Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.9K
active users

techhub.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.8

#selfhosted

105 posts85 participants5 posts today
Public
MIXEDUNIVERS

How do you document your Homelab?

discuss.tchncs.de/post/3662644

discuss.tchncs.deHow do you document your Homelab? - tchncsHello, how do you document your home lab? Whether it’s a small server or a big one with firewall and more nodes. I have a small pc with Proxmox and there I have a VM with OpnSense. After I’ve entered my VPN as a interface in OpenSense, I noticed that I slowly lose the overview with the different rules that I have built in my firewall. And I know that my setup is relatively easy in comparison to others here in this community. I want to have a quick Overview at the various VMs, like the Lxc container, Docker containers that I have in this and the IP addresses that I have assigned to them. I search for a simple an intuitiv way for beginners.
#selfhosted
Public
trilobite

My first seccam, now the Frigate mystery in LXC

lemmy.ml/post/30282909

lemmy.mlMy first seccam, now the Frigate mystery in LXC - LemmyJust got my first security camera, a Hikvision multi focal 4MP. I got Proxmox up and running and installed Frigate through the community LXC repository on github. Most of the documentation is to first install Docker as LXC and then Frigate as a normal docker compose yml, where all the configuration is done. Now that I’ve skipped the docker bit, how do i config my camera on frigate. From reading the frigate website, i need access to config file. I also need to tell frigate to save all streaming on my Truenas that I’ve shared with Proxmox via a NFS share. Anyone have a similar setup? These LXC containers seem pretty cool as concept, as from what I understand, they’re similar to a bare metal install except the host shares its kernel and they bring the convienence of containerisation. Basically, LXC and Docker are similar in concept but with Docker you have the benefit of compose and portainer which are universal whereas LXC is part of Proxmox. Is that a fair summary?
#selfhosted
Public
Jerry on Mastodon

I was looking for a new email domain for personal use. I'm surprised that federation.email wasn't already taken. It is now :)

It's a perfect union representing my love for both Star Trek and ActivityPub federated applications.

I'll use it with my own email server, which is much better than hosting it with an email provider where all the email addresses just go into the same inbox as your main email account. So, it's really just a bunch of aliases and a catch-all address for your main email account with the provider.

With my own server, each email address has its own space and separate account profile. I can give accounts to an unlimited number of people for their personal use, for example.

#Email#selfhosting#selfhosted
Public
prozak

Want to introduce you all the Humble No-E-Waste, guess I could call him Wall-E. This #homelab #selfhosted NAS was bornes from the itch of buying and building a new N100 based NAS to consolidate 4x14TB HDDs I had around.

Instead, I repurposed an old gaming machine I had with an i7-3770k, 32gb RAM and grew it to the following:

1xsfp 10gbe NIC - also had it
7x14TB HDD - had it
1xPCI express 6 ports Sata card - had it
4x4TB Samsung SSDs - had it
1x1TB Samsung SSD - had it
1x128gb OS SSD
2 new SATA cables - 10 dollars

I am now the proud owner of a competent NAS that saturates 10gbe in iperf3, averages 800MB/s writes in large files and Averages consumes 90 watts of power (the amount of disks is insane).

I introduce this to you all to share the idea, you DONT need to buy new hardware every time, since gen3 Intel is extremely competent for small user dataset.

Reduce e-waste, consider buying used or repurpose before going new

Public
ftbd

Containers in NixOS

feddit.org/post/12610534

feddit.orgContainers in NixOS - feddit.orgHi everyone! I’m in the process of finally doing containers right in my NixOS installation. This is my ‘wishlist’: - podman containers should be run by users with minimal permissions - separate user per container - containers managed by systemd services for easier management My current work-in-progress setup looks like this: For each service (called $name), I have: - a user and corresponding group (referred to as $uid in the following) - a directory /srv/$name owned by $uid, in which mounted volumes are located My containers are declared like this: nix virtualisation.oci-containers.containers = { $name = { image = ...; ports = [ ... ]; volumes = [ "/srv/${name}/config:/config" ... ]; user = $uid:$gid; extraOptions = [ "--security-opt=no-new-privileges:true" ]; }; }; Now for the parts I don’t fully understand yet: - some images allow setting environment.PUID to specify a user. Does setting this option (and not setting user=$uid in the container declaration itself) mean that the container will be run as root, and the program inside will merely use PUID when e.g. creating files? This would still allow a malicious container to run commands as root on the host, right? - virtualisation.oci-containers.containers creates a systemd service. Since this is not a user-service for my user $uid, I need sudo to start/stop the container. Does that mean that the systemd service is run with root permissions, but it executes the command to spawn the container as $uid? If whatever is running inside the container was malicious, is there a functional difference between the container being started ‘by root as $uid’ and it being started by me (after logging in as $uid)? - Is it feasible to make these systemd services user-services owned by $uid instead? - Are there further hardening steps I forgot about? Thanks for your input!
#selfhosted
ExploreLive feeds
About