• 2 Posts
  • 2 Comments
Joined 1Y ago
cake
Cake day: Jun 11, 2023

help-circle
rss
VLAN usage under Proxmox
Hello, Just spent a good week installing my home server. Time to pause and lookback to what I've setup and ask your help/suggestions as I am wondering if my below configuration is a good approach or just a useless convoluted approach. I have a Proxmox instance with 3 VLAN: - Management (192.168.1.x) : the one used by proxmox host and that can access all other VLANs - Servarr (192.168.100.x) : every arr related software + Jellyfin (all LXC). All outbound connectivity goes via VPN. Cant access any VLAN - myCloud (192.168.200.X): WIP, but basically planning to have things like Nextcloud, Immich, Paperless etc... The original idea was to allow external access via Cloudlfare tunnel but finally decided to switch back to Tailscale for "myCloud" access (as I am expected to share this with less than 5 accounts). So: - myCloud now has Tailscale running on it. - myCloud can now access Servarr VLAN Consequently to my choice of using tailscale, I had now to use a DNS server to resolve mydomain.com: - Servarr now has pihole as DNS server reachable across all VLAN On the top of all that I have yet another VLAN for my raspberry Pi running Vaultwarden reachable only via my personal tailscale account. I'm open to restart things from scratch (it's fun), so let me know. Also wondering if using LXCs is better than docker especially when it comes to updates and longer term maintenance.
fedilink

But this implies the check happens on my server right ? Which probably makes sense for advanced hosters.


Can we combine CloudFlare tunnel’s Email OTP with apps ?
Hello, Long time lurker, first time poster and eternal newbie in selfhosting. I have installed cloudflare tunnel in order to allow my Emby installation to be reached externally. (Previously was using tailscale but now trying this solution to expand my 'reach' and include my parents houshold) The tunnel with email OTP works like a charm, but the access seems to be browser specific, so the Emby app doesn't seem to be able to connect (as it faces the email OTP challenge I suppose) Is there a way to combine both? I actually went down the path of writing a little script that tries to authorize the IP of someone that managed to pass the OTP challenge via browser. ( I get the user's IP and update the cloudflare policy via its API) Seems to be overkill, any suggestions? Thx
fedilink

Honeygain etc… First time I hear about them. Do you mind sharing how much you get?