Scrath
@Scrath@lemmy.dbzer0.com
- Comment on How to reverse proxy? 2 weeks ago:
I’m not sure that’s possible on most routers but I’m very much not an expert in networking
- Comment on How to reverse proxy? 2 weeks ago:
I don’t think that’s how it works with my router. I read a bit about DNS failover and the consensus seemed to be that all DNS servers listed should return equal results since requests are spread round-robin between them (at least for mikrotik routers).
- Comment on How to reverse proxy? 2 weeks ago:
You are lucky I haven’t deleted my pi-hole VM yet ;D
In the Pi-Hole DNS settings I have the following configuration:
- Upstream DNS Servers => Quad9 (filtered, DNSSEC) both checkboxes for IPv4 checked
- Under Custom DNS servers I added a line with my routers IP
- Under Interface settings => Permit all origins. Note the warning written regarding this setting and check whether it applies for your setup!
- Under Advanced DNS settings I have enabled “Never forward non-FQDN A and AAAA queries” and “Never forward reverse lookups for private IP ranges”. Since according to the warning this would block local hostname resolution note the next setting.
- Under conditional forwarding I have added this line
true,192.168.1.0/24,192.168.1.1,fritz.box.fritz.boxwas my local DHCP domain name but has since been changed tolan.
The other settings in Pi-Hole were under the Local DNS Records menu where I added my domain name (let’s call it example.com) to the list of local DNS records and pointed it at the IP of the server running my reverse-proxy. Finally I added each subdomain I wanted to use to the List of local CNAME records and pointed it at the domain I just entered to the other list.
I can’t perfectly tell you what my router settings were unfortunately since I have recently moved and replaced my fritzbox with a mikrotik router. The main thing you have to do though is to go to the DHCP server settings of your router and set the pi-holes IP address as the DNS server. Note that in the case of the pi-hole being offline for any reason you will be unable to resolve any domains while in this network
It might be possible to do some sort of failover setup by running a second pi-hole with identical settings but I did not want my network connectivity depending on any device other than my router being on. Hence my move back to using my mikrotiks built-in DNS server which fortunately also supports adding lists for DNS adblocking.
- Comment on How to reverse proxy? 2 weeks ago:
I’m not the guy you replied to but personally I use a setup called split-horizon DNS.
- I have a DNS server running on a raspberry pi which I have set up as the DNS server for all devices in my local network (by setting it in the router).
- This DNS server has my domain name as an A record pointing to my reverse-proxy (Nginx Proxy Manager), e.g. example.com would resolve to 192.168.0.100.
- Any subdomain I want to use is set up as a CNAME record in my DNS server referring to the previously configured A record with my domain. (jellyfin.example.com => example.com)
- Now all requests to the registered domain and subdomain are routed to my reverse-proxy which I configured to forward them to the correct service depending on the given subdomain.
This is a little bit of a simplification. I also use a cloudflare tunnel to allow access to select subdomains and I have 2 reverse-proxies chained together since NPM can resolve services by their container name as long as they are in the same docker network.
Also probably important: My DNS server was a pi-hole (until today at least) and did not act as my DHCP server. This meant it had no idea of local device hostnames and therefore was configured to forward queries to local device names to my routers built-in DNS server.
- Comment on Simple NAS hardware for home use? 2 weeks ago:
I think I used a Pi 4B, either the 8 or 2 GiB model
- Comment on Simple NAS hardware for home use? 2 weeks ago:
Also in my experience the raspberry pi isn’t all that great for a NAS considering you are reliant on using USB hard drives and also need a separate powered USB hub for them
- Comment on Introducing Lab Rax: A 3D Printable & Modular 10" Rack System - The DIY Life 5 weeks ago:
What about NAS systems? I don’t recall seeing any for 10" before
- Comment on Setting up a private network in shared apartment 1 month ago:
Thanks for the setup tips, especially about the masquerade rule and safe mode.
I’m not too worries about the loss of speed since internet here in germany is on average slower than 250mbps and anything data intensive like access to my Mediaserver should be handled over Ethernet anyway. If it does become an issue I can always throw a second AP at it I guess?
- Comment on Setting up a private network in shared apartment 1 month ago:
I’m not sure how to find out whether it has two access points. Performancewise I believe the specific model I have selected should be fine.
- Comment on Setting up a private network in shared apartment 1 month ago:
Thanks. I wasn’t sure about the VLAN thing so that’s one of my main reasons for this post. I will probably buy a VLAN capable router anyway because I am pretty into home automation stuff and the ability to separate the IoT traffic and play around with networking a bit seems nice
- Comment on Setting up a private network in shared apartment 1 month ago:
I read about the issue regarding the halved connection speed somewhere but I don’t believe that will be an issue. Considering the average internet speeds here in germany are below 250mbps I don’t expect to saturate the WiFi connection even with half speed. Anything data intensive like accesses to my mediaserver will primarily be over ethernet.
