• 0 Posts
  • 32 Comments
Joined 1Y ago
cake
Cake day: Jul 21, 2023

help-circle
rss

This will be the spec for my next server. The current one is smaller, and several years old

I have several different requirements for my server, for example, my son does video editing and needs lots of storage. I want to experiment with more VM’s and containers, therefore RAM and threads.

Do you think people just beginning could get buy on 4 cores and 8 GB RAM for a while?

For most people I think they just want to have some NAS and a reliable machine. But please grant them 16 GB, otherwise they would ask why their laptop has so much more than their server :-)


I would absolutely want the extra router because most people have one from their service provider. For self hosting, you want an additional router with your own software.


The hypothesis is that $150 of equipment to avoid dozens of hours of software configuration

OK fair try, but you also need to sell me 20-25 TB of disk space on 5 spindles (plus a SSD for the bootdisk), 64 GB RAM (with a chance to go up to 128) and the CPU must have 16 threads or more.


even allowed in Germany?

Yes.

works well on my LAN network, but when I try to make the server accessible via a DynDNS service

I guess your Fritzbox does NAT for your LAN. Then the dyndns address works only when the client is outside.


I guess you need to “zpool import -f” because your system has crashed before and did not shutdown properly.

After reading again, I understand that your pool is alive and well. It is just not mounted anywhere.

Look into /etc/fstab if you find the correct mountpoint there. Then tell it to your ZFS with "zfs set mountpoint= "



Define, what does “git” mean to you?

The core git is a peer to peer system. You don’t need any server at all. It runs on all of your dev’s workstations anyway.

If you want a webserver with gitlab etc. on top of it, then that determines most your needs. In addition, a properly set up nameserver is very helpful, and maybe you want even an Active Directory?


What am I missing out on as a regular internet user by using the default equipment.

You miss an understanding about what your devices do. Including the devices you got from your provider.

As a consequence, you remain clueless when your devices get attacked and taken over.

What am I missing out on as a self-hoster by using whatever equipment metronet gives me?

You miss the chance of securing your network.

As a self hoster, you are a little bit more attractive, and there are more possibilities of attacking your devices, than a typical PC or mobile user.

My suggestion is an extra router with OpenWRT between the metronet device and all your other stuff. You will get some better understanding just by configuring your OpenWRT for the first time. Their documentation is very good.


Usually I want to see the BIOS settings at least once. So that’s enough reason to carry a keyboard + monitor there.

Otherwise that network boot option with a TFTP server comes to my mind. But I have never tried it on a new, empty machine.



My real server (Nextcloud/NAS/several more vm’s) uses 28 Watts on average. In addition, there is one Pi 4B running, and I don’t even know it’s wattage.

I’m planning on replacing the real server with a new one, with lots of cores and approx. 50 Watts then.


Don’t forget to ‘export’ the zpool before moving the disks. Afterwards, you ‘import’ it on the new system. That’s all it needs.

If you use proxmox, then Truenas is kinda redundant, since proxmox can manage your zpool as well.



I do it the other way round: proxmox leaves it’s hands away from the zpool. The 5 disks are passed through to a vm, everything ZFS starts there, and it offers the samba shares.

My directive is that the bare metal proxmox shall not offer any services to the world outside, only VM’s may do that.


While there are technologies that work like this (zigbee, kinda?),

Yes, there are many. You probably know them as “remote control”. Your TV, your garage door…

Home Assistant can also control them via gateway devices, turn them into “smart” devices and include them in larger automation scenarios.


The idea of Home Assistant is not to be a replacement for anything. It rather connects all things. It is a smart home control center, or hub.

Compare it to a Homematic, or maybe Aquara hub, etc. but still more feature rich and expandable with many more protocols and device categories.

Proprietary single switches etc. use only their own protocol.

Google Home is limited to a few protocols.


First the basics: the book “Computer Networks” by Andrew S. Tanenbaum

If you have read and understood it all, continue with https://www.openwrt.org/


My advice for this company: fire 2/3 of all IT staff (including managers). Then tell the remaining ones to cut off unneccessary things and do it better in the future.


do – I’m trying to route all services through a Tailscale Funnel (which only provides a single domain

Seems like you have some limitation (I really don’t know tailscail funnel) in your setup, and now you expect them to work around it.

HAOS assumes that you would have no need to run any other Docker services other than those that are add-ons or Home Assistant itself.

Yes, HAOS is great when you have one dedicated machine for it, for example a RPi. That’s the whole purpose of HAOS, as far as I understand.

If you already have a zoo full of docker containers, then you want your Home Assistant (without HAOS) in just one more of your own containers.


I know 4g is not fast, but I would like to use it

There was a time when people used to have 2400 bits per second from home (for the youngsters: that is 0.0003M). So if you are doing it for fun, why not.


I don’t even want the list. I’m just asking if it has them all — or less than all :-)


So it has got TLS. Nice.

But what about all the other security features that are required of a mail server today?


Isn’t it funny: I want to selfhost, and therefore I need a service provider…


never expose such certificates on the wild wild west ! Keep those certificate in a closed homelab you access through a secure tunnel on your LAN !

I’m curious, what’s the reason?


Two important aspects:

Location determines how easy some government’s ‘services’ can access that provider’s data, and change them if they like to.

Location determines how easy some business can convince some cheap court to take down your domain.


auto manufacturers had violated Washington state’s privacy laws by using vehicles’ on-board infotainment systems to record and intercept customers’ private text messages and mobile phone call logs.

But the appellate judge ruled Tuesday that the interception and recording of mobile phone activity did not meet the Washington Privacy Act’s standard

Privacy is a fundamental human right.

Just not in Usa, as it seems. Here it is indeed the law that needs to be fixed.

https://www.humanrightscareers.com/issues/is-privacy-a-human-right/


room for one drive only.

I suggest to free yourself from this limit, because it is your worst one.

Get a case that can have multiple disc drives (an old one will do). Get a mainboard that can host 2 SSD’s plus several HD’s.


Your services may run in separate VMs, but there are still some dependencies between them. You need to know, and think about, all the dependencies between your VMs.

For example, they share a common network interface (the one of the host machine). That is a dependency. If one VM is able to clog the network interface (and maybe your crashing one is doing exactly that), then it is clogged for all the other VMs too.

To resolve that dependency, you can either put another network interface card in your host machine and let only the pihole VM use it, or run the pihole on a real physical Pi.

You could also resolve the jellyfin’s own problem. But resolving the dependency might give you a more reliable system.


Proxmox has kinda install template for HA, so you don’t need to download things. Just tell it to create your HA.

Here is a tutorial

https://www.wundertech.net/how-to-set-up-home-assistant-on-proxmox/



actually have a server at home

I haven’t got any piece of hardware that was sold with the firstname “Server”.

But there’s this self-built PC in my room that’s running 24/7 without having to reboot in several years…


My home server is reachable via dynamic DNS. Nextcloud ist running from a VM that has no other ports open and I have done all the security things that the automatic checks have recommended.

Nobody has dared so far to call me malicious.