While I'm morally in the opnsense camp I know pfsense has more third party packages available.
Running docker in an lxc sounds interesting, I'm a bit old school and enjoy the isolation that a true vm gives you.
anamethatisnt
joined 1 week ago
Thank you for adding your troubleshooting and solution to the thread. This is gonna turn into Wisdom of the Ancients eventually. ;-)
-
Check if you're behind CGNAT
The allocated address block for CGNAT is 100.64.0.0/10, i.e. IP addresses from 100.64.0.0 to 100.127.255.255. If your routers WAN IP is one of those then selfhosting stuff accessible from outside requires a lot more work. Ask your ISP if you can have a public IP address and what the cost is or go into the rabbit hole of bypassing cgnat with a vps. -
If you're gonna host data, especially other peoples data*, learn and use the 3-2-1 backup strategy
For proxmox which I talk about more further down you can look into their own Proxmox backup server solution. -
Data redundancy, either through BIOS/UEFI RAID1 (for two disks) or RAID10 (for four disks) or by running ZFS
This isn't a backup, this is about being able to replace a faulty drive without downtime and having an easier rebuild process compared to restoring from backup. -
Virtualization, for a beginner that already runs linux I would recommend Proxmox
This makes it more complicated to get started but easier to maintain the installation and easier to migrate it to new hardware.
It also allows you more room to learn by doing, that's the bonus of the easier restore, cloning and snapshotting of virtual machines compared to bare metal.
*If you're new to selfhosting then begin with yourself and having only local in-house access. As a step 2 learn how to setup a vpn for access from the outside. Step 3 would be learning how to use a reverse proxy, lets-encrypt and so on for SSL access without vpn.
The days are finally longer than the nights and I'm starting to see grass underneath the snow. I'm looking forward to start working in the vegetable garden and being able to have a nice cup of tea outside in the sun.
So the issue is kind of similar to bitwarden; how to protect the premium bits when having an open source core?
They just didn't handle it as gracefully.
https://www.theregister.com/2024/11/04/bitwarden_gpls_password_manager/
Here's the history regarding emby if you're curious:
https://github.com/nvllsvm/emby-unlocked
Ah, that's good to know!
My jellyfin server is only available over vpn (and locally) so I haven't much looked into beefing up the security on the jellyfin server itself.
Yeah, the reverse proxy will need to be able to handle the network bandwidth of your video stream too.
https://en.wikipedia.org/wiki/Reverse_proxy
I imagine something like Ontrack will quote you at least $1000
If you consider the data worth that then I would go for one of the big known firms.
If not then I would start researching how to replace a pcb and risk losing the data.
view more: next ›
As gardenfork always says; Done is better than perfect.