- Comment on Setting up a private network in shared apartment 1 month ago:
I’ve heard about DMZ before but I never knew what it was. That will probably not be an option unfortunately. While I don’t know what router is currently used by the other residents I assume it will be either a FritzBox (which allow some configuration but are mostly idiot proof routers that are very popular here in germany) or a locked down router by the ISP. On neither case will I be able to configure a DMZ.
Regarding the WAN port, I was planning to use the stock RouterOS from MikroTik but I believe that the router can be configured this way already without OpenWRT.
- Comment on Setting up a private network in shared apartment 1 month ago:
Ah that makes sense. I thought I needed the VLAN to separate my network out from the rest.
I am a bit confused about your last paragraph though where you mention 2 APs. Do you mean my private AP and the AP used by the rest of the apartment or do you mean that I have to get 2 APs?
- Submitted 1 month ago to selfhosted@lemmy.world | 13 comments
- Comment on Synology could bring “certified drive” requirements to more NAS devices 1 month ago:
One question in regards to your noise comment: What drives are you running? I have a synology with 2 toshiba mg08 16tb drives and those things are unbearably loud when reading or writing. A lot of that obviously comes down to the drives themselves but I also kind of blame the plastic chassis for probably resonating with the noise and not being better at soundproofing.
- Comment on Synology could bring “certified drive” requirements to more NAS devices 1 month ago:
My personal reasons for buying a synology were ease of use, reliability and power usage.
I had previously played around with TrueNAS in a VM using an external USB HDD Enclosure for storage and I just wanted something reliable. With TrueNAS I often ran into issues eith user permissions one way or another and the Synology software is incredibly easy to use and foolproof.
- Comment on Synology could bring “certified drive” requirements to more NAS devices 1 month ago:
Is that supposed to be a con? I don’t even use 4 bays currently and would be perfectly fine with a 4 rackmount NAS. 7 HDD bays sounds great to me
- Comment on Synology could bring “certified drive” requirements to more NAS devices 1 month ago:
That thing looks almost too good to be true for 500. What’s the drawback?
Not available in europe? (It actually is available, I just checked)
Loud as fuck?
Bad Software?
- Comment on Synology could bring “certified drive” requirements to more NAS devices 1 month ago:
Welp, guess I definitely won’t be buying synology again in the future. I was planning to transition to a rackmounted NAS at some point and synology is overpriced in that category anyway but this puts the final nail in for me.
It’s a shame because I quite liked the simplicity of their UI.
- Comment on Confused about the many ebook/manga management solutions 1 month ago:
If you are in germany, thalia lists whether a book has DRM
- Comment on How do I securely host Jellyfin? (Part 2) 1 month ago:
Yeah, you are right. That’s probably a good idea.
- Comment on How do I securely host Jellyfin? (Part 2) 1 month ago:
I may have misused the word dorm. It is a shared appartment rented with a couple other students.
My goal is basically to set up a private network inside the network used by the other people I share the apartment with so I can tinker with stuff like setting my own DNS server up for the network without possibly impacting the other people in case of failure. My naive impression was that I would need to use a VLAN to accomplish that.
In regards to your idea of using multiple devices I kind of agree but I want to keep the initial cost and energy usage low for now which is why I am trying to find a device I can use for this but also reuse in the future for something else if I want to upgrade (or just retire it without too much sunk cost).
- Comment on How do I securely host Jellyfin? (Part 2) 1 month ago:
Ah I may have misused the word dorm. It’s more of a shared appartment rented by multiple students so there aren’t any limitations in that regard fortunately.
- Comment on How do I securely host Jellyfin? (Part 2) 1 month ago:
Wow, that was a lot more comprehensive than what I was hoping for. Thanks.
I was particularly interested in the CRS310 because it had 2.5G ports with the ability to eventually later even expand into 10G. 10G speeds aren’t really relevant for me (for now) since I mainly want the speed advantage for slightly faster transfers to my NAS but I would be interested in 2.5G capability. Do you think it makes sense to pick one of the devices you recommended, specifically the hAP ax2 and then if I want to get into 2.5G territory to buy an unmanaged 2.5G switch? Speeds of 2.5G and more are only interesting for transfers between my own local devices for me. I don’t need the rest of the network to have fast access so I guess the hAP ax2 makes more sense to buy than ax3. The ability to open my own WiFi network is also quite attractive so I can have local access even from my laptop or phone which I guess is another point in favor of the Home/Office AP route.
- Comment on How do I securely host Jellyfin? (Part 2) 1 month ago:
Hey, this is off topic from the original post but could you tell me what device specifically you have used?
I am going to be moving into a dorm soon and was looking to set up my own VLAN or ehatever you need for a private network because I don’t want to mess with the dorm router. I had a look at a Mikrotik switch (CRS310) but was unsure whether the fan noise would be too loud if I am staying in the same room and more importantly, whether this even allows me to do what I want to do
- Submitted 5 months ago to electronics@discuss.tchncs.de | 4 comments
- Comment on how can i self host my music? 7 months ago:
On the topic of SMB. If OP is mostly interested in accessing the music from their phone, a symfonium + SMB server setup may be even easier than setting up navidrome