homelab

About a year go I bought one of those fanless four port routers. Ordered one with a celeron, they sent me one with an 11th gen i3. Since then, core temps will regularly spike to 100c and it will throttle. Took it apart and found this as a cooling solution, which I’m sure would work fine with a celeron, but they gave me an i3 1115g4, with a base frequency of 3.1ghz, which can’t dump heat into this aluminum slug fast enough. The bios does not let me lower the clocks, or save power anywhere else. My only solution to make this work is to improve the cooling solution.

Would love to do a tower cooler, but can’t find any place that produces one that will fit my mounting holes. Been looking at laptop solutions as well, but again I am running into bracket and mounting problems. Nothing shows dimensions so I don’t waste time and money on solutions that don’t fit.

I have found copper shims, ranging from .3mm to 1.5mm thickness in a 20mmx20mm form. The aluminum slug they used is 45x25x2.73. If I stack these shims with thermal compound in between, would I get better thermal conductivity than just the aluminum slug? Are there any better ideas than what I am coming up with? Would it just be cheaper to buy another router that is cooled correctly?

I currently have several VLANS (management for network devices, iot for smart devices, infra for security cameras and NAS, one for personal devices, anothe for guests, etc.

Currently I'm hosting a game server which is exposed to the outside world and am thinking of adding a couple more similar services.

Is it best practice to put such machines on their own isolated VLAN to minimize their attack surface?

Am gizmo shopping and would like some smart door locks. Figured y’all might have some recommendations on things that play nice with Home Assistant if networked, and generally don’t suck.

Features I think I want (but open to opinions/suggestions):

• physical key backup in addition to numerical keypad
• rfid so we can use our lovely magic rings
• enough distinct keypad codes that 4 family members and maybe half a dozen others can get their own
• not fugly (current door hardware is black)
• cheap enough that I can get 3 of them and still eat this month
• I’m wary of Bluetooth, but that might be a holdover from old versions that used to be insecure af. Not really up on it any more from a security standpoint.

Any of the above can be compromised on if my assumptions are wrong. Open to any suggestions. Thanks in advance!

I have a few VLANs, and in each one I basically have it organized like this:

• Determine whether or not that device will need internet access, and add to an alias if so that will give it port 80, 443 and 123 and whatever else may be needed for wan on that VLAN (for example, ports to connect to blizzard, steam, etc).
• Some devices (like my home assistant server) will get access to specific ports for MQTT, to talk to my LG TV, etc)

Is that best practices, or is it better to basically have each device listed with the specific ports they will need? The only problem I can see with they way I have it now is that some devices that get glommed into the wan alias will also get access to ports they do not need. Eg. A phone that is in the wan alias may also get access to blizzard, steam ports, etc.

Pic

Hey!

I wanted to secure my Proxy with Crowdsec. I followed this guide here:

https://www.crowdsec.net/blog/crowdsec-with-nginx-proxy-manager

Everything worked fine. But: When i go to the Crowdsec-Controler Server Dashboard, i get a notification that the bouncer for the proxy is "inactive". When i reinstall the bouncers it will be registered, and the bouncer will be online for a certain time. But it seems like its only calling the crowdsec-server ONCE, then going offline.

Has anyone had a similar error and can maybe give me a hint?

Thanks it advance!

Hi, could you help me and recommend a good upgrade for my (dated) home server?

I'm currently running Unraid on an ASRock H97 Pro4 and an Intel Xeon E3-1231 v3, together with 24GB DDR3 RAM, a NVIDIA GTX 960 (for hardware transcoding) and a few old, mismatched HDDs. I chose this hardware mostly, because it was cheap/easy to get or I had it laying around. The server is primarily running Plex and the *arr-Stack, as well as smaller, less demanding applications and is showing it's age. I also want to add a VM for my wife or occasional guests to game on. Because of this, I think it's time for an upgrade, but I'm not really sure, what hardware to choose.

