1·
23 days agoYou could use SyncThing and then run a backup on synched folder on the server
- 11 Posts
- 136 Comments
Joined 1 year ago
Cake day: June 13th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
😆
Sorry for the late reply. I mean a service that let me stream music, that let me listen to music offline and that let me download Spotify Playlists without the need to download every single song manually.
Good to know, thanks! Do you know a way to download the Spotify playlist in Jellyfin without the need to do it manually?
Chinese…I don’t know how, but they manage to always create the worst UI. Also, chinese…I will definitely block Internet access except sometimes just to check for updates. The 10/100 NIC is enough for KVM, not for transferring ISOs 🫤 By the way, keep me posted.
Wow, nice! At that price it’s way better than the PiKVM! Keep me posted on the resolution of your problem. Have you written to the support?
Thanks for your point of view. All of my services are containers that have config and data folder bind mounted from an encrypted partition. After power on, a script download from a website half of the key needed to decrypt data, the other half is in the boot partition. In this way if my server gets stolen I can delete the half key stored on the website and the data disk can’t be decrypted. About swap, you’re right, but that doesn’t worry me at all since I don’t think that there’s anybody that would goes into that trouble just for my data. If someone is able enough and takes the trouble to read it, I guess that’s going to be the last of my problem: it would mean that I’m already in biiiiig troubles! 😆
You’re just missing the part where I want to be on vacation without the need to find a decent Internet connection to boot my server because the power went off. What’s the plus of encrypting the OS partition too?
That’s interesting, but that won’t help if I’m away or on vacation on the other side of the world
If you tick the encryption box during install, you will have to enter the decrypt password at every boot and that means that if the power goes out for long enough (UPS doesn’t keep the server up for hours), I (and my family) will not have access to the self hosted stuff until I’ll be home and this is why I encrypt only the data partition and not the boot one.
I do bind mount data folders of the containers, I do backups, I have a notification system that alerts me if a container is not up, but a container can be up but have problems and, most importantly, I (and I guess a lot of other people) don’t always have time to solve problems. When I a few spare minutes a do a snapshot, I update the containers and if something goes wrong if I have time I troubleshoot it, otherwise I just roll back the snapshot and I’ll have a look at the problem when I’ll have time.
But from the moment that the script updates and breaks something and the moment he realizes it may be too late for some applications.
For example I host Traccar to track car/vans and in this case some tracks would be lost. Or maybe SyncThing, he may realize days/weeks later that a sync is not working and if he was synching his smartphone pictures with his server and the smartphone is lost/broke/stolen, he may lose days/weeks or even months of pictures.
I wouldn’t trust a script. Use Watchtower or What’s up Docker
So it’s the use of a browser within a browser? Is it any different than just using Firefox containers (they are AWESOME!!!) and a VPN add-on?
I use BookStack and with Node Red I export to PDF the books as soon as pages get updated, so if everything goes feet up, I have all the documentation in PDFs (locally and automatically uploaded to a free DropBox account, still done with Node Red).
But the attacker should know the internal and the external DNS. If the internal DNS doesn’t have any SSL certificate on its name, it’s impossible to discover.
By the way, I always suggest to reach services through VPN and use something like Cloudflare tunnel for services that must be public.
P.s. Shouldn’t public and private DNS be inverted in your curl example?
Or just point secret.local.mydomain.com to the LAN IP of the server.
To avoid opening ports, have a look at Cloudflare tunnel.
Thanks, I did’t know that.
Well done!
That’s great, really, well done! And I love that spirit, that “peace of mind” of not wanting more and enjoying what’s enough!
All the best!