Cyber

@Cyber@feddit.uk

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨💞 FairScan > Syncthing > Paperlees-ngx⁩ ⁨⁨12⁩ ⁨hours⁩ ago⁩:
That was all resolved.

I held off switching until very recently, but reading the githubs, etc. it’s all settled down now.

From memory it was just a bit of a nieve handover (ie “hidden” in the background, not out in public)
⁨Comment⁩ on ⁨System Redundancy⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
With… or without their knowledge? 😉

But yeah, there’s so many wifis around me, I could probably load balance across them all…
⁨Comment⁩ on ⁨System Redundancy⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
Wow.

Ok, that sounds like that has evolved over some time!
⁨Comment⁩ on ⁨System Redundancy⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Yeah, I think the firewall has a hardware issue… it reboots, starts stops fine under normal conditions, but, just sometimes a weird glitch throws it off.

Good point about VRRP, I’ll look into that some more as I think that’s the open, non-Cisco one.
⁨Comment⁩ on ⁨System Redundancy⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
That (2 FWs) was what I was considering initially.

But, looking at some other posts, I’m starting to rethink my design as I only have 1 WAN connection, then I only need 1 FW (maybe).

So separating FW from DHCP & DNS might be a better solution.
⁨Comment⁩ on ⁨System Redundancy⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Not heard of BeeGFS, had a quick look on the Arch wiki… looks quite involved…

But, ok, at least I know that the DHCP part can be dealt with - thanks.
⁨Comment⁩ on ⁨System Redundancy⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
I’ve not looked at Proxmox clusters - can they restart VMs on a different host if they’re all using the same shared storage?
⁨Comment⁩ on ⁨System Redundancy⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Ah… I was reading this thinking “ah, I’ll have to reply about the battery…”… glad you’re limiting the charging…

But an interesting point… I have a spare OLD Dell laptop kicking around which has various issues, but might be able to do what you’re doing. Thanks
⁨Comment⁩ on ⁨System Redundancy⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Yep, all good with DHCP vs DNS… just my grammer was terrible.

Nothing was getting an IP from the DHCP, when the wifi returned…and… DNS was also not working for the few devices that still had an IP.

Sry bout the confusion there.
⁨Comment⁩ on ⁨System Redundancy⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
Good points there.

For 1. The ISP router is a Fritz one set to bridge mode running over a PoE adapter from the same UPS the firewall is using. It stayed up all the time (looking back at the logs)
1. Not sure what happened here, but the firewall is the DNS resolver and when everything else powered back up, nothing got an IP address. Now, whether thw service failed or the WAPs took longer to start than the devices could wait, I’m not sure, but as Scotty said: it’s dead Jim.
2. Good point. I don’t need it ALL to be redundant.
3. Also good. The UPS is directly connected to the firewall (which has NUT in), but it doesn’t inform anything else… I’ll look into that too.
Nice mental reset for me about over thinking it… thanks
⁨Comment⁩ on ⁨System Redundancy⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
Well, in my case the most crucial single point is the firewall.

The rest isn’t too bad
System Redundancy
Submitted ⁨⁨6⁩ ⁨days⁩ ago⁩ to ⁨selfhosted@lemmy.world⁩ | ⁨36⁩ ⁨comments⁩
⁨Comment⁩ on ⁨Finally installed my own Firewall⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
Running different SSIDs too?

I put all my IoT stuff on a dedicated 2.4-only network, VLANd it to the (pfsense) firewall which allows the VLAN trunk to be split into separate logical NICs that I apply different policies to, like no access to the internet, etc…
⁨Comment⁩ on ⁨Do you have a plan for your self-hosted data if you die?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
👆🏻 This is the link everyone needs to look at.

It covers things like keeping your phone active for 2FA, subscriptions that need to be paid until data is saved, etc.

It’s what my SO & I use.

Very thorough
⁨Comment⁩ on ⁨Where to start with backups?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Ah, good old dd

When you have some spare time, take a look at partclone - clonezilla uses it because it only backs up used blocks, not free space, so more efficient.
⁨Comment⁩ on ⁨Where to start with backups?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Interesting.

