Yeah, 8(PCIe 3.0 x1)

It’s listed in the specifications section near the bottom of the page titled “M.2 2280 NVMe Slot”.

Look at either putting it behind a reverse proxy or using the built in Let’s Encrypt / ACME configuration.

Suggested documentation:

• https://headscale.net/0.26.1/ref/integration/reverse-proxy/
• https://headscale.net/0.26.1/ref/tls/

The config linked to in their documentation states

# Address to listen to / bind to on the server
#
# For production:
# listen_addr: 0.0.0.0:8080
listen_addr: 127.0.0.1:8080

# Address to listen to /metrics and /debug, you may want
# to keep this endpoint private to your internal network
metrics_listen_addr: 127.0.0.1:9090

Port 8080 TCP is used for the connection, 9090 TCP is for metrics and not suggested to port forward. If you use a reverse proxy, you do not need to port forward to either of those ports directly, and instead to the reverse proxy.

Bookmarks for linking to services. Grafana for graphs that I only look at if I am curious or looking into when a problem arises. I could use Uptime Kuma if I wanted a simpler solution or notifications.

The ?ref tag is from the Ghost blogging platform. https://forum.ghost.org/t/remove-ref-from-links-in-posts/37701/2

This is called “Outbound link tagging” - you can configure this on the Analytics Settings page (/ghost/#/settings/analytics)

And yeah, they do the same as GamingOnLinux with not including the content in the RSS feeds.

Forgot to give my opinion. The ref tag doesn’t bother me because it’s not giving any private information up, besides where I am from just like the referrer header does. I am kind of conflicted with the RSS feeds because I personally use them for many things, however I understand that these places need to advertise to make money (though I block ads too).

Looks like someone asked Ethan about posting to Lemmy, and they replied “Thanks for sharing – adding it to the list of places to post!”.

https://fosstodon.org/@shollyethan/114320289586655278

Unfortunately that’s one area I am bad with, I tend to use reverse_proxy for most such as Baikal running with the ckulka/baikal Docker image (which runs Nginx or Apache), otherwise I only static sites.

I’d start by looking at Baikal’s config for Apache and Nginx, https://sabre.io/baikal/install/ and comparing to the directives for Caddy, https://caddyserver.com/docs/caddyfile/directives and

Since it uses PHP, it will need that, https://caddyserver.com/docs/caddyfile/patterns#php

Upon my searches I came across this, it talks about running Baikal with Caddy specifically. https://github.com/caddyserver/caddy/issues/497

I hope that this provided some helpful directions.

I use Caddy for this. I’ll leave links to the documentation as well as a few examples.

Here’s the documentation for wildcard certs. https://caddyserver.com/docs/automatic-https#wildcard-certificates

Here’s how you add DNS providers to Caddy without Docker. https://caddy.community/t/how-to-use-dns-provider-modules-in-caddy-2/8148

Here’s how you do it with Docker. https://github.com/docker-library/docs/tree/master/caddy#adding-custom-caddy-modules

Look for the DNS provider in this repository first. https://github.com/caddy-dns

Here’s documentation about using environment variables. https://caddyserver.com/docs/caddyfile/concepts#environment-variables

Docker

A few examples of Dockerfiles. These will build Caddy with DNS support.

DuckDNS

FROM caddy:2-builder AS builder
RUN xcaddy build --with github.com/caddy-dns/duckdns

FROM caddy:2
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

Cloudflare

FROM caddy:2-builder AS builder
RUN xcaddy build --with github.com/caddy-dns/cloudflare

FROM caddy:2
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

Porkbun

FROM caddy:2-builder AS builder
RUN xcaddy build --with github.com/caddy-dns/porkbun

FROM caddy:2
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

Configure DNS provider

This is what to add the the Caddyfile, I’ve used these in the examples that follow this section. You can look at the repository for the DNS provider to see how to configure it for example.

DuckDNS

https://github.com/caddy-dns/cloudflare?tab=readme-ov-file#caddyfile-examples

tls {
	dns duckdns {env.DUCKDNS_API_TOKEN}
}

CloudFlare

https://github.com/caddy-dns/cloudflare?tab=readme-ov-file#caddyfile-examples Dual-key

tls {
	dns cloudflare {
		zone_token {env.CF_ZONE_TOKEN}
		api_token {env.CF_API_TOKEN}
	}
}

Single-key

tls {
	dns cloudflare {env.CF_API_TOKEN}
}

PorkBun

https://github.com/caddy-dns/porkbun?tab=readme-ov-file#config-examples Global

{
        acme_dns porkbun {
                api_key {env.PORKBUN_API_KEY}
                api_secret_key {env.PORKBUN_API_SECRET_KEY}
        }
}

or per site

tls {
	dns porkbun {
			api_key {env.PORKBUN_API_KEY}
			api_secret_key {env.PORKBUN_API_SECRET_KEY}
	}
}

Caddyfile

And finally the Caddyfile examples.

