Nice. My partner has a Proxmox setup, so we’ve adapted the Nix config to spin up new VMs of any machine with a single command.

NixOS :)

Maybe I should have clarified that liking bare-metal does not imply disliking abstraction

Containers != services.

I don’t think I am better than anyone. I jumped into these comments because docker was pushed as superior, unprompted.

Installing and configuring does not an expert make, agreed; but that’s not what I said.

I would say I’m pretty knowledgeable about the things I host though, seeing as I am a contributor and / or package maintainer for a number of them…

They are using a hosting provider - their dad.

“The cloud” is also just a bunch of machines in a basement. Lots of machines in lots of “basements”, but still.

OK, but I’d rather be the expert.

And I have no troubling spinning up new services, fast. Currently sitting at around ~30 Internet-facing services, 0 docker containers, and reproducing those installs from scratch + restoring backups would be a single command plus waiting 5 minutes.

No, I actually think that is a good analogy. If you just want to have something up and running and use it, that’s obviously totally fine and valid, and a good use-case of Docker.

What I take issue with is the attitude which the person I replied to exhibits, the “why would anyone not use docker”.

I find that to be a very weird reaction to people doing bare metal. But also I am biased. ~30 Internet facing services, 0 docker in use 😄

I would say yes, it’s still self-hosting. It’s probably not “home labbing”, but it’s still you responsible for all the services you host yourself, it’s just the hardware which is managed by someone else.

Also don’t let people discourage you from doing bare-metal.

Yeah why wouldn’t you want to know how things work!

I obviously don’t know you, but to me it seems that a majority of Docker users know how to spin up a container, but have zero knowledge of how to fix issues within their containers, or to create their own for their custom needs.

Which shouldn’t really be an issue since you should only host on 443, which tells bots basically nothing.

Configure your firewall/proxy to only forward for the correct subdomain, and now the bots are back to 0, since knowing the port is useless, and any even mildly competent DNS provider will protect you from bots walking your zone.

Sorry, saw this only just now. I don’t really have any guides to point to, so just the basic steps:

• host jellyfin locally, e.g. on http://192.168.10.10:8096/
• configure some reverse proxy (nginx, caddy, in my case it’s haproxy managed through OPNSense)
• that proxy should handle https (i.e. Let’s Encrypt) certificates
• it should only forward https traffic for (for example) jellyfin.yourdomain.com to your Jellyfin server
• create a DNS entry for jellyfin.yourexample.com pointing either to your static IP, or have some DynDNS mechanism to update the entry

90% of this is applicable to any “how to host x publicly” question, and is mostly a one-time setup. Ideally, have the proxy running on a different VM/hardware, e.g. a firewall, and do think about how well you want/need to secure the network.

In any case, you then just put in https://jellyfin.yourdomain.com/ in the hotel TV.

I have never used Tailscale. I have also Jever seen anyone in the wild recommend it and explain what exactly the use-case is beyond plain, old, reliable, open source WireGuard.

So yeah, agreed.

Also I have been hosting Jellyfin publicly accessible for years with zero issues, so idk… I also dint k ow what the “you have to use Tailscale for jellyfin” people are doing with TVs/Firesticks/… in hotels, airbnbs,…

Managing 30+ machines with NixOS in a single unified config, currently sitting at a total of around 17k lines of nix code.

In other words, I have put a lot of time into this. It was a very steep learning curve, but it’s paid for itself multiple times over by now.

For “newcomers”, my observations can be boiled down to this: if you only manage one machine, it’s not worth it. Maaaaaybe give home-manager a try and see if you like it.

Situation is probably different with things like Silverblue (IMO throwing those kinds of distros in with Guix and NixOS is a bit misleading - very different philosophy and user experience), but I can only talk about Nix here.

With Nix, the real benefit comes once you handle multiple machines. Identical or similar configurations get combined or parametrized. Config values set for Host A can be reused and decisions be made automatically based on it in Host B, for example:

• all hosts know my SSH pub keys from first boot, without ever having to configure anything in any of them
• my NAS IP is set once, all hosts requiring NAS access just reuse it implicitly
• creating new proxmox VMs just means adding, on average, 10 lines of nix config (saying: your ID will be this, you will run that service) and a single command, because the heavy lifting and configuring has already been done, once -…

For manga, I’ve found Mihon to be nicest, by far, and it supports the API. For books, I am currently “stuck” on koreader on Android (which “only” supports OPDS-PS). I do most of my reading on a reMarkable currently, and that has no supporting client. Writing one is on my to-do list, but it’s a bit daunting of a task…

Here is a pretty good list of what is supported where.

I think I have set Suwayomi to download / convert to CZB, not for Kavita specifically, but because a lot of reader apps cannot handle loose images

Haven’t had any issues in that regard, so can’t really say, sorry. I have two folders (Mangas and ebooks) on my NAS, and in Kavita, created a library for each.

You absolutely can edit metadata, although I personally haven’t had the need yet. I use readarr and suwayomi for “obtaining” books and manga, respectively, and what they come up with is usually just fine.

I went through essentially the same thing a couple months ago. Tried Calibre (and Calibre server) since everyone recommended it.

Really disliked it. Calibre is great for converting ebooks, but has shit management and webserving capabilities.

I ended up with Kavita and am super happy. On the web client, both management and actual reading are a pleasure. Any phone/tablet client supporting OPDS works perfectly to read/download your manga/books from the server.

And a select few clients go a step further, supporting Kavita’s API, which allows for 2-way sync (effectively, syncing reading progress between all your devices).

Yeah but conduit is so stale, it might as well be discontinued

No

Sure! As long as it’s nixpkgs.

I still find it hilarious that since dd-wrt and OpenWrt are just… Linux, you could install Super Mario Bros on there. I checked, nobody seems to have tried.

Oh, definitely, but there are varying degrees of difficulty, esp. with what kinds of packages / package management you have available :D

Ah, that make sense. Is Wireguard P2P?

Yes, in the sense that each node/device is a peer. But the way I’d suggest you configure it in your case is more akin to a client/server setup - your devices forward all traffic to the “server”, but it never takes initiative to talk “back” to them, and they do not attempt to communicate with each other. Unless you have a separate usecase for that, of course.

You both are perfect for each other, so don’t screw it up!

❤️

Closing in on 8 years