/hsg/ - Home Server General

I kinda envy you.

I will continue my question from the last thread, since I only got one reply.

I have the option of getting a used Asus Z9PA U8 for below 100€.
I already have 32GB reg. ECC in the shelf.
CPUs like a 2620 or 2650 are like 30-60€.

Should I take it?
The only downside would be that the PCB seems to have gotten some scratches and the damaged connections were fixed with enameled wire.

...

Why do you think so?
Xeon's are just their respective i5 or i7 counterparts in most cases with different features deactivated or activated.
A redundant PSU also does not automatically draw more power unless you take one that is just garbage and has no efficiency.

>Old thread.
When that thread is still going to be up for a few hours.

Depends. Xeons cover a huge range, from low-power stuff thats weaker than the i5s half of Sup Forums is running to big firebreathing 20+ core monsters that cost $5,000 each and use 250 watts if you feed them AVX code.

But don't get too hung up on "real server hardware". A server is just a machine that runs services that other computers can connect to. It's not "has redundant PSUs". You can find "real server" stuff at every level from little network appliances with Atoms in them to vanilla 1U pizzaboxes to giant compute and GPU servers to everything in between. Not all of it features special server CPUs, dual PSUs, or even ECC RAM.

I played around with an old IBM server a while back, it sounded like plane taking off when it booted and it took fuckton of power.

Cool, i guess i will go with my amd then.

its on page 9 retard

Yeah old is the point which you should be looking at and what kind of setup it was.
Especially slim U1 or U2 systems use small high RPM fans and a shit ton of that too generate pressure to move the air through passiv heat sinks and stuff.

Electronics surplus and recycling centers. Find them, some deal to the public.

user do you lose track of time building your stuff?

Spend the past night adding wide area bonjour RRs into Samba4 internal DNS. Microsoft brake RSAT again and I had to use samba-tool for the job. Not bad.

Now I have zeroconf without mdnsredponder and dbus avahi crap and it works across subnets. Just need to wait until FreeBSD patches net/samba46 to include fullsync.

Need to find a fast external raid enclosure with USB c for cold storage and the occasional high usage (think video work I suppose) that I can connect to my server.
I do vfx and at my house I have a central server full of footage that I work on via samba and rather than having hot swapped drives I'd love to just have one big renclosure with some reds in it dedicated to a whole project.
Is this good or am I nigging myself

What's one reason to have a server up 24/7. Is it just for a file server uptime or do you seed 24/7 or cpu mine or something

Hmm Germany is not as great on that part as the US.

Someone know how to activate hot plug / hot swap on an LSI 9201-16 or is this always on?

They should release free but somewhat limited versions of core Active Directory for home server authentication.

How do you come up with names for your servers

There's a reason the power light on those servers flash a certain pattern before POST. It's so you can leave the room before you suffer possible hearing damage.

I set up dynamic DNS and SSH access, so whenever I'm out of the house I can access my files (Filezilla speaks SFTP if you don't wanna do it on the command line), and so I can use ssh -D to tunnel my web browsing back to my home connection. Not only does that protect me from questionable public wi-fi APs and the other people on them, but its also handy if you go on a trip. Some services throw a shit fit if they see an attempted login from somewhere far away from where you normally are.

Anime characters, next question.

Ok
I am back on this again, I just hooked up another 2TB drive so that I have 17 now.
Tried to make a vdev with them on auto and it still limit out to 15 drives on one vdev.
I am seriously starting to think they limit the number of drives in one vdev on FreeNAS 11

Ceph is not a file system. Why are people comparing Ceph with ZFS?

This. I have a static IP on it so I can post on here from anywhere. It's also nice for starting downloads and letting it go so I can leave for class and come back to transfer it in.

Ok I cannot bypass this at all it seems.
People seem to not recommend more than 11 drives per vdev as the write IOPS will be those of one drive.
So it seems if I do not want to lose most of my capacity I have to lower myself to a Z2 with 2 vdev's.
I just fear that Z2 is not enough.

Alright. Call me a faggot but how do I bypass centurylink's http outward blocking?

>DL380G5s
>In a rack
Jesus Christ. Might as well fill it with pentium 4s.

>home server general
>using fucking discord instead of hosting irc on your home server
You disappoint me, Sup Forums

My homeserver has an FX-8320 and it works just fine.

I just put an old 7470 I got at a thrift store into my home server so it could do htpc stuff. It plays hd video with the advanced kodi shaders just fine.

>Windows Server
For what purpose? GNU/Linux is far better for servers.

