I attempted to update Nextcloud and failed spectacularly. Need to rebuild our family calendars now.
Look into radicale if that's you're using NC as a DAV server - and everyone's using their phone as a client
It's so simple & lightweight (but admittedly the webgui is admin only - no visible calendar)
Of all the nightmare rebuilds, nextcloud scares me the most. I have backup images of that machine laying around like drink coasters.
Without enough time to fix, if anything breaks and without proper backup, I upgraded my mother in law's phone from lineageOS 21 to 23. without issues! Phew
Bold move, Cotton!
(Not really, Lineage updates are the most seamless I've ever seen).
I attempted to move my whole 192.168.x network without vlan to a new 10.x network with vlans. I am still tracking down services and devices where I hardcoded in the old 192.168. ip adresses.
That's a big endeavour! I did it about two months ago, but slowly and progressively. Still found hard-coded addresses a month later though.
Is there a technical advantage to using a 192 network vs a 10 network like you described? I would've thought they're just addresses, still IPv4 as well.
I tend to use hostnames where possible. Maybe that's not viable for your situation?
No. But segregation into vlans has advantages. As this comes with new adresses anyway, might as well tidy up the adress space entirely.
In the end 10.20.20.10 feels much neater than 192.168.174.10.
But yes, you are right, technically the 192.168.xx.yy adress space works the same and has plenty of space for home use.
Ah okay, so it's kinda just for aesthetic reasons mostly? I'll take that explanation home any day 😄
Exactly. You could say it was unnecessary, but I think we have crossed that line a long time ago.
😁 "Maaaybe"
Going back a little bit, you mentioned advantages to "segregating into vlans"?
Would you like to elaborate on some of those advantages?
I rebooted a machine that had an Nvidia driver crash. It didn't finish the reboot, but it did seem to stop sshd so I can't get in until I get home and have physical access. I had a ping running so I could watch, it never dropped. 🫠
Lesson here: put your experimental boxes on a WiFi plug and set them to boot on AC restoration.
I hate it that systemd is so quick to shut down sshd when shutting down the system. it does that in the very first "round", while it could really just keep it running till the end...
Even my proxmox web interface lasts deeper into a reboot than sshd. It boots you immediately while you can watch the vms shut down for the next 3 minutes in the browser.
This is why I got a JetKVM heh
or something like nanokvm
It's been a year, are these issues fixed?
https://www.jeffgeerling.com/blog/2024/sipeed-nanokvm-risc-v-stick-on
I’m also postponing upgrading my rpi4 os to 64bit one, although it’d unblock a lot of my small projects since many docker containers don’t support the 32bit os anymore. I’m just very lazy.
I started getting the base install on a separate SD card yesterday, and realised there's still loads of things I'd missed in my Ansible script, like reducing journal writes, etc.
So, I just put the old SD card back in and left it until I can look at it again
Small steps...
I resisted the urge to accept renovate's Merge Requests for Bookstack and Cadvisor updates during the festivities but did today and everything worked out fine.
Nothing broken yet, but there's still time! So far I set up immich instead of seafile for photos (keeping seafile instead of next cloud for files, but immich is way better for photos) And set up link warden and floccus for book mark backup and sync.
I have had some interesting DNS issues though where the immich app would not reliably resolve my immich local domain from the pihole, so of course there's a DNS issue... Working around that by using the IP for now, it seems to be an issue only with the app.
At work we have a nearly 2 week moratorium that covers Christmas and New Years. We do zero changes unless something breaks on its own. So everyone can take time off without worrying too much.
So I do the same for my homelab. I'll spin up new stuff for fun(new docker containers to try out new apps), but I don't touch my stable stuff. No reboots, no updates, no image pulls, nothing.
I managed not to screw anything up, but I was handed a HDD from a friend of mine who is a burgeoning photographer. The drive has crashed, and I am afraid that, unless he coughs up several thousands of $$ for a professional recovery service, I am not going to be able to resurrect his drive. I've told him for at least a year to spend the money and get a nas with a Raid set up. So, over Christmas, he did purchase one. But.....too little too late for the portable drive. I always hate delivering bad news, but it is a hard lesson to learn. Usually, it just takes one time, and it's back up city from there on out. Fortunately he has partial backups on SD chips, and files spread from FB to family phones he can recoup some of his losses from.
Uggh, feel bad for them.
I've tried for years to get friends and family to have their data sit in a single point in the house and use backup services. That would be a massive improvement.
Family won't listen, so I'm building minicomputers for them all that will handle it. Just have to configure their devices to store data there.
This started because one sibling asked about transferring photos from a phone, and I started documenting how to use Resilio and Syncthing.
Just a friendly word of caution:
if they don't appreciate what you're telling them to do, ... and if the minis you're building fail to do some magic data protection that they / you hadn't thought about... it'll be your "fault"
They need to take some ownership
Oh, agreed.
