But the attacker should know the internal and the external DNS. If the internal DNS doesn't have any SSL certificate on its name, it's impossible to discover.
By the way, I always suggest to reach services through VPN and use something like Cloudflare tunnel for services that must be public.
P.s. Shouldn't public and private DNS be inverted in your curl example?
My point is that you can't compare today's problem with 20 years ago! 20 years ago the access to the Internet was through the home PC for the amount of time the kid was allowed to use and with people in the house (usually); today the access to the Internet for a kid is 24/7 and everywhere. There is no comparison. Parents should be more present in the kids life? Sure! Parents should block Internet access to porn website at least until a certain age? Yes! But most of them doesn't even know that ths is possible. Maybe we (society, givernment) should work more here.
Thanks!
Guys, come on, in the '80/early '90 it was almost impossible to have access to porn, maybe some magazine found somewhere. Today a 10 years old can see porn video on a smartphone everytime he wants! You can't say that it's the same!
P.s. In my original message I didn't say that I'm ok with that law, I was asking (to start a kind discussion) what other possibilities there are.
In fact I wrote:
The firsts with wide Internet access were the late millennials.
which seems to be you.
I know, but what were the risks there? There was no Internet! The firsts with wide Internet access were the late millennials.
Or just point secret.local.mydomain.com to the LAN IP of the server.
To avoid opening ports, have a look at Cloudflare tunnel.
Thanks, I did't know that.
I agree with what you say, but how can we prevent kids to use those websites? Todays parents are too IT ignorant and they don't know that they can protect their kids by using tools that they already have (parental control on smartphones and routers). So, how do we protect those kids? Pornography (for example) can do huge damage to kids.
Is there an Immich Android app that auto upload pictures?
Dude, chillax! Why would I read the article? I assumed that you got the same hardware that was mentioned in the article; how could I know that you wrote it about your server?
And by the way, your analogy with the archeology doesn't fit at all.
No way! For just 1 reason: I will have to learn another new thing and replace it in about 6 servers. I value my time and for now Proxmox is fine.
P.s. Incus seems nice though! NO, stop tempting me!!! I'm already in the rabbit hole with a gazilion of self hosted services and dozens piling up in the to do list 🙈🙈🙈
2004 hardware -> dumpster! Seriousky, with the electricity bill of 1 year of that server running 24/7 you can buy a used Dell, HP or Lenovo PC (2/3 maybe 4 years old); you will have more power, way less power consumption and way less noise.
I run it on a 4GB Fujitsu Futro S920! 😆 All the RAM seems to be used by 3 VMs. Some SWAP is been used, ok, but the Proxmox overhead doesn't seem that much.
Totally agree! Also, at work we have some Synology and their web UI is soooo slow that it's almost unusable
30/40€ Fujitsu Futro where you can install OPNsense, the AP you linked and you're good to go!
Guys, read the article first! At least try, at the beginning it says:
Unless you self-host at home on your own NAS
Wasabi have similar pricing to glacier, but without the limitation
Or Wasabi
VLAN question
I've finally been connected to a fiber connection 2,5/1Gbps! 🥳 Now I want to share my connection with my neighbor and so I've installed 3 PCIx dual 1GB nic (I'm out of PCIe slots 🤷♂️).
The connections comes from my OPNsense to the server (Proxmox) via a 10Gbps fiber connection.
I want OPNsense to take car of firewalling dividing the neighbor networks with VLANs. The OPNsense part is done and working, I need to assign to each of the 6 1Gbps NIC each VLAN.
I've tagged the traffic going into the server via the fiber connection, but now how can I assign each VLAN to each NIC? Thanks!
Edit: Proxmox has nothing to do in the equation, it just happens to be on the same server where the NICs are.
[Jellyfin] PCIe x4 graphic card for transcoding
I have only a PCIe 2.0 x4 and a PCIe 3.0 x16 free and I need to install a 10Gbps SFP+ card and a graphic card for transcoding with Jellyfin (the CPU is an old E5-2620 v2). Since I can't find any SFP+ card that is x4, do you know a graphic card with decent transcoding capabilities (I'd day 2 4K simultaneously) that is only PCIe 2.0 x4?
Edit: the x4 slot is full length.
Android app for GitHub
Hi all! Do you know a valid app for GutHub? I've searched on F-Droid, but they are all abandoned. Thanks!
Single mode fiber cable: which SFP module?
My Internet provider just installed a 2,5/1Gbps Internet connection and I've asked the guys to run a couple of their fiber to connect my router (HP Prodesk with OPNsense) to my server. I didn't know that the fiber is single mode and all the SFP+ sold used now seems to be all for multi mode fiber (www.bargainhardware.co.ukfor example). The cable is about 30m, can I use a 810nm SFP+ or is it definitely better to use a 1310nm?
Suggestion for a 2,5Gbe PCIe x1/x4 (or 10Gbe?)