I'm not american so used hardware is more expensive than new hardware

My question was simple enough

For me I use mine as a file server for most of my storage. Also I use flexget and transmission-daemon to automatically get the latest episodes of my moe animes.

This. I name all my computers after cute anime girls.

Maybe btrfs would fix your problem? ZFS isn't super flexible as it's designed for an enterprise environment were you buy all your storage at once and only swap in new disks when old ones die.

Sorry just telling you my experiences with htpc usage. I don't know anything about how good coffee lake is, but I do know that pretty much any low end gpu can handle 1080p these days.

My question was "this gen have anything that is stick in a fucking mobo and passive cooled"?

I know anything is good enough on the 14NM, celeron, atom or any shit they stick there but I don't even know if it exists

Thinking about getting a APU2 board for a Pfsense / OPNsense box. Anyone know a good reseller for these boards?

I am thinking about working on my case to add another two drives for 18 total.
That way I either could do 3 vdev's with 6 drives and Z2 or 2 vdevs with 9 drives and Z3

>discord

just unplug a drive and see
it should be fine

so fucking stupid
what is the sodding point, just use irc or the fucking thread
idiots

ProLiant a shit

A SHIT

no.

Does a memecoin mine/drive cloud running 24/7 off of a raspberry count as a server?

What DEFINES a server?

>mfw those are Netburst Xeons based on PIII architecture

there was a time I would have sucked a mean dick for that setup but most cellphones probably have more horsepower these days

If you can get ahold of one, the new Denverton atoms are beasts. They're almost on the level of Xeon Ds.

If they're nehalem or newer, they're not that bad. MSA P2000s are fucking shit. They died constantly at my previous job.

My home fileserver is a minix neo z83-4 pro running ubuntu mate and an external HDD plugged into the usb 3.0 slot. How did I do?

eBay?

I took an old workstation from work they were going to toss and re-purposed it into a seedbox/PLEX server/and OpenVPN server.

Also handles DHCP and DNS for the house.

You're not really missing anything

Are there any tangible benefits to having a home server?

If you have a lot of media it's helpful.

It's mostly for hobbyists or people who want home labs for learning.

I operate a vpn on mine so I can stream media to my phone when i'm out.

>DHCP and DNS
why? what benefit does this provide over your router handing out lan addresses and using opendns?

- it stores all my data
- it backups up all my data
- i can access my data remotely
- it serves my media to various htpcs/tvs
- it runs svn server as i code a little
- it runs cctv, recording a network cam at my front door
- it acts as a server for a number of arduino projects

None. Because I wanted to.

judging by the previous thread... I'm now convinced, most of you don't do anything productive with your servers, you just enjoy wasting electricity, time and resources, using your servers as an excuse for "learning" (as if there weren't cheaper, faster, better ways to learn).

Is just that retarded esxi fag who has no idea what he's doing and just show off hardware. There are cool things you can do although not essential to your average user. They become pretty much as the number of interconnected computers in your residence increase.

- Centralized Multimedia center (Plex, Calibre, other streamers)
- Centralized authentication (AD, Samba4)
- Centralized network management (DNS, DHCP)
- A file server to share files between your computers and backup their data.
- A SIP voip system of your own (useful if you have a large house)
- A VPN
- A security camera DVR
- Intrincate p2p setups
- Testing stuff. Developing et all

You don't need expensive server grade hardware for that.

>it drives up my electricity costs

nah thanks

You could also do the bigger array on Ceph if you have some time to learn it. It does not mind your 17 drives. Define n+x erasure coding for it and tell it this refers to the arrangement of disks (osd) rather than entire hosts. Then it'll just distribute data across all your drives best as it can.

You realize that you can theoretically turn this off just as much as you can turn whatever other device that would handle your data or backups or such off?

You realize that if you put something like an Odroid on this task, that consumes like 3-4W electricity whereas your body emits like 60-100W heat that has to be ingested in the form of more power consuming to produce food, so if it saves time you kind-of have a net benefit?

do you run the samba ad as well? im on 4.2 and trying to get away from winbind

What are we doing on page 8 lol

ldap mang

>not using raid
classic wintoddler

ad is based on the ldap standard
tools.ietf.org/html/rfc4511

postfix/opensmtpd for email
puppet/cfengine for configuration management
nagios/icinga for monitoring
pbx for voip
pf for firewalling

there's so much you can do, and most of the shit can just run on a shitty pi. shit saved me basically 30 quid a month on my power bill running all the services on a pi.

