If you really, really, really don’t want to buy a keyboard and monitor, you can buy a USB KVM console, but it’ll likely cost more. Something like this: https://www.startech.com/en-us/server-management/notecons01

I’m in the same position, and it feels so damn powerful. I’ve convinced an entire university to ditch Ubuntu in favor of Linux Mint, and I’m also advocating for replacing our aging VMWare servers (with a soon-to-expire license) with Proxmox.

Damn, I had no idea netcat had a hardware implementation

I haven’t tried, but you might be able to set up a samba share that points to /var/www/nextcloud-data/USER/files, just make sure that it uses the www-data user.

deleted by creator

At some point, you have to compromise.

• You can open the port(s) used by the game on the firewall (assuming you have a publicly routable IP).
• You can run OpenVPN or a proprietary solution, but you’ll have to open a port on the firewall, and I know from experience that they’re a bitch and a half to configure.
• You can run Wireguard, but you’ll have to open a port on your firewall and have the other clients generate and send you their public keys.
• You can run Tailscale (my preferred solution), which uses Wireguard and works without opening the firewall and without a publicly routable IP (e.g. behind CGNAT), but you’ll have to install the client, have the users sign in, and then add them to your tailnet, which IMO is much easier than setting up Wireguard peers manually.
• You can use Tailscale Funnel, which exposes your tailnet to the public internet, but it’s in beta, has high latency, and only supports TCP, so you’ll have to figure out how to smash UDP datagrams through a TCP tunnel.
• You can try Ngrok (my backup in case Tailscale can’t connect), which is a similar NAT traversal solution, but it only supports TCP and gives you a different IP and port every time you create a tunnel.
• Twingate also exists, I guess, but I’ve only ever used it for SSH.

Debian, all the way. I’ve got both ubuntu (made by my predecessor) and debian servers at work, and as far as maintenance and administration, they’re more or less identical. The one thing that sometimes catches me off-guard is that sudo is not installed by default, and you have to su - into a root session.

Wireguard

You mean Wireshark? It’s possible. You might even capture the DHCP exchange.

The two best programs for the job are nmap and arp-scan.

Nmap is like ping on steroids. You can use it for network discovery, port scanning, fingerprinting, and basic pentesting. As long as the pi can talk to the computer, nmap will sniff it out.

ARP-scan works on the data link layer to identify hosts using ARP. It should be able to return the IP address of all ethernet devices even if they end up in different subnets. It took me a little over two minutes to scan a /16 subnet with one retry and 0.1 second timeout.

If you are really concerned about the pi’s address, you should run a local DHCP server on the laptop. dnsmasq for Linux and Mac, but I have no idea what to use on Windows (other than a VM bridged to the ethernet interface).

What does oVirt offer that proxmox doesn’t? I’m asking because I want to move an ESXi server to another hypervisor, I’m 90% sure it’ll be Proxmox, but I’d like to know my options.

No idea. It depends on what software it uses for network configuration, and how that software handles DHCP failure. I use NetworkManager and I’ve never gotten an APIPA address.

I’ve never used a pi, but it should be possible to mount the root partition and edit the /etc/network/interfaces or /etc/dhcpcd.conf file, or /etc/NetworkManager/conf.d/* if you have NetworkManager (systemctl status NetworkManager to check).

You should also make sure that sshd is listening for connections from any address (0.0.0.0 and ::).

oops, fixed. Caffeine withdrawal is hell.

Most modern NICs can auto-negotiate the Rx/Tx circuits on either kind of cable, but I’m not sure about RPi.

Give each device a static address, and set the default gateway to whatever’s on the other end of the cable. You might need a crossover cable, but most NICs can work using a straight-through.

E.g. set the laptop’s address to 169.254.1.1/16 and default gateway to 169.254.1.2, and the RPi’s address to 169.254.1.2/16 and default gateway to 169.254.1.1. They should be able to talk to each other then.

If those addresses seem familiar - Windows uses the 169.254.0.0/16 subnet to automatically assign random addresses if DHCP fails, so that if there are several computers in the subnet, they’ll at least have addresses that can talk to each other. It’s called APIPA in Windows, and Zeroconf in the Unixverse.

I tried Tailscale once, but it introduced some massive latency because apparently I got connected to my machine through a gateway in Frankfurt. It was the Tailscale Funnel service though, so maybe that’s not what I needed.

Also, are any of the services you listed end-to-end encrypted?

Proxmox VE on a machine that I got almost for free. Intel i3-4160, 10GB RAM, 240GB SSD for the OS, and a non-redundant 1T HDD for storage. The only things I paid for are a second NIC and an 8GB RAM stick.

PVE is running a pfSense VM, and a bunch of Debian containers:

• Samba
• Jellyfin (still setting it up)
• Twingate Connector

All internet traffic goes through the pfSense VM. Unfortunately the ISP has put me behind CGNAT and disabled bridge mode, so my internet-facing things (mostly Wireguard and SSH) are pretty much crippled. Right now my best no-cost option is to use Twingate, but I don’t trust it to handle anything other than SSH.

If I may ask, how exactly do you use OPNsense? Is it a gateway between the WAN and LAN interfaces, or do you just use it for the LAN-facing services?

Absolutely anything can be turned into a NAS, as long as you’re aware of your own needs and the hardware’s capabilities. A NAS is just a computer with some specific requirements.

When I first built my NAS, it only used parts that I got for free. A cheap micro ATX board with only two RAM slots, an i3-4160 CPU, 2x2G RAM, a worn-out SSD, and a 1T HDD. It couldn’t run something like TrueNAS, but it was enough for Proxmox and some Alpine containers running services like Samba, Transmission, Wireguard, and a small Debian VM for me to fuck around with. The single storage disk means there is no redundancy, so I only store replaceable data on it, like TV shows and installers.

There are many hardware-focused channels on video platforms that offer guides for budget home servers. Wolfgang’s Channel is good, and Hardware Haven and Raid Owl just finished a competition of building a sub-$200 home lab.

Then just get a pair of hard drives and put them in RAID 1. I use a NAS with a single hand-me-down 5600 RPM HDD and the bandwidth is absolutely fine.

Seconded. ZFS needs to see the physical devices, so hardware RAID is out. It implements a RAID-5-like parity-based software solution called RAID-Z, and is capable of disk mirroring.

It can work with hardware RAID or with a single physical disk, but don’t expect it to last for a long time, and definitely don’t use it beyond testing.