Hi everybody! For my OPNsense router (on a VM on Proxmox) I need a 2,5Gbe card (to connect to the ONT of my provider); I only have 2 PCIe 3.0 x1 or 1 x4 because the only x16 is for a dual SFP+ fiber card.
Can you suggest me a NIC (I'd prefer to buy used)? Is it better to go with a 2,5 or 10Gbe? The cooler (temperature!) the better. I just need 1 port, if there are 2 it would be better, but the most important thing is the low operating temperature.
Thanks!
SC/APC SFP to bypass provider ONT
My Internet provider just installed me a 2,5Gbps fiber connection. It arrives with a single fiber connected to a GPON ONT (ZTE ZXHN F6005) connected with an RJ45 cable to the 2,5Gbps port of a 5530 Fritz!Box router. I'd like to bypass both the router and the ONT, do you think that it's possible? For the router my provider says that it's possible and it provided me the connection parameters, but for the ONT I've no idea. I would need a singe fiber SC/APC 2,5Gbps SFP+ adapter that I cant seem to find. Can anybody help me? 'm based in Europe.
Software RAID1: how to change disks?
I have installed Debian with software RAID1 (and installed Proxmox on it) on 2 256GB SSD and I now want to move to 2 500GB SSD, how do I proceed?
Edit: the RAID is of the OS disks.
Jellyfin on a Windows VM with NDI scren capture
Hi all, I have a Proxmox server hidden away where it annoys nobody, and a small PC I'm the TV cabinet that I need to turn On/OFF every time I use it and when a movie needs to be transcoded, the fan spins like crazy.
Have anybody tried to use a Windows VM and share the desktop with NDI? In this way I just need an NDI decoder behind the TV and all the job will be done by the server.
Any thoughts about this?
Edit: NDI: Network Device Interface: basically it's an audio/video (and intercom) transmission over IP with low latency. The sender could be an hardware encoder or a software.
Used NetApp 6TB SAS for 38€???
I've found these NetApp SAS Festplatte 6TB 7,2k SAS 12G 3,5" - 111-02374 E-X4064A-R6 ST6000NM0034, that cost only 38€! It's a brand that I've never heard about and I've no idea how many hours they've worked (I've asked and I'm waiting for an answer). What do you think?
Edit: I've asked the seller if there is a custom firmware that makes the drive unusable and it answered me saying that they work with any SAS HBA controller. They have worked 1863h and written 130TB (he showed me 4 screenshots of 4 tests of 4 drives)
Damn SAS connector! I got the wrong cables.
Hi all, I've bought 2 Dell H310 6gbps SAS HBA controlelr with cables, but the cables have the wrong connectors (for me). They have this:
While my drives have this one:
What's the name of those 2 so that I can sell mine and buy new ones? ...or should I just cut the side of these and power supply connectors? 🤔
NFS: permission denied even locally
Hi all, I don't know if this is the right place to post this...let me know :)
I'm trying to create a NFS share, this is my /etc/exports:
/mnt/pool/var_VM_docker/ 172.31.0.0/24(rw,sync,no_subtree_check)
When I try to connect with:
sudo mount -t nfs -o nfsvers=3 -vvvv 172.31.0.1:/mnt/pool/var_VM_docker /mnt/test
I get:
mount.nfs: timeout set for Mon Apr 15 19:07:11 2024 mount.nfs: trying text-based options 'nfsvers=3,addr=172.31.0.1' mount.nfs: prog 100003, trying vers=3, prot=6 mount.nfs: trying 172.31.0.1 prog 100003 vers 3 prot TCP port 2049 mount.nfs: prog 100005, trying vers=3, prot=17 mount.nfs: trying 172.31.0.1 prog 100005 vers 3 prot UDP port 41067 mount.nfs: mount(2): Permission denied mount.nfs: access denied by server while mounting 172.31.0.1:/mnt/pool/var_VM_docker
I don't have iptables enabled, nor SELinux. I've tried exporting it on 127.0.0.1 and connecting it to 127.0.0.1, but the problem persist. What am I doing wrong?
Do you encrypt your data drives?
Fellow selfhoster, do you encrypt your drives where you put data to avoid privacy problems in case of theft? If yes, how? How much does that impact performances? I selfhost (amongst other services) NextCloud where I keep my pictures, medical staff, ...in short, private stuff and I know that it's pretty difficult that a thief would steal my server, buuut, you never know! 🤷🏻♂️
GUI on a Linux server
My home server is a Proxmox machine with some VM one of which is Open Media Vault from which a Windows PC plays videos to my TV. I want to get rid of the Windows PC and connect the TV directly to the server with an HDMI+USB RJ45 extender, but...how do I get a GUI from it? Is it even possible? I would need to connect to a Windows VM because for what I know Netflix only plays 4K videos with Edge. Thanks!