> puppet/cfengine for configuration management
I'd suggest to have a look at ansible / salt. Ultimately it's easier if you don't have configuration service daemons and monsters, but just that local tool that will run over ssh and manage remote things there.

[stackstorm is also interesting, but haven't done much at all with it yet]

i don't really like the approach of ansible tower and the problem is that i can't run it on bsd. and i assume that the average load of a tower is a lot more than that of a puppet master building the catalogue, since it would execute every playbook from the tower, leading to a shit ton of calculation and executing being done on that side. in addition to that, ansible tower would put it's pub key on every host, while puppet would generate an individual ssl certificate on each host, so my concern is also that if you'd actually use it in the enterprise is that exploitation becomes much easier-

i only use ansible for emergency stuff, for everything else i have puppet

also rest-api is a fucking meme.

> i don't really like the approach of ansible tower
I'm too cheap for tower, it's just ansible for me.
The approach is IMO superior 'cause no need for functioning client daemons beyond ssh.

> i can't run it on bsd
Didn't know that.

> and i assume that the average load of a tower is a lot more than that of a puppet master building the catalogue, since it would execute every playbook from the tower, leading to a shit ton of calculation and executing
I don't get what problem you're seeing there. What exactly is supposed to create "a shit ton of calculation and executing"?

> ansible tower would put it's pub key on every host, while puppet would generate an individual ssl certificate on each host, so my concern is also that if you'd actually use it in the enterprise is that exploitation becomes much
This makes no sense having moar individual ssl certificates is not a security measure, it's a (marginally) larger attack surface. And so are the extra puppet agents (I'm going out on a limb and say that you have and need ssh anyhow).

I'm by far the most environment friendly here with just a RPi2. You are pretty rude about the hobby of some people. My server is actively used by several people and I enjoy sharing with friends. Those friends have servers as well (Xeons / Raspberry Pi3s, et cetera).

It is safe, secure, low power consumption and fast:

tls.imirhil.fr/
ssllabs.com/ssltest/

Install on any hardware:
github.com/ran-sama/python3_https_tls1_2_microserver

So did you come here to troll or were you looking for something like my solution?

I set up all my hardware around sound terms. Although sometimes I feel like I should make it with space related stuff.

the OP needs a pastebin with:
- tutorials (what filesystem, which distros)
- hardware recommendations (boards, drives, RAM)
- general advice / frequently asked questions

i don't want to write cronjobs for every playbook i need to run to ensure presence or absence of something. i'd have to configure my own tower-like system that runs all playbooks for whatever purpose based on cronjobs, i'd rather use puppet.

> i can't run it on bsd
>Didn't know that.
ansible tower, not ansible itself.

>I don't get what problem you're seeing there. What exactly is supposed to create "a shit ton of calculation and executing"?
the scans or checks? imagine you run a tower for 2 departments with each having 50 people that run individual playbooks in a cycle for their servers and applications. if you want scan or check something the tower triggers the host and sends the results back, tower evaluates and executes things according to return result.

puppet generates periodically a catalogue, each host queries the master for the catalogue and everything else is more or less done on the client.

>This makes no sense having moar individual ssl certificates is not a security measure, it's a (marginally) larger attack surface. And so are the extra puppet agents (I'm going out on a limb and say that you have and need ssh anyhow).
it actually does make sense because a certificate is bound to a specific system, you can not reuse the certificate on another host (e.g. steal it). the rbac backend of ansible tower is another layer which, as far as i know, not compatible to existing ldap infrastructures. so in addition to having openldap or active directory, you'd have to reimplement permissions, which is painful.

as much as i like the idea of agentless software, in some cases it does seem, at least to me, inferior than agent based stuff

If we put together some links which we will agree on them, I will change the OP next thread.

v1.00 - initial draft release

pastebin.com/XYYp9TAC

highlight lines with
[spoiler]@h@[/spoiler]

Anyone feel free to edit if you:
1) check the thread for new versions before you make changes
2) update the changelog

meh forgot to edit spoilers to code tags

> don't want to write cronjobs for every playbook i need to run to ensure presence or absence of something
Stuff is present if your playbook tasks succeed or (maybe) absent or broken if not.

> the scans or checks?
This would really basically not require fuck all in terms of processing power from a machine anyhow.

That said, it's not intended as some weird-ass full stack monitoring tool?

> each having 50 people that run individual playbooks in a cycle for their servers and applications
Much less bad than having 50 people that each run a puppet master plus then a puppet agent on every server, I imagine.

