tested, to the point of having a collection of 90 menus where you can pull any common task you could think of on your home server.

for example i have a quick menu for
>put all usb devices to sleep, collect all smart data of all drives and the last 'n' lines of every relevant log (where the logs are selectable from a dropdown menu) print them out into a nice pdf like a newsletter, then mail it to this address (where the address is also selectable from a dropdown menu)
could you write all that in the two seconds it takes me to press four buttons on my tablet sitting next to my bed?

try thinking outside the box sometimes instead of looking at web UI solutions like they're some sort of retarded monolith that could never be edited or improved.
>>
>>102666366
if you already have the script written how does running a single script take more time than clicking a button
>>
>>102666366
there's nothing saying the same bash script with several paragraphs of script commands and parameters you wrote in advance being used on a web gui cant also be used in the cli
don't know why you think that people dont write shell scripts to automate stuff in the cli or why it would be a web-gui exclusive thing.
>>
>>102659618
>modern IT people are extremely weak in networking
extremely weak in automating tasks too
they think more typing is good, like a 1950s secretary getting paid by the number of pages they churn out on their typewriter
>ah yes, did so much typing=work today, my job is so stressful but so rewarding, i am finally home taking a break from typing=work

also some sort of unconscious cultural contrarian position to everyone around
>i'm typing, UNLIKE THOSE PEOPLE WHO JUST TAP TAP CLICK TAP. notice me sempai i'm typing, my friends call me Neo
>>
>>102666546
>>102666488
>>102666443
>>102666366
>>102666135
>>102666115

new thread you guys:

>>102666583

>>102666583

>>102666583
>>
>>102665491
my workload doesnt use GPU accel.



[Advertise on 4chan]

Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.