NAS is how most people get into this. It’s nice have a /comfy/ home for all your data. Streaming your movies/shows around the house and to friends is good feels. Repurpose an old desktop, buy a SBC, or go with cheap used enterprise gear. Lots of options and theres even a flowchart. Ask.
/hsg/ is about learning and expanding your horizons. Know all about NAS? Learn virtualization. Spun up some VMs? Learn about networking by standing up a pfsense box and configuring some vlans. Theres always more to learn and chances to grow. Think you’re godtier already? Setup openstack and report back.
>What software should I run? install gentoo. Or whatever flavor of *nix is best for the job or most comfy for you. Jellyfin to replace netflix, nextcloud to replace googlel, ampache to replace spotify, the list goes on and on. Look at the awesome selfhosted list and ask.
>Datahoarding ok here? YES - you are in good company. Shuck those easystores and flash IT mode on your H310. All datahoarding talk welcome.
>Do I need a rack and all that noisey enterprise gear? No. An old laptop or rpi can be a server if you want.
Please expand it, also don't use your real name or any password when you register. Preferable use cock.li or something anonymous. Or just email the admin with the username and password you want.
Big thanks to the guy that recommended acmetool to me the other day - got my vps all running nicely with certs and automatic renewal for the containers all tucked away behind the reverse proxy.
For a 24/7 atx server that will be basically operating about a dozen drives, what is a good power efficient processor to get that also supports AVX2 or has an iGPU for video encoding?
Luke Gutierrez
nice i'll probably be looking into acmetool eventually when i get into self-hosting websites and stuff
don't get Intel, performance is getting slaughtered by these MDS flaws
Evan Adams
Still, what is a reverse proxy truly required for?
Dominic Murphy
i can just like, not install the mitigations? this is a headless server, no web browser or public facing ports or anything. when is it ever going to be exposing itself to running enough unauthorized code to be even slightly susceptible to this shit. I just need speed, and intel's got it.
Luis Sullivan
>amd >avx2 really nigga
Adam Phillips
k but don't support this shit company
Kayden Scott
in this case I have five services accessible through the single point of entry at port 443
Justin Gonzalez
>I just need speed, and intel's got it sorry but it looks like i gotta
In terms of power efficiency and speed Intel still beets poo-processors
Julian Flores
>yay -Syu >2gb cuda update
Jaxon Flores
>say i use arch for my home server in cyber sec club >WTF YOU USE A BLEEDING EDGE DISTRO?? THATS SUCH A HUGE FUCKING SECURITY RISK WHAT THE FUCK >ITS AN ATX SERVER TOO?? ITS NOT A 1U or 2U ITS AN ATX CASE? >BRO WHAT THE FUCK YOU GOTTA GET A 12 YEAR OLD XEON AND A 1U SERVER AND RUN CENTOS AND USE 5 YEAR OLD SOFTWARE WTF ITS STABLE AND SAFER
still use arch btw still use a fractal design r5 btw
Xavier Johnson
>fractal design r5 desu this is a good chassi, im using it as well fits plenty of drives with room for additional ones running cables was also decent in it are you running arch with the stable repositories or just madfagging it with rolling release?
James Scott
rolling release because i legit just use samba(anime, movies, games, books, music, etc), ssh to it(key files only), host a minecraft server on it for local friends, and sometimes some linux C++ development on it (vulkan, mostly).
i dont have much of an attack vector and I've never ran into the "ran pacman and how my system is fucking broke" shit that brainlets seem to keep running into in all my years of using bleeding-edge linux distros. It's a headless server as well so like I don't have any of the security mitigations enabled.
The worst issue I've ever had to deal with was just some fstab issue using /dev/sdb rather than UUIDs back when I added an 8TB drive to it.
r5 is based and all my workstation desktops and servers I've built use it.
Jackson Rogers
boomer IT spurges always get mad when people do anything modern
Evan Bell
Does it work by looking at the SNI then? Because that is how I would check what resource, i.e. server, is being accessed. Sounds pretty useful anyway.
Jack Green
alright, yeah i used a suckless arch install on my laptop in university for 4 years with 0 issues made the switch to debian some 3-odd years ago though for some reason and im decently happy with it so i run debian on my server too
Liam Bell
in this case, aye, traefik is using SNI to handle certs and front end routing - backend plumbing is done by labelling the containers.
Cool, for now I'm just using different ports, since some of my services are locked behind client certificate checks, but this could be fun to play around with. Thanks!
Xavier Morris
no worries - give me a shout if you want some example compose files etc.