Selfhosted systrem to monitor daily incoming email (backup reports)
Hi all! I've been looking for a selfhosted system that can monitor one or more email accounts and check if a certain email with a particular subject arrives every day (or every x hours) and alert me if it doesn't (or if the subject is different). I need this to check if backups from different PC have run or not. The best thing would be to integrate it with Uptime Kuma. Any idea? Thanks!
Edit: I'm switching all my backup software to Restic (Autorestic on Linux machines) so I can send a ping to Uptime Kuma when every single backup successfully ends.
Self hosted AI chat like OmniGPT?
I've just discovered OmniGPT that seems to be a chat where you can interact with different LLM (Claude, GPT-4, Llama, Gemini, etc.) and costs $16/month (it was $7/month until a week ago 🤦♂️). I've read on a Reddit post that it uses the APIs of all the provider that is a thing that can be done for free using a personal account (since the API limit seems to be high). Do you know something like OminGPT that can be self hosted that uses users API keys?
Best chatbot for coding (vvvv, TouchDesigner, NodeRed, etc.)
Hi all! What do you think is the best chatbot to use for suggestion/learning vvvv, TouchDesigner and similar software? I will be using it also to check/suggestion on JavaScript/Python scripts. One where I can upload a file and let it analyze it would be very nice.
Battery indication for MQTT sensors
I have some sensors like this one: ```
- name: "Sala" unique_id: "temp_sala" state_topic: "zigbee2mqtt/temp_sala" value_template: "{{ value_json.temperature }}" unit_of_measurement: "°C" ```
Those sensors publish the battery status too, how can I add it? Thanks!
Climate to turn on/off heat pump
I have created this climate:
```
- name: "Riscaldamento"
unique_id: "termostato"
modes:
- "off"
- "heat"
- "cool" mode_command_topic: "home/riscaldamento_raffrescamento/TEST/mode/set" mode_state_topic: "home/riscaldamento_raffrescamento/TEST/mode/state" temperature_command_topic: "home/riscaldamento_raffrescamento/TEST/temp/set" current_temperature_topic: "home/riscaldamento_raffrescamento/TEST/temp/state" power_command_topic: "home/riscaldamento_raffrescamento/TEST/pump/set" payload_on: 1 payload_off: 0 min_temp: 17 max_temp: 28 temp_step: 0.1 precision: 0.1 ```
thinking that the power_command_topic would be sent whenever the temperature would go over/under the one set, but nothing ever get send to that topic. How can I turn on the pump when the temperature goes under the one set and turn it off when it goes over?
Timer/schedule entity
Hi all, I've been using Domoticz for years and I've finally decided to move to HA. In Domoticz I could have a timer (fixed date, every days, every x days, and so on) for every single entity, in HA how I can do that? Thanks!
[SOLVED] Frigate: vertical camera shrinked vertically
Hi all, I'm pretty new to HA and Frigate. When I installed the cameras (they are all vertical, 9:16), they were correct, I could see all the vertical images. Since about a week they are all shrinked in a 16:9 images/videos, even if they are 9:16
Here is my config
```mqtt: host: 192.168.31.5
detectors: # <---- add detectors coral: type: edgetpu device: usb
#go2rtc:
streams:
camera_fronte_ingresso:
- rtsp://127.0.0.1:8554/cam/realmonitor?channel=1&subtype=2
camera_lato:
camera_portico:
log:
exec: trace
objects: track: - person - car - cat - dog - truck
cameras: camera_fronte_ingresso: ffmpeg: inputs: - path: rtsp://USER:[email protected]:554/cam/realmonitor?channel=1&subtype=2 #rtsp://127.0.0.1:8554/camera_fronte_ingresso #rtsp://USER:[email protected]:554/cam/realmonitor?channel=1&subtype=1 input_args: preset-rtsp-restream roles: - detect - path: rtsp://USER:[email protected]:554/live # <----- Add stream you want to record from roles: - record hwaccel_args: preset-vaapi detect: enabled: true # <---- disable detection until you have a working camera feed width: 1280 # <---- update for your camera's resolution height: 720 # <---- update for your camera's resolution record: # <----- Enable recording enabled: True snapshots: # <----- Enable snapshots enabled: True camera_fronte_garage: ffmpeg: inputs: - path: rtsp://USER:[email protected]:554/cam/realmonitor?channel=1&subtype=1 input_args: preset-rtsp-restream roles: - detect - path: rtsp://USER:[email protected]:554/live # <----- Add stream you want to record from roles: - record hwaccel_args: preset-vaapi detect: enabled: true # <---- disable detection until you have a working camera feed width: 1280 # <---- update for your camera's resolution height: 720 # <---- update for your camera's resolution record: # <----- Enable recording enabled: True snapshots: # <----- Enable snapshots enabled: True ```
What the heck is going on? Thanks!