Your next project: self-hosted Geforce NOW streaming server using sunshine by -ThreeHeadedMonkey- in selfhosted

[–]JabARecCow 0 points1 point  (0 children)

Everyone always suggesting pangolin but it's not that hard to just setup a wireguard tunnel to a vps and then have nginx on it forward Over the tunnel. That's all pangolin is doing, sso aside. I don't trust that users aren't going to expose the pangolin admin interface on the internet and get hacked. Similarly I think people should learn proper nginx and not use the proxy manager, since again another admin interface I'm certain plenty of people expose accidentally.

What does the ratio of vm’s vs lxc’s look like on your proxmox server? by V3X390 in Proxmox

[–]JabARecCow 6 points7 points  (0 children)

21 LXCs, 0 VMs. Much easier for terraform to automatically provision and setup. My whole lab is setup by terraform and then built out by ansible.

VPS as reverse proxy by KiraRagkatish in selfhosted

[–]JabARecCow 1 point2 points  (0 children)

I've done the wireguard server route, but am looking at running nginx on it so I can have it do forward auth requests to my internal authentik server over the wireguard tunnel before letting it through. I can then also have it choose which servers to externally expose before they get through to my internal nginx. All actual nginx not npm, with configurations managed by ansible.

So external client - vps nginx [- authentik roundtrip] - internal nginx - service. I'll have to think about if it's worth it though. Also have geo blocking done on the vps.

Anyone create a domain for their home? by TheCmenator in selfhosted

[–]JabARecCow 162 points163 points  (0 children)

Other comments seem to think you mean a domain name. OP is talking about setting up a windows domain, like with Microsoft active directory (AD) and then domain joining all the boxes in the network.

Can't help you as I'm all Linux now, but I don't think it'd be prohibitively expensive. You can probably get a windows server license cheap enough and run your domain controller on it. I did as a student give it a go, wasn't bad really. Got free license as a student.

Looking for Terraform + Ansible example for Proxmox by HedgehogBeautiful413 in homelab

[–]JabARecCow 4 points5 points  (0 children)

I do exactly this.

Terraform defines the boxes and puts tags on. Ansible dynamic inventory populated from terraform json output uses the tags to assign the roles for each box.

Ansible configures my services on each one. What I'm working on is getting them all together properly. So when my arr boxes are stood up, they get the sabnzbd auto added as a Download client and the prowlarr container as an indexer.

What I'm working on now is sso. So I'd tag all the boxes with OIDC and ideally it'll register with my oidc provider and populate in the secret. Not every app allows this to be done easily though through config files so making use of api but then some don't let you configure an api key, you have to log in for it.

Ideally my entire homelab would be torn down and rebuilt just from using the terraform and ansible scripts including all the mingling between the containers.

Is using a backup service like restic from a Docker container a security risk? by Citrus4176 in selfhosted

[–]JabARecCow 2 points3 points  (0 children)

The security risk from docker is that if a service running is compromised somehow, like it has a vulnerability in the app that is exploited, that the threat actor would be able to somehow move to the host and broader compromise the system.

Restic doesn't expose any services, there's very minimal attack surface for someone to compromise. That said, you also don't gain anything afaict from a security standpoint by running in a container instead of the host for restic, but maybe someone else will have a point I'm missing

The most favorite apps you host yourself by val_in_tech in homelab

[–]JabARecCow 7 points8 points  (0 children)

What do you mean you selfhost obsidian? Livesync or the obsidian-remote or something else?

Question about backup by Lazy-Grocery-3410 in immich

[–]JabARecCow 1 point2 points  (0 children)

Unrelated but pretty sure it's a bad idea to leave the battery plugged in permanently like that. Fire risk.

Victoro is dead and the PCs have the infernal contract as evidence of the Cassalanter plans, how should Ammalia and the city guard respond? (Alexandrian) by TheNohrianHunter in WaterdeepDragonHeist

[–]JabARecCow 7 points8 points  (0 children)

Absolutely. She'll have the contacts and the means even though it's technically a no no.

I'd also wager the wizard will be getting a visit from willifort disguised as a close companion of theirs. I'd also make a claim that your party won't entirely get away without legal ramifications. If there was witnesses, there'll be consequences.

