I just did a proxmox update and reboot last week, but before that it was months of uptime.

Some networks block Wireguard connections.

Dollars to doughnuts they’re blocking the default Wireguard port. Change your wireguard port to something like 8080 or 8443 and you’ll almost certainly make it through

CF tunnels to access generic apps I want public.

I totally could move everything that’s on CF tunnels over to Wireguard, but I see no need to do it

How would you keep the public apps public if you require a wireguard connection to access them?

Yes.

I use all three for different purposes.

It all depends on what my requirements for self hosting some are.

Tailscale has its use when you are behind CGNAT and don’t want to VPS a Wireguard server somewhere with a static IP, other than that, it has no use in my opinion. I’m fully aware that I get downvotes from people who praise the zero trust principals of Tailscale and all the rest, but they always forget that you can do zero trust since decades with any network equipment (VXLAN) and add Wireguard to the mix.

People just forget that all Tailscale is is a fancy GUI for managing Wireguard. That’s it.

Wireguard lacks a lot of user management features so you need a service like Tailscale to handle that, but everything zerotier does is something you can already do in wireguard, just simplified.

How do you access those services from a public network?

With Wireguard?

It’s mostly for internal stuff with a NAS. Uploading and downloading files off a NAS or streaming 4K content can all benefit from 10G

I got 2x1000v/800w USPs for $145.

Some light strips to put in TM server rack for $9

A 24port patch panel and keystone Jacks for $35

A keyboard drawer for $50

And a rack mounted Fan for $100.

My 2024 New Years resolution is to make my server rack not look like a piece of shit.

I block the entire cn TLD (and the RU, PK, Top, biz, info, and IN TLDs) and haven’t had any issues.

I also go a step further and block all IPs in those geolocations in my Router.

Google Photos.

I pay $15 a month for unlimited storage.

Photos of my family are of the most important things to me so I’m paying out for guaranteed redundancy.

I still host a local photo storage version but I also backup everything to Google Photos.

Have you tried using a USB drive bay station with proxmox before?

I’m debating getting a 5 bay station, plugging it into my proxmox and passing the USB through to an OMV VM but I’m not sure if that will work.

In short cloudflare is both a DNS server and a reverse proxy. When you add a DNS record in there and mark it as proxy cloudflare will publish the DNS record but will instead give its own IP as the destination.

When a visitor enters your URL instead of getting your IP they will be given Cloudflare’s IP. The visitor will then send their web request to Cloudflare. Cloudflare will then send that request to your actual IP.

That’s the basic version. However, Cloudflare’s position as a proxy gives it the ability to inspect and act on traffic as a WAF, blocking traffic that meetings the IDS/IPS rules.

My wife and I each take a lot of random photos and screenshots and things we don’t want to share with each other (and we probably don’t want to be bothered with each other’s random stuff), so we don’t want to just do something like turn on Partner Sharing on Google Photos.

You can specify what gets shared with partner sharing. My wife and I have partner sharing set up so that it automatically shares photos of our kids with each other but not anything else.

AdGuardHome

Cloudflare tunnels being unsafe for exposing your locally hosted services to the web

That’s the pout of Cloudflare Tunnels. It’s a reverse proxy.

Cloudflare Auth (zero trust) can lock down the tunnel so only certain people can access it.

I want to clarify something though. Cloudflare Tunnels IS SAFE. But if you choose to use it in a not safe way that’s not the fault of the tunnel.

It’s like putting on a bicycle helmet and then running on the freeway and wondering why your leg gets broken after getting hit by a car.

“but I was wearing my helmet” great, but that wasn’t the point of the helmet.

RAM doesn’t need to be divisible by 4. You can mix and match sizes of RAM it’s just not advisable.

Jdownloader

Why not just use the Cloudflare Tunnels command line binary?

It can automatically create the CNAMEs

Oh yeah, got rid of the damn thing within 30 minutes of registering but it was too late. I assume bots grab that info as soon as it’s posted.

Probably got pushed to the larger system.

There’s more than one entity that controls WHOIS information. Typically as soon as WHOIS information gets published it gets copied into a bunch of different registries so you have to contact them all and have them remove the information

Both. I have things that I host simply for fun, but most of my homelab is for experimentation.

I practice with different technologies so I can try to learn how they work.