So I have rebuilt my Production rack with very little in terms of an actual software plan.

I host mostly docker contained services (Forgejo, Ghost Blog, OpenWebUI, Outline) and I was previously hosting each one in their own Ubuntu Server VM on Proxmox thus defeating the purpose.

So I was going to run a VM on each of these Thinkcentres that worked as a Kubernetes Cluster and then ran everything on that. But that also feels silly since these PCs are already Clustered through Proxmox 9.

I was thinking about using LXC but part of the point of the Kubernetes cluster was to learn a new skill that might be useful in my career and I don't know how this will work with Cloudflared Tunnels which is my preferred means of exposing services to the internet.

I'm willing to take a class or follow a whole bunch of "how-to" videos, but I'm a little frazzled on my options. Any suggestions are welcome.

Okay Kubernetes people. I am about to build my first cluster with 4 Raspberry Pi 4B 4gb models powered over POE.

I was going to host just some basic stuff on it (forgejo, a couple Ghost Blogs) and try hosting a Mastodon instance.

The documentation mentioned that I should not use the SD cards for database stuff. So I was going to get some super short thumb drives.

What is everyone else's set up look like with raspberry pis? And how important is matching hardware?

I'm sure I'll learn more from reading the documents but this is my concern right now.

(I was also required to upload a photo so have my Latitude D630)

Anyone have any recommendations for Blog software?

I was considering for a while just using a mastodon instance as my blog because I just kinda wanna sign in and upload my papers that I've written. I was pretty close with Hugo. I'd rather not have to build the site everytime I upload and I want to self host and not use Github actions. I think I still could do it since I like using Cloudflared tunnels.

What is all out there?

I run my production Jellyfin server and a few other services on a Optiplex sff computer with a thicc hard drive and a low profile GPU.

I want to build two more of these with thicc Hard drives so that my parents and my in-laws can have a local Jellyfin instance that I manage remotely and they just need a box plugged in somewhere at their homes.

Is it possible to make Proxmox build a VPN tunnel on boot so I can just have it in my cluster dash. Like using tailscale or openvpn.

Or am I going to have to go with my original plan and put that on the same box as the Jellyfin server and then just VNC in?

Any tips or ideas?

So I'm trying to get Jellyfin accessible on the open web through a cloudflared tunnel

I have a default install of Jellyfin running that is still accessible locally.

I'm able to ping TV.myblogdomain.com

And the Cloudflared dashboard says the connection is up.

I have implemented page rules and caching rules to turn CDN off.

I have set the DNS server on the Jellyfin VM to be the Cloudflared DNS server.

It's pointed to https://jellyfin:8096/

And it wasn't working with or without a CIDR in the tunnel configuration.

Should I try uninstalling fail2ban and see if that helps? I thought I configured it right pointing it to the 8096 port but maybe I need to do 80/443?

Any tips or guides would be appreciated.

I have been upset recently by a colleague googling me and found my full name on several 3D Printing sites I used to use. I guess I signed in with my google account and so it just pops up now that I've deleted all my socials.

I have a fairly uncommon first + last combo so the cursory google search and then sending "delete my data" emails from the email they know from the 3 data brokers who popped up seems good and now just my linkedin is showing (this is the ideal state).

Is there more I'm missing? should I go for a deleteme subscription in case I missed anything? Other sources I should go to?

I really don't mind sending my own emails to these pests, but is that really all the services are doing? Or is there a backend I'm missing?

I am studying for my Network+ and my Sec+ hoping to shadow our Cyber Sec guy at work.

I want to set up a SEIM on my home network so I can be used to it's operations and how it works by the time I start messing with Pentesting stuff. Then I'm going to use it to try and track myself when I pentest myself.

I was looking into Graylog or Security Onion since they seem to have decent documentation (and I can find videos on how to set them up which is nice).

I was recommended building my own ELK stack and doing everything manually for maximum learning potential. Which I understand why this is a good idea, but I think I'd rather be as close to "baby's first SEIM" as possible or at least have a robust how-to guide.

What do you suggest?