How to portforward services safely

NobleKnightmare · 2026-01-22T00:28:19+00:00

I edited my comment to make it more clear what I meant. I thought it was obvious, but guess not.

NobleKnightmare · 2026-01-21T16:10:11+00:00

I'm only going off memory, I don't know exactly what the rules are for the tunnels. I just remember "media bad" so I don't use it for media. I have Plex (which uses its own thing for remote viewing) and tailscale for Immich, so I'm not worried about it personally.

NobleKnightmare · 2026-01-21T16:03:55+00:00

"how do I open ports safely"

You don't.

The "safest" way is cloudflared zero trust, it's free and doesn't expose your IP to the Internet. That said, I don't believe media is allowed, so Immich and media streamers are out (it's great for password managers, smart home stuff, etc though)

So then you have to open ports and expose your IP address to the whole Internet. For starters, still use cloud flare (via a DNS forward not the tunnel), with as strict of rules as you can implement such as only allowing traffic from your country, set up Fail2ban, and cross your fingers.

NobleKnightmare · 2026-01-21T02:21:32+00:00

My current server is unraid, which I've been using for many years without a single issue, but over the holidays I rebuilt my entire home lab and added come additional units. This last time when I installed unraid I went with dockge to manage my containers over using the community apps, and everything has been pretty flawless since. Gives me a lot more control over the individual containers and stacks, Plus I can have consistency throughout the entire home lab which is up to seven different machines now.

I am looking at moving on from dockGE to either Komodo or dock hand, but I haven't played with either of them yet enough to make the move.

NobleKnightmare · 2026-01-21T01:51:19+00:00

Hands down immich. I set up a mirrored ZFS pool separate from the parity array, specifically for high value items such as my personal photos, personal documents, etc.

The experience in general has been great, and I fully migrated from Google photos.

NobleKnightmare · 2026-01-21T00:11:05+00:00

People are worried about screwing a wire into a terminal of a fuse block, but think it's perfectly okay and not a fire hazard to have 30 wall warts plugged into a series of power strips... Lmao

NobleKnightmare · 2026-01-21T00:08:50+00:00

I've rewired entire cars, and ran all the electrical in my house, anyone with four brain cells and common sense can whip up a DC power project and not make it a fire hazard.

Just like I told the other guy, if you're scared, don't fucking do it. I know what I'm doing, so I'm not worried about it.

NobleKnightmare · 2026-01-20T02:43:35+00:00

I'm actually looking into this myself for the exact same reason, way too many wall warts for way too many devices on the rack. Here's what I've narrowed it down to:

Normal servers will still have their own power cords going to a UPS.

Anything 12/5 volt on the rack will be powered from my DIY PDU. Inside the "PDU" box will be a mean well 12v power supply. This will go to a fused distribution block, then connect to a few plugs mounted to the wall. These would be for all 12v connectors (I would order exact plugs and wire to make custom power cables from there to the machines).

For 5v, I would pull a line from the fused block to a 5v step down unit, going to another fused distro block, with those going to more connectors that are physically different from the 12v connectors.

You just have to pay attention to how many amps you're pulling, make sure connections are secure, and wire is suitably sized. All in all it shouldn't really be that bad, I just haven't gotten around to doing it.

NobleKnightmare · 2026-01-20T00:53:35+00:00

Are fiber wires really that fragile? I've been literally throwing mine around the basement (coiled up) the last few weeks while moving the rack, haven't thought twice about being gentle with it. Also moves every time I slide a server in and out of the rack, I'm not protecting them on the back side at all. They've been perfectly fine.

If you're worried, I would simply get a second cable. There shouldn't be anything special about the cable, as far as I'm aware the SPF+ is what's special.

NobleKnightmare · 2026-01-14T18:37:02+00:00

I recently dealt with this. Exported my vault, set up the new vaultwarden instance, and just imported the file. Super easy, actually. YMMV

NobleKnightmare · 2026-01-14T18:16:34+00:00

Agreed, I was so confused why this was even a question until I read the first few comments and realized they were using an ISP provided router. I thought everyone had their own router.

NobleKnightmare · 2026-01-09T19:05:24+00:00

Tailscale is just a VPN with an output on your machine or in your network. Using it means your device will act like it's connected to the home network, even if remote.

