just_another_person@lemmy.world 4 months ago
Firewall, Auth on all services, diligent monitoring, network segmentation (vlans are fine), and don’t leave any open communications ports, and you’ll be fine.
Further steps would be intrusion detecting/banning like crowdsec for whatever apps leave world accessible. Maybe think about running a BSD host and using jails.
ryannathans@aussie.zone 4 months ago
Freebsd here with jails, very smooth running and low maintenance. Can’t recommend it enough
s38b35M5@lemmy.world 4 months ago
Love jails. My server didn’t move with me to Central America, and I miss Free/TrueNAS jails
ryannathans@aussie.zone 4 months ago
Dw truenas core is dead/EoL so it’s either truenas scale (Debian) or freebsd now
s38b35M5@lemmy.world 4 months ago
EoL? They’re releasing betas regularly and announced 13.3 for Q2. You mean how they’re sort of winding down with scale taking the bulk of dev cycles? Not much to change with the platform, and security fixes will be backported to CORE. I think SCALE still doesn’t fit my use-case, hut when it does, and jails go away with CORE, I’ll shed a tear and pour one out for my homie.