glizzyguzzler
@glizzyguzzler@lemmy.blahaj.zone
- Comment on Proxmox bind mounts is a nightmare for user permissions 3 months ago:
In incus, I had the same setup of an LCX container with a Docker container inside of it. I passed 1000/1000 to the LXC container and but the LXC container’s default root user has a an ID set of 0/0. So I had to pass 0/0 to the Docker container, not 1000/1000 to get the read/write permissions working.
That may fix your issue as it’s basically the same tech, just different automated things implementing the LXC container!
- Comment on Pros and cons of Proxmox in a home lab? 4 months ago:
Good to know Proxmox’s bad updates are more pervasive than the latest bad update.
I have been able to install Docker in the LXC containers and pull images in with the normal commands. I do that container-in-container to get effectively rootless docker containers for stuff that I couldn’t figure out how to run rootless. So you don’t even lose out on docker if you’re determined! And as you said incus goes on any OS, you can docker just fine on the base OS of your choice and use incus for specific things!
- Comment on Anyone using a BananaPi r2 /r3 for your router? 4 months ago:
Try a diff email if you do want one, a friend recently got one via email signup and wait a few weeks. But I do abs agree it fuckin sucks you have to do any of this effort to get one, it is just enabling scalpers
- Comment on Pros and cons of Proxmox in a home lab? 4 months ago:
I do use it to hold internet-exposed things in LXC containers to sidestep having to figure out how to not run things as Docker root.
You do not need it for everything, but since it’s not an OS that makes it your everything, that’s ok! Run Docker containers as you need, put internet-exposed ones in an LXC container, put home assistant in a VM because it’s special.
- Comment on Pros and cons of Proxmox in a home lab? 4 months ago:
Ah, I was wondering which one you updated and it made your containers inaccessible!
- Comment on Anyone using a BananaPi r2 /r3 for your router? 4 months ago:
You have to sign up for the in stock notifications, annoying but it works in a delayed fashion. Sad it does enable scalpers.
- Comment on Pros and cons of Proxmox in a home lab? 4 months ago:
Incus or Proxmox (e.g., should I shift to Incus LTS or something?)
- Comment on Pros and cons of Proxmox in a home lab? 4 months ago:
Incus is way easier to work with than Proxmox, and it sits on your OS of choice instead of being the OS you must use. For home use it’s way easier to use with the web ui, it even has clustering if you want to go hard.
So you can install Incus when you want a VM/LXC container and not have to commit to a VM/LXC container OS from the start.
Also Proxmox free just had a bad update that björked some stuff if you updated when it was live. Proxmox free is rolling and apparently lacks basic sanity checks for updates.
- Comment on Anyone using a BananaPi r2 /r3 for your router? 4 months ago:
Your budget is really near a store.ui.com/us/en/collections/…/udr Unifi dream router. Your family is gonna be way happier with you (0 downtime) and it’ll give you extender options if you ever need it. Unifi is good enough and they update regularly, just disable cloud access stuff and you’re good.
Otherwise you want Opnsense instead of Openwrt. The upgrade process for Openwrt is not automatic, while Opnsense is. Worth it not to have to dote on your router.
And you should get an access point (Unifi something or Tplink Omsomething), wifi is problematic with openwrt and I’m not sure if opensense even lets you do it (haven’t tried).
And you’ll need a switch, dumb or managed, up to you if you want VLANs. The Opnsense box will have just one LAN port, so it requires a switch if you want to plug more than one thing into it. A switch with PoE+ can power the access point directly.
Opnsense needs x64 arch (Intel or AMD CPUs), get a small thin client like a Dell Wyse 5070 extended or HP T730 or that mentioned Fujitsu Futro S720 (its CPU is old tho, you can do better). There may be newer thinclients, you just want a mini PCIe slot to install some Intel gigabit card from eBay with 2 ports. Google power efficient gigabit mini PCIe card - there’s an older model that sucks power and a newer one that doesn’t suck; if you go more than gigabit skip 2.5 on Intel unless you google hard and expect extra power draw. Very limited point to 4 port cards, just go higher gigabit speeds don’t think about multiplexing ports or whatever it is called; and switches switch better than the router can and remove CPU overhead for more actual routing work - 2 port card is the way.
Slap Incus (superior but newer, less guides, LXD is previous name if googling stuff) or Proxmox (good enough, more guides for this) on it, make a VM and pass through the 2 ports of the PCIe cards, slap Opnsense in the VM. Make an LXC container and slap Debian on it and spin up the Unifi controller for your AP. Another container for adguard home or pi hole and you’ve got a box that does the basic nets all in one. The built-in port on the thin client is how you will access the underlying OS, it gets plugged into the switch you’ll have to get. If you got something with 2 gigs of RAM and an AMD Geode/GX or aged Intel Atom CPU I’d just only do Opnsense no hypervisor stuff.
