Skip Navigation
InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)JO
JonnyJaap @lemmy.world
Posts 1
Comments 10
vpn on nextcloud?
  • Dunno if you are still watching this post.

    I have a few comment to your post and the other panic about security.

    1. Using nextcloud only for bookmarks if total over kill, but if you want to start and understand and later use it more, it's actually a good idea.

    2. Yes, exposing ports in your firewall is potentially dangerous, BUT if you only expose a port and not the complete PC the firewall deals with attacks (but your services still have to be up to date to ensure safety).

    3. Yes, using a VPN instead of exposing the service is saver that's for sure. You can do it they way for the start. But don't let you be frightened by some of the other commands. I have several services public on my network. 3.1. BUT I still evaluate if this service even have to be public and the risk of late patches. I have public services and local service (name.domain.com and name.local.domain.com). Any service that I don't need to access from a random PC/share with family/friends can only be accessed in local network /via vpn.

    4. Its good you are careful, try to search online for more information since this post didn't get a lot of comments.

    Edit: 5. Don't know why people recommend tailscale where you need an account, instead of recommendatinh wireguard (tailscale is build on wirequard) or OpenVPN.

    Edit 2: 6. Don't use UPnP! It enables your machines to automatically open ports, that's so bad.

  • Doubts over Gluetun + QBitTorrent setup
  • Even though protonvpn supports P2P (paid plan) you can not use it for good private torrenting, for seeding you need a open port to your host.

    Azirevpn supports port forwarding.

    Another note, you need to ensure that the torrent program is limited to your VPN interface to prevent IP leaking.

  • How do you monitor your servers / VPS:es?
  • I used zabbix at some point, but I never looked at the data so I stopped. Zabbix shows all kind of stuff.

    I have cockpit on my bare-metal that has some stats, and netdata on my firewall, I do not track any of my VM's (except vnstat that runs on everything device).

  • Intel N100 good enough for 1Gbits internet ?
  • I used devices from gl iNet, the devices are good, but I find the UI of opnsense way better (compared to advance ui of openWRT) and updates are directly from opnsense.

    I still have them for smaller network tests but for some reason I never got close to it. Probably another reason is that my brother uses opnsense too, if we have any issues we can ask each other for help.

  • Intel N100 good enough for 1Gbits internet ?
  • I tested with seedtest-cli, libre speed test and downloading a big file (with a combination of different devices). The CPU immediately goes to 100%

    When I use the ISP box directly I get full speed.

  • Intel N100 good enough for 1Gbits internet ?
  • Thank you for the answers. I enjoy opnsense, it's easier to use then openwrt for me personally.

    I was thinking to do some testing of the new device before I replace the old one. But I wanted to hear if anyone has experiences.

    I looked at CPU benchmark net, and saw that N100 is about 8 times faster then the AMD SOC. I'm not sure if this is linear with performance increase. Currently max download is about 600-700 while upload is 300-400.

  • Intel N100 good enough for 1Gbits internet ?

    I just recently got a new ISP and new internet speed 1200/600, my current firewall with opnsense can not handle the speed (AMD GX-412TC SOC), I have been looking for a new firewall (opnsense + 2.5 Ethernet) and found several with the Intel N100 CPU (2023).

    I was wondering if this CPU is good enough to handle the Internet speed and if there is overhead?

    21
    Help me build a home server
  • If you want to start try to find something used on DBA, like an old laptop. If you are an student, maybe someone in your class upgrades their laptop and you can get it cheap. (Best a laptop where you can remove the battery, plus you need to change a setting so it doesn't go in standby when closing the lit)

    You can add an external hard disk for nextcloud data.

    My first home server was an raspberry pi, it's not great for nextcloud, you need to disable all preview image, and the UI might still be slow. Untop using an microSD card for the OS might randomly break (happens to me, SanDisk).

    My second server was my old laptop, I used an laptop with i3 from like 2013 as server for a long long time.

    Best thing I can recommend is to not rush and get the first best thing, try to look for a good deal. Start small and you can always increase your server in the future.

    Wish you the best.

  • What's wrong with using cloudflared?
  • The first point is only when you use the tunnel function, right ?

    Because I noticed, if use the tunnel function (hiding your private ip) the sites gets an Cloudflare certificate, but if just using it as DNS (without tunnel) the page has my certificate.