Mason Phillips
I have ports forwarded on my router and they appear open on canyouseeme.org and similar tools, however they appear closed on my machine. I’m running Debian. Any suggestions on fixing this? It would be much appreciated
Xavier Brooks
netstat -tunlp to check you're listening on the correct ports, portscan from another machine on the lan and see if they're open form there?
Gabriel White
Cute! Mine only has a G3258 and 8GB of DDR3 in a little ISK 110 case I was planning to upgrade it with a second hand i7-4785T but then the next round of vulnerabilities came in I'll just wait until the 3200G gets released and see what the reviews say With a little luck it won't blow up my 85W PSU
I've actually got the avx2 flag in my 2400G's cpuinfo.
Nathan Williams
It shows the port I want as: tcp 0 0 0.0.0.0:20883 0.0.0.0:* LISTEN
First column is protocol, second is recv-q, third is send-q, fourth is local address, fifth is foreign address, sixth is state
Adrian Hall
looks good, you have multiple NICs on this machine? no firewalling involved?
Dominic Cruz
my main pc has this...
Jeremiah Bennett
I only have one NIC, but this is the wired interface on the card. I also got rid of all of the rules on iptables to be sure.
Owen Flores
AMD AVX2 is twice, almost 2.5 times as slow. It just fires off its 128-bit vector units twice
Zachary Flores
Any other recommendations to fix this?
Caleb Russell
So i want to be able to automatically back up photos and view them from any computer, basically my own personal "botnet free" google photos.
Any suggestions on what server/app/client to use?
Carson Bell
It still has it and an iGPU and a lot more. Generally speakin I'd say you'll be ok.
It's not like you weren't aware that this isn't the high end of processing power in a single box, right?
Elijah Ross
Syncthing maybe? Enable staggered retention on some machines.
Cameron Carter
So im at Unitymedia (cable internet in Germoney). Set up a server two days ago and now I realize they only give out ipv6/DS-Lite adresses to regular customers (non business).
What the fuck should I do now? I cant access my server from the outside without an ipv6 address and my phone LTE only supports ipv4. Ive heard of 'portmappers' but what I've found is that I basically have to cuck to a third party for something which should be a non-issue?
Joshua Russell
Get a VPS and tunnel your server traffic through it.
Jordan Price
I'm going to assume you meant avx2 bus width and not implying ryzen does not support avx2. No performance requirements were listed so ryzen checks the avx2 box and as far as iGPU the vega 8 and 11 should perform better than Intel 630 at a lesser price with similar tdp.
If it's https you need see if you can put it behind Cloudflare's proxy which will work with ipv4. Otherwise buy a cheap VPS and tunnel to that.
Joshua King
>NIGGAS IN HERE BE RUNING SERVERS WITH 9 YEAR OLD XEONS
Michael Harris
funny meme
Lincoln Howard
So I have to throw money at another company plus potentially reveal my traffic to them? Thanks unityshit. Alternative to cable would've been DSL16k which is unacceptable in {current year}
Blake Gomez
Are the serverbuilds.net guides well accepted? Eventually hoping to go down this road with unRaid, but I've got lots of learning to do.
Is anyone using hardlinks with deluge or something similar to keep their Plex files and metadata clean?
And no, my 10TB drives haven't shipped yet from Amazon.
Michael Jackson
Got a CM HAF X case for free. Doing a budget build for a media server that will be running Plex. I've got an AM3 motherboard laying around, whats the best cpu I could stick in that? FX8350?
It is, with a pretty wild selection of connectors. Can be useful.
Sebastian Lewis
you should run netstat -a -n and post what it shows have you tried SSH tunneling to the desired port? don't forget to update and mitigate your certs
Jonathan Howard
What's the smallest, usable server rack available?
Can I build my own?
Brody Lee
Sauce on OP image?
Easton Cruz
Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:20883 0.0.0.0:* LISTEN
Nolan Moore
is using a 64-GB partition out of a 256GB NVME as a bcache for 3 2TB drives worth it
Matthew Wood
nmap also shows that all ports on this machine are filtered. How do I fix this? I'm pretty sure iptables has no rules, as I flushed them all.
Anthony Gomez
sauce
Henry Ramirez
thanks to the guys that gave some info about the HPE ProLiant DL380 I was planning to buy 2 days ago. Been playing with it for 2 days and its been alot of fun, Just bought some harddrives for and a NAS and I'm about to buy a 24 port cisco switch. Life is good.
I've been running my own mail server for about five years. When I first set it up I did not really include any spam countermeasures. If you knew my username or one of its aliases, you could send me mail. For a couple of years I didn't receive any spam, and for a while after I began to receive it it was infrequent, but now it has become a problem.