Yep, I agree there’s 2 types of backups:
- data
- OS image
Out of curiosity, how are you doing the drive imaging?
⁨Comment⁩ on ⁨Reproducible alternatives to nextcloud?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Yep, this is what I did too.

I found no-one was using the NC interface and just syncing, so stripped right back.

Stable. Lightweight. Mostly no maintenance (just moving to syncthing-fork)
⁨Comment⁩ on ⁨Why isn't using a key file the most common way to log into self-hosted servers?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I think the point here is that no-one uploads / enters a password/phrase/file.

Whatever you enter on the keyboard is hashed and the hash is sent. Depending on the protocol, sometimes it’s time limited so no-one can record the network traffic and resend the data (replay attack)

Files (SSH keys, certificates, etc) are checked against a (usually) asymetric key exchange algorithm, so they can only compare what’s sent if they have the corresponding key to decrypt the cipher.

The length of the password (or file) is basically meaningless. It’s just how long it’ll take someone to guess it (brute-force), but as the saying goes, you don’t break into a house through the door, you go through Windows… ie the weakest link.

In your concept, the weakest link is the meatware: humans. We need ease of use, so, someone will store that file and it’ll be compromised, so 64b, 128b or 512b doesn’t matter, if they have the file, they’re in.

Now… MFA… Now, that’s more like it.
⁨Comment⁩ on ⁨Jeff Bezos said the quiet part out loud — hopes that you'll give up your PC to rent one from the cloud⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
At least there’s no Windows…
⁨Comment⁩ on ⁨Homelab hardware choices⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I have a 7530. (Is yours a typo?)

Yes, those instructions look about right.

My pfSense box has the username & password, so the router really is just being used as a dumb modem (I used to use Draytek modems)…

… but…

The router’s diagnostics will show the DSL details, so you can check if your external connection is ok (ie OSI Layer1), but it will always think it’s offline.

So once you get your OPNSense setup and working, have a look around the Fritz diagnostics and get comfy with what you can / can’t see, because when there’s a failure you won’t know what is really failed.

Also… write down what you did and how to reverse it, as you (or others) might want to reset it to full router if your OPNSense is down.
⁨Comment⁩ on ⁨Homelab hardware choices⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
The advice above matches mine.

I have a home-built pfSense unit and when parts die (not if), then I just replace them with spares I have already waiting… as that box is now critical for you.

I also have a Fritz in bridge mode with the pfSense doing PPPoE through it, so effectively, the firewall is the first real device on the WAN. Makes things much simpler as the WAN interface has status like packet drops, etc, much easier to diagnose issues.
⁨Comment⁩ on ⁨State of the Fin 2026-01-06 | Jellyfin⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Wow.

Ok, I don’t have anywhere near that amount of media, but MythTV takes seconds to rescan ~2TB of videos and maybe a minute to get any missing details like fanart, etc.

Similar amount for music - but I feed it the files after I’ve run them through Picard.

I’ve not done a complete rescan of eveything for ages, but from memory it’s like an hour absolute tops. More like ~30 mins.

And that’s on an underclocked CPU (for quietness).
⁨Comment⁩ on ⁨Reitti v3.1.0: A year of self-hosting my location history (1.1k stars and 46 releases later)⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
This looks very interesting.

I track the family’s location with GPS Logger (on Android) and the Home Assistant app on the iPhone user… it’s all going to HA at the moment to turn lights on when people get home…

And I have a separate Immich server.

So, reading this, I can combine this all together from HA and Immich - or do I need to send the GPS coordinates to this server too?

I’m also not a container user… skimming the installation section, the instructions appear to be only support docker - are standalone instructions also covered? (I may have missed them…)

But, this looks really nice.

I liked thr piechart where you distinguish between walking, cycling, driving, etc, I presume that’s done by velocity…? So, do you calculate that or need that data from the phone app?
⁨Comment⁩ on ⁨Introducing Hypermind: A fully decentralized, P2P, high-availability solution to a problem that doesn't exist.⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
I don’t run any containers and this made me consider trying to get the whole infrastructure setup 😁
⁨Comment⁩ on ⁨NAS decision paralysis⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Just basic commands will get you most of the way there… lsblk, fsck, etc.