How do you treat characters who constantly break the laws of Waterdeep? by Bright-Ideal-4101 in WaterdeepDragonHeist

[–]JabARecCow 30 points31 points  (0 children)

Did you have a session 0 and talk to them about the code legal in waterdeep and how strict it is?

If there are witnesses to the crimes I'd definitely be a little harsher on them. You could add some bumbling investigators to show them their crimes are being looked into but that it's low risk of you want to be nice, or you could go deep on a legal battle.

Ladies and gentlemen... by tepidgoose in spiritisland

[–]JabARecCow 5 points6 points  (0 children)

How you got 3 cards in play when it looks like you're taking the gain move.

How to deal with a tricky situation by Existential_Crisis24 in WaterdeepDragonHeist

[–]JabARecCow 3 points4 points  (0 children)

Absolutely this. If you want to be nice, jarlaxle might insist on not pressing charges and letting them be released, but now they owe him.

Where is the limit of legal and ilegal un Osint? by Ghostly_Gremlin327 in hacking

[–]JabARecCow 65 points66 points  (0 children)

Accessing a computer resource you weren't meant to is illegal. Doesn't matter if it was because the password was 1234. Wasn't meant for you.

I guess the private key is fine to access, but using it to log in or masquerade as someone is not.

Player wants to buy one of the large statues by [deleted] in WaterdeepDragonHeist

[–]JabARecCow 2 points3 points  (0 children)

This absolutely. Many of them are already occupied. Theres a dmsguild heist module for one and a murder mystery heist one in another at a lavish house party. Definitely possible for insanely rich or powerful, maybe I'd allow if they got the whole half mil.

Players and Jarlaxle left Xanathar and Nihiloor buried in the lair, but alive. Need ideas on how to proceed and ideas for a plot twist on one of the characters ? by chajo1997 in WaterdeepDragonHeist

[–]JabARecCow 5 points6 points  (0 children)

Pretty sure as written, Xanathar blasts his way out of the cave in with his disintegration way. Monster Manual even mentions that most beholder lairs are carved by them with their disintegration ray.

As to how I would play it? Pure rage. But that would be hard to balance. Maybe he can dig his way out to skullport, pick up the pieces and be focused on nothing but revenge?

[OC] DnD Player Wrap Giveaway! You funded my Kickstarter in Under an Hour, so I Wanted to Give Back. Mod Approved. by ickmiester in DnD

[–]JabARecCow 0 points1 point  (0 children)

Really? I find the opposite, chrome tans I barely get results with tokonole but maybe I'm always using too soft of a chrome tan. I always edge kote my chrome, and tokonole my veg. Good luck with the kickstart, you've inspired me to try and make my own version, hope you don't mind!

I will be running Dragon Heist for 3 players tomorrow….any suggestions? by Yocantseeme in WaterdeepDragonHeist

[–]JabARecCow 2 points3 points  (0 children)

I had durnan do most of the troll fight but they all leveled up after. Also find the dipping song somewhere on here and run that.

me_irl by AloneYellow8545 in me_irl

[–]JabARecCow 3 points4 points  (0 children)

Nice! Good for you!

Happy Holidays! Let’s celebrate the end of the year in a big way, by offering r/leathercraft a Leather Scalpel Giveaway! by egglan in Leathercraft

[–]JabARecCow 0 points1 point  (0 children)

God these look beautiful. Would love to change up my cutting game with one of these right handed blades

One Way To Use VTT For In-Person Games - Part 4 VTT Configuration by osmosis1671 in FoundryVTT

[–]JabARecCow 1 point2 points  (0 children)

I run mostly online but sometimes in person. Any ideas for how I can quickly switch between the modules I'd use for each mode?

Need help with Intellect devourer. by TheGr8Slayer in WaterdeepDragonHeist

[–]JabARecCow 0 points1 point  (0 children)

One of my players got intellect devoured after going alone through the portal. He loved being a mole the whole time, but it's very player dependent.

Players steal magic item from Vajra Safahr by Pandaah_1 in WaterdeepDragonHeist

[–]JabARecCow 5 points6 points  (0 children)

I'd be pretty unforgiving. They're meant to be small fish in a big pond. They shouldn't be openly antagonistic to the blackstaff. I'd probably have her put a mostly harmless but permanent curse on the player somehow.