I’ve not looked into it much yet, but https://radicle.xyz/ seems interesting.

It’s kinda a bittorrent-powerd codeberg and it looks like it’s worth playing around with (even though it might not get you rid of much bandwidth… IDK how popular it is, but source usually doesn’t weigh that much).

What does “powerful” distro mean? (no, I’ve not watched the video - just curious what it means)

Getting the router to actually assign an IP address to the server

You would typically want to use static ip addresses for servers (because if you use DHCP the IP is gonna change sooner or later, and it’s gonna be a pain in the butt).

IIRC dnsmasq is configured to assign IPs from .100 upwards (unless you changed that), so you can use any of the IPs up to .99 without issue (you can also assign a DNS name to the IP, of course).

all requests’ IP addresses are set to the router’s IP address (192.168.3.1), so I am unable to use proper rate limiting and especially fail2ban.

Sounds like you are using masquerade and need DNAT instead. No idea how to configure that in openwrt - sorry.

A NAS is just a computer and TrueNAS is just Linux (ok, TrueNAS CORE is Bsd).

You can run zfs on any machine: they recommend loads of RAM for optimal performance, which you don’t need at home (or at work, unless your job is running a data center).

You can choose from a number of FOSS NAS-specific operating systems, plus all linux distros (since you post here, I’d assume you either can or aim to administer a home sever?)… why would you go with a proprietary OS?

There are several FOSS operating systems for network equipment too (keyword “NOS”), but as far as I’m aware none that work on small soho/edge switches. OpenWrt runs both my router (mikrotik) and WAPs (tplink), but the two 8-port switches I have at home (also tplink) run their proprietary firmware.

Don’t tear down your server just to have fun - setup a vm (or get one of those minipcs), call i “playground” and have fun there.

Redo your server after you’ve tried different things, and only if you feel like you found something that is worth it.

Experimenting with different distros can teach you a lot (especially if you try very different ones - mint and debian aren’t that much different) and I do recommend you do it, just don’t do it in production :)

That just build t8plus becomes nixos-rebuild build --option eval-cache false --flake './nixcfg#t8plus' (the flake is at ./nixcfg/flake.nix).

Honestly, do we need a legal definition of what “self hosting” is and what isn’t?

I didn’t see your post and in the modlog I can only see it’s title: “Apparently I’m into Web3, says Netcup” [ed: Netcup is a hosting company].

If your post was discussing stuff specific to your hosting provider, then the mods did well in removing it - if you were talking about things that would have interested this community, then they have probably been too rash in removing the post.

IDK how much I’d trust them with tech stuff (not much, definitely). However I don’t see how encrypted storage may become an attack vector?

I mean, they could clog up the HDDs with crap, but they can already do that via non-encrypted network storage (and in several other ways).

I don’t remember them asking for any ID. Then again I gave them my real name/address and I payed with my credit card so… it’s not like they can’t confirm it’s me.

(I missed the first part so I’m not sure I follow)

How are the the subdomains resolved? If you registered them on a public DNS that might be what leaks them. Otherwise… maybe your browser?

I moved to infomaniak because registering domains come with a free mailbox (or at least they used to - IDK if it’s still like this).

It works fine with lego (as should any other supported one).

IDK where I’ve read that… should have double checked before posting, my bad.

Quick fact checking:

US police kills some 1,281 people last year (wikipedia).

1,281/340,110,988*100,000 gives around 0.38 police killings/100,000 people, which is below homicide rate in EU.

I couldn’t (be bothered to) find out what the overall European homicide rate actually is (it also depends on what you count as “Europe”), but Germany is at around 0.8, France at 1.8, Italy at 0.57, Spain at 0.9 and Poland at 0.8 (these are the five most populous countries). So… let’s guesstimate it at around 1? (numbers are from this random source).

We can conclude that US policemen are roughly 38% as deadly as European criminals (if it wasn’t clear, this last statement is a joke)

TLDR: Protesting or resisting privately inside your house does not lead to social change and is not the most rational way of protecting yourself if you feel threatened by your government.

Self-hosting is not “resistance”: at most, it’s prepping for nerds, with computers instead of guns.

Self-hosting is not even a rational/efficient way of making a statement. If that’s what you want, it’s far more efficient to follow the established tradition of declaring you are moving to Canada and not following up with actual actions.

