Well, Foundry is a standard, can’t deny that. LOL You might want to compare that to Caldron VTT

no longer works with recent Docker, due to API versioning

I had that issue with Portainer recently. I had to drop back to the previous docker version, and held it until Portainer works through the snag. I didn’t think about original watchtower being affected. I just got tired of having to fix broken updates, and went looking for something better. When original watchtower worked tho, it worked well.

and everything works perfectly after a reboot

I always hold my breath whenever I’ve done anything major to the server and I need to reboot.

I wanted to use dolphin-mixtral but holy crap it wants more RAM than my entire setup

This is basically what I’ve found with self hosted AI. I just don’t have the equipment for it. Would love to be able to host a selfcontained LLM, but alas, as you say, it eats up resources. FEED ME MAURICE!

Navidrome

I’ve found Navidrome to be quite capable of handling large music collections. I was worried in the beginning. It sips resources. When I fire it up and listen remotely, I watch the CPU and RAM. It barely moves the needle. Very happy with it.

I also came to the realization recently that the reason I don’t relate strongly to other self hosters is because I’ve unknowingly been trying to create a minimal self hosted system that is more beneficial to small, low powered devices.

There’s absolutely nothing wrong with minimal. The way technology is in this timeline, you really don’t need a lot to get a lot out of it.

There are a lot of opensource virtual tabletop gaming platforms that really look nice. I used to be heavy into D&D back in the day.

Just got watchtower running and going to see how it does before trying out some other automations.

If you find that watchtower (original) screws up the updates frequently there is a watchtower fork that runs so much smoother. I don’t have any issues with it at all. The original watchtower app hasn’t had an update in 2 years, so it might be something to keep in mind.

I would prefer not to have to login every time

I use NetData, with the v3 ‘switch’ on the url. Example: https://netdata.mycoolserver.com/v3. The v3 lets you skip the login process and head right to monitoring observables. Some people may have concerns about NetData, however it covers just about every metric I think one would need, all in one package.

Everything here is smooth sailing. I have been trying to track down a bothersome Suricata entry.

202.136.163.11 PROTOCOL-ICMP destination unreachable port unreachable packet detected
202.136.163.11 PROTOCOL-ICMP destination unreachable port unreachable packet detected
202.136.163.11 PROTOCOL-ICMP destination unreachable port unreachable packet detected
202.136.163.11 PROTOCOL-ICMP destination unreachable port unreachable packet detected

ad nauseum. There are three individual ips. One from Singapore, one from China and one from Romania. They are being blocked, so that’s good. Thing is, these are from realitvly ‘clean’ sources:

120.132.37.195 was not found in our database

202.136.163.11 was found in our database! This IP was reported 5 times. Confidence of Abuse is 0%:

On the server side, I have nothing calling out to these ip. That’s what was really bugging me. Nothing server side, just these three bothersome ip hammering Suricata. Generally, I would dismiss as benign and part of normal UDP behavior. However, it’s the constant hammering that makes me suspicious. Could be high volume port scanning. However, it could also be known attack campaigns like UDP amplification attempts.

Other than that, I might find something to get into today.

I am humbled, and glad you got it stood up and running. Pay it forward. :)

I need to learn Ansible. Seems like an easy way to orchestrate server ‘stuff’

Cloudflare has a ton of services from filtered/unfiltered DNS to Tunnels/ZeroTrust.

but I set up the DNS thingy

From this, I guessed you were attempting to use just the DNS portion like 1.1.1.1 or 1.0.0.1. If I misunderstood, me skuzi. What I’m talking about is:

https://www.cloudflare.com/zero-trust/products/access/

The caveat to use Cloudflare Tunnels/ZeroTrust is that you need a proper domain with which you can change the nameservers. Duckdns.org or similar won’t do. When you sign up for ZeroTrust, they will give you two nameserver entries. You take those to your domain registrar and insert those in place of the registrar’s nameservers. I got a domain name from NamesCheap for less than $5 USD.

“I’m on my phone 100 miles away from home, open Jellyfin/Nextcloud/whatever

Cloudflare Tunnels/ZeroTrust will do that and more. They have all kinds of bells and whistles that are available on their free tier. I didn’t need most of them. It will do all of that without having to adjust your server’s firewall like UFW. You don’t have to worry about port forwarding or such on your router. It just punches a hole in all of that, and delivers what you need. No muss, no fuss.

To be fair, Cloudflare Tunnels/ZeroTrust is not unique. There are a plethora of ZeroTrust Tunnel providers. Ngrok comes to mind and seems to be the more popular of the alternatives, but there are others. Like I said previously, it took me a couple tries to get Cloudflare Tunnels/ZeroTrust down pat. Not so much that it was overly complicated, that’s just usually my modus operandi. I’m dense some days. LOL

there’s often a response like: “If you can’t configure Docker, reverse proxies, and Yaml files, you shouldn’t be self-hosting.”

This is the part that I don’t like. Couple this with condescending labels like ‘normies’ et al, I can kind of understand why selfhosting is still something that only a small segment of the population engages in. I realize that people like to differentiate themselves from others. It doesn’t matter if you’re collecting stamps or you’re the tiddlywinks champion of the world, we like to draw a line between ‘us’ and ‘them’, which is a pretty poignant song by Pink Floyd btw.

As @CameronDev@programming.dev pointed out, there are very serious consequences to self hosting too. The first Linux server I stood up got taken over fairly quickly, and over night began attacking other servers. That’s serious shit and the owners of said servers don’t take it lightly, and rightfully so. The owners of the platform you may be hosting on don’t take it lightly either. So, yeah, there are some basics one needs to learn and implement before they can begin a successful, resilient, hardened, server, and it’s not a lot of point and click solutions. Again…shit’s complex. It’s why there are so many specialists in the field, but now you as the selfhoster have to wear all the admin hats.

The doors to selfhosting should swing wide for all, and I try to be as accommodating as I possibly can because I know how I struggle and have struggled with things from time to time.

Safebox looks pretty interesting. I’ve often thought, if I were a much younger man, I would’ve loved to produce a type of ‘server in a box’. But I am well past being a younger man, so I’ll leave that up to you young guns.

That’s unpossible. By the time some tech device goes through beta, v 1.0, then production, and purchased by a user, it’s already old news.

We’re old bro. It’s ok tho. Bound to happen.

Can relate. When I get to going on something, I have to force myself to pause, write the shit down, and proceed on. Then after the session, I’ll review my notes and insert any addenda that needs to clarify a certain point or problem I had that I fixed. It’s a process for sure, but for the most part, I can stand up a Linux server, with firewalls, defenses, docker containers, et al and be ready for production in about a solid day’s work. So, notes are paramount and I lean on them heavily. Then, after everything is buttoned up, I save the raw notes in a labeled sub-folder that gets backed up to multiple stores such as /projects/takeovertheworldproject/. Finally I transfer that to Trillium, which is searchable, and it too gets backed up.

NetVisor looks interesting

meh, probably smoked a bowl and got chatty. Happens.

I mean, at one time I went a bit overboard, but now, not so much, With newer technology happening, you don’t really need a lot to accomplish a lot.