Even faster – tailscale. For a cheeky way to play with your friends make a burner account with a shared login to get on the same tailnet for free. On the endpoints, turn off tailscale-ssh and any of their other “features” you don’t need.
Second this ^
I have one and it’s fine, but not directly supported by OpenWRT. Looks like Beryl and Slate are though
Excellent notes. If I could add anything it would be on number 4 – just. add. imagery. For the love of your chosen deity, learn the shortcut for a screenshot on your OS. Use it like it’s astro glide and you’re trying to get a Cadillac into a dog house.
The little red circles or arrows you add in your chosen editing software will do more to convey a point than writing a paragraph on how to get to the right menu.
Is there a reason you’re not considering running this in a VM?
I could see a case where you go for a native install on a virtual machine, attach a virtual disk to isolate your library from the rest of the filesystem, and then move that around (or just straight up mount that directory in the container) as needed.
That way you can back up your library separately from your JF server implementation and go hog wild.
Syntax-wise, it’s meant to be identical. I got on board when they were the only ones that enabled rootless (without admin privileges) mode. That’s no longer the case since rootless docker has been out for a while.
I’m personally a fan of the red hat docs and how-to’s on podman over the mixed bag of tech bro medium articles I associate with docker.
At the end of the day this is a bit of a Pokemon starter question. If your top priority is to get a reasonably common and straightforward job done just pick one and see where it takes you! :)
Avoid AMD? Why do you say that?
My solution is to use Rathole. I rent a wildly cheap (2 core, 4GB memory) VPS and basically just run Traefik there. Then I use Rathole to make some services hosted on my desktop available to Traefik.
I like this solution better than Wireguard for my application. It reduces attack surface to services you’ve explicitly set up, rather than a full data layer trunk between your machine and a potential malicious actor.
Ooh, I’ll definitely check out Voice!
I’m more of a desktop Jellyfin container person myself, but all roads lead to Rome in this case :) thanks for the input!
Does anyone know of a good alternative for Android?
Right now I just use Antennapod, but it would be nice to get chapters and whatnot built in.
My $0.02:
NixOS is excellent, and actually pretty easy if you’re not trying to do anything fancy (running all services under a single user, etc.). Personally this is my pick because I primarily host services for myself, so down time in exchange for learning a new thing is acceptable.
As I mentioned elsewhere, Debian + Incus is a great minimal and rock solid solution for longer standing services. Although, it’s not composeable :(
More directly to your preferences, I would also recommend considering Rocky. Being in the RHEL ecosystem has its perks (especially with rootless support for podman and podman-compose). I’m also generally a fan of SELinux. Rocky is a little less bleeding edge than Fedora with many of the same conveniences and recent packages. In my mind, for my purposes, that makes it a better choice than Fedora for a server OS.
I tend to not use the webui, so I prefer the similarly useful combination of Debian + Incus (spawned from the LXC project).
Sure, HA isn’t baked into Incus (to my knowledge) but similar to OP I only have one physical box and don’t necessarily care to manage multiple.
That being said, Proxmox is a good solution in the scheme of things and generally a good recommendation.
Hm, so it’s encrypted from your beeper client to the bridge, decrypted, then re-encrypted with the outgoing platform’s protocol. Seems like a good reason to host your own bridge, and a good call on it being a glaring attack surface.
Seems like the secret sauce is in how they deal with messaging platform integrations? Maybe the goal is to avoid another iMessage lawsuit. With Beeper as a proof of concept it would be cool to start adding integrations in a fully open source way (legality permitting)
That’s a cool solution! I’d be interested in making a nix flake to do something similar to that Ansible project. Thanks for linking!!
Agreed! I’m pretty psyched about their transparency and the overall model. Especially in the universe where this Apple lawsuit results in Beeper being allowed to connect to iMessage again.
Would love to hear any results you find with hosting! I’ll give it a try too and maybe do a follow on post with what I learn.
I’m an old man when it comes to major changes. If it’s salvageable then maybe stick with what you’ve got. Have you used lazy docker or watchtower?
Lazy docker should give you a more reliable interface (TUI, over ssh, not a GUI)
Watchtower (aims to) update your containers for you so you don’t have to go through this pain in the first place :)
Personally, I run my Nextcloud and Jellyfin servers on NixOS with auto updates on. It’s been chugging along great!
I agree gluetun is de way 😂 unfortunately my CPU is nowhere near 100%
Using gluetun to connect my containers to Mullvad I’m getting 60+% of my bare network speeds.
Another option that doesn’t achieve that performance is torproxy which can achieve a similar result.
Using gluetun to connect my containers to Mullvad I’m getting 60+% of my bare network speeds.
Another option that doesn’t achieve that performance is torproxy which can achieve a similar result.
I prefer Syncthing-fork for some more straightforward configuration. Mainly the three button options equating to “follow the run conditions, damnit”, “run damnit”, and “stop damnit”