Don’t get me wrong: I can relate to the nerdy way of coping with the ugliness around us (I say “us”, but thankfully I don’t live in the US), but - the way I see it - it’s that your society that needs change, and self hosting won’t help with that.

Frankly, the shit you US people are putting up with is unreal.

It has always been (US police forces kill far more people than the overall homicide rate in Europe - read that again and pause a second to think about it this isn’t true - see comments below), and it’s just getting worse.

If you feel threatened you can essentially respond by fighting, fleeing, or cowering.

If you wanna FIGHT (this is what “resistance” is about), try to use whatever power you have and apply your energies to bring actual change. If you don’t feel comfortable acting outdoors, this could include lending your nerd skills to protesters or (nonviolent) resistance groups. Heck, even being a keyboard warrior is more useful to changing society than being a hobbyist sysadmin.

If you wanna FLEE, just leave the country. Honestly, there are better places to live than the US, and (if you have or plan to have any) better places to raise your children.

If you wanna COWER, then be a prepper or a self-hoster or whatever, but be aware that, while misrepresenting your reaction as “resistance” may make you feel more heroic than you are, spreading the misrepresentation can also lead others to cower instead of fighting. Is that what you want?

By that reasoning, backup isn’t redundancy because you’ll lose your data if the backup gets corrupted while restoring.

That said, there’s nothing wrong in redefining “redundant” to mean “having two or more duplicates”… you should however tell people if you do, to avoid misleading people that assume the dictionary definition.

deleted by creator

RAID (except RAID0) is data redundancy, it just isn’t backup (ie. it doesn’t help if you accidentally delete stuff, or if some bug corrupts it, or if you drop the computer while moving it).

is there an easier way to do self-signed certs besides spinning up your own certificate authority?

Letsencrypt works fine, just use a “real” domain and DNS challenge.

Your service will need to be on the “real” domain, but it won’t need to be accessible externally and you won’t need a public DNS entry for it (of course your VPS will still need to be able to resolve the backend’s name).

In layman’s speech (my speech) raid 1 and mirroring are essentially the same thing.

Technically, IIUC RAID is only used for hardware raid controllers, ZFS calls their equivalent RAIDZ1 (and I think it stores data in one disk and parity in another?) and both LVM and btrfs call theirs mirroring (each with its nuances). Whichever you pick, it’s a mode where you use two disks at 50% efficiency and your data survives the loss of one disk.

There are configurations that use more disks with higher efficiency than 50%, but I would avoid them in a homelab because the more disks you have, the higher the power drain and the higher the chance that at least one of them will fail. In a homelab scenario what you really want to minimize is the chance of needing to perform maintenance (replacing a drive in a RAID and restoring from a backup are both a hassle, and it’s not like the first requires significantly less work).

In your shoes (and in mine, whenever I’ll need to redo my RAID1 NAS), I’d skip RAID altogether and use the extra disk for extra backups of the data I care about.

Most of my NAS is filled with movies I’ve ripped, and I honestly wouldn’t really care much if I were to lose them: the movies I may want to re-watch are really few and I can just rip them again (or even buy them again) if the need arises.

Backups are enormously more important than RAID (will RAID do anything for you if you accidentally delete your family photos? what if the NAS floods or gets dropped on the floor?): you should really direct your time/resources/effort towards setting up automatic and monitored backups before worrying about RAID.

A NAS is any computer with space/connectors for drives and an ethernet port… it doesn’t need to be powerful or state-of-the-art, and there’s really no reason it should be expensive (besides the drives).

Of course companies will be more than happy to sell you an outdated J4125-based computer with 4 disk bays for over 500EUR, but that doesn’t mean you have to bite.

As for RAID, if you want to use it, just setup mirrored drives (ZFS, BTRFS or even LVM) and be done with it: you’ll need backups anyway so don’t overthink it. Unless you want to avoid downtime (which isn’t probably a big issue for most of your data?), you can do without RAID and just restore from backup if a drive happens to break.

If you don’t want to build your own PC, I’ve heard good things about these: https://aoostar.com/collections/nas-series (beware: I didn’t try any of them - my N3150-based NAS is not old enough to need replacement yet)

Leverage whatsapp and hang good old posters around the neighborhood?