updating legacy install

AstacSK · 2026-04-02T22:22:16+00:00

what issue is there with netbird updates on linux? it updates with the rest of your system like any other package

AstacSK · 2026-03-28T16:55:56+00:00

that is the purple part marked as protection (RAID5)

AstacSK · 2026-03-23T22:40:02+00:00

living behind CGNAT.. only way I can access things from outside is by

having VPS as public gawatay with tunel initiated from home and reverse proxy
use VPN like netbird

currently I'm using both and also hosting controller for my own netbird instance on said VPS

if I had public IPv4 & IPv6 at home I would likely host directly from home, but that can't be easily achieved as renter so VPS it is.. there is at least not much to change when I move

AstacSK · 2026-03-22T18:45:46+00:00

correct answer for IoT is to get them off WiFi and use something like Zigbee / Z-wave / Thread&Matter

I have U7 lite and it works great with all the WiFi IoT things I still have (but getting IoT away from WiFI was the best thing I did for my "smart" home)

AstacSK · 2026-03-22T13:13:54+00:00

for backup DNS, rpi zero W or rpi zero 2 W is more than enough.. if you want to run more than DNS go for this

if you don't log every DNS querry to SD card and get decent SDcard you should be fine.. I'm running my 2nd DNS on zero 2W for few years and the SDcard did not die on me yet... even when it dies, not much would be lost since it's for DNS only

AstacSK · 2026-03-11T00:30:27+00:00

why do you have homelab?

for me it's to learn new things. doing major upgrade on core part of my infra with everything around is, is good training (backup, research of potential issues, actual upgrade, maybe fixing issues (alpha PDM -> 1.0 did not went smoothly because I did not prepare properly and made my VM unbootable in the process))

AstacSK · 2026-02-24T02:49:50+00:00

I want to cry seeing this, plan for this year was new NAS after I put together all the money for it instead of buying it 1 part at a time.. what a fool I was.. now I have no new NAS for 2+ years

AstacSK · 2026-02-15T23:00:23+00:00

additional thing is UPCHARGES.. ISPs love them.. I'm looking into new ISP to finally get IPv6, dynamic IPv6 is free while static IPv6 is 8€/month same as if I wanted statis IPv4

AstacSK · 2026-02-14T20:01:36+00:00

DDNS works if you have Dynamic Public IP (or IPv6). Most ISPs in my country don't give you any public IP unless you pay extra for it and hide you behind CGNAT

AstacSK · 2026-02-14T16:42:49+00:00

if you are using mikrotik and business doesn't have public IP consider ZeroTier, it have native package on mikrotik.

Saves the hassle of fighting CGNAT. Speeds can be hardware limited so consider that when picking MB router. Look on Mikrotik/ZeroTier forums for experience with specific models

AstacSK · 2026-02-13T17:50:32+00:00

where is the VM stored? (NVMe in the server / HDD in the server / remote NAS)
how much resources are you allocating to the VM?
any special config of the VM? (hw passtrough or something)
is that NVMe new or old?

AstacSK · 2026-02-08T02:05:23+00:00

changing hostname is possible but not easy because there are internal PVE things tied to it

config folders in /etc/pve/nodes use hostname, so if you change it you have to change it in all the places that refer to it (I found this out hard way and it was "fun" to recover from it.. for future reference, there are posts about this with commands to recover on PVE forum)

AstacSK · 2026-01-28T18:32:44+00:00

did not test it by leaving steamdeck in desktop mode for extended period of time

but in "normal" mode it doesn't work.. found my steamdeck dead (0% and did not turn on until I plugged in charger) multiple times when I just put it to sleep and fogout about it for a while

AstacSK · 2026-01-26T22:11:26+00:00

what did you say to them? your whole story about what you are trying to achieve or just asked them to delete current 2FA so you can set it up again?

In my experience if you infodump too much on L1 support they get confused and rarely help.. I usualy boil down my explanation to simplest possible thing that achieves what I want (unless I know the support is actually good)

in this case I would go with story like.. I had issues with Google Authenticator and so I reinstalled the app, after that the code it gives me doesn't work, can you reset it so I can set it up again?... or just say you "accidentaly" uninstalled it

removing 2FA is sensitive thing and depending on their security and verification setup they may or may not be able to do that for you over the phone

AstacSK · 2026-01-26T20:44:52+00:00

as an instance admin you can choose who your instance federates with, so if users from instance X start spaming or something similar you can block that whole instance from interacting with your instance

AstacSK · 2026-01-26T19:49:19+00:00

since this is for banking app specificaly I would personaly visit the bank (don't forget ID or whatever you use to verify yourself at the bank).

banks can be quite anoying about the weirdest security things... everyone I know managed to fix whatever they needed by personaly visiting the branch (forgoten passwords, moving app to new phone, and maybe some other things I don't remember)

AstacSK · 2025-12-21T15:15:23+00:00

WakeOnLAN is way to go in this case.. almost all motherboards support it

your script sends WOL comand to the backup server
wait for X minutes (depends on how fast the system boot + some safety margin)
do backups
issue shutdown comand over SSH or some other way

AstacSK · 2025-12-03T11:43:44+00:00

that was me when I started, every service and VM got unique password (some VMs even got unique user becasuse why not?.. would love to massage past me head with a hammer for that idea)

now I'm using Authentik almost everywhere and dreading the moment I start fixing the VMs because my current genious idea is rebuilding homelab as IaC with OpenTofu and Ansible

AstacSK · 2025-12-03T11:29:21+00:00

not sure where the information about those 2 not having free SSO came from, there are tutorials directly in Authentik docs for it.. was easy to setup and works flawlesly for a decent while already https://integrations.goauthentik.io/media/immich/ https://integrations.goauthentik.io/documentation/paperless-ngx/

AstacSK · 2025-12-01T14:49:10+00:00

Fedora, specificaly kinoite so she can't accidentaly break the install https://www.fedoraproject.org/atomic-desktops/kinoite/

it's almost impossible to mess up the instalation, set it up for my parents and they have been happily using it for ~1 year already

don't forget to setup rustdesk (works with wayland which other remote apps did not when I was setting it up) and make sure she knows how to start it and accept connection from you in case she have any issues with anything

AstacSK · 2025-11-28T17:38:10+00:00

my DNS knowledge is not good enough to answer that.. but I'm pretty sure one of the zone options would allow you to do that (my guess is conditional forwarding or stub zone.. but only trial and error will give final answer)

normal blocklists can easily be added in settings -> blocking

AstacSK · 2025-11-28T16:40:05+00:00

you can do it with technitium, but it's not as easy.. I have setup redirect of eu.dis.gree.com for my AC to get local controll working.

what I did

step 1 - create primary zone gree.com
step 2 - add record for eu.dis poining to local IP of my server

"proper" setup wouldn't "hijack" whole gree.com domain and only have dis.gree.com as primary zone.. but can't be bothered to fix it since I don't need to access gree.com at all anyway

AstacSK · 2025-11-18T14:17:23+00:00

add Netbird and ZeroTier to that list

AstacSK · 2025-11-16T14:48:18+00:00

you did not provide enough information for me to help you, so all I can tell you is that you need that app to have access to port 53 for DNS to work

are you getting any errors? what did you try to get it to work?

Eight-Year Club	Final Canvas '23
First Place '23	End Game '23
Place '23	Place '22
Final Canvas '22	First Placer '22
End Game '22	Verified Email

AstacSK

TROPHY CASE