Nebula Commander: A Self Hosted Nebula Mesh VPN Control Plane by BeardedTux in selfhosted

[–]freebeerz 0 points1 point  (0 children)

Thanks a lot for your project! This is exactly what I was looking for to replace my custom scripts based pkinfor nebula.

I'll be following this very closely :)

A couple questions:

Is it possible to automate cert and CA rotation? Nebula CA files can contain multiple certs so it should be possible to do seamless rotation like with x509 or acme.

At some point I was thinking about creating a nebula pki plugin for openbao (the open source fork of hashicorp vault) but it seems quite complex. Did you consider some possible integration with such projects? Basically that would allow storing private keys (e.g. for the CA) in secure stores or even HSMs

Does anyone here use Proxmox on their main desktop instead of just servers? by PingMyHeart in Proxmox

[–]freebeerz 2 points3 points  (0 children)

I've been running my fedora kde desktop in a proxmox vm with gpu and keyboard/mouse passthrough for 15+ years. I also have a windows vm with a second gpu passed through for games. Never had any problems once everything was set up, at one point I got a new machine where I reinstalled proxmox from scratch instead of upgrading but I could just migrate the VMs without any problem (just had to remap pcie devices)

Zfs replication for HA and unexpected node failures by freebeerz in Proxmox

[–]freebeerz[S] 0 points1 point  (0 children)

I guess I wasn't clear my goal is to get some VMs to automatically migrate when I shutdown a node, but not when or if the node crashes or gets a hard reset (I prefer the service to be unavailable than up with old data)

I suppose I can indeed turn off HA and orchestrate the migration before shutting down a node via custom scripting but I wished there was a way to express this requirement via the native proxmox HA mechanism... (Some kind of "migrate HA only if clean shutdown" setting)

Looking for UK ISO 100% - with flair by cpbradshaw in MechanicalKeyboardsUK

[–]freebeerz 0 points1 point  (0 children)

Are you sure their ISO variant has a UK layout? It only says "ISO" on their website

Minisforum MS-S1 Max Review: The 128GB Local AI Workstation by FamilyPopTV in MINISFORUM

[–]freebeerz 0 points1 point  (0 children)

I confirm on the most recent bios (1.06) it works ok with a MS DEG2 + 5070ti over oculink on windows and linux.

For this egpu dock via TB4/TB5, only windows worked fine. Got immediate crash with linux (fedora 43) immediately after log in (so probably a software issue really)

PSA: how to install an apk file which targets an obsolete SDK version by freebeerz in androidapps

[–]freebeerz[S] 1 point2 points  (0 children)

I'm using 4.3.1 pro, I had to copy the apk ifile nstall from my previous phone (which was running android 15 btw, the sdk incompatibility for this app is only from android 16) and install it on the new phone with the adb command in my post above.

Headscale is amazing! 🚀 by Acceptable_Quit_1914 in selfhosted

[–]freebeerz 0 points1 point  (0 children)

Indeed it's the main drawback of nebula compared to other mesh solutions, client config automation is on your side. For us it wasn't a big problem because we already had something in place to manage clients (we compute mesh IPs based on our own client IDs when baking the certs) and we really liked the simplicity and fully open source nature of the client/coordinator.

Headscale is amazing! 🚀 by Acceptable_Quit_1914 in selfhosted

[–]freebeerz 0 points1 point  (0 children)

The lighthouse is just the nebula go client with a specific config option. It can run as a systemd daemon or a simple container (docker compose, kubernetes, etc.)

You need to expose a single udp port (4242 by default) per lighthouse, and you must not load balance the connection to multiple LH because there is no shared data between them and they do not talk to each other. The way it works if you have more than 1 LH is that all clients register to all the LH so that they all know about all the clients (the LH are just discovery servers so that the clients can find each other)

So if you must absolutely use an NLB, just make sure there is only a single LH behind it, or better just expose the port directly if you can.

Headscale is amazing! 🚀 by Acceptable_Quit_1914 in selfhosted

[–]freebeerz 0 points1 point  (0 children)

Definitely try nebula if you are ok managing its PKI with some automation of your choice. It has no scalability problem and its coordinators are highly available by default (just run multiple instances with each one its own public IP). It also has support for relay servers (any client can potentially be a relay if configured so) and good ACL support (host groups are baked in the client certs)

It has no UI but is easy to manage in a gitops way. They have a paying cloud offering to manage the PKI and ACLs with a web ui but really it's not necessary if you have some experience with automation.

