What’s happening on your servers? Any interesting news things you tried?
I didn’t do anyone other than updating Mastodon (native deployment) lately due to a lack of time. Reading so much about Immich caused me to consider trying it in parallel to Nextcloud but I’m not sure if I want to have everything twice.
Not quite homelab, but I’m about to install Linux Mint on my mom’s laptop and that had me thinking about creating an off-site backup in her place again since she has a fiber connection. I’m still not sure about the potential design though, but currently my only backup is in the same rack as the live stuff.
You must log in or # to comment.
I am playing around with Podman Quadlet and that’s one hell of a rabbit hole. I have everything up and running, and now I need to configure the containers, and probably will deal with other pain points, etc.
The good thing is that I have documented the whole process so it is reproducible but it took me quite some time to figure out everything.
I installed immich and began migrating our phones away from Google.
Finally managed to carve out some time since the birth of my daughter two months ago to tinker around a bit. Decided to tackle my gripe to semi-automate updating my services when there is a new release.
Now I have Renovate running on my self-hosted Forgejo instance using Forgejo’s actions and a “Podman in Podman” image for its runners. Don’t ask me why I wanted to do a PINP instead of DIND - I guess I like to punish myself. But at least this means everything I deploy is running with Podman 😄
I have noticed that Microsoft and google are trying to scan my domain for /php-myadmin and similar links that I thankfully do not have.
I had already fail2ban running but it failed to ban a single IP. I did setup custom filters that would ban admin panel scanning attempts but somehow now it also bans my home IP and my phone 5G ip sometimes. No idea how to fix it so far. Also, this filter/jail doesnt necessarily jail everyone attempting to reach these links, just sometimes it does.
Working on getting bazarr to work with Plex, turns out it still requires radarr/sonarr even if I don’t sail the seven seas. Guess I’ll be learning the entire stack tonight :)
I’ve been deploying Gitea (or Forgejo, still can’t decide), but I’ve fallen into the Ansible rabbit hole and can’t get out. Also learned Terraform in the last week and I’m still on the fence about using it in my homelab. It’s nice for the cloud but I don’t think it’s as useful on-prem.
Forgejo has everything Gitea has, with more and being more open
My concern when it forked was that forgejo would last a few months and then fizzle out.
That doesn’t seem to be the case.
CLOUDFLARE IS NO MORE FOR MY NETWORK
Soon I’ll drop Cloudflare for my public services too
What are you moving to?
Anubis, though I always had it before I removed Cloudflare.
Hooray!
Installed qbittorrent and downloaded a few seasons of Linux isos onto a vps. Discovered accessing those files over SSH to be too slow to play them without buffering so installed filebrowser to get them via http which worked well.
It’s been a long long time since I used bittorrent and wow it works so much better these days.
I got tailscale cert to work but I feel kind of bad about learning tailscale instead of headscale
Have you looked into netbird? I have been thinking of setting that up over tailscale
I was going to read into these. What benefits do you see in headscale?
I run headscale on my VPS. The tailscale clients are already open source, though by default they connect to the companies servers for coordinating the net. Headscale is open source and replaces the companies servers with your own. Best to not rely on some corporate service, which could cease to exist or be enshittiefied.
Mainly that they can’t enshittify because they’re already open. Tailscale is great right now, and free, but who knows in 5 years
Set up Zipline to share bigger files with my friends.
I finally got my ISP to enable bridge mode on my modem.
I also learned that I didn’t lose port forwarding and related services because I had been moved behind CGNAT or transitioned to IPv6 – they simply no longer offer port forwarding to residential customers. Ruminate on the implications of that statement so I’m not the only one with blood pressure in the high hundreds.
My ISP did the same thing recently and what was most annoying is they didn’t admit to changing anything, while trying to sell me a business account.
This weekend I setup Pangolin on a budget VPS and forwarded it back home. I don’t have my VPN backup but it fixed Plex and I can access my security cameras again.
Port forwarding is done at the router/firewall, so if ports can’t be transferred its a cgnat thing they are doing. Like a Non CGNAT IP on the internet can be sent a packet on any port.
No, I got it from the horse’s mouth: my WAN address was publicly routable all along, the ISP just disabled those NAT-related features remotely.
the implication of that is weird to me. I’m not saying that the horse is wrong, but thats such a non-standard solution. That’s implementing a CGNAT restriction without the benefits of CGNAT. They would need to only allow internal to external connections unless the connection was already established. How does standard communication still function if it was that way, I know that would break protocols like basic UDP, since that uses a fire and forget without internal prompting.
It’s perfectly reasonable from the perspective of corporate scum: take away a standard feature, then sell it back as an extra. As far as I know, the modem still had UPnP for applications that rely on it.
