DeltaTangoLima

joined 1 year ago
sorted by: new top controversial old
Proxmox Backup Server network traffic in c/[email protected]
[–] [email protected] 12 points 1 week ago* (last edited 1 week ago) (1 children)

Hmmm - interesting. I hadn't bothered to check before now, but I'm seeing something similar on one of the two PBS CTs I run.

Comparing the output of netstat -lantop on both CTs, I can see that the one with more outbound traffic has more waiting connections from localhost on port 82, the port Proxmox Backup Servers provides its API over:

tcp        0      0 127.0.0.1:51562         127.0.0.1:82            TIME_WAIT   -                    timewait (40.38/0/0)
tcp        0      0 127.0.0.1:56342         127.0.0.1:82            TIME_WAIT   -                    timewait (29.92/0/0)
tcp        0      0 127.0.0.1:44864         127.0.0.1:82            TIME_WAIT   -                    timewait (58.94/0/0)
tcp        0      0 127.0.0.1:45028         127.0.0.1:82            TIME_WAIT   -                    timewait (11.88/0/0)
tcp        0      0 127.0.0.1:44026         127.0.0.1:82            TIME_WAIT   -                    timewait (48.66/0/0)
tcp        0      0 127.0.0.1:44852         127.0.0.1:82            TIME_WAIT   -                    timewait (58.80/0/0)
tcp        0      0 127.0.0.1:59620         127.0.0.1:82            TIME_WAIT   -                    timewait (0.00/0/0)
tcp        0      0 127.0.0.1:56374         127.0.0.1:82            TIME_WAIT   -                    timewait (30.98/0/0)
tcp        0      0 127.0.0.1:51544         127.0.0.1:82            TIME_WAIT   -                    timewait (39.98/0/0)
tcp        0      0 127.0.0.1:59642         127.0.0.1:82            TIME_WAIT   -                    timewait (0.00/0/0)
tcp        0      0 127.0.0.1:45008         127.0.0.1:82            TIME_WAIT   -                    timewait (10.92/0/0)
tcp        0      0 127.0.0.1:45016         127.0.0.1:82            TIME_WAIT   -                    timewait (11.76/0/0)

I'm wondering if the graph is pulling aggregated network data, including the loopback interface. If so, and it's all just port 82 stuff on 127.0.0.1, then it's probably nothing to worry about.

Edit: found this forum post that seems to indicate it's aggregating all the byte values from /proc/dev/net, so this is probably nothing to worry about if your netstat output, like mine, only shows API conections to/from 127.0.0.1 on port 82.

Sorry, I can't think of a good title for yhis post. I just wanted to share an anecdote. in c/[email protected]
[–] [email protected] 39 points 2 weeks ago (1 children)

Lol @ "some 20 years ago ... ADSL from 2002". Thanks for making me feel old!

An artist says Nerf’s Destiny 2 hand cannon is a ripoff of their work in c/[email protected]
[–] [email protected] 24 points 2 months ago (3 children)

Hoping someone more in the know can explain this to me. Could commissioning an art piece feasibly mean you've paid for that art to be yours? Are there types of contracts available when commissioning art pieces where, conceivably, the person commissioning the piece gets the rights to use it for other things?

I'm not across the legal and ethical aspects of commissioning art pieces, and neither the article or the DA post gives any additional detail. Just wondering if the "Josh" who the artist named in their DeviantArt post be someone who was involved in the Nerf gun somehow...

Mushroom learns to crawl after being given robot body in c/[email protected]
[–] [email protected] 9 points 2 months ago (1 children)

Absolutely nothing bad could ever come of this

FBI busts musician’s elaborate AI-powered $10M streaming-royalty heist in c/[email protected]
[–] [email protected] 10 points 2 months ago (1 children)

Oh, sure. I get that. Sending yourself reminders is absolutely understandable. Sending yourself documented evidence of your plans to defraud someone is entirely different.

FBI busts musician’s elaborate AI-powered $10M streaming-royalty heist in c/[email protected]
[–] [email protected] 51 points 2 months ago (8 children)

In a 2017 email to himself, Smith calculated that he could stream his songs 661,440 times daily, potentially earning $3,307.20 per day and up to $1.2 million annually.

Great idea, but why would you email yourself about it?

TGx down? in c/[email protected]
[–] [email protected] 2 points 2 months ago* (last edited 2 months ago)

Isn't the picture from Logan?

Edit: oh, it's called johntucker.jpg.

Bypassing airport security via SQL injection in c/[email protected]
[–] [email protected] 31 points 2 months ago

Fucking hell. Where's the incentive for responsible disclosure, if that's the sort of (non) response you get?

Chromecast / Firestick Self Host Replacement in c/[email protected]
[–] [email protected] 3 points 2 months ago (1 children)

The casting bit is the missing piece for me.

I've built a RasPi with Kodi for our caravan, to use Plex and stream our free-to-air TV here in Australia (using Musk's space innernets). I just miss being able to cast from my phone, for the occasional thing I can't do with a Kodi add-on.