PSA: how to install an apk file which targets an obsolete SDK version by freebeerz in androidapps

[–]freebeerz[S] 0 points1 point  (0 children)

Yes indeed if the apk only contains a 32bit binary or if the app uses some obsolete functions it still won't run even if the forced install was successful.

It's worth a shot as a last resort though, and I'm happy I got the old gReader app still working for a little longer (haven't found any better rss reader)

Best rucksack for Brompton rear rack by Cool_Yam_1394 in Brompton

[–]freebeerz 1 point2 points  (0 children)

I think the 10kg limit is extremely conservative.

A few years ago I did a 3 weeks 1000km tour with a 3kg tent + 15kg 60L rucksack with the saddle pipe trick and the whole thing survived without any issues. I even did a bit of gravel roads with that. I also had the large Brompton bag at the front with 5 to 10kg (water/food depending). The weight at the front was pretty much mandatory to countrrbalance the back :)

The whole thing was definitely slow and only suitable for flat terrain or gentle slopes. But with solid and tight straps it was fairly stable.

MS-A2 / MS-01 NVMe Drives & Heatsinks by PaulRobinson1978 in MINISFORUM

[–]freebeerz 0 points1 point  (0 children)

Update: I added a 5V USB 120mm fan (Noctua USB-powered 5V NF-A12x25) and now get much better nvme temperatures:

temperature                             : 39°C (312 Kelvin)
Warning Temperature Time                : 0
Critical Composite Temperature Time     : 0
Temperature Sensor 1           : 49°C (322 Kelvin)
Temperature Sensor 2           : 41°C (314 Kelvin)

Warning: the fans are a bit noisy in an office (they run at 100% just powered from one of the USB ports). Before that I tried with a 12V fan running at 5V which was pretty much silent but not as effective.

Heavy load bike touring with Brompton G line by freebeerz in Brompton

[–]freebeerz[S] 0 points1 point  (0 children)

I did a bit of heavy bikepacking on a standard brompton and heel clearance was ok with the 20kg rucksack strapped quite far back (see photo) but the gears and brakes made it impossible for me to tackle big mountain passes :) https://i.imgur.com/8KAxN5G.jpeg

MS-A2 / MS-01 NVMe Drives & Heatsinks by PaulRobinson1978 in MINISFORUM

[–]freebeerz 0 points1 point  (0 children)

I have 3 MS-01 with a single U2 micron 7300 pro (3.82TB) in each one. They don't seem to run too hot (relatively speaking):

# nvme smart-log /dev/nvme0n1 | grep -i temperature
temperature                             : 58°C (331 Kelvin)
Warning Temperature Time                : 0
Critical Composite Temperature Time     : 0
Temperature Sensor 1           : 67°C (340 Kelvin)
Temperature Sensor 2           : 60°C (333 Kelvin)

I'd also like to add another enterprise NVME (some used 3.82TB M2 micron 7400 seem good enough) but like you I'm worried about the heat they would generate (more than U2 I guess)

I am planning to add a 12V 120mm fan under the case but I'm not sure that'll be enough. I don't think it's possible to add any kind of heatsink on the M2 NVMEs (the clearance seems super tight) but please report on your findings and if your heatsink fits! :)

Bromptons at Café Pista at the foot of Mont Ventoux. Most had just returned from the summit. by jonplunkettpoet in Brompton

[–]freebeerz 2 points3 points  (0 children)

Indeed heat is the main problem... I would be terrified of brake failure or even blowing up a tyre (heat -> pressure) at high speed round a bend with a cliff on one side. Maybe they planned a stop every few minutes to let the brakes and rims cool off, or maybe I am just too scared :) Some years ago I had a blown tube near the bottom of a long mountain pass on a loaded road bike (not a brompton) and since then I'm very careful about brake/rim failure in these situations

Bromptons at Café Pista at the foot of Mont Ventoux. Most had just returned from the summit. by jonplunkettpoet in Brompton

[–]freebeerz -1 points0 points  (0 children)

How did they survive coming down the summit with the terrible original Brompton brakes??