There's some other stuff at play with the minis (shared family photos, backup to each other, etc) that I'm going to use as an enticement to get them to learn to use these tools.
Once they learn that, I can slip in some other things, piecemeal, depending on what each person clicks with.
I've had some luck with portable drives by removing the drive from enclosure and attaching it directly to sata-bus instead of USB. Also, as a general rule for anyone who might stumble on this, whenever attempting recovery at first create an image (I use ddrescue) and work with that. That way you'll minimize risk of causing even more damage.
A while ago we "fixed" couple of hard drives with my brother. All of them had a single faulty diode, apparently it was a known failure point on those drives and brother found instructions online how to bypass that diode. Obviously that doesn't really fix the drives, but a small piece of wire and some soldering was enough to get drives spinning again long enough that he could copy data over to new drives.
I’ve had some luck with portable drives by removing the drive from enclosure and attaching it directly to sata-bus instead of USB
I did try removing it from the enclosure in hopes to hook it to a USB3.0 to IDE/SATA which also includes legacy stuff. However this drive (HD Passport) has the micro-b soldered onto the drive board. I've tried several different micro-b to whatever connections, but no joy. The drive won't initialize and reports a fatal hardware error when I try. When initially plugged in, you can physically feel the platter spin momentarily, and the power light comes on. But the platter will stop spinning and the power light will start blinking on and off. This drive has been beat up, dropped, etc, in a camera gear bag. I'm actually surprised it hasn't failed before now.
If it tries to start but doesn't do anything it's pretty much a lost cause then as the drive gets power but fails to initialize. In theory a simple broken solder joint somewhere might cause that and that might be fixable, but that requires at least somewhat decent soldering station and some experience. Or maybe you could get a donor board and swap out memory chips from the old one, but that's even more tricky. Hopefully it's not too expensive lesson.
I was trying to finalize a backup device to gift to my dad over Christmas. We're planning to use each other for offsite backup, and save on the cloud costs, while providing a bridge to each other's networks to get access to services we don't want to advertise publicly.
It is a Beelink ME Mini running arch, btrfs on luks for the os on the emmc storage and the fTPM handling the decryption automatically.
I have built a few similar boxes since and migrated the build over to ansible, but this one was the proving ground and template for them. It was missing some of the other improvements I had built in to the deployed boxes, notably:
I don't know what possessed me, but I decided that the question marks and tasks I had in my original build documentation should be investigated as I did it up, I was hoping to export some more specific configuration to ansible to the other boxes once done. I was going to migrate manually to learn some lessons.
I wasn't sure about bothering with UKI. I wanted zfs running, and that meant moving to the linux-lts kernel package for arch.
Given systemd-boot's superior (at current time) support for owner keys, boot time unlocking and direct efi boot, I've been using that. However, it works differently if you use plain kernels, compared to if you use UKI. Plain kernels use a loader file to point to the correct locations for the initramfs and the kernel, which existed on this box.
I installed the linux-lts package, all good. I removed the linux kernel package, and something in the pacman hooks failed. The autosigning process for the secure-boot setup couldn't find the old kernel files when it regenerated my initramfs, but happily signed the new lts ones. Cool, I thought, I'll remove the old ones from the database, and re-enroll my os drive with systemd-cryotenroll after booting on the new kernel (the PCRs I'm using would be different on a new kernel, so auto-decrypt wouldn't work anyway.)
So, just to be sure, I regenerated my initram and kernel with mkinitcpio -p linux-lts, everything worked fine, and rebooted. I was greeted with:
Reboot to firmware settings
as my only boot option. Sigh.
Still, I was determined to learn something from this. After a good long while of reading the arch wiki and mucking about with bootctl (PITA in a live CD booted system) I thought about checking my other machines. I was hoping to find a bootctl loader entry that matched the lts kernel I had on other machines, and copy it to this machine to at least prove to myself that I had sussed the problem.
After checking, I realised no other newer machine had a loader configuration actually specifying where the kernel and initram were. I was so lost. How the fuck is any of this working?
Well, it turns out, if you have UKI set up, as described, it bundles all the major bits together like the kernel, microcode, initram and boot config options in to one direct efi-bootable file. Which is automatically detected by bootctl when installed correctly. All my other machines had UKI set up and I'd forgotten. That was how it was working. Unfortunately, I had used archinstall for setting up UKI, and I had no idea how it was doing it. There was a line in my docs literally telling me to go check this out before it bit me in the ass...
...
...
So, after that sidetrack, I did actually prove that the kernel could be described in that bootctl loader entry, then I was able to figure out how I'd done the UKI piece in the other machines, and applied it to this one, so it matched and updated my docs...
...
UKI configuration is in mkinitcpio default configs, but needs changing to make it work.
vim /etc/mkinitcpio.d/linux-lts.preset
...
Turns out my Christmas wish came true, I learned I need to keep better notes.
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!