Currently working on moving the more family-relevant services to OIDC-based login via Pocket ID passkeys so I can put my parents on them.

Also, still on the lookout for a good Nextcloud replacement. Even Opencloud displays the first signs of feature creep.

Planning to host a Nix caching server, and have CI build all package and NixOS outputs on every push to git, then in turn pushing the output artifacts to the cache. Would save me a good chunk of time when tinkering with VMs that haven't seen manual updates in a while.

Only thing is, I'm not sure how to approach building and caching NixOS configs that receive agenix secrets in their input. Obviously those should not be cached...

I finally moved my mail server from Hetzner to my homelab.

Pretty smooth sailing so far. For now I'm using Scaleway for outgoing mails since I can't set a PTR record here but I might just try sending a few without PTR to see how other providers react.

Just got some power measuring plugs. Home Assistant and immich-running raspberry pi + NAS (dual 20TB in raid 1) + switch clock in at around 30W. Surround receiver playing music ups that by 90W. After a minor water leak I added 5 leak sensors to the system that will blink lights and send texts if they detect anything.

The biggest problem is that I'm still running lights through hue and some of them have an annoying tendency to drop off the network...

I recently switched my phone from Android to GrapheneOS and now rely even more on my selfhosted services. Immich is such a great project. Still gotta figure out my music collection though, since switching from YT Music to Jellyfin. Most of it is sorted by date of purchase, because that worked best with my DJ workflow. Now I gotta bring it over to a folder structure that works for jellyfin. It seems like the answer is musicbrainz Picard, but I gotta figure out how to configure it.

Also been thinking about some AI ideas I'd like to try, but I have zero intention getting involved with openai, meta, google or whoever the fuck. So self hosting it is. But on what hardware? Option 1 seems to be to get some professional server board, CPU, ram and start with one RTX3090 and go from there with the option to hook up more GPUs. But a setup like that sounds like it would cost some serious money in electricity.
Option 2 seems to be a Rzyen AI Max+ 395, configured with a fuckton of ram, available to the whole apu and as suchs usable for memory hungry models. This seems to be much much more power efficient. But its all integrated and I couldn't swap out components or upgrade in the future.
Leaning towara option 2 atm, but maybe I'll just wait a bit longer and see what else comes up in the coming months.

I have been experimenting with a btrfs raid array and am getting some new hard drives in the mail today, hoping it goes smoothly and they work 😬 All part of a larger goal of migrating my synology NAS to a purpose built machine.

Also got my first contribution and donation on my OIDC SSO project, which is really exciting!

Just installed Owncast, so townsfolk can ride my G-scale Polar Express via an onboard livestream, as part of a revamped lighting and projection mapping festive season show.

While I was at it I also added Kokoro for TTS.

Thought I would spice up Jellyfin for the festive season, so am trying out the Jellyfin Enhanced and Home Sections plugins.

A recent t480 purchase may replace my second workstation tower, which I think is about to become my most powerful server in the cluster....

So nothing new hosting-wise, but that tower I can shove the spare 12tb and 4tb drives I have and net myself another 30ish TB's of usable storage, more once I replace the 12TBs in one of my NAS boxes with 18tb or more.

Speaking of which - where the hell do I track prices these days? diskprices.com seems to be a mess of inaccurate pricing and shucks.top can no longer track even half of what they used to. What a mess.

Everything here is smooth sailing. I have been trying to track down a bothersome Suricata entry.

<br />202.136.163.11 PROTOCOL-ICMP destination unreachable port unreachable packet detected
202.136.163.11 PROTOCOL-ICMP destination unreachable port unreachable packet detected
202.136.163.11 PROTOCOL-ICMP destination unreachable port unreachable packet detected
202.136.163.11 PROTOCOL-ICMP destination unreachable port unreachable packet detected

120.132.37.195 was not found in our database

202.136.163.11 was found in our database! This IP was reported 5 times. Confidence of Abuse is 0%:

On the server side, I have nothing calling out to these ip. That's what was really bugging me. Nothing server side, just these three bothersome ip hammering Suricata. Generally, I would dismiss as benign and part of normal UDP behavior. However, it's the constant hammering that makes me suspicious. Could be high volume port scanning. However, it could also be known attack campaigns like UDP amplification attempts.

