Getting a better rack. My 60cm deep rack with a bunch of rack shelves and no cable management is not very pretty and moving servers around is pretty hard.
Hardwarewise I'm mostly fine with it, although I would use a platform with IPMI instead of AM4 for my hypervisor.
I'm using a SuperMicro A2SDi-4C-HLN4F for my NAS.
It takes like 20-30W with 4 3.5" SATA HDDs and one M2 SSD installed. It has IPMI and I'm running it with FreeBSD 13.2, works like a charm. You just need to be aware that you need to adjust the SATA ports in the bios in order to use all 4 of them, by default only 2 SATA ports and the SAS interface will be enabled.
The temps are fine on the cpu without fan - I only have three fans in front of the drives.
I used Toot! on iOS. Was the first app I tried after the official one and it works fine, so I stuck with it.
You can add the device you want to use PiHole with to your WireGuard VPN and set the DNS property for the Interface.
Then you need to add the PiHole machine to the VPN, if it is not already reachable (or you use your existing machine in the internal networking with masquerade)
I didn't have a guide available, so I created one just now here.
From the Protection side you are right. My setup does not have DDoS protection or the WAF offered by Cloudflare, but as I didn't need that (yet) I'm fine with it. Would be something to look into, should I even get enough traffic on my pages that machine could not handle it.
Ja, genau nach 2-3 Jahren klickt die linke Taste einfach doppelt oder random. Bei MX Ergo selbst scheint es laut dem Artikel hier den ich bei meinem ersten Defekt gefunden hatte, die Tatsache zu sein, dass Logitech die Tasten mit einer Spannung betreibt mit der sie langfristig nicht klar kommen.
Zum Glück kann man zumindest bei der MX Ergo recht leicht die Tasten tauschen, weil man nur nen Schraubenzieher und einen Lötkolben braucht. Logitech hat das Problem selber nie gelöst, als kann es durchaus sein, dass das intended ist.
Als Maus eine Logitech MX Ergo. Würde ich nicht mehr hergeben, seit dem ich die habe habe ich viel weniger Schmerzen an der Hand. Leider gehen bei der Maus nach 2-3 Jahren die Tasten kaputt, sodass man die dann händisch rauslöten muss und wieder ersetzen muss.
Tastatur ist aktuell noch eine Redragon K552, hab mir jetzt aber eine Dactyl Manuform bestellt.
The lemmy instance works fine so far. I had some problems migrating the nginx config file from the lemmy manual migrated to traefik, but it works with this guide here.
I'm not really forwarding ports, but I'm rather using a more complex setup. I have two devices - my router and an external VPS hosted in a datacenter. These devices are connected via WireGuard. On the VM where all my services are installed there is traefik installed which is used as reverse proxy for the services and does TLS. The VPS has HAProxy configured to the internal VM in TCP mode, which makes the services available from outside and is important to get valid Let's Encrypt certificates as I'm not using DNS Verification.
I know it's a bit hard to understand, but it works fine for me and I'm not depending on any third-providers (other than the Hoster of the VPS, which I can easily swap if needed).
I use INWX. Prices are very cheap and their DNS supports most of the record-types available, which I didn‘t have at some of the registrars I was at before.
As I have all my data on my homeserver in VMs it’s currently only daily backups to the NAS with proxmox, but I should really add some remote NAS to have it backed up in case my local NAS breaks down.
Ah, so you added another nginx on the host by installing it from the package store of the distro and have that proxy port 80 to the docker nginx?
If you do that then you also need to add the websocket settings I had in the first comment to the host nginx.
What I meant what that the nginx in the docker-compose from lemmy also listens to port 80 and you just need to add
server {
listen 80;
server_name my_domain.tld;
location / {
proxy_pass http://localhost:LEMMY_PORT;
proxy_set_header Host $host;
include proxy_params;
}
}
to the nginx.conf of the container.
Then you should have it accessable from port 80 without the host nginx (of course you need to stop the host nginx then).
No, you are right. If you are using the nginx container from the docker installation guide then you will also need to add port 80 atleast in order to see anything, as nginx will otherwise not listen on the port 80 of the droplet.
How does your nginx.conf look now?
Ok, just to understand what you did. You got an Digital Ocean droplet with Docker and used the instructions in the link I posted or different ones?
If you are using the instructions from my link nginx will also run in a docker container, which means that your upstream will not be on localhost, but rather the lemmy and lemmy-ui containers.
If you did install it locally then localhost:1235 could be correct.
The nginx config provided in the Docker installation part contains everything needed for nginx. If you are installing lemmy directly on the machine you may need to use different upstreams.
The websocket part is basically the
# proxy common stuff
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
part in the nginx config on that page.
It works fine for my use-case which is basically just tracking my work-time for the employer I'm working at, so I don't really use the freelancing options like invoicing.
Had some problems with the docker container, because they did some breaking changes, but overall it works for me.
It also supports SAML so I can use it with Keycloak and there is an app for the iPhone, which I'm using that works nicely with it.
Pretty much anything I can. Host OS is mostly Debian with Docker, only the Git Server is running on Alpine. Hardware-wise everything is running on Proxmox with an FreeBSD NAS for backup and data storing
- Logging/Monitoring Stack (Grafana, Loki, Prometheus, InfluxDB)
- Step-CA for custom internal CA
- Firefly III as budgeting tool
- Kimai for work-time tracking
- Vikunja for Project Management
- Keycloak as OIDC server
- Grocy for inventory management
- Bookstack as personal Wiki
- The lemmy instance i'm posting from
- Mastodon
- Nextcloud with Collabora Office
- Bitwarden as Password Manager
- Miniflux for RSS Feeds
- Some websites
- Gitea
- Wireguard
- Jellyfin
- Metube
- Mail server running docker-mailserver (only as fallback due to sending problems to Microsoft)
- Uptime-Kuma
- Home-Assistant
If you send a ticket to them in the cloud console, they will also unblock port 25