My current requirements would be the following:

• Should be able to run the following applications easily
  • Plex (2-3x 1080p should be enough, but a little bit of overhead can't hurt)
  • Sonarr/Radarr/SABnzbd
  • Tdarr Server + Node to transcode new media in the background; this is mostly for space savings. I'm currently running the node on my gaming PC, but want the server to do this in the background 24/7
  • overhead to do a little bit of tinkering and running smaller applications; I think, most of the load will be from Plex, Tdarr and the other *Arrs
• At least 6 SATA connections OR extra space for an adequate HBA card
  • I want to connect 3-4 Drives and have the possibility of adding some later; Querstion: What drives would you recommend? At least 10GB per drive. Im currently looking at 3x WD Red Plus 10 TB (one as parity).
• 2 M.2 slots
  • a dedicated cache drive (for IO) as well as a drive to put the VMs/Appdata onto; Question: Is this even needed, or would one (bigger) SSD be enough?
• dedicated GPUs for Plex/Tdarr hardware transcoding as well as gaming so I can assign each to the relevant VM (one will probably be windows)
• be future-proof so I don't have to upgrade again in a few years
• adequate power consumption (assuming an idle state without active gaming or transcoding); I also want to reuse the 500W be quiet! Pure Power 11 CM I already got.
• fit in the Fractal Design Define R5
• 1GB ethernet
• be as quiet as possible
  • I already got noctua case fans and will probably throw an NH-D15 on the CPU

I'm especially unsure regarding the choice of Motherboard, CPU and GPU(s). I looked at the X570 FTW WIFI ATX Motherboard with a Ryzen 5800X to get good, future proof processing power and all the features I need, but am absolutely unsure if thats overkill or not. As GPUs I chose two GTX 1660 Super (for now), because I found recommendations for this card for transcoding as well as playing current titles on medium to high settings. Here I'm unsure if it is overkill for transcoding and maybe a bit dated for current gen gaming.

If possible, the parts should be buyable new, as thats way easier for me, than hunting on the used market.

I’m very new to home networking. I’m not new to computers (hardware or software) - but for whatever reason, anything network-related has always been an enigma to me.

That said - I just got a new (to me) server. It’s a beefy one (made a post about it in another community). And so I figured why not just start playing around with Proxmox, learning some new things and spinning up a bunch of random VMs and whatnot.

I figured the first step would be to set up something such that I can connect to my computers from anywhere - and I’ve already done so. For that, I used Tailscale. But my question, I suppose, is now that my computers are on the internet (as in, for real on the internet, through Tailscale) - are there security precautions I have to take now and things I need to be more concerned about? Do I have to set up my own special firewall to make sure I don’t get hacked or something? I am honestly pretty clueless in that whole domain. So… ELI5 what I have to do, security-wise. Any and all help is welcomed and appreciated.

Bonus question: beefy server is beefy (yes yes, lots of power consumption, I’ve already come to terms with it. About 200W idle and should run me ~$40/mo.). Dual 18-core E5-2699 v3s. 768GB of RAM. More SSD storage in both boot drives and storage drives than the average human would use in a thousand years (SAS, SATA, & NVMe). I asked this over on c/piracy - what should I do with it? I’ve put Proxmox on it, and as said above, plan on learning things about VM hosting and different operating systems and whatnot. I’m also planning on hosting my own Jellyfin server. But… what else? Does anyone have any good ideas for any (non-GPU-intensive) things I can do with the server? Anything and everything welcome, lol - I wanna have fun with this thing!

TIA for the responses :)

I have a z800 that is now thoroughly obsolete, but really like the form factor (feels very sturdy, built in handles, drive trays are nice and solid, form factor stacks with other stuff nicely, built to handle hauling around without falling apart).

I want a system that I will have a good number of cores to split across VMs, but it's hard to justify a z840 right now when even the fastest CPUs I can throw into it won't significantly beat the perf I get from my m1 pro MacBook.

What workstation alternatives have y'all found that would give me significantly better perf than I already get from my MacBook, with the kind of build and ergonomics of something like the z8x0 platform?

I'm planning to buy Smart TVs for my house and I wanted to know which TV OS has better support for homelab media apps.