> it actually does make sense because a certificate is bound to a specific system, you can not reuse the certificate on another host (e.g. steal it).
I am under the impression you don't even get how ssh or public key exchange logins work.

Me "stealing" the public key of your servers and installing it on my user's ssh login account means that you now can login into my user's ssh account.

Next up in criminal mastermind-tier activity: I remove the password on yet ANOTHER of my computers and just let your Ansible orchestration server in without any password at all, as root. Brilliant.

> the rbac backend of ansible tower is another layer which, as far as i know, not compatible to existing ldap infrastructures
docs.ansible.com/ansible-tower/latest/html/administration/ldap_auth.html

Feels like I'm talking to a lost Windows sysadmin though. I mean, even restricting users to the privileges that they have with their SSH account anyhow is already generally basically fine.

This looks great user. I will take a look at home.

Whats it doing outside of its can?
Where is the transceiver?

>Much less bad than having 50 people that each run a puppet master plus then a puppet agent on every server, I imagine.
you have one or more puppet masters depending on your infrastructure and an agent on every server. usually one master is enough

>I am under the impression you don't even get how ssh or public key exchange logins work.
>Me "stealing" the public key of your servers and installing it on my user's ssh login account means that you now can login into my user's ssh account.
i am not talking about the public key, nobody gives a shit about the pub keys, son. my impression of the state or ansible tower is that you proxy ssk key authentication via ACLs, which would be retarded, because that would imply that you run each playbook on all systems with one key, which comes from the tower itself. or there is the other way of having private and public key of each user on the ansible tower to execute playbooks directly with specific permission, which needs to be adjusted based on the separate RBAC implementation inside AD and ansible tower.

>docs.ansible.com/ansible-tower/latest/html/administration/ldap_auth.html
ldap authentication has literally nothing to do with RBAC in ansible tower.

it's one thing to run through DNs and OUs to find a user and authenticate it, it's another to reuse the same RBAC implementation in AD inside ansible tower.

Thanks, of course you can fully flesh it out with very detailed topics like useful cronjobs or which distro runs best on what hardware. But I just run small scale projects so I hope a few gentoomen who know more than me will upgrade it. Don't know much about hardware or software RAIDs either.

It is the esp8285, the less known brother of the esp8266. It is not my picture, but I wrote actual code to serve with 450 kByte/s over the esp8266 from an SD card.

I'm more interested in low power solutions. Usually for some loggers that capture data from physics experiments out in the field and having a way to download the data easily over WPA2.

Doesn't hurt much to lose a $3 microcontroller to thieves but most people leave it in peace.

> usually one master is enough
Yea, but you are making up entirely weird complications, so let's also go with 50 masters and their own fully independent array of puppet agents on each server.

> you run each playbook on all systems with one key, which comes from the tower itself
No, you don't need to run all playbooks with the same ssh (or WIndows equivalent) login's privileges. How the fuck would you get that idea?

If something sounds this retarded, maybe check a search engine for 2 seconds rather than complaining about it for 20 seconds.

docs.ansible.com/ansible-tower/latest/html/userguide/credentials.html

> ldap authentication has literally nothing to do with RBAC in ansible tower.
Do you want to use LDAP or not? I thought you wanted to avoid dealing with Tower-only RBAC permission management and pull that stuff from LDAP.

That linkage shows how you'd set it up to map LDAP information to the users and groups within Tower.

proxmox.com/en/news/press-releases/proxmox-ve-5-1

>Proxmox VE 5.1 with production-ready Ceph Luminous released

>VIENNA, Austria – October 24, 2017 – announced the release of its version 5.1. Most important enhancement is the software-defined storage solution Ceph v12.2 Luminous which is now stable for production and included in the enterprise support agreement. Proxmox VE 5.1 is based on Debian 9.2 and comes with a 4.13 Linux kernel

>Proxmox VE 5.1 is available for download now at

proxmox.com/downloads

>The Proxmox VE solution is licensed under the free software license GNU Affero GPL, v3

Just in time, will upgrade an existing 3.4 this weekend, I hope. Thanks for the news.

No problem user. Tell us how well it runs.

have they got rid of the nag shit yet?

...

Checkout samba son

>pf for firewalling
post yfw pf can't handle more than 3Gbps

...

which one to get ?raspberry pi 3 vs orange pi prime

as the hardware goes, the orange pi prime is way superior than raspberry pi 3, but what about software support ?

main uses:
file server, media server, and for other things like web servers (node, .aspnet)