![](/static/66c60d9f/assets/icons/icon-96x96.png)
![](https://lemmy.world/pictrs/image/8286e071-7449-4413-a084-1eb5242e2cf4.png)
That’s interesting, but that won’t help if I’m away or on vacation on the other side of the world
That’s interesting, but that won’t help if I’m away or on vacation on the other side of the world
If you tick the encryption box during install, you will have to enter the decrypt password at every boot and that means that if the power goes out for long enough (UPS doesn’t keep the server up for hours), I (and my family) will not have access to the self hosted stuff until I’ll be home and this is why I encrypt only the data partition and not the boot one.
I do bind mount data folders of the containers, I do backups, I have a notification system that alerts me if a container is not up, but a container can be up but have problems and, most importantly, I (and I guess a lot of other people) don’t always have time to solve problems. When I a few spare minutes a do a snapshot, I update the containers and if something goes wrong if I have time I troubleshoot it, otherwise I just roll back the snapshot and I’ll have a look at the problem when I’ll have time.
Nothing, it’s just an extra check.
But from the moment that the script updates and breaks something and the moment he realizes it may be too late for some applications.
For example I host Traccar to track car/vans and in this case some tracks would be lost. Or maybe SyncThing, he may realize days/weeks later that a sync is not working and if he was synching his smartphone pictures with his server and the smartphone is lost/broke/stolen, he may lose days/weeks or even months of pictures.
I wouldn’t trust a script. Use Watchtower or What’s up Docker
So it’s the use of a browser within a browser? Is it any different than just using Firefox containers (they are AWESOME!!!) and a VPN add-on?
I use BookStack and with Node Red I export to PDF the books as soon as pages get updated, so if everything goes feet up, I have all the documentation in PDFs (locally and automatically uploaded to a free DropBox account, still done with Node Red).
But the attacker should know the internal and the external DNS. If the internal DNS doesn’t have any SSL certificate on its name, it’s impossible to discover.
By the way, I always suggest to reach services through VPN and use something like Cloudflare tunnel for services that must be public.
P.s. Shouldn’t public and private DNS be inverted in your curl example?
Or just point secret.local.mydomain.com to the LAN IP of the server.
To avoid opening ports, have a look at Cloudflare tunnel.
Thanks, I did’t know that.
Is there an Immich Android app that auto upload pictures?
Dude, chillax! Why would I read the article? I assumed that you got the same hardware that was mentioned in the article; how could I know that you wrote it about your server?
And by the way, your analogy with the archeology doesn’t fit at all.
No way! For just 1 reason: I will have to learn another new thing and replace it in about 6 servers. I value my time and for now Proxmox is fine.
P.s. Incus seems nice though! NO, stop tempting me!!! I’m already in the rabbit hole with a gazilion of self hosted services and dozens piling up in the to do list 🙈🙈🙈
2004 hardware -> dumpster! Seriousky, with the electricity bill of 1 year of that server running 24/7 you can buy a used Dell, HP or Lenovo PC (2/3 maybe 4 years old); you will have more power, way less power consumption and way less noise.
I run it on a 4GB Fujitsu Futro S920! 😆 All the RAM seems to be used by 3 VMs. Some SWAP is been used, ok, but the Proxmox overhead doesn’t seem that much.
Totally agree! Also, at work we have some Synology and their web UI is soooo slow that it’s almost unusable
30/40€ Fujitsu Futro where you can install OPNsense, the AP you linked and you’re good to go!
You’re just missing the part where I want to be on vacation without the need to find a decent Internet connection to boot my serve because the power went off. What’s the plus of encrypting the OS partition too?