Oh shit, that’s terrible.
I have been looking for something new.
Last week was moving Immich up to the new release I was on an old version, which meant migrating to an intermediate version to allow a database rebuild. It worked well.
I was bored this week so just ran some wattage testing.
- 15w at idle (800MHz)
- 20w active (3.4GHz)
- 30w peak at boot
What kind of hardware is it running on?
It’s an Intel i5-7700 cpu in a Gigabyte Z270N mobo. Those were chosen as a form factor fit for the Monsterlabo fanless case. (Only a select set of boards, and in this case 1151 brackets, fit the case)
I’ve learned a hard lesson this week. Jellyfin server OS partition run out of free space and corrupted the database. Nothing to do but reinstall. I guess this week I’ll be reviewing backups! 🤣🤣🤣
FYI from the newest release notes for 10.11.0
Jellyfin now actively checks the available free space for its configuration and data directories. If you have less than 2GB of free space in each data directory, Jellyfin now refuses to start to prevent data corruption. Additionally, checks are implemented to prevent certain path misconfigurations that are known to cause issues.I don’t like the sound of that. Sounds like bad programming? Who’s at fault? Jellyfin or the database implementation? Why would a nospace error corrupt everything. Sounds absolutely volatile. 😱
They just made a blog post about the next version fixing a long standing issue with their database management. Should probably improve in the near future.
Yikes. Well that’s good, at least. Progress is good.
oh this recently happened to me. but nothing much was lost, users were managed with SSO, files were unaffected, barely an inconvenience.
Love the post haha! Nothing much here things run rather stable and with low maintance right now.
I’m super glad I arrived this state and don’t have to do anything mostly. Just when I want to change stuff :)
I mean I still do from time to time. Breaking changes require some attention and migrations. But overall its good and not a load of daily maintance.
I’ve set up Kavita for my e-books. Nice UI, looks promising, and I’ve added some books. I haven’t really used it yet, because half of this was just an excuse to try podman (instead of docker). I wanted to set it up to run as unprivileged user, without the docker daemon running as root. That wasn’t too hard, but it was definitely a few extra steps.
But something about Kavita didn’t sit well with me. Maybe I don’t self-host enough stuff to know what’s normal, but there is a donate button, which I don’t mind, but its tooltip says: “You can remove this button by subscribing to Kavita+.”
I’m donating to a few software projects already, and I have developed a substantial amount of free software myself. There is nothing wrong with asking for money. But what I cannot stand is when software running on my own device is intentionally acting against my interests. And this tooltip was very clear about not letting me do something that I might want to do.
So I checked the source code for more. I found another anti-pattern: telemetry is opt-out instead of opt-in. But that seems to be it, I didn’t find anything worse than that. So… fair I guess, if the author wants it that way. It’s still free software. It looks like I could delete all the Kavita+ stuff myself and re-build. Which I’m going to do if I keep using it. But this is now an extra step that prevents me from just using it, because I need to feel in control of what I run. Kind of self-inflicted, I guess…
If you reach the point of looking for a different solution, check out Calibre Automated. I tried several different things and this was the best one for me.
I’ve been running Kavita for a year and a half +, and honestly cannot tell where the donate button is, other than going into the settings and clicking the “kavita+” selection. Maybe I’m oblivious. Can you share what you’re seeing? As well with the telemetry option?
Telemetry is in Server -> General -> Allow Anonymous Usage Collection. When you opt-out, it also send a final message to the server that you’ve opted out. The the telemetry itself looks reasonable, I don’t mind sending it. It’s really just the dark pattern of opt-out vs of opt-in that bothers me.
The donate button is the heart in the bottom left menu (not visible in the settings). It’s unobtrusive. I wouldn’t bother to remove it, except the tooltip says that I have to pay to remove it - now it has to go. Asking for donations is fine, but asking for money to remove a button is disgusting.
Thanks!
Telemetry: I was able to find it, but it was already disabled. Maybe i noticed and unchecked it when I initially setup.
Donate button: Ah, I see where you mean. Interestingly I do not see it when accessing from my mobile device, either as a mobile site or requesting a desktop site. But when accessing it from a desktop browser I do see it in the bottom left.
A quick test shows ublock origin can block the element from showing. I believe that even if the user donates, it is not sufficient to hide this button, and the user must opt to pay for Kavita+ which is a subscription, not a one time license/etc, and forgoing it may lock other features a user is interested in.
https://wiki.kavitareader.com/donating/ https://wiki.kavitareader.com/kavita+/
This looks cool, but I really wouldn’t like having the donate button right in front of me
