tvcvt

@tvcvt@lemmy.ml

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨If Nothing is Exposed, Am I Safe?⁩ ⁨⁨2⁩ ⁨hours⁩ ago⁩:
You ever see those Wired videos where they talk about a concept on five different levels ranging from beginner to expert?

The first level answer is likely that, yes, you’re reasonably secure in your current setup. That’s true, but it’s also really simplified and it skips a lot of important considerations. (For example, “secure against what?”) One of the first big realizations that hit me after I’d been running servers for a little while and trying to chase security is the idea of a threat model. What protects me from a script kiddie trying to break into one of my web servers won’t do much for me against a phishing attack.

The more you do this, though, the more I think you’ll realize that security is more of a process than an actual state you can attain.

I think it sounds like you’re doing a good job moving cautiously and picking up things at each step. If the next step is remote access, you’ve got a pretty good situation for a mesh VPN like Tailscale or Netbird or ZeroTier. They’ll help you deal with the CGNAT and each one gives you a decent growth path where you can start out with a free tier and if you need it in the future, either buy into the product or self host it.
⁨Comment⁩ on ⁨Best Back Up Solution For Multiple Servers⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
It sure will handle a remote VPS, it’s just not as automatic to set up as it is with PVE.

I put this off for a long time, but I finally did it this weekend.

Basically, you install the proxmox-backup-client utility and then run it via cron or a systemd timerto do the backup however often you want.

You’re responsible for getting the VPS to communicate with your backup server (like pretty much any self-hosted service), so some sort of VPN between them would be good. I used NetBird for that part and I have a policy that allows access from the client to PBS only on TCP port 8007.
⁨Comment⁩ on ⁨Best Back Up Solution For Multiple Servers⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I’ve been quite happy with Proxmox Backup Server. I’ve had it running for years and it’s been pretty solid for all my VMs/containers. There’s also a bare metal client, which I’m adding to a couple cloud VPS machines this weekend. We’ll see how that goes.

Also, since it’s just Debian under the hood, I also use the PBS host as a replication target for my ZFS datasets via sanoid/syncoid.
⁨Comment⁩ on ⁨How to update Immich now that I am way behind?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
I just had to do this. Don’t skip the release notes. They’re really good at highlighting potential pitfalls, just scroll back through and look for the heading “Breaking Changes.”

In my case there were a few, but they were only for API calls I’m not using, so I just did the update in one go and it worked out great. (Of course, I made sure to take a backup first.)
⁨Comment⁩ on ⁨What do people use for a shelf-stable backup⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
This was a recent point of discussion on the 2.5 Admins podcast (2.5admins.com/2-5-admins-228/). Some good discussion on there.

My own thought is the best way to handle your family-member-finding-your-old-photos problem is the analog way: make some prints. It’s absolutely idiot proof, the methodology of keeping paper goods is well understood, and the technology is platform independent.