Selfhosted

I actually just wrote about today's fun experience! https://gotosocial.michaeldileo.org/@mdileo/statuses/01K7YKQ9584YBY1QTYQ8RMW7SS

I've been deploying Gitea (or Forgejo, still can't decide), but I've fallen into the Ansible rabbit hole and can't get out. Also learned Terraform in the last week and I'm still on the fence about using it in my homelab. It's nice for the cloud but I don't think it's as useful on-prem.

I finally got my home services covered with my website's wildcard ssl. Which is great, because now I can setup ELK Stack and setup an auth portal on my vps, and get Plex and gitlab out of the house securely.

I got tailscale cert to work but I feel kind of bad about learning tailscale instead of headscale

I actually did something for quite a while. Finished long overdue wiring for outdoor access point and one more camera, replaced a main switch since the old one started to behave unreliably, installed frigate (which still needs some work), cleaned up some wiring while messing around, updated a bunch of firmwares, replaced switch in garage to managed one and made some changes on my workstation and some other minor stuff.

Next would be to move cameras into their own VLAN and harden that setup a bit. And I really should get around on better backups for my VPS. But it's a new week coming up, if the work isn't too busy I might get something more done.

I migrated iptimr-kuma to the new v2.0 release. The DB migration took a long time. I learned I probably should have run the vacuum command before the migration, but I never noticed the button in the settings before.

Also preparing Jellyfin for its new 10.11.0 which comes with another long running DB migration.

I threw a thinkcenter in my laundry room and did the bare minimum to securely SSH into it (fail2ban, nonstandard port, root login disabled, can't login with password, etc), to be used as a testing platform for building my workplace a new website.

Just gotta relearn HTML/CSS and figure out what platform to use.

Also set up traefik/Authelia/maybe Anubis for the new domain and block any access outside of my home or workplace.

At this point my whole setup is mostly in maintenance mode - I've got everything I need up and running, making some minor changes here and there (like swapping out StirlingPDF for Bento), and keeping things up to date. I only started this hobby about 6 months ago or so, and I'm really satisfied with where things are at. We'll see when the next Big New Thing arrives.

Finally finished setting up and testing a Peertube instance. The video stuff and object storage related things certainly make it more involved than other fediverse software, but overall it is working quite nicely. Just need to find some workable solution to using GPU acceleration in containers, but I think I mostly figured it out (might work after a server restart, but my sweet, sweet uptime makes me procrastinate on that 😅 ).

I've been trying to convince a VPS to run two instances of mariadb - one for local databases, one to replicate the homelab. Got mariadb@server and mariadb@replica sorted out through systemd, but now stuck on replication from mysql to mariadb. Looks like I'll be ripping out mariadb and putting everything on mysql.

I have noticed that Microsoft and google are trying to scan my domain for /php-myadmin and similar links that I thankfully do not have.

I had already fail2ban running but it failed to ban a single IP. I did setup custom filters that would ban admin panel scanning attempts but somehow now it also bans my home IP and my phone 5G ip sometimes. No idea how to fix it so far. Also, this filter/jail doesnt necessarily jail everyone attempting to reach these links, just sometimes it does.

Updated to OpenSuSE Leap 16.0 with the autotool and it broke some things, but nothing terrible. Had to fix network config and add back Packman for ffmpeg for Jellyfin to work but that was about it