comfy behind-the-sofa homeserver edition! + run your own DNS server edition: zwischenzugs.com/2018/01/26/how-and-why-i-run-my-own-dns-servers/ + RISCV Homeservers NOW Are you interested in learning Linux or BSD administration and configuration better. Becoming a systemd expert? Or maybe you hate that shit and want a cozy little BSD machine to run services on and interact with. Or practice more advanced and complicated networking setups.
>news: > LKML is hosted on somebodys homeserver! > Everybody is switching away from freebsd, nobody knows why
>chat > discord.gg/9vZzCYz > or use riot.im and join #homeservergeneral:matrix.org
make sure that your rtorrent is safe, check that you dont have XML RPC on.
Michael Hughes
Guys, before doing any of this make sure your ISP won't come after you.
Ethan Walker
Why dont you work with the gternet thread? They do a cool project themselves, might as well collab to keep a thread up
Juan Richardson
Going to be adding 10 GBE to my stack soon. Next objective is full SSD Storage.
Anybody know if the R710 can support NVME? Haven't been able to find anything about it.
Also, any ideas to a monitoring solution would be welcome. Can Nagios send warnings to email?
Sebastian Howard
>your raspis arent servers
Gavin Jackson
>Next objective is full SSD Storage. That's pretty weird - why would you need full NVME storage?
Are you trying to make ZFS work okay or something? It's a dead end for performance, eh.
> Can Nagios send warnings to email? Yes.
Jaxon Brooks
I just installed a 4TB 2 drive Raid1. Feels good to have failure resistant storage finally
Blake Butler
I'm so fucking tired of file permission bullshit on my multi-user cross-platform smb+ftp+webdav+syncthing setup I want to throw away that server and get some synology or qnap box. How loud would 8 7200RPM HDDs in hot-swap bays rattle compared to being hung in Node 804?
Elijah Gomez
>file permission bullshit chmod -R o+rwx /*
Christian Powell
Maybe I should have said "cross-user" because I need for example some directories to be writeable by all on some protocols but read-only or single-user on others. I have a combination of acl inheritance and focing user/group in server configs that works so far but at least once a month I had some updates to smb or ftp or syncthing that randomly broke my previous setups.
Ayden Bell
Consider symlinks, or some brutish workaround where you have two copies of some things.
Jordan Brooks
>file permission bullshit I'm certain you have no idea what you're doing, because that's some trivial shit. File permissions aren't something you should have to wrestle with.
Female with large breasts to bait you into reading this post
Landon Murphy
check DNS
Brandon Reed
Write a bash script that sets up all the groups and such so the permissions work.
Christopher Miller
DNS is good, all the IP are the same. When I diable the vhost, the fallback of the server works (a 404)
Alexander Price
Point your webdav server at a bind-mounted directory, where you can re-mount readonly directories. If your directories need to be more complicated, you're doing it wrong and you should just give up.
/mnt/webdav
mount -o bind /path/to/webdav/ /mnt/webdav mount -o ro,bind /path/to/webdav/readonlydir /mnt/webdav/readonlydir
Connor Sullivan
Sure, ACL me this directory: >syncthings to a windows machine >guest-writeable on smb for pre-defined IP range A (lan static trusted) >guest-readable on smb for pre-defined IP range B (lan dhcp guests) >readable by authenticated users on smb for pre-defined IP range C (WAN-VPN) >writeable by one user and readable by multiple on ftp and webdav Setting files created by syncthing or ftp as guest-writeable on smb was most troublesome so far.
Kevin Stewart
Stop using unauthenticated network shares.
Henry Rivera
why are you using apache instead of nginx?
Blake Bell
You're doing it wrong lmao. Tell me why you need an ACL for this instead of just using a sub interface tagged into a different VLAN and separate smb shares? And then a simple firewall rule to route the WAN-VPN one to the correct share.
You're going to give yourself brain cancer by trying to jump through hoops. Why do you do this to yourself?
Jackson Martin
THIS.
Camden Mitchell
because I'm using it for years, I use .htaccess, and I don't know how to configure nginx
Lincoln Flores
Don't worry, nginx is shit.
hurr durr
url.com/perfectlylegitfile.jpg;.php
Aaron Sullivan
>RISC-V home servers I want RISC-V desktops with free as in freedom graphics and boot firmware solutions. This means a mini desktop or laptop that can run a basic window manager and use Coreboot without any botnet blobs for some chinkshit GPU or an NSA approved EC.
Any computer that runs software that allows it to be accessed remotely by other similarly networked computers and exposes files, disk space, or some other functionality to the remote user should be considered a server. A Raspberry Pi makes a really shitty server, but nonetheless it's still a server. Get fucked, faggot.
Ryder Smith
is there any reason to use an router instead of a switch that is connected directly to the modem?
Samuel Cooper
Work supplied me with a TS-1685 from QNAP. So far, I have been happy with it. 12-3.5" drives, 4-2.5" drives, 6-M.2 drives, 4 gigabit ports, 2 10 gigabit ports, 3 PCIe slots, 128 gigs of ram, and an Xeon processor. being said, it was paid for by work. I would hate to see how much it cost, not to mention filled with 8TB drives, 2TB SSDs, and 1T M.2 drives.
James Hall
>That's pretty weird - why would you need full NVME storage?
I'm aiming for better VM performance by increasing IOPS. Its not something I necessarily need, but it would be nice.
>Are you trying to make ZFS work okay or something? It's a dead end for performance, eh.
I'm not using ZFS currently, might be a project for the future. Also I thought it was more dependent on RAM than IOPS.
Caleb Cook
I'll just keep reposting. Recently i did set up a pfsense box with 3 vlans, messing around with the traffic shaper i realized after a while that a setup in where vlan 1 has priority over the rest but if vlan 1 is not using anything vlan 2 and 3 can use all the traffic is impossible. So i did setup some minimum bandwidth reserve for vlan 1. Is that the best it can be done in this case?
Cameron King
ok, I found what is the problem, 443 is blocked (other domains vhost doesn't force redirect to https). But I don't know where or how. >Apache is listing to 443 >nothing in Apache's access log for 443 >when I try to renew my certs with certbot, "http-01 challenge" works but "tls-sni-01 challenge" end with timeout >this is my iptable -L: Chain INPUT (policy ACCEPT) target prot opt source destination f2b-pure-ftpd tcp -- anywhere anywhere multiport dports ftp,ftp-data,ftps,ftps-data f2b-sshd-ddos tcp -- anywhere anywhere multiport dports ssh f2b-sshd tcp -- anywhere anywhere multiport dports ssh
Chain f2b-sshd (1 references) target prot opt source destination REJECT all -- 185.143.223.135 anywhere reject-with icmp-port-unreachable (and a ton of other ip banned) RETURN all -- anywhere anywhere
Keep on trying to justify your poorfaggotry user. If all you can afford to spend is $30 on some shitbox with less power than a phone, you dont belong here. Go back to the phone threads where you belong.
Owen Reyes
replaced my ts140 with a dl380 for my file server, pulled one of the cpus out and set the other to 2 cores so its only pulling 100-120w which is fine in my book. currently using 4x6tb wd reds in raid 6, will add more drives when needed.
going to use the 4th 380 to replace the ts140 as my 3rd host but need to buy another 1500va psu since running them all off the same one would put it right around 100% capacity so im just going to split everything up.