• 1 Post
  • 13 Comments
Joined 1 year ago
cake
Cake day: October 17th, 2023

help-circle




    1. Build your own router, segment your network. I suggest OpenWRT. Openwrt is less stream lined, which means you learn more. You’ll learn trunking, VLANs, sub netting, DNS. Do it all through CLI.

    2. Reverse proxy, internal and external. Use Traefik or caddy.

    3. Encryption keys. Seems simple. But learn and master ssh keys. The Internet works by communicating from point A to point B. And keys help encrypt the traffic. You should be able to type “ssh hostname” to get into any server you want access to, without the need for a password. Bonus points for finding a secure way to set cronjobs to automatically cycle keys, for security practice.

    4. Docker machine. Master docker. Learn docker compose. Everything CLI.

    5. Proxmox. Put everything on a VM or container. Create a nas, for storage for your VMs. Bonus if it’s strong enough to run many VMs, you can use to host a instance of any software that you are trying to learn. I for I stance am loading windows server 2022 and multiple windows 10 and 11 instances that I can control.

    Do everything through CLI. Take notes on what you did (you won’t remember, it’s ok, no one remembers). Practice documentation.


  • A few reasons.

    1. Privacy, you control your data. It doesn’t go to someone else’s server to sit.

    2. Security. It’s on your server. Password managers are primarily targets for hackers, i don’t want to name names, cause I’m not 100% sure of the name. But, one pw manager was hacked like 3x in the past year or something. It’s on your server, you are less likely to be targeted for a huge data breach, and you get to manage your data. Not someone else who fucks up.

    3. You can’t be banned, or have the provider suddenly change access to the server, thus losing your data. I will name names here. MyQ garage door opener by Chamberlain suddenly removed the smart home integration, since the whole system ran on their servers. Removing the functionality users paid for. But they don’t own it, so they just got fucked. Your data/service on someone else’s server, is actually their data/service, you are just a visitor.


  • So… Your issue isn’t going to be getting them what they need. Your issue is gonna be need High Availability and scalability. To give them info, you can create a VPN, or some sort of tunneling service. You can migrate to a cloud service such as azure, AWS, or Google cloud.

    Scalability means that if your business expands, it’ll be easy for you to expand computing resources, without the need for redesign (this gets expensive). Also you don’t want to be stuck paying for services you don’t use. No sense buying a $1k server, if a $200 server does the job. But that $200 server might not be enough next week.

    High Availability means, if the server your instance is on goes down, it will automatically populate on a different server, so your employees/interns never lose connectivity.

    Once you decide that platform, you need someone who will administrate users and privileges, backups, basic IT support to those in the field.

    This is typically what a MSP handles for businesses. Designing, the system, and the way the system is maintained is why ppl get paid the big bucks.

    This is why, most businesses hire a IT professional to do this. They should know, saas, paas & iaas. Know which one is right for you, help you decide which cloud platform you go with, and which security measures you go with.

    Now you’ll likely find a solution that works on this subreddit, you’ll likely find cheap solutions, overly expensive solutions, and secure and insecure solutions, and everything in between. I’d be looking to either hire a system administrator, or a MSP to set this up right from the getgo. If you feel you are up to that task, by all means. But, as someone who ran a business, and is now looking to get into this exact field. This is a full time job you are giving yourself.


  • Direct playback doesn’t require much compute power. Just run Ubuntu server on the pi, spin up the containers, and get a fairly large HDD. An external HDD should be fine.

    Any transcoding will be a issue tho. Like, if you use Jellyfin, and it wants to transcode your subtitles (even tho it shouldn’t), you won’t be able to stream anything 😂. I had this exact issue, and it was kinda pathetic that couldn’t get subtitles to stop transcoding. It isn’t transcoding now, but I also have a way more powerful server.

    If you want to go more powerful. I’d recommend the build on Wolfgang’s channel, with a N5105 NAS board, the N5105 is strong enough for 4k transcoding. It has 2x nvme, 6x sata, and up to 64gb of ram. Throw it in a decent case. I’d run Proxmox and Ubuntu server on Proxmox, this just makes it easy to backup your VM, in case something breaks and you want to rollback. At which point you can just throw HDDs in, or make them a ZFS pool, or a raid pool. Up to you.







  • Uh… Ppl are typically running QBitTorrent or deluge, I like qbittorrent but it doesn’t matter. I use a image with a VPN included, but you can run a VPN separately too. Whatever you get working really.

    Than you typically run a index manager like jackettt or prowlarr, prowlarr seems to be the most popular these days.

    Than you run a few programs, radar, sonarr, reader, there is 1 for music as well, this actually uses the indexer to pull the torrents and put them on your torrent client.

    Then you run a media request app, overseer or jellyseerr, probably jelly these days. Which allows you to search and request whatever media you want, which prompts the arts to do there thing, which prompts torrent app to do it’s thing.

    Then lastly, you run a media server, like Plex, Jelly, Kodi, or Emby. Whichever you prefer…

    If everything runs smoothly, you go to seerr, request media, than a little while later it’s on your media server.

    You can add a few things, like ntfy to get notifications when your files are downloaded, or server is updated with the latest file. You can add a VPN to get access to your apps outside of network. Or a wire guard tunnels, to get in, or simply host on a domain.