I am currently using NPM as my reverse proxy. It runs on a Raspberry Pi which also does pihole. I have a separate server for other non internet critical systems.

So local IP address mappings point a subdomain to the pi's IP, then nginx points to the correct device and port.

I am wondering if Traefik works the same way. Can I run Traefik on the Pi, then point my other sever at it? (I believe Caddy doesn't allow this)

I would like to migrate away from using .env for secrets, and use something hashicorp vault. How would one do this for something like pihole, where there is an env var with the password?

With the latest release of android it now supports some Linux functionality. I got docker installed simply by following Docker's docs.

Any thoughts or uses for a mobile homelab? What would be useful to have mobile?

cross-posted from: https://lemmy.world/post/26434369

I want to compare the security of running my own:

• Wireguard server
• http proxy
• socks5 proxy
• Shadowsocks proxy

I currently port forward for wireguard, but would like some backups/alternatives, and censorship circumvention options. How risky or insecure are these protocols? Can I use them as normal VPNs into my homelab?

Any resources to research further?

Also: should I use my IP, or a domain? Which is better for censorship circumvention?

I want to compare the security of running my own:

• Wireguard server
• http proxy
• socks5 proxy
• Shadowsocks proxy

I currently port forward for wireguard, but would like some backups/alternatives, and censorship circumvention options. How risky or insecure are these protocols? Can I use them as normal VPNs into my homelab?

Any resources to research further?

Also: should I use my IP, or a domain? Which is better for censorship circumvention?

https://github.com/wg-easy/wg-easy

Plus

https://github.com/qdm12/gluetun

The idea being; I can use a normal wireguard VPN from anywhere in the world to connect back to my homelab, all while being able to access stuff on my network, but also have my public IP address set by the gluetun container?

Anyone done this? Or have a docker conpose?

I have a collection of my docker composes and configs. I would like to have the ability to remotely (over Tailscale) deploy and manage remote servers.

This isn't necessarily for redundancy, but I would like an automated way to test and deployments.

I want to make a seperate homelab at my parents that I can remotly manage for them. I have multiple servers at home, so having all of the config in a git repo, and having my secondary computer use the test branch would be super nice.

My ideal scenario:

So say I want jellyfin. I make a compose and config on the test branch. It automatically applies to my test server. Once I confirm it works, it goes to the master branch. Then it gets applied to the production servers.

Can this be done? If so, can Forgejo actions do it?

I am wanting to automate some homelab things. Specifically deploying new and updating existing docker containers.

I would like to publish my entire docker compose stacks (minus env vars) onto a public Git repo, and then using something to select a specific compose from that, on a specific branch (so I can have a physical seperate server for testing) automatically deploy a container.

I thought of Jenkins, as it is quite flexable, and I am very willing to code it together, but are there any tools like this that I should look into instead? I've heard Ansible is not ideal for docker compose.

Not torrenting, but searching.

I want a way to find similar media to the media I like.

Something with a similar to Jellyseer, with a way to browse media.

Is there a way to setup an SMB share or similar via docker? I want to be able to easily turn it off and bind it to a specific folder, and I am comfortable with docker.

Thanks!

I host Crafty Controller (docker) on my desktop, because it is faster than my server. However, I'd like it for a MC server to be always running, so I don't need to power on my desktop for anyone to join.

Minecraft runs fine on the server, as long as there aren't many people on, and aren't exploring new chunks. Generating new chunks is very cpu intensive, but one person exploring can be fine and is acceptable. However, I want a way to switch the same server to run on my desktop, nice and fast.

So basically, it of the time I want MC running on my server, and then when multiple people are playing (including me) I want to be able to turn off the server, and then turn it back on at my desktop.

I use NPM for my domain and SSL, however it'd be fine if people access at serverIP:port and desktopIP:port. That is acceptable (doesn't need to be mc.example.com, but would be nice)

Would Syncthing be the tool to use? I could use it to sync the folder of Crafty to each computer...

I have a 2 bay NAS, and I was planning on using 2x 18tb HDDs in raid 1. I was planning on purchasing 3 of these drives so when one fails I have the replacement. (I am aware that you should purchase at different times to reduce risk of them all failing at the same time)

Then I setup restic.

It makes backups so easy that I am wondering if I should even bother with raid.

Currently I have ~1TB of backups, and with restics snapshots, it won't grow to be that big anyways.

Either way, I will be storing the backups in aws S3. So is it still worth it to use raid? (I also will be storing backups at my parents)

Like the title says, I want to replace the IP address in a wireguard .conf file to be a domain instead.

I own a domain through cloudflare, so say I wanted to use vpn.example.org

What DNS record and info do I need to put into Cloudflare? (I am aware I'll need to update it if my ip changes)

Is there any way to host an android app in a web browser?

Ideally with docker, likely all of Android, not just an app, but running just an app would be amazing.

I may explain this poorly, so feel free to ask clarifying questions.

I have my homelab setup, and you can access services at service.domain.com only on my network or on my Tailscale tailnet.

I use a pihole for my DNS, and so does my dad.

Would it be possible to install Tailscale on his pihole (or elsewhere) so that his entire network can access my services (ie service.domain.com) but not route all traffic over my pihole and still use his?

I use Crafty Controller for Minecraft. I have a server running at 192.168.50.16:25540. I want it to resolve to minecraft.example.com. I have Nginx Proxy Manager setup for my domain and can access it from inside my network, but it'd be nice to be able to use a domain instead.

NPM only has options for http and https, so is this even possible using NPM?

EDIT: this is for only internal access I have external access via tailscale.

I may have messed things up....... I had a lot of docker config and data stored in /home/skynet I then ran a sshfs command and it disappeared. I was trying to send the contents of /home/skynet (server) to /home/shady/skynet (desktop). This was in order to be able to edit the files on the server on the desktop via VSCodium.

I'd love recommendations on how to do this, but first how do I get my files back???

Here is what I did

 undefined

    
skynet@skynet:~/docker/keycloak$ sudo sshfs -o allow_other,default_permissions [email protected]:/home/shady/skynet /home/skynet
[email protected]'s password: 
skynet@skynet:~/docker/keycloak$ cd
skynet@skynet:~$ ks
-bash: ks: command not found
skynet@skynet:~$ ls
skynet@skynet:~$ ls -a
.  ..
skynet@skynet:~$ lsblk
NAME        MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
sda           8:0    0   3.6T  0 disk 
├─sda1        8:1    0    16M  0 part 
└─sda2        8:2    0   3.6T  0 part /media/devmon
nvme0n1     259:0    0 476.9G  0 disk 
├─nvme0n1p1 259:1    0  
  

I would like to make some of my self-hosted services externally accessible. Currently I use a VPN to access stuff externally, however this doesn't work on all use-cases. I also use Tailscale for some things.

I would love to use cloudflare tunnels and another auth solution (like keycloak) to replace Tailscale and the VPN.

Is this feasible?

My end goal would be to setup Immich for my family, and have them not have to worry about Tailscale, a VPN or anything other than some initial login to keycloak (for example)

I am trying to not use any Google services for notifications and so I'd like to make a script to send notifications via ntfy based on discord messages.

How would I get access programmatically to my own discord account? Do they even support it? They have bots, but is their api for DMs?

Edit: the solution may just be a bot in servers, then not responding to DMs unless they use signal

I have my own invidious instance, and i want all the new videos from my subscriptions to automatically get added to a playlist. Anyone know how do do this?