• 0 Posts
  • 50 Comments
Joined 5 months ago
cake
Cake day: November 2nd, 2024

help-circle
  • On Dell server hardware with the right cards/licensing, you can remove the need for physical access to the server to input an FDE password by leaning on iDRAC. This provides access to the console remotely during the boot process (and thereafter).

    Alternatives exist that supposedly do the same thing, but I’ve never had to try them. Airconsole, pikvm, blikvm etc.

    You can keep this interface unexposed by using wireguard to dial in when you’re away, as per your original thinking. Just make sure the endpoint isn’t on the server you’re rebooting…


  • Sounds like capitalism at work, pricing to suit demand :( Not a great idea to let a domain fall out of grace if there’s ever a chance you’ll want it again.

    In work we still maintain domains for arms of the parent company that are long defunct. Less for us and more to prevent others registering.

    I’ve had one personal domain go out of grace, but the reactivation price wasn’t too bad. Cheeky, yes - but not bad enough to get something new.

    Could be worse, could end up at auction like hexbear did…











  • A third, and hopefully final attempt at getting an iredmail setup going. SPF, DKIM & DMARC all checking out fine. It’s actually working this time. Need to get the ISP to change our PTR record though, last bit of the puzzle.

    Also picked up a used negate device, so we now have pfsense fronting everything. That’s allowed me to move the original router to a better location and put it in AP mode.

    Emby media server moved off a Synology and into a proxmox container. Finally, we can stream high def with the hardware acceleration we weren’t getting before.




  • I run a split environment. Main router is set up ‘normally’ with what other people in the house and visitors would expect.

    Attached to that is a Pi running an OpenVPN client and a hostapd server that broadcasts a separate WiFi network. Iptables on the Pi are set to only ever allow Internet traffic through the VPN as a killswitch (except for OpenVPN, to prevent a chicken-egg situation), and any wifi clients connected via hostapd are routed through it.

    A script occasionally changes the VPN endpoint to keep it interesting. This Pi also acts as a qbitorrent client that stores downloads to a local NAS.

    It’s a best of both setup that has been stable for over 5 years now.


  • Monetizing is what ruins other places.

    I like the way my home instance does financial backing through an open model, and that’s part of why I chose it.

    An ideal is enough contributors to keep the lights on and to reimburse the admins for their time spent in keeping it afloat. Moderation should always be a volunteer position for those that want to support their individual communities.

    Any excesses in finance I would hope go towards future running costs (to a point), feature development and then charitable donations in that order. Non-profit on paper and in practice.

    This is viable for a small instance. Maybe even larger ones if the users are altruistic enough as a whole.