• 0 Posts
  • 65 Comments
Joined 11 months ago
cake
Cake day: February 1st, 2024

help-circle

  • For very simple tasks you can usually blindly log in and run commands. I’ve done this with very simple tasks, e.g., rebooting or bringing up a network interface. It’s maybe not the smartest, but basically, just type root, the root password, and dhclient eth0 or whatever magic you need. No display required, unless you make a typo…

    In your specific case, you could have a shell script that stops VMs and disables passthrough, so you just log in and invoke that script. Bonus points if you create a dedicated user with that script set as their shell (or just put in the appropriate dot rc file).



  • I think there’s a bias in the US against this sort of thing that doesn’t exist (or not to the same extent) in Europe due to the age of the cities/buildings.

    In the US, a building from the 1700s is a historic artifact to be cherished, while in parts of Europe a building from the 1500s is just the local pub.

    So, the US is often hesitant to modify these old buildings, but Europe seems to have more of a perspective of “it’s a building, not a museum, let’s give it new life by modifying it.”

    This is just from the perspective of me, from the US — and I think these old/new buildings are really neat!





  • That’s how I started using Linux — big book with CD, I think it was “RedHat Linux Secrets 5.4” or something. 2.0 or 2.2 kernel.

    Honestly, it was fantastic. And almost all of it is still relevant today. (Some of the stuff on xfree86 and the chap/pap stuff not so much.)

    But it gave a really solid (IMHO) intro to a Linux/*NIX system, a solid overview of coreutils, etc. And while LILO has been long replaced, and afaik /sys didn’t exist at the time, it formed a good foundation.

    I’ll refrain from commenting on any init system changes that have taken place since then.



  • My method:

    VPS with reverse proxy to my public facing services. This holds SSL certs, and communicates with home network through WireGuard link configured on my router.

    Local computer with reverse proxy for all services. This also has SSL certs, and handles the same services as the VPS, so I can have local/LAN speeds. Additionally, it serves as a reverse proxy for all my private services, such as my router/switches/access point config pages, Jellyfin, etc.

    No complaints, it mostly just works. I also have my router override DNS entries for my FQDN to resolve locally, so I use the same URL for accessing public services on my LAN.







  • Another fun trick you can play is to use a private IP on your public DNS records. This is useful for Jellyfin on Chromecast for instance — it uses 8.8.8.8 for DNS lookup (and ignores your router settings), so it wants a fully qualified domain name. But it has no problem accessing local hosts, so long as it’s from 8.8.8.8’s record.


  • I have set up local DNS entries (with Pi-Hole) to point to my srrver, but I don’t know if it possible to get certs for that, since it is not a real domain.

    So long as your certs are for your fully qualified domain there’s no problem. I do this, as do many people — mydoman.com is fully qualified, but on my own network I override the DNS to the local address. Not a problem at all — DNS is tied to the hostname, not the IP.