You can check the formatting and partitioning with something like gparted (a GUI for parted)

For SMART, use smartctl or gsmartcontrol for a GUI

Note: external USB enclosures / docks / adapters / etc. rarely pass SMART data, so you’d need to actually plug it into a mobo to check that.
⁨Comment⁩ on ⁨NAS decision paralysis⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Linux should see most formats… you might need to install something to read NTFS… but if they’re FAT32, most distros have thst installed by default.

If you can’t read them, and there’s nothing on there that you need to recover, then just zero them and check them with a full SMART scan, then you’ll know if they’re reliable before wasting time with a RAID array that keeps chewing up drives.

But, I don’t know of any mobos that’ll connect that many drives…
⁨Comment⁩ on ⁨NAS decision paralysis⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Are these external USB drives? You can certainly plug those in all over the place, but it’s not a scable, long term solution.

Shuck the drives if they’re external and just use them as normal drives

And you can’t daisy chain modern drives in the same sense that old SCSI / PATA drives used to be connected, but you could get a drive bay to fit an existing PC - I had one that put 4x 3.5" drives into a 3 bay 5.25" space… wasn’t great but did the job.

But, you’ll want to get the drives into some kinda array - could be a JBOD initially, but you will NEED good backups as any drive failure = total loss of it’s files.

Perhaps backup each drive to… somewhere… create an array and then restore all your data into that new array.

Total available storage of RAID is less than the total space in all the drives due to checksums, duplication, etc.
⁨Comment⁩ on ⁨NAS decision paralysis⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

Yeah I want an external drive out of the house, but I feel like that is independent of my decision on how to store data at home. Am I wrong?

Yes 🙂

You’ll want offsite storage no matter what you build. This protects you from wiping your RAID array (RAID is not a backup), syncing the wrong data and losing files, etc.

And… imagine your NAS is gone. Make sure you know how to get your (encrypted) data back.

The first thing I did was backup a small chunk of files and then see that I could restore them to a different laptop.

Yep, I have Arch with a btrfs RAID array because - for me - ZFS was too needy. I can use standard tools to maintain btrfs.

It has SMB and NFS shares, powers up & down (when idle) automatically, and syncs our phones and laptops via syncthing (sync is also not a backup)

Everything is backed up to an online storage provider AND a HDD connected to a RasPi in a family members home (and I reciprocate some of their backups)

I do have Immich running natively on the NAS (no containers) because all our photos are there, so it made more sense to put it there, but all other functions (Home Assistant, etc) are on a separate device.
⁨Comment⁩ on ⁨NAS decision paralysis⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
First up… backups…

You’ve got all your data on a single 8TB external drive?

If you get lots of hardware, or stay the same, you’ll still ~~want~~ need to get your data off that system and preferably out of the house for the 3 F’s: fire / flood / feft (😉)

At this point it might just be simpler to get online storage and upload it all… or a 2nd drive and just clone it.

Now, you can breath as you change your system and oops, accidentally wipe the wrong drive… it’s all offline elsewhere

Next up, to help with decision paralisis; the software and hardware you choose are going to be related… TrueNAS is going to want a new mobo with loads of RAM for the ZFS on the drives… OpenMediaVault will work on small hardware (as well as bigger too…), so decide with your wallet on hardware first.

Everything (worth considering) supports RAID - you’ll want RAID1 if you only have 2 drives, RAID5 or 6 for many drives. If you use ZFS they modify the naming convention, but learn standard terminology first.

I’ve tried it all, over the years, so expect to try something for a while, then ditch it for something else - another reason to have your data offline somewhere.

I came back to a simple Arch linux box with 4 drives running btrfs 🙂
⁨Comment⁩ on ⁨Where are you running your wireguard endpoint?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
The routers are running Arch? What hardware are they?

I’m running pfSense as edge firewalls with a Fritzbox router as a bridge - no issues there, but would be interesting to replace that part too, if possible.