Second Forgejo. Easiest deploy I’ve ever done.

systemd’s networkd has a built-in DHCP server; check option ‘DHCPServer’ and section ‘DHCPServer’ for that (same man page as above).

Is that true in Debian? If so, cool. I did not know that.

I’m happy to answer specific questions as you dig into it. :) Good luck.

This is extremely possible and I have done a lot of stuff like it (I set up my first home built Linux firewall over 20 years ago). You do want to get some kind of multiport network card (or multiple network cards… usb -> ethernet adapters can do OK filling in in a pinch). It also gives you a lot of power if you want to do specific stuff with specific connections (sub netting, isolation of specific hosts, etc).

There’s a lot of ways to do it, but the one I’m most familiar with is just to use IP tables.

The very first thing you want to do is open up /proc/sys/net/ipv4/ip_forward and change the 0 to a 1 to turn on network forwarding.

You want to install bridge-utils and isc-dhcp-server (or some other DHCP server). Google or get help from an LLM to configure them, because they’re powerful and there’s a lot of configs. Ditto if you want it to handle DNS. But basically what you’re going to do (why you need bridge-utils) is you’re going to set up a virtual bridge interface and then add all the various NICs you want on your LAN side into it (or you can make multiple bridges or whatever… lots of possibilities).

Your basic iptables rule is going to be something like

iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE, but again there’s lots of possible IP tables rules so read up on those.

Many of my self hosted solutions are just DIY cludges. I was talking to a friend of a friend on Saturday about media streaming and he told me all about his Jellyfin setup and then asked about mine and I was just like “I just store MP4s on an SSHFS drive and play them in VLC on my TV (which runs Linux Mint).” When the survey asked about the various types of software I was like “No… I don’t use anything like that… wait… yes I do! I just don’t use a prebuilt solution!”

In fact, my wife and I already have a self hosted LubeLogger.

I’ve set up Lemmy, Forgejo, Nextcloud and Mastodon. Forgejo is unbelievably easy, Mastodon and Lemmy both are complex but if you follow the instructions you get there pretty quickly.

Matrix is like “Follow a book of documentation, then when it doesn’t work anyway, spend hours of your life troubleshooting a bunch of stuff that’s NOT in the documentation. Why is this so hard?”

It’s so much easier to set up and install than Matrix.

There’s a learning curve, but if you’re familiar with WAF’s it’s not hard.

If you want to DIY something, I have a bash script that builds OpenResty with NAXSI from source. Most of the web apps I write anymore are actually in Lua, for OpenResty, maybe with an API written in something else. But I also help other members of my team deploy their Node and Python apps and stuff, and I always just park those behind OpenResty with NAXSI, just doing a standard nginx reverse proxy.

Every computer I own is an autobot. My primary machine is always Optimus Prime, has been since 2008. Other machines get other names generally slightly inspired by their role / nature. Bumblebee and CliffJumper are miniPCs of various persuasions, Preceptor is my “mess around with AI” box, my big server that handles most of my data and network services is Wheeljack, my Macbook is Mirage, my backup server is Powerglide, my TV (which is an old Dell all in One running Linux Mint) is UltraMagnus.

I’m hosting a minio cluster on my brother-in-law’s old gaming computer he spent $5k on in 2012 and 3 five year old mini-pcs with 1tb external drives plugged into them. Works fine.

I think you’re going to have more luck with a more right wing, more immature humor, more toxic masculinity kind of crowd.

We’re also using Forgejo for a small consulting team working on lots of different projects for a lot of different clients.

A couple of our team members who came from a more complex and scaled environment (particularly our DevOps / SRE guy who’s worked at such places as LinkedIn and Snowflake) want to move us to Gitlab because it’s “more powerful” but I like Forgejo because it’s just super simple. Just does exactly what I need, doesn’t give me to many more options.

We have

• Projects segregated into teams, organized by client (so only those working on a specific client’s projects have access to their repos).
• Able to invite clients and put them into the team for their project (we’ve had a couple clients that want that).
• Able to automate deployments with webhooks (this was pretty easy to get working).

One of our devs wanted to use Actions. It’s hard to get that working and (at least a month ago) there were warnings that Actons aren’t mature yet and are probably insecure (looks like that may have changed with the recent jump to Forgejo 8.0). I think it’s now a non issue for us though because we were like “Dude, stop trying to role your own CI/CD, that’s why we have two infrastructure people!”

As a security professional, what finally got me to move from Apache to NGINX was OpenResty.

I sometimes still put Apache behind it, depending on my goals.

This exact thing happened to one of my clients. And it sucked because they didn’t even register the domains with Ionos, they registered them with some other company that then got bought by Ionos. They were not technically savvy and didn’t understand what was happening until it was way too late. They lost about 8 domains closely associated with their business and with their CEO’s research.

I have it working on Debian, it wasn’t THAT hard, but I never got it to work with the GPU so it was SUPER slow. I’ve since found XTTS2 which set up super easy, comes with a web GUI and just supports my GPU out of the box.

Because her papers are PDFs and “Adobe does PDFs.” I was not part of this decision making process.

You want OpenWRT. They’re not too limited, but they’re not very powerful either. Fan controller? Probably. Pihole? You can probably hack that together, though I’ve never tried. Media server? Erm… not my first choice. Other stuff? Limited only by your imagination, time constraints and willingness to troubleshoot weird problems most people have never had before.

All my machines are named after Autobots.