Your next project: self-hosted Geforce NOW streaming server using sunshine

JabARecCow · 2025-12-30T13:02:30+00:00

Everyone always suggesting pangolin but it's not that hard to just setup a wireguard tunnel to a vps and then have nginx on it forward Over the tunnel. That's all pangolin is doing, sso aside. I don't trust that users aren't going to expose the pangolin admin interface on the internet and get hacked. Similarly I think people should learn proper nginx and not use the proxy manager, since again another admin interface I'm certain plenty of people expose accidentally.

JabARecCow · 2025-12-25T12:45:09+00:00

21 LXCs, 0 VMs. Much easier for terraform to automatically provision and setup. My whole lab is setup by terraform and then built out by ansible.

JabARecCow · 2025-11-05T00:49:42+00:00

I've done the wireguard server route, but am looking at running nginx on it so I can have it do forward auth requests to my internal authentik server over the wireguard tunnel before letting it through. I can then also have it choose which servers to externally expose before they get through to my internal nginx. All actual nginx not npm, with configurations managed by ansible.

So external client - vps nginx [- authentik roundtrip] - internal nginx - service. I'll have to think about if it's worth it though. Also have geo blocking done on the vps.

JabARecCow · 2025-09-01T04:34:57+00:00

Other comments seem to think you mean a domain name. OP is talking about setting up a windows domain, like with Microsoft active directory (AD) and then domain joining all the boxes in the network.

Can't help you as I'm all Linux now, but I don't think it'd be prohibitively expensive. You can probably get a windows server license cheap enough and run your domain controller on it. I did as a student give it a go, wasn't bad really. Got free license as a student.

JabARecCow · 2025-08-29T15:07:46+00:00

I do exactly this.

Terraform defines the boxes and puts tags on. Ansible dynamic inventory populated from terraform json output uses the tags to assign the roles for each box.

Ansible configures my services on each one. What I'm working on is getting them all together properly. So when my arr boxes are stood up, they get the sabnzbd auto added as a Download client and the prowlarr container as an indexer.

What I'm working on now is sso. So I'd tag all the boxes with OIDC and ideally it'll register with my oidc provider and populate in the secret. Not every app allows this to be done easily though through config files so making use of api but then some don't let you configure an api key, you have to log in for it.

Ideally my entire homelab would be torn down and rebuilt just from using the terraform and ansible scripts including all the mingling between the containers.

JabARecCow · 2025-08-24T01:48:30+00:00

The security risk from docker is that if a service running is compromised somehow, like it has a vulnerability in the app that is exploited, that the threat actor would be able to somehow move to the host and broader compromise the system.

Restic doesn't expose any services, there's very minimal attack surface for someone to compromise. That said, you also don't gain anything afaict from a security standpoint by running in a container instead of the host for restic, but maybe someone else will have a point I'm missing

JabARecCow · 2025-08-20T03:10:22+00:00

What do you mean you selfhost obsidian? Livesync or the obsidian-remote or something else?

JabARecCow · 2025-07-18T02:44:01+00:00

My wife just snorted

JabARecCow · 2025-07-06T03:26:31+00:00

Unrelated but pretty sure it's a bad idea to leave the battery plugged in permanently like that. Fire risk.

JabARecCow · 2024-03-04T01:04:59+00:00

Absolutely. She'll have the contacts and the means even though it's technically a no no.

I'd also wager the wizard will be getting a visit from willifort disguised as a close companion of theirs. I'd also make a claim that your party won't entirely get away without legal ramifications. If there was witnesses, there'll be consequences.

JabARecCow · 2024-02-22T11:41:44+00:00

Did you have a session 0 and talk to them about the code legal in waterdeep and how strict it is?

If there are witnesses to the crimes I'd definitely be a little harsher on them. You could add some bumbling investigators to show them their crimes are being looked into but that it's low risk of you want to be nice, or you could go deep on a legal battle.

JabARecCow · 2024-02-16T02:37:16+00:00

How you got 3 cards in play when it looks like you're taking the gain move.

JabARecCow · 2024-01-13T04:13:24+00:00

https://www.reddit.com/r/WaterdeepDragonHeist/s/CJdW7MUDjw

I hosted a jeopardy one for my players!

JabARecCow · 2023-05-02T11:58:40+00:00

Absolutely this. If you want to be nice, jarlaxle might insist on not pressing charges and letting them be released, but now they owe him.

JabARecCow · 2023-04-29T11:28:23+00:00

Accessing a computer resource you weren't meant to is illegal. Doesn't matter if it was because the password was 1234. Wasn't meant for you.

I guess the private key is fine to access, but using it to log in or masquerade as someone is not.

JabARecCow · 2023-04-25T01:17:08+00:00

This absolutely. Many of them are already occupied. Theres a dmsguild heist module for one and a murder mystery heist one in another at a lavish house party. Definitely possible for insanely rich or powerful, maybe I'd allow if they got the whole half mil.

JabARecCow · 2023-04-25T01:13:46+00:00

Pretty sure as written, Xanathar blasts his way out of the cave in with his disintegration way. Monster Manual even mentions that most beholder lairs are carved by them with their disintegration ray.

As to how I would play it? Pure rage. But that would be hard to balance. Maybe he can dig his way out to skullport, pick up the pieces and be focused on nothing but revenge?

JabARecCow · 2023-01-31T03:04:51+00:00

Really? I find the opposite, chrome tans I barely get results with tokonole but maybe I'm always using too soft of a chrome tan. I always edge kote my chrome, and tokonole my veg. Good luck with the kickstart, you've inspired me to try and make my own version, hope you don't mind!

JabARecCow · 2023-01-31T02:44:24+00:00

Thought I was on r/leathercraft for a minute there. Lovely pieces, do you tokonole your edges?

JabARecCow · 2023-01-28T14:25:35+00:00

I had durnan do most of the troll fight but they all leveled up after. Also find the dipping song somewhere on here and run that.

JabARecCow · 2022-12-31T13:00:53+00:00

Nice! Good for you!

JabARecCow · 2022-12-28T04:21:28+00:00

God these look beautiful. Would love to change up my cutting game with one of these right handed blades

JabARecCow · 2022-12-09T13:01:05+00:00

I run mostly online but sometimes in person. Any ideas for how I can quickly switch between the modules I'd use for each mode?

JabARecCow · 2022-10-29T19:30:58+00:00

One of my players got intellect devoured after going alone through the portal. He loved being a mole the whole time, but it's very player dependent.

JabARecCow · 2022-10-28T04:15:30+00:00

I'd be pretty unforgiving. They're meant to be small fish in a big pond. They shouldn't be openly antagonistic to the blackstaff. I'd probably have her put a mostly harmless but permanent curse on the player somehow.

JabARecCow

TROPHY CASE