The "reject_unknown_client_hostname" option in Postfix seems to prevent virtually all spam. This policy requires clients to have a PTR record and requires the domain name in the PTR record to resolve to the client's IP. I know that this policy can cause mail to be rejected as a result of DNS failures. Is there any other reason that it might cause legitimate mail to be rejected?
Ayden Diaz
>unraid why in the world would you pay for a glorified slackware and subpar snapraid install? just go for whatever *nix, snapraid, mergerfs, and cockpit instead its free
Nolan James
Because while all that stuff is free, it requires me to learn how to assemble it all and get it in working order. Paying for unRaid is paying for someone else to do all that work for you. I want plug and play; not having to learn linux from the ground up.
It's convenience and customer service. And it will be challenging enough all on it's own to set up. Let'sEncrypt and reverse proxy and dockers. That's a lot of shit to learn for a Windows 10 user. I ain't that smart.
Liam Morales
>there are people in this thread who put their home network in 192.168.178.0/24 instead of 10.0.0.0/8
>not using multiple public routable IPv6 subnets >Not having different networks for WLAN, LAN, servers, guests, spyware etc
Josiah Wilson
After going through the pain of putting *NIX and Lineage OS on all devices I want to not trust them?
Caleb Thompson
>guests But it's fun anyway and that's the main reason we do all this bullshit right?
Gavin Cox
Yeah, especially given that some ISPs love to sniff around over TR-069
Jason Reed
Shouldnt be a Problem with encrypted traffic. Try it out with a cheap vps from vultr or hetzner.
Isaiah Morgan
I'd like to see what is the best solution for doing archiving for pictures every time I come back from a day trip or event. Instead of storing on my computer, I'll be storing onto two external HDD with both having exact copy. Currently, I'm just connecting it through USB, but it's really slow. Wondering if there are beret ways
Very decent. Even more so if it is with the drives.
David Smith
>Are the serverbuilds.net guides well accepted? I'm not sure anyone here used these.
> unRaid Not my thing.
> Is anyone using hardlinks with deluge or something similar to keep their Plex files and metadata clean? I don't think this is needed? The plex configuration files are not the same as the data folder you point it to.
That said, you can of course symlink, mount, hardlink, use docker[-compose] volumes and so on as you please. I'd generally recommend docker-compose to set up plex anyhow.
Daniel King
came with a single 3TB drive, got rid of it and installed 4*4TB WD reds, pretty happy with it for now
Don't know that or why you'd need to symlink for proper tagging, but either way it'll probably be fine regardless which approach you choose with plex.
Owen Fisher
Any other useful advice to potentially fix this, Jow Forumsuys?
Nathaniel Taylor
I can't believe you've done this to me.
Elijah Martinez
what does iptables -L show?
Ayden Gutierrez
My mom is a photographer but also not at all tech inclined beyond knowing about her camera. What I did for her was get a shitty Synology NAS and pop some 4TB drives in RAID 1 in there, then set up the NAS to sync to a cloud backup on a regular basis, and set a cronjob up on her Mac that would rsync everything in her pictures folder to the NAS (there are probably easier ways to do this). It's not fast, but she can just dump photos in her photos folder which is quick, and then they slowly get propegated to the NAS and then the cloud backup in the background so it wasn't a pain.
Cooper Reed
mine. sure the cables are mess but who cares? It's in a basement storage room.
What I did for mine was get the coffee table version of the lack, and placed the board that goes between the legs of the table so that it could fit a 1U server underneath, and then I jammed a server under there and piled everything else on top. The board itself is not strong enough to hold more than maybe a single Dell 1U, and the mount points are absolute shit, in addition to the legs being hollow so you can't really use it like normal.
this IS debian, not ubuntu right? your not running UFW or anything else?
Josiah Collins
This is debian, and I'm not running ufw
Ian Harris
tracert from the other device on lan you used nmap from - there is def nothing in beween it and this machine?
Jaxson Gonzalez
what is it thats listening anyways?
Jason Nelson
I'll try that FTP/SSH server and a torrent client daemon plus its remote interface, but the machine is blocking traffic from these ports even though they are forwarded on the router.
John Davis
Only one hop with traceroute and it was directly to the machine itself,
Nathan Rodriguez
gah, vexxing to say the least
kk reboot to make 100% absolutely sure iptables is out of the picture and double+triple check the listener is configured correctly - you didn't mess with hosts.allow/deny or anything?
Wyatt Smith
I didn't mess with hosts at all. Before I reboot, how would I check that the listener is configured correctly? Even with a DDNS client configured, I can't ssh into the machine through that even though the ports are forwarded.