One thing that was recommended to me by someone a while ago, is that, unless you need it for something specific, mount your media in Plex as read only.

Plex has functions where you can delete content from the library from their UI. If you need that for some reason, obviously don’t make it read only. If you’re hoarding the data, and therefore never delete it, or use an external system for deleting files, then RO all the way.

The only caveat to this is if you’re using a local disk on the Plex system, which then shares out the drive/folder for adding new content, in which case, you’re screwed. It has to be rw so the OS can add/remove data.

In my case, as I think may be common (or at least, not rare), my back end data for Plex Media is on a NAS, so it’s easy to simply have the system running Plex, mount that network share as RO, and you’re done. The data on the NAS can be accessed and managed by other systems RW, direct to the NAS.

Since Plex is exposed to the internet, if anyone with sufficient rights is compromised, in theory, an attacker could delete the entire contents of your media folder with it. If you limit RW access to internal systems only, then that risk can be effectively mitigated.

Depends on the UPS. Many cheap offline UPS units don’t. Anything line interactive or online will.

APC makes low end offline UPS units, which are cheap garbage.

They also make line interactive and online ups units, which are decidedly not completely garbage.

I pick up line interactive APC units from used locations like eBay, and go buy off label replacement batteries. Haven’t had any problems with them so far.

To date, over the last ~10 years of running a homelab, I have used mainly SMT 1500 units, one was a rack mount. I’ve recently upgraded to an SMX2000. I’ve replaced batteries, but never a UPS, and never any server components due to power issues. I’ve run servers ranging from a Dell PE 2950, to a full c6100 chassis, plus several networking devices, including firewalls, routers and PoE switches. Not a single power related issue with any of them.

Fair enough. Local admin is generally not something that I would want to restrict from people, especially those that are, or at least, should be, more knowledge than most.

I’ll fight for that right for people most of the time.

Some users I would say should not have it, but generally developers are not those people. You know the ones.

I try to be understanding with my software brethren. We’re different sides to the whole. Ying and yang, so to speak.

That said, I’ve gotten some brain-dead requests from you developer types.

I’m not saying all of you are the problem, but there’s definitely some of you that need to learn how things work.

As IT/network/security, using a well known port for something that’s not what is supposed to run on that port, is inviting all kinds of problems.

Especially the very well known ones, like ftp, ssh, SMTP, http, HTTPS, etc (to name a few). People make it their mission to find and exploit open FTP systems. I opened up FTP on a system once to the internet as kind of a honeypot, and within a week or so, there was someone uploading data to it.

No bueno. Don’t use well known ports for things unless the thing that well known port is known for, is what you want to do.

Traitor.

Ipmi is your friend.

Is that the same database my user couldn’t connect to today?

There’s always backups… Right?

… Right?

To be fair, I knew a lot of people who struggled with word problems in math class.

Aww, C’mon, don’t sell yourself short like that, I’m sure you’re great at… Something…

For example, you would probably be way more useful than an AI, if there was a power outage.

Foxes are like that though.

They look cute and cuddly… The trustworthy kind, then they bite your hand off and laugh at you.

I’m not a coder, and… Well… Thanks, I hate it.

Even I know this is horrific. Where the fuck does this statement end? Which of these brackets refer to this section of other brackets. Idfk.

I could give a shit less if it was just for a single block per or something but “;}}}” hurts me.

It’s lady gaga.

If you’ve followed her at all, even indirectly, this is NOT the weirdest thing she’s done, and bluntly, the weirder stuff wasn’t justified (to the public at least).

I’m not trying to throw shade at Gaga at all. Lady, let your freak flag fly all day long. You don’t need my permission to do it, but if you want it, you got it. Weird isn’t bad, it’s just weird.

IMO, at this point, gaga doesn’t need a reason to be weird.

Makes aeroplane noises and gestures above head

Yes you will.

Good song tho.

I moved my DNS to a pair of raspberry Pi 3’s running bind, with a DNS stub zone for my homelab domain that points to my homelab DNS servers.

That way the internet keeps working whether my homelab works or not. Keeps the wife aggro down.

You can do whatever you want. Don’t let anyone tell you it’s “wrong”. A big part of homelabbing is to try stuff. If it doesn’t work, that’s fine, you learned something, and that was the point.

For me, I don’t see a UPS as essential. It’s generally a good idea, but not strictly essential. My servers are on 24/7, because I have services that do things overnight for me. I also know that some people access my lab when I’m not awake, so I just leave it on so it can be ready for anything at any time. It poses some unique challenges sometimes when running stuff that’s basically 24/7/365.

Be safe, have fun, learn stuff.