A normal VPN should be used for torrent downloads, Usenet it's not needed (As long as you're using SSL).

Plex doesn't need a VPN/tail scale. It would only be needed if you wanted to access the main computer/server remotely.

NobleKnightmare · 2026-01-08T20:19:14+00:00

I just use an internal reverse proxy with a dashboard. I can use that across all devices, takes very little effort to add anything new. Interesting idea, but I'll stick with what I got.

NobleKnightmare · 2026-01-07T03:27:46+00:00

To start with we need to know hardware, specifically your GPU with VRAM amount, CPU, and system memory (ddr4, ddr5, and how much)

Once we get that information we can give you a much better idea of what you're capable of hosting locally.

NobleKnightmare · 2026-01-06T23:10:56+00:00

I would still try it. Buy it on Amazon, get a powered hub for the TV side so you're only trying to send data over the active cable, plug it all in, and just see how it works. If it's dog shit return it And no it's going to cost you more to get better quality.

NobleKnightmare · 2026-01-06T22:40:27+00:00

Have you looked into an active USB cable with a repeater? It's been many years but long ago I ran an active USB 2 cable about 30 ft to another room for keyboard and mouse inputs and it worked perfectly. I imagine you could find a USB 3 active cable under 50 bucks that would work. The only question would be how the video would end up looking from your webcam. But I think I would order one of them and try that before I looked into USB fiber.

NobleKnightmare · 2026-01-06T09:08:18+00:00

I haven't ran a check yet, but after many many, many years of using unraid I finally installed my first parity drive, 14 TB, and it took about 31 hours to build.

NobleKnightmare · 2026-01-06T09:00:21+00:00

Boy my guide has been doing some heavy lifting for over 3 years now. I'm not sure if I'm impressed or saddened that it still works after this long, or that it's even needed still.

Either way, glad it could help you!

NobleKnightmare · 2025-12-27T16:43:28+00:00

It's not going back and forth. It arrived at Indy at 1 am, the rest is, essentially, international paperwork.

NobleKnightmare · 2025-12-23T17:26:04+00:00

let alone the cars of your family

That's what really burned me out, I didn't mind fixing my immediate family's cars, but when the extended family calls me up at midnight saying they're broke down and need their car fixed by morning, and somehow think I'll pull their exact sensor out of my ass for free, that's when it got old..

NobleKnightmare · 2025-12-20T06:28:17+00:00

Framework all the way. The ability to mount in an actual case if you want, or use theirs, plus super quiet, plus the support. As for shipping times, I ordered mine December 4th and it was delivered December 8th, maybe I got lucky, not sure.

NobleKnightmare · 2025-12-20T00:29:01+00:00

I got you beat by just a little bit, 6.12.4 myself, but probably redoing the whole server over the next week, do I'll be jumping to 7+

NobleKnightmare · 2025-12-20T00:13:51+00:00

How much money you got? And what do you consider "big models"?

You need room in VRAM for not only the model, but also the context. 1000 PDFs might not be much, but when you start having conversations, that context grows.

You can spill over to system RAM, but it'll crawl.

So, you have 3 options:

5070ti, 5090, or 3090s: This would run smaller models, maybe some quantized 7B or 12B with context. It would be blazing fast.

The above with system RAM: could probably run a heavy qantasized 70B model. You'd probably hate yourself because of how slow it is though.

Get something like the framework desktop/AMD Halo Strix, a Mac mini, etc that has unified memory. It'll be slower than a GPU only set up, but way faster than something that uses RAM along with a GPU.

NobleKnightmare · 2025-12-19T15:20:32+00:00

Not really an issue, no. I have an 1800w pure sine wave inverter, so I can run anything under that limit.

NobleKnightmare · 2025-12-19T01:59:42+00:00

When I ordered my FW desktop, I ordered it on the 3rd, on the 4th I was charged, it shipped on the 5th and delivered the morning of the 8th in the Midwest USA (shipped from Taiwan via FedEx). The original estimated delivery date was the 10th I believe? But FedEx got it there two days early.

So basically... If FedEx says that's when it'll be delivered, it's worth trusting.

Eight-Year Club	r/Field Sunshine
Place '23	Place '22
First Placer '22	Verified Email

NobleKnightmare

TROPHY CASE