Mailcow is pretty good. They install fail2ban to protect all endpoints against attacks. And it’s pretty easy to setup and the documentation is pretty good.
bufandatl
joined 2 years ago
Have a look at cloudflare tunnel. You still have vaultwarden in your lan but accessible from the world. No open ports needed.
You also could go the used mini PC route. HP EliteDesk 800 G3 mini for 100 bucks has a 35W CPU and uses very little power. When IDLE almost in an M1 ball park and even in Full Usage it wouldn’t exceed M1 by much. And you got x86_64 architecture which in some instances can be way more compatible with software than M1 aarch64 although it’s on a rise.
In future you could give it another try they are currently reworking the whole storage API. Also the 2TB limit is the. Supposedly to drop.
https://xcp-ng.org/blog/2022/09/23/zfs-ng-an-intro-on-smapiv3/
But as I said they still need time.
That’s it true. You can have different networks in one pool. I have a Host with 4 NICs and a second with 2 just 2 NICs in one pool but you can’t move VMs between both hosts if your VM has a notiere attached that is not present at the second host.
I use traefik as reverse proxy in front of my services and have it generate let‘s encrypt certificates with dns-challenge. Do Inexpect MIM attacks at my home. No not necessarily because they would be physical access to my infrastructure but yeah having it this way feels just better.
Not sure if the tik Logs traffic that detailed. But you could setup a remote logserver (syslog-ng) and have the tik send it logs to that and then push them with logstash into an ELK stack and use that. Or not Loki and Grafana analyze the log and build the dashboards you need/want.
I either use public available containers like from docker hub or other registry. Or if I build them myself I have them pushed to my own self hosted registry with a minio(s3 compatible) backend and mirror the MinIO instance to a VPS.
All dynamic data is saved with the VM backup the container runs on or is backed up with rdiff-backup to an offsite location.
Sure you can. The question is what are the exact specs and what do you want to self-host?
I have two HP EliteDesk 800 Mini as a XCP-NG pool. Both with i5 6th gen only but with 64GB each and they run about 20 VMs distributed between both.
Sure they won’t be able to perform large language model tasks but for most self-hosted services they are more than powerful enough.
A this is r/selfhosted and there for the solution is to self host.
Maybe new Processors but they won’t do shit if the software isn’t there and Windows for Arm is still a big pile of shit.
Apple is doing here a great job with Rosetta 2 having run older x86_64 software on their silicon. From what I have seen Windows isn’t really good at it. And not sure if Linux’ bindet has good performance and compatibility if you have some software where no aarch64 binary exists.
I would be very hesitant to buy a none Apple ARM based PC tbh.