greybeard

Another worth while consideration is heat generation. That takes more power to offset that too. During the winter maybe it wont be so bad, but it can be brutal in the summer.

Wasabi is a very affordable destination for backups. And it has the advantage of not being one of the big three.

I’m really glad to see quadlets taking off. I’ve been playing with them myself and really happy with the results. They pair well with ansible. Letting you write your quadlet files in a way that makes them highly portable.

I haven’t gotten too far, but right now I’ve got persistent volumes being pushed by NFS from my NAS. I’m using rocky Linux VMs as my target, but for this use case, Fedora CoreOS should be the same.

I haven’t yet tried using Ansible to create the VMs, but that would be cool. I know teraform is designed for that sort of thing, but if Ansible can do it, all the better. I’d love to get to a point where my entire stack as Ansible.

I don’t yet have Ansible restarting the service, but that should be a simple as adding a few new tasks after the daemon-reload task. What I don’t know how to do is tell it to only restart if there is change to any of the config files uploaded. That would be nice to minimize service restarts.

Here is a redhat blog about it: https://www.redhat.com/en/blog/quadlet-podman

This docs page has more details: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/html/building_running_and_managing_containers/porting-containers-to-systemd-using-podman

And last, this page shows most of the options you’d expect to find: https://docs.podman.io/en/latest/markdown/podman-systemd.unit.5.html

Unfortunately not. I found documentation largely lacking. I mostly read the docs and searched specific questions that came up(which often just took me back to the docs). I did as a local LLM for help, but found it’s knowledge base lacking. Sometimes it would work for a hint, but it more often than not made up parameters and features.

I spent some time last week learning both Ansible and Podman Quadlets. They are a powerful duo, especially for self hosting.

Ansible is a desired state system for Linux. Letting you define a list of servers and what their configuration should be, like “have podman installed” and “have this file at this location with this content”.

Podman quadlets is a system for defining podman containers as a service. You define the container, volumes, and networks all in essentially Systemd unit files.

Mixing the two together, I can have my entire podman setup in a format that can be pushed to any server in seconds.

And of course everything is text files that git well.

Being Linux, if you were really motivated, you could probably write a shim service that converted CEC to basic input that it does support, or someone out there probably already has.

You are probably correct that the firewall is the culprit. Good suggestion.

I realize disabling the firewall for testing is OK, but I recommend looking up what it takes to open the ports or app in the firewall instead. I’ve spent my whole career running into and fixing instances where techs disabled firewalls for “testing” and never re-enabled them.

As others have mentioned, the websites tend to be limited both by resolution and functionality.

My TV supports CEC(most do these days) which will pass the remote input onto the devices connected to it, like a computer. Which means with Plasma Big Picture I can navigate with my remote, and any app that supports navigation with simple arrow key input would work great.

Unfortunately, the streaming websites, last time I tried, absolutely suck at that and assume you are navigating with a mouse.

Glad to see it being picked back up. I tried it previously and I really didn’t like it. It felt half baked. The new version looks like a substantial improvement. Now if only every streaming app didn’t lock their services behind DRM and mobile apps.

There’s nothing saying you can’t have ports forwarded for the NAS, and have a VPN for everything else. Censorship may be a problem, but those more often block VPN services like NordVPN, not protocols. So running your own is less likely to be stopped. That said, of course comply with local laws, I don’t know where you live or what’s legal there.

If you really want multiple things exposed at the same time, you have two options(which can be used in combination if needed/wanted):

1. A reverse proxy. I use caddy. I give it a config file that says what address and port binds to what hostname, and I forward port 443/80 to it. That works great for web content.
2. Use custom ports for everything. I saw someone else walking you through that. It works, but is a little harder to remember, so good notes will be important.

I still recommend against forwarding a lot of ports as a beginner. It’s very common for software and web apps to have security vulnerabilities, and unless you are really on top of it, you could get hit. Not only does that put all your internal devices at risk, not just the one that was original breached, it also will likely become part of a botnet, so your local devices will be used to attack other people. I’d recommend getting confident with your ability to maintain your services and hardening your environment first.

I’ll be honest, if you aren’t planning on sharing with others, I’d recommend switching to something like wireguard to connect back into your house instead of exposing everything publicly. Some firewalls have wireguard built in, so you can setup the VPN easily. But then all you have to do is keep your VPN endpoint safe to keep your internal network protected from the Internet, instead of having to worry about the security of everything you expose.

The synology NAS can act as a reverse proxy for stuff inside your network. I don’t have mine in front of me, so you will have to google the steps, but basically you point the synology to an internal resource and tell it what external subdomain it should respond to.

That’s what it was called! I remembered the program a few weeks ago but couldn’t for the life of me recall the name.

I use a KillaWatt device. It is a simple device you plug into the outlet and then plug the device you want to measure into it. I’ve had mine for a long time so I have no idea what a new one would cost, but I’m guessing sub $30.