I can’t say I’ve seen anything like that on the webservers I’ve exposed to the internet. But it could vary based on the IP you have if it’s a target for something already I suppose.
Frankly I’m surprised that machine I setup didn’t get hacked.
How could it if all you had was a basic webserver running?
Getting DDOSed or hacked is very very rare for anyone self hosting. DDOS doesn’t really happen to random people hosting a few small services, and hacking is also rare because it requires that you expose something with a significant enough vulnerability that someone has a way into the application and potentially the server behind it.
But it’s good to take some basic steps like an isolated VLAN as you’ve mentioned already, but also don’t expose services unless you need to. Immich for example if it’s just you using it will work just fine without being exposed to the internet.
Seems like a good way to do it, would be fun to try that setup myself.
Without a ground there is nowhere for a surge to go, permanent damage is much more likely. Surge protectors or a UPS will not protect against surges at all without a ground.
There’s also no ground so the chassis may have enough voltage on it to cause a shock if you touch it. This could also damage components as they are not grounded and touching things can introduce high voltage from static electricity which will have nowhere to go.
Additionally if you have ethernet connected to it the system may end up grounding itself through the ethernet cable, if the device at the other side does have a ground, which could cause issues.
So it basically just means you have a much higher chance of damaging the parts, or injuring someone touching things.
Something with a GPU that’s good for LLMs would be best.
Yeah that looks fine, odd.
I assume this is a pretty normal install of Ubuntu, and /var/lib/docker hasn’t been messed with at all?
The question is, is there any way without having to format the hard drives with data?
MergerFS would let you pool drives without needing to set up RAID and format them.
Then add SnapRAID on top of that for parity.
Like, could there be a duplicate dB volume and when the stack gets restarted, docker picks one or the other?
I’m not sure that is possible. Once a service has a volume defined it’ll use that unless you manually change it.
But if you don’t have a volume defined, data won’t persist when the service is updated.
If you’re just using the compose stack given by Immich, then everything should be set up properly though.
Immich has been great, no issues with any of their breaking updates so far.
I’m running several used (“renewed”) enterprise SAS HDDs and enterprise SATA SSDs. They’ve been solid so far.
The HDDs came with about 30k hours each which is not bad at all, and the SSDs only had around 100 TB written out of the total 6.2 PB rating.
I’m not sure I would do used with standard consumer HDDs, they typically don’t last as long and are likely abused a lot more in a desktop PC vs a datacenter server.
As always have proper backups in place, all drives fail eventually no matter where you buy them.
You mean run those programs directly on opnsense? I don’t believe there is any way to do that.
No configuration is needed on opnsense to use them as normal on your devices though, so that’s your best option.
It does have that.
Unfortunately Proton doesn’t have much in the way of standard protocols, no IMAP/SMTP, CalDAV, CardDAV, etc…
IMO Nextcloud while not great as a file syncing program, makes a pretty good Calendar and Contacts storage with full support for those protocols, and a webUI to access them.
You could technically do that from like 2x ~$150 used business desktop PCs off ebay, 10th gen Intel CPU models or around there with Core i3/i5 CPUs.
Throw some M.2 SSDs in each one in a mirror array for storage, add a bit of additional RAM if needed and a 10G NIC. Would probably use about 30-40W total for both of them.
Minecraft servers are easy to run, they don’t need much especially on a fairly modern CPU with high single thread performance, and only use maybe 6GB of RAM for a modded one.
You’re not asking for a whole lot out of the hardware, so you could do it cheap if you wanted to.
Damn that’s a setup alright!
If you’re making use of the hardware it’s well worth it over anything cloud based for sure.
About 120W total for:
I just do the first option.
Everything is pretty much idle at 3am when the backups run, since it’s just me using the services. So I don’t really expect to have issues with DBs being backed up this way.
I don’t even have all that much storage (18TB usable), the other side of things is I’d need 8x 5TB 2.5" drives in RAID 10 to be equal my 2x 18TB 3.5" drive mirror I have now, which means I’d need to add an HBA card that also consumes more power. Even if I ran RAIDz2 I’d still need 6 drives.
Price is another factor, from some poking around 2.5" is around 2x the cost of what I paid for my 3.5" drives.
It looks like about 2-3W with 2.5" vs 6-8W with 3.5"
So 3.5" drives are going to be more efficient, since you can get one that’s 4x the capacity (20TB vs 5TB) for only a little over double the power usage.
Less noise is definitely a bonus if your NAS sits next to your workstation or something though.
Quality of their products maybe? Cloudflare feels like they put a lot of effort into their product, Google not so much with how buggy everything is and how often they just abandon products they offer.