Self-Hosted apps:

• Jellyfin
• Immich
• Nextcloud Memories
• Funkwhale or Navidrome or Mopidy
• AudioBookShelf

Non-selfhosted apps I use:

• Steam Link
• All Streaming apps (Netflix, Disney+, etc.)
• YouTube, YT Kids
• YouTube Music
• Spotify
• Audible

I thought would ask here (just joined the Lemmy world) but surely there must be a truenas community somewhere on the Lemmy world? Any Truenas users here?

So with Crypto mining being less profitable and miners selling their rigs for cheap I thought how can I get my self a cheap managed network switch. I saw mining motherboards with 12 PCIe 2.0 1x slots(4gbit bandwidth) and tought hey if I plug in some cheap 10g 2port network adapters I can make my own network switch with exactly the ports I need(SFP+ rj45). Put opensence on it and boom Managed network switch with multigig(2gbit per port). Is there something I am missing or have I found a way to get cheap multigig? Also can anyone who has a 10g only network switch tell me what kind of power it is using per port so I can compare? Thanks for debunking my idea and saving me a few bucks.

The 10GBase-LR is 1310nm and the QSFP-40G-LR4 CWDM channels are 1271, 1291, 1311 and 1331 nm. Are the 1310nm and 3rd channel 1311nm technically compatible?

I have a 10Gb and (will eventually have) a 40Gb switch both fitted with basic LR (Q)SFP+ transceivers and want to know if I can directly connect them or will I have to use an adapter to fit an SFP+ in an QSFP+ port?

I'm looking at using the XQX2502 QSFP+.

I installed opnsense on an i5-6500T (native, no vm) but it looks like the performance is very bad, most websites are timing out.

everything is turned off, there's no packet inspection or blocks, even the unbound dns server is not used (using a DC for that)

it's the computer that's underpowered, or i did some mistake in configuring it? Using two routers in the networks for my convenience

Btrfs gets a bad rap sometimes but I have been using it for years and it works very well. It is able to take failing hardware and power outages and still has good performance.

Hi!

So I did the hardest parts (buying and assembling, and setting up unraid) and got to the "fun" part (actually putting things on unraid) and now I'm just frozen in indecision and well... not knowing where to start, really.

I have a NVME ssd for my flash and two 8 TB HD, one to hold info and the other for parity.

I want to create an area for NAS - Storage of photos; stuff I want to share between android phone, computers and IPAD

I want to set up (probably plex) and the *arr stuff for video and such

and I assume at least some of the above will be in docker containers? Or are they better not?

I was also thinking of a pi-hole and wasn't sure if I could throw that in a docker instance?

I assume I should also... like... protect this with... sssstuff? But also since I'm mostly going to be using it LAN (though I could make it accessible openly?)

Honestly I am out of my depth.

It's not that there's no information, there's just too much information and I don't know how to sort through it and find answers that will be helpful to my situation so I was hoping some of you friendly people would make suggestions or help. (I'm headed to bed just about now but will be probably tooling around on my phone and will respond when I wake up too.)

Thanks!

Got these two servers for free, they are pretty fun and nice to use!

I would like the end result to include remote and encrypted backups.

I’m considering maybe a Synology NAS with an APFS partition for Time Machine and a BTRFS partition for Linux backups.

The Linux laptops might backup to the NAS with Restic.

The Synology NAS might then backup to BackBlaze or another cloud using Synology’s Hyper Backup or also Restic.

Have I missed a better plan?

So I was recently gifted some Mellanox 40gig network cards that I installed in my NAS and my desktop and connected with AOC fiber. I gave them both static IP addresses on their own dedicated subnet that's not used anywhere else in my network. I was able to run iperf3 between both computers, and that worked exactly as expected.

At that point, I edited /etc/fstab to update the IP addresses for my mounted network shares. I ran # mount -a successfully and thought all was well.

The problem is, my computer defaults to my one gig lan connection for some reason, despite the entries in fstab using a completely different subnet.

The only way I've found to force it to work properly is to disable my LAN connection, then remount the network shares, then reenable the LAN port.

