Thirded. It’s helped me a lot with picking up the compose syntax, to the point that I’m now comfortable combining disparate services into their own stacks. And I can spin something up from an example compose in less than a minute.
Thirded. It’s helped me a lot with picking up the compose syntax, to the point that I’m now comfortable combining disparate services into their own stacks. And I can spin something up from an example compose in less than a minute.
Thanks, I’ll muse over this when I next get the chance!
Was looking into Docker volume backups just yesterday so this is perfect timing!
Yes please, I might revisit it with a fresh pair of eyes.
Thanks for the suggestion. I spent a good hour or two trying to make Wireguard work for me last night but failed. If I set it to only apply to Immich, nothing else would have Internet access at all. Likewise if I set the peer IP range to just my LAN subnet.
After pulling my hair out for a while I gave up and uninstalled.
Hmm I must be doing something wrong then because it doesn’t work for me.
If it was just me, or if Tailscale wasn’t such an insatiable battery leech then I’d absolutely do that but the wife (and kids) acceptance factor plays a big role, and they’re never going to accept having to toggle a separate service on and off to get to their photos.
Maybe I’m being overly paranoid but I work in IT and see the daily, near constant barrage of port scans and login attempts to our VPN service and it has an effect!
Very useful insights, thanks.
I do currently have external stuff running via a Cloudflare tunnel (which is why I need DNS based LE certs for the internal proxy) but I don’t know if it’s setup correctly (beyond doing basic reverse proxying) and the admin backend for it feels like massive overkill for a home setup. Plus with Immich I run into the issue of a) dire warnings about it being in active dev and potentially insecure and b) filesize limits making away-from-home backups difficult.
I could well be over thinking the whole thing.
Yeah I’m running a Cloudflare tunnel for external access (which is why I need DNS based LE certs), but that’s another thing that I don’t really know what it’s doing beyond basic reverse proxying.
I have a country-based whitelist for where my Immich instance can be accessed from but I find the Zero Trust admin backend to be massive overkill for my needs, and it doesn’t help that they’ve recently moved everything around so none of the guides out there point to the right places anymore!
Ah, that’s useful thanks!
it will either be underpowered or power hungry.
Or both!
This looks neat, will definitely give it a go, cheers!
I just recently put in an N100 mini PC to run as a Plex server. Cost me about £160, pulls all of 6W when idle, and it doesn’t break a sweat when transcoding no matter what I throw at it. As a media server I can’t recommend them highly enough.
Very little. I have enough redundancy through regular snapshots and offsite backups that I’m confident enough to let Watchtower auto-update most of my containers once a week - the exceptions being pihole and Home Assistant. Pihole gets very few updates anyway, and I tend to skip the mid-month Home Assistant updates so that’s just a once a month thing to check for breaking changes before pushing the button.
Meanwhile my servers’ host OSes are stable LTS distros that require very little maintenance in and of themselves.
Ultimately I like to tinker, but once I’m done tinkering I want things to just work with very little input from me.
Yeah I’m not disagreeing that it’s audible but having read the instructions it leaves a lot of unanswered questions like the above. Presumably people with more knowledge and time than me will figure it all out and write step-by-step guides at some point.
Yes, exactly. And how do you even tell the app that you want to self host? I see no option for pointing it to a different core server/bridge.
… Unless you have to do it at the point of sign-up? I remember seeing an ‘advanced’ option on the login screen.
Yes I’m very interested in how they claim to have a zero knowledge model but also admit that their bridges decrypt and re-encrypt messages as they pass through. It might only be an ephemeral thing but surely it’s a massive, gaping target for bad actors to wire tap.
What’s the problem with Asterisk? FreePBX uses it and as far as I can tell, it’s the only way to get Lenny working.
Short answer: figure out how much of that is actually irreplaceable and then find a friend or friends who’d be willing to set aside some of their storage space for your backups in exchange for you doing the same.
Tailscale makes the networking logistics incredibly simple and then you can do the actual backups however you see fit.
Unless you’re hosting VHDs and need maximum throughput (in which case use NFS), SMB is going to be the easiest to setup and maintain across those 4 platforms.
The Linux SMB implementation is decent and supports the latest version of the protocol (or close to, at least) whereas NFS in Windows ain’t so great and is a bit of a pig to get working in my experience.