EE warns parents against giving children under 11 a smartphone in c/[email protected]
[–] [email protected] 3 points 2 months ago

Well, at least where I live, phones are banned in schools. So that’s a good start.

EE warns parents against giving children under 11 a smartphone in c/[email protected]
[–] [email protected] 8 points 2 months ago (2 children)

This is odd advice, when you consider many kids in the same age group probably have access to (or own) a tablet device of some sort. The only difference with a smartphone is the ability to call and text, and portability while staying connected (assuming many tablets aren't 4G/5G capable).

Or am I missing something here?

BMW Adaptive Suspension Can Be Added via Subscription. Suspension As A Service (SAAS) in c/[email protected]
[–] [email protected] 14 points 2 months ago

I paid a subscription fee for the option

77
Fossify Music Player 1.0.0 released (github.com)
submitted 9 months ago* (last edited 9 months ago) by [email protected] to c/[email protected]
2 comments fedilink
 

cross-posted from: https://reddrefuge.com/post/189022

Obligatory note for those that haven't read/retained the news: Simple Mobile Tools was sold to ZipoApps - an Israeli company that specialises in buying and monetising popular apps.

Fossify is the fork of the Simple Mobile Tools repos, and they're gradually getting through each app and re-releasing them under the new name.

79
What are your homelab stats? (reddrefuge.com)
submitted 10 months ago* (last edited 10 months ago) by [email protected] to c/[email protected]
75 comments fedilink
 

I just spent a good chunk of today migrating some services onto new docker containers in Proxmox LXCs.

As I was updating my network diagram, I was struck by just how many services, hosts, and LXCs I'm running, so counted everything up.

  • 116 docker containers
    • Running on 25 docker hosts
    • 50 are the same on each docker host - Watchtower and Portainer agent
  • 38 Proxmox LXCs (19 are docker hosts)
  • 8 physical servers
  • 7 VLANs
  • 5 SSIDs
  • 2 NASes

So, it got me wondering about the size of other people's homelabs. What are your stats?

1
How are you keeping on top of fleet updates? (reddrefuge.com)
 

Just wondering what tools and techniques people are using to keep on top of updates, particularly security-related updates, for their self-hosting fleet.

I'm not talking about docker containers - that's relatively easy. I have Watchtower pull (not update) latest images once per week. My Saturday mornings are usually spent combing through Portainer and hitting the recreate button for those containers with updated images. After checking the service is good, I manually delete the old images.

But, I don't have a centralised, automated solution for all my Linux hosts. I have a few RasPis and a bunch of LXCs on a pair of Proxmox nodes, all running their respective variation of Debian.

Not a lot of this stuff is exposed direct to the internet - less than a handful of services, with the rest only accessible over Wireguard. I'm also running OPNsense with IPS enabled, so this problem isn't exactly keeping me up at night right now. But, as we all know, security is about layers.

Some time ago, on one of my RasPis, I did setup Unattended Upgrades and it works OK, but there was a little bit of work involved in getting it setup just right. I don't relish the idea of doing that another 40 or so times for the rest of my fleet.

I also don't want all of those hosts grabbing updates at around the same time, smashing my internet link (yes, I could randomise the cron job within a time range, but I'd rather not have to).

I have a fledgling Ansible setup that I'm just starting to wrap my head around. Is that the answer? Is there something better?

Would love to hear how others are dealing with this.

Cheers!

1
[advice sought] NAS for Proxmox HA (reddrefuge.com)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
0 comments fedilink
 

So I recently (a couple months ago) moved my fragmented docker-on-raspberry-pi architecture over to a Proxmox cluster. I'm running it on a pair of HP DL360 G6s, and I couldn't be happier.

Except, well, I could be happier with just one more thing: high availability.

In particular, I want HA for my OPNsense firewall/router, but eventually for more of the workloads my family are depending on for life in general - Home Assistant, Plex, Overseerr, Immich, etc etc.

My current storage setup is a couple ratty old ARM-based NASes - an ancient Netgear ReadyNAS and an even more ancient Qnap TS-410. They're both populated with 4 x 4TB (max raw size they can take) using RAID5, so I get about 22TB usable across the pair of them. They mostly store media for my Plex setup, but also support my 2N+C backup strategy for stuff like Immich, Paperless, and other important data.

My high-level plan is to grab another DL360, so I can have a quorum, then introduce a new storage system that:

  • provides an iSCSI target for my Proxmox cluster; and
  • can eventually grow to replace my old NASes.

The two solutions I'm pondering are:

  1. Build a TrueNAS setup from scratch - mini ITX case, board - the lot
  2. Pickup something tried, true and proven in the market, like a Synology

Up front cost is a consideration - I have a family to feed, so I can't just run out and buy an 8-bay enclosure and fully populate it with 16TB disks.

Whatever I get, I'm likely to want to start with, say, 3 disks and grow it over time.

So, I guess this is a call out to the community to share any and all successes, war stories, and other advice. The more technical, the better. I want to make a sound, data-based decision here, and anecdotes from others who think like me are the best way to set my compass.

Cheers for anything you can offer!

view more: next ›