DuckDNS

Here’s how you do it with DuckDNS.

*.example.org {
        tls {
                dns duckdns {$DUCKDNS_TOKEN}
        }

        @hass host home-assistant.example.org
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

Also you can use environment variables like this.

*.{$DOMAIN} {
        tls {
                dns duckdns {$DUCKDNS_TOKEN}
        }

        @hass host home-assistant.{$DOMAIN}
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

CloudFlare

*.{$DOMAIN} {
        tls {
	        dns cloudflare {env.CF_API_TOKEN}
        }

        @hass host home-assistant.{$DOMAIN}
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

Porkbun

*.{$DOMAIN} {
        tls {
	        dns porkbun {
			api_key {env.PORKBUN_API_KEY}
			api_secret_key {env.PORKBUN_API_SECRET_KEY}
	        }
        }

        @hass host home-assistant.{$DOMAIN}
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

It can be used as a VPN router, any VM that needs a VPN can be connected to a network bridge that is forward through the VPN. This could also be done on the primary router and a VLAN.

Oops, looks like that’s the wrong URL. I found it on Hacker News, here’s the post https://news.ycombinator.com/item?id=42431065 https://hostyourgif.live/

As a small homelabber I agree with this. I started with a baremetal and using Docker, and switched to Proxmox, and now over to Incus, actually currently I am using Debian with cockpit + cockpit-machines. I do like Incus, I keep hopping back and forth between cockpit, I need to settle on one.

It’s a relatively low performance hit and it benefits me when having to replace a failing/old disk. I can just toss the drive without having to erase the data first, that is as long as the key is a secure length.

It is very useful! It’s also slightly customizable in that you can have it not save duplicate commands.

More information can be found on the Arch Wiki or the man page

~53 W

• Server:

  • AMD Ryzen 5 5600G
  • 4x16 GB DDR4 3200 Mhz
  • 256 GB NVMe as boot-disk
  • 2x256 GB Samsung SSDs for VMs
  • 2x2 TB WD Red Plus HDDs

• Mini PC: Beelink S12 N95

  • 16 GB DDR4
  • 256 GB NVMe

• 8 port unmanaged TP Link switch

I would like to expand my storage, however I don’t have any available SATA ports and I believe adding an HBA would increase the idle draw about 8 W. I might just upgrade the SSDs and split the storage between the HDDs and SSDs.

I recently switched from Proxmox to Debian Bookworm with Incus(LXD fork) as my primary setup, it’s been a pleasant experience. I also like the idea of using something like Cockpit to manage VMs though haven’t come to a need yet for a VM over a container. I’ll also point out that Incus can handle VMs as well.

Stéphane Graber, Project leader of Linux Containers is also on the fediverse and responds to questions often.

That’s a good recommendation, thanks!

There’s even an RSS feed for that page: https://openwrt.org/feed.php?mode=list&ns=advisory

You’re welcome! Also thanks for asking this question, I hadn’t seen ShotShare before, it looks useful.

No, since you are using the bind mount, you do not need to use the volume.

I just did another test.

You should be able to create the directories manually. I cheated by simply cloning the repo and copying them to the bind mount location like so. You can use the bind mount method like you wanted.

git clone https://github.com/mdshack/shotshare
cp -r shotshare/storage/* /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/shotshare_data/
chown 82:82 -R /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/shotshare_data

It will be stored in /var/lib/docker/volumes, you can find the exact location by inspecting the volume. Use docker volume ls to list the volumes, and do docker volume inspect <volume_name> replacing <volume_name> with the one from the list. Look for “Mountpoint”, that is the exact location. You could try copying that to bind mount location, though I can’t be sure if it will continue to work.

This appears to be the exact same problem as https://github.com/mdshack/shotshare/issues/31

For testing I just spun up a VM with Docker, I tried the same compose file as you. I found I had to use the volume instead of a bind mount for /app/storage.

This compose file should work.

version: "3.3"
services:
  shotshare:
    ports:
      - 2000:80
    environment:
      - HOST=:80
      - ALLOW_REGISTRATION=false
    volumes:
      - shotshare_data:/app/storage
      - /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/database.sqlite:/app/database/database.sqlite
      - /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/.env:/app/.env
    restart: unless-stopped
    container_name: shotshare
    image: mdshack/shotshare:latest
volumes:
    shotshare_data:
networks: {}