Other than that, I might find something to get into today.

I started out rewriting my network backup scripts only to realize I was adding functionality to a previous script I wrote to automatically mount and dismount luks encrypted volumes. I still want to type in my luks passphrase because I don't want everything automated and prefer to include inconvenience as an additonal security measure in securing some of my data.

I also came to the realization recently that the reason I don't relate strongly to other self hosters is because I've unknowingly been trying to create a minimal self hosted system that is more beneficial to small, low powered devices.

I've been using Alpine Linux, I install only the bare, older but well established tools and have been creating scripts soley based off those tools instead of seeking out bigger, more complicated modern tools. For example creating workflows by only using rsync or using github.com/RayCC51/BashWrite to create a blog that only uses bash and GNU sed to create a static blog site.

At least now that I'm aware of this, I can keep an eye out for such projects or communities and would hopefully be able to contribute something in that direction.

GitHub - RayCC51/BashWrite: Single pure bash script for make your blog. Easy and simple. Support darkmode, tags, RSS and extended markdown.

Single pure bash script for make your blog. Easy and simple. Support darkmode, tags, RSS and extended markdown. - GitHub - RayCC51/BashWrite: Single pure bash script for make your blog. Easy and s...

^GitHub

Trying to work up the courage to troubleshoot a very worrying disk error on the new NAS I’ve been building, which if solved will leave me the problem of working up the courage to try and migrate to the new server without losing my Plex library settings and progress.

Basically I’m frozen in fear.

I installed Jellyfin on my server and threw kodi on a minipc I dug out of dumpster pile at work. Works pretty well, but my server needs more RAM and the minipc needs either a wireless keyboard or a USB-HID remote controller to finalize the setup. Also ran some wiring in the house and added two network sockets to a room where the whole kodi-tv-gamingpc-whatever-pile is going to live.

On the server RAM I found some on ebay, but if anyone is interested on 64G DDR4 ECC DIMMs I have a few. I thought they were supported on my server motherboard when I took them out from a old server at work but it supports only up to 32G ECC dimms.

Tried to setup a personal matrix server last night, got it to federate, next step is Matrix’s Element Call, spent too many hours trying to block the /_synapse endpoint with Traefik because it is recommended by Matrix, no luck unfortunately.

All this in hopes I can add a Music Bot to my instance or something similar.

Mostly everything is running smoothly. Been fighting with some zigbee integrations randomly dropping connection from Home assistant but it's nothing too important.

Biggest issue I've been facing is how to make sure all my media is properly encoded so jellyfin doesn't pin my cpu transcoding when I'm streaming to the onn boxes around my house. Debating if I need to dump the onn's and try to spin up raspberries for each TV instead

I dug out an old laptop and installed Yunohost on it. I was so excited until I discovered that my ISP uses CGNAT. I'm trying to figure out what I want to do next.

I am looking at using headscale or just paying the US$10/month for a static public IP from my ISP. If I go with headscale, then it appears that I wouldn't need Yunohost.

I'm a newb at this so there's a lot I don't know yet.

Pretty smooth sailing at the moment. I’ve got:

• sonarr
• radarr
• jackett
• bazarr
• transmission
• kuma uptime
• grafana
• promethius
• blackbox
• mastodon
• traefik
• authelia
• forgejo
• immich
• syncthing

All running on a 4 node raspberry pi kubernetes cluster.

One of my drives crippled itself a few days back, not sure what caused it. Wasn't able to be resolved without a host restart which was unfortunate. SMART isn't failing and has been working fine, so I'm chalking it down to a weird Proxmox bug or something.

For sure expected I was going to need to do a rollback on an entire drive after that restart though. Still may have to if it reoccurs.

Evening is going ok, but noticed the screen saver on jellyfin isn't showing up lately.. need to investigate...

Also, watched the latest "Explaining Computers" episode today.