Its certainly not B/C I'm part of an alphabet agency looking for citizen networks to exploit.

Ok, So I was able to get the docker container up and running just using the defaults. I don't like using default passwords, but it's a little over my head as to where I need to change the data (maybe it would be helpful to note this as a comment in the docker-compose file). My next issue is setting up OwnTracks; it says "Set path to...". I don't see "path" in the OwnTracks app on iOS. I tried adding it to the URL, but OwnTracks complains that it's an unsupported URL. Where/how do I add the token to iOS OwnTracks? Thanks! Edit: Putting in the whole URL field worked; I was copy/pasting a space into the URL that I didn't see. After fixing that and checking the app I don't see any additional errors being thrown.

I used the Nvidia Shield (non-pro, the tube one) and it was a nightmare of crashes, stuttering video and interface. Then I made myself a little Kodi box with a recent intel CPU in it : absolute nightmare because the Jellyfin extensions keeps crashing. I have a Samsung TV so I have the Plex app but recently, I started having weird transcoding issues where my server starts transcoding (it's always the audio track that has to be transcoded from TrueHD to AAC, but my CPU can do that at 42FPS) and then it freezes after 10 seconds or so... My recommandation ? A Kodi box with local files... Every Android box is slow AF, struggles with basic stuff and they still have less than 3GB of RAM for some reason.

thanks a lot

you got this! don't give up!

I’m probably just going to do a UPS in the rack.

I am currently open for any software solution, that's why I came here.

I used proxmox to set up my ZFS pools and use bind mounts. It's fine, I'm sure it's a "grass is greener" thing. Home labbing is a winter hobby, so in the summer months I hate the time spent updating all the machines when I could be outside. If I had purely Docker set up, in winter I'd be complaining that "everything is too simple" and "I want more control" etc.

If they all run on docker, you just have to add labels to them, telling them what domain and port they use, etc (look at the labels from your compose). Then you add the traefik base network to them and presto. Traefik recognizes the labels and automatically routes incoming requests to them and creates certificates for them. I would recommend a single compose stack for traefik and then one compose file per context (e.g. NextCloud, its DB, documentServer in one stack)

Damn the wife WILL be pissed

Best thing I ever did with Tailscale was install pfsense and then Tailscale on that. I use it at work that way. I have three separate data centers (with three pfsense VMs) with advertised routes for the three separate subnets. When I install the client on one machine, I can access all three networks automatically. I did the same thing at home so I can also access that easily as well. I think what you’re ultimately looking for is the exit node capability. Not sure if the phone can act as an exit node but pfsense definitely can. I have a VPS hosted in NY that I use to get around certain geographical restrictions. I set it as my exit node and it looks like I’m coming from there. The desktop clients can as well. Here’s what I’d do if I were you. Install Tailscale on a machine in your house. Set it up to advertise routes based on whatever IPs you’re using in your home. In my case it’s 10.0.0.0/24. Now any device you install Tailscale on will be able to connect to that network. Another thing you can do is any machine that is connected to your Tailscale will have a 100.x.x.x address that you can connect to directly. Hope this helps.

I recently installed Pangolin in Hetzner and spun up a statefulset in my k3s cluster for the Newt container. It works beautifully. With it you can proxy Pangolin to the cluster address of your service very easily. For example: sonarr.media.svc.cluster.local:8989 Format being: deploymentName.namespace.svc.cluster.local Internally I still use Traefik for my services and just left all the CNAMEs in PiHole pointed to Traefik but if you are external your DNS would look at what's public on my domain and route through Pangolin.

Thank you - I'm researching how to do this. I am using mariaDB and it's all running in docker, so I think if I can learn how to get terminal access within the docker container, and what commands I will need to access mariaDB, then I should be able to do so. I'm hoping that everything will be labeled in such a way that I can locate those records that are part of the carddav database only to clear them and start over.

I use https://db-ip.com/db/download/ip-to-country-lite

I’m not sure of any formal name Cloudflare turnstile

Immich supports it.

Yeah and make sure your DNS is properly setup with A records and that you've configured port forwarding on your router (usually ports 80/443) - most federation issues happen becuase other instances literally can't reach your server.

@AdrianTheFrog blocking 25 port is a standard policy.Buy static IP (subnet actually) or ask support to remove all firewall rules (I had to speak with many of the support personnel until found someone who knows how to do).Ended up with using a separate VPS for mail server as my att ip was in blacklisted)