Sorry for the info dump but there’s a lot of angles!
But really, the Unifi dream router is much easier and solves it all-in-one. You need 3 pieces (router, wifi access point, Ethernet switch) for a good experience otherwise.
- Comment on Looking for MiTV box replacement 6 months ago:
I am reasonably pleased with my TV UI approximation. It’s an old Skylake-era CPU running Windows 10 Enterprise IoT LTSC which lasts until 2032.
I chose windows because Linux is often limited to 720p browser streaming. And I got tired of overcoming hurdles to make the thing work well, forget what they were but damn they sucked and took a lot of time. Burned through a ton of my self-allotted time fixing stuff till I just ripcorded Win 10 Ent IoT LTSC; Linux might go better for you!
Anyway, it’s at 150% desktop scale and I have the task bar auto hide. I have icons for all streaming sites, Freetube, and Jellyfin on the desktop arranged in a grid. It looks reasonably good, they open in Firefox or in their apps. I close the whole window when I’m done (I don’t use the browser’s tabs), which helps with the “TV box” feel of usage.
I have a remote that has some IR functions to turn the TV on and off and change inputs along with gyro mouse control. It’s hella China, just buy one on your relevant China source (Amazon, alibaba, etc.) - there are tons of clones. The light up feature on it makes an audible hum, so that sucks, but I don’t use it and don’t seem to miss it.
Best bonus is it blocks ads on all the streaming services I have (uBlock origin mostly, also AdGuard but I think uBlock Origin does the heavy lifting). And can turn on WireGuard for modern account sharing, going to automate it soon for certain streaming services.
- Comment on VPN to home network to access PS4 doesn't work via PS Remote Play app 1 year ago:
I did a wireshark packet capture and found the wake-up packet is on UDP 987. I can only capture broadcasts, not specific stuff it looks like. Source: 10.0.69.69(iOS device IP) Destination: 10.0.69.255 Protocol: UDP Length: 105 Info 57477(or 62764, 62335, 60311 as source ports) -> 987 Len=63 Note the IP of the PS4 is 10.0.69.150
I’m not sure what to do with this, though. Nothing I tried worked (e.g., jamming 987 into the IP tables
iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A PREROUTING -p udp --dport 987 -j DNAT --to-destination 10.0.69.150:987; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; iptables -t nat -A POSTROUTING -p udp -d 10.0.69.150 --dport 987 -j SNAT --to-source 10.0.66.10:987based on serverfault.com/…/how-to-do-the-port-forwarding-f…).Additionally setting the Wireguard mask to 10.0.66.1/16 makes the WG connection not route successfully, and setting the mask in OpnsenseRouter->Interfaces->[LAN]->(under Static IPv4 configuration section) to 16 did nothing. Oh well, this seems beyond me
- Comment on VPN to home network to access PS4 doesn't work via PS Remote Play app 1 year ago:
Setting the WG [Interface] range to 10.0.66.0/16, along with the [Peer] to 10.0.66.10/16, and the Opnsense DHCP range in Interfaces->LAN to /16 made no connection to the internet or local occur.
This feels like banging rocks together hoping for fire - not for me (but maybe reading stuff for a bit will help, maybe)
- Comment on VPN to home network to access PS4 doesn't work via PS Remote Play app 1 year ago:
Who knows indeed, I’m beginning to suspect that it was able to connect via the internet (and that stopped working) and I just never noticed so the VPN was a superfluous extra step.
But I did try in the [Peer] definition setting the allowed IPs to: 10.0.66.10/16 instead of 10.0.66.10/32, which should expand the allowed range to 10.0.69.XXX. Alas, that did not work.
- Comment on VPN to home network to access PS4 doesn't work via PS Remote Play app 1 year ago:
I don’t see any - but I guess it makes sense, the Opnsense computer isn’t involved by design in local network activity. The Opnsense comp goes to a switch that all other LAN also connect to, and I assume the switch routes so the Opnsense comp connection doesn’t get bottlenecked. I indeed forgot that’s how it worked till now - thanks for the suggestion, helped me internalize a bit more infrastructure at least!
- Comment on VPN to home network to access PS4 doesn't work via PS Remote Play app 1 year ago:
Where would I set the subnet mask?
I do not understand how to apply most networking concepts effectively - I only run Opnsense to get a router that has actual software updates, not because I now how to use it (no experience with networking otherwise).
In WireGuard I specify the 10.0.66.XX subnet directly without DHCP. In Opnsense, I’m not sure where to look and searching for it didn’t help illuminate anything obvious.
- Submitted 1 year ago to selfhosted@lemmy.world | 10 comments