1·
11 months agoI’ve been happy with the librecomputer boards but my uses are pretty limited.
This was a fun read and specifically made me wonder what I’d need to roll my own steam link device.
𝓢𝓮𝓮𝓙𝓪𝔂𝓔𝓶𝓶
- 12 Posts
- 362 Comments
Joined 1 year ago
Cake day: June 26th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
72·11 months agoI’m legitimately asking. Why does that matter? What do you do with a tablet where it makes a tangible difference?
51·11 months agoI mean don’t people already spout this crap?
59·11 months agoI always find this conversation fascinating and it makes me wonder in what other ways people may experience the world differently.
I do have a constant internal monologue. Every word I read is spoken in my mind. My thought process is, to my awareness, me talking things out in my head.
2·11 months agoI didn’t know how this tool is supposed to work but it always fails for me but my instance appears to be working ok.
Racknerd. They’re currently running a new year’s promotion. They’re reliable and inexpensive.
Another option is to use the free tier of Oracle cloud.
So much this. People seem to generally be fine here (I never found the reddit communities I interacted with to be toxic) but heaven forbid you purposefully use Windows or pay for software.
Yeah. I have a couple of those. I’ll admit it’s a little bit of a hassle but if you’re using something like let’s encrypt you could have a Cron job sync the cert.
Libre Computer “Le Potatoe” is a inexpensive solid performing SBC.
I can’t say I have your usecase but I’ve been happy with RackNerd. Support has been top notch.
Going to second the restic recommendation. I’m using it for most of my backup needs and find it easy, fast, and reliable.
What I do is have NGINX proxy manager running in the VPS with ACLs defined there and then forwarding traffic over the WG tunnel.
Alternatively you could treat the vps like a full VPN endpoint. Route all traffic over the tunnel and nat/masquerade on the vps.
Having done both. Option 1 is cleaner and you’re not routing unnecessary traffic over what is likely a metered link.
Since you mention nginx, I assume you’re talking about proxying HTTP and not SMTP/IMAP… For that, you have the X-Forwarded-For header which is exactly for that, retaining the real source IP through a reverse proxy.
I was using NGINX streams feature to proxy the various mail components (smtp, imap, etc…) but that was setting the source IP to the VPS.
I was told in another comment that Mailu can handle being proxied behind traffik. I’m not sure if NGINX has similar support for the “PROXY” protocol. I need to dig into that.
I guess your OPNSense rule from Edit3 is not working because the source is not your mailu instance, because connections are initiated from the outside and mailu only answers (TCP ACK). So you have asynchronous routing.
Ohhhh. Well this is just my ignorance then. I was attacking it like the rules applied to the packet not the conversation. Thanks! I really got lost down the rabbit hole of “why is my routing not working the way I want” and lost sight of the problem I was originally try to solve.
Once I got masquerading configured it was preserving the public IP. I tcpdumped every interface in the path and watched the traffic. When it hit opnsense instead of respecting the policy based routing it was routing the traffic out the WAN.
What baffles me is if I initiated traffic from the mailu server (ping, wget, etc…) I could see that opnsense was routing all traffic in that conversation out the WG interface, none of it hitting the way.
I need to update the post because after fighting with it all day, I realized I was being stubborn (I have a need to solve the problem). I configured a direct WG tunnel between the VPS and the mailu VM and routed the traffic that way. It’s all working exactly as I need it to now.
I’d still like to know if opn has a bug or if I was missing some setting as I’d rather not be littering my network with tunnels when I shouldn’t need to and I can leverage some smarts in opn (i.e. if the tunnel is down, the gateway would get marked down in opn and it would ignore the policy route).
Yeah, my “monster” comment was sarcasm. I’m in the same boat. I’ve been in IT for just as long and most places are Microsoft shops, with a little linux sprinkled in for flavor. I refuse to engage in the holy war. Msft, esp these days, makes decent tools and you can pry PowerShell from my cold dead hands. We use o365 at work and honestly OneNote is a solid product and does the job well.
For my personal life my note taking requirements are pretty basic and keep/onenote/etc… fits the bill. Esp since I share notes with my wife. But I’m a tinkerer at heart and I’d like to take more control of my services/data, so I’m experimenting with how much I can pull in without making my life overly and unnecessarily complicated.
The convenience of saying, “Hey Google, add milk to my shopping list”, and having that list shared with my wife, is too great. Long term goals would be to find a self-hosted alternative but right now that’s where I am.
That being said I am trying to diversify as and pull in house what I can and notes is one of the things I’ve been experimenting with.
Historically I’ve been using Google keep or one note (I’m a monster I know). I’ve been trying to see if I can migrate over to Nextcloud notes as I slowly de-FAANG my life.
I believe the policy based routing is the same thing. I’m starting to think I’m encountering an opnsense bug.
I’ve been happy withhttps://github.com/everywall/ladder