On one occasion I noticed that a file I was duplicating on my NAS was being downloaded via my LAN to my computer to duplicate, then being uploaded back to the NAS via the fiber connection.

Does anyone have any clue why this may be happening or how to fix it more permanently?

The NAS is Debian, my desktop is Manjaro.

services:
  db:
    image: mariadb
    restart: always
    command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
    volumes:
      - ./mysql:/var/lib/mysql
    environment:
      - MYSQL_PASSWORD=supersecretpassword
      - MYSQL_DATABASE=nextclouddb
      - MYSQL_USER=nextclouduser
      - MYSQL_RANDOM_ROOT_PASSWORD='yes'

  redis:

    image: redis

    restart: always

    command: redis-server --requirepass supersecretpassword2

  app:
    image: nextcloud:27
    restart: always
    ports:
      - 8080:80
    links:
      - db
      - redis
    volumes:
      - ./html:/var/www/html
    environment:
      - MYSQL_PASSWORD=supersecretpassword
      - MYSQL_DATABASE=nextclouddb
      - MYSQL_USER=nextclouduser
      - MYSQL_HOST=db
      - REDIS_HOST_PASSWORD=supersecretpassword2
    depends_on:
      - db
      - redis
  cron:
    image: nextcloud:27
    restart: always
    volumes:
      - ./html:/var/www/html
    entrypoint: /cron.sh
    depends_on:
      - db

I've been running a full tower Windows server with a dozen drives for a decade and decided to downsize. This ministack does everything I need at a fraction of the power, noise, and heat.

I use it primarily for Plex but also host a few games servers for buddies. It fits perfectly in my entertainment center.

Spent around $200 on the Mac Mini plus $600 on the drives and enclosures. I'm using SoftRAID for RAID1.

Currently, I am have a VMware vCenter 7 4 node cluster. These are the Lenovo m920q machines with 64GB RAM each. I also have a Synology 4 Disk NAS too.

I deploy standard VMs and Rancher k8s clusters and use full automation (mainly Terraform) to build everything.

Why VMware? Mainly to get experience on it.

Why am I interested in OpenStack? Mainly because I have used it before and really enjoyed that experience as it feels more like a true cloud environment.

So, my question is this.... Has anyone switched one way or the other? Were you glad at switching or do you regret it?

If you did switch, what is a good way to setup multi node OpenStack? I see people recommend at least one separate controller vs the compute nodes?

For the last 6 months or so I've been working on Pinepods. I have never been able to find the perfect self-hosted podcast app that I wanted to use. podgrab's player is rather lackluster and misses a lot of features that I would like.

With Pinepods you can play, download, and keep track of podcasts you enjoy. It allows for searching new podcasts using The Podcast Index or Itunes and provides a modern looking UI to browse through shows and episodes. In addition, Pinepods provides simple user managment and can be used by multiple users at once using a browser or app version. Everything is saved into a Mysql database including user settings, podcasts and episodes. It's fully self-hosted, and I provide an option to use a hosted API or you can also get one from the podcast API and use your own. There's even many different themes to choose from! Everything is fully dockerized and I provide a simple guide found below explaining how to install Pinepods on your own system. It’s also super easy to import podcasts from any app using OPML files.

There's also lots of modern features like MFA, self-service password resets, and some Podcast 2.0 functionality (more to come)

In addition to all that, I've built a client version of the app that can connect via API to your home server over something like a reverse proxy or tailscale.

Pinepods just had is on version 0.3.1 with all the basic functionality implemented. Currently, you're likely to experience issues, but I certainly invite pull requests or opening issues if you have the time. You can also get setup assistance on the discord server. I invite you to try it out!

Check out the official site here:

https://www.pinepods.online/

Github here:

https://github.com/madeofpendletonwool/PinePods

Discord Server:

https://discord.gg/bKzHRa4GNc

Do your chats look like this? Do you always forget which contacts use which apps? Do you wish there was a way to have all your chats in just one place?

In the following guide I'm going to show you how to use Matrix to achieve your dream of an all-in-one chat app, by using Matrix bridges and securing the connection with Cloudflare Tunnels.