Lol, thanks. I think it’s still worth it if you want more ownership over your searches, but just expect some rough edges

Recently I’ll often get results that aren’t at all related to what I searched for. I also get a lot of timeouts from the upstream search engines, and sometimes I get results that are in Chinese for some reason

Self hosting and the maintenance is painless, but the results have been pretty terrible lately

Sell to pay my electricity bill

SFF Optiplec are great. I went with a decently spec’d Intel NUC running Proxmox that handles all my home services nicely without using too much power.

Fully custom? Sick! Where do I get one? 😅

Rsync or SCP?

That would be my exit sign

Reminds me of project Silica. Media historically was more durable (stone/ ink and cloth paper, etc) but had a low data density. As density increased, so did fragility

So sad, I remember seeing his YT vid announcing his health updates and mentioning he was getting things in order to make his network more manageable for his family :(

He seemed like a great dude.

Is keeping everything inside of a local “walled garden”, then exposing the minimum amount of services needed to a WireGuard VPN not sufficient?

There would be be no attack surface from WAN other than the port opened to WireGuard

I have a somewhat dated (but decently specd) NUC running Proxmox, and it’s the backbone of my home lab. No issues to date.

I was using a WD PR4100, but I upgraded to a Synology RS1221+ and it’s been fantastic :)

I have a beefed up Intel NUC running Proxmox (and my self hosted services within those VMs) and a stand alone NAS that I mount on the necessary VMs via fstab.

I really like this approach, as it decouples my storage and compute servers.

Join us; It’s fantastic.

I have a (beefy specd) Intel NUC that’s running Proxmox. A few of the VMs mount to my RS1221+ for things like media (Jellyfin), etc.

On Proxmox I run

• Jellyfin (media server)
• Home Assistant (home automation)
• PiHole (DNS)
• Ansible (For keeping everything up to date and applying bulk actions)
• NGINX Proxy Manager (so I can access things locally with a nice URL)
• VM to host my Discord bots
• Whoogle (Search engine)
• AMP game server

Probably missing a few, but that’s the jist

The safest (but not as convenient) way is to run a VPN, so that the services are only exposed to the VPN interface and not the whole world.

In pfsense I specify which services my OpenVPN connections can access (just an internal facing NGINX for the most part) and then I can just go to jellyfin.homelab, etc when connected.

Not as smooth as just having NGINX outward facing, but gives me piece of mind knowing my network is locked down

Yeah, I think I will end up creating a new ACL on NGINX to only allow those mgmt_allowed IPs. I tested it, and it seems to work fine. Not ideal, as I’d like to manage everything from pfsense, but I guess it’s expected by the nature of proxies :P

Thanks for the reply! Yeah, I just tried the ACL in NGINX, and it seems to work fine. I can still ping the proxied services, but cannot connect to them. I guess I will maintain a seperate mgmt_allowed list there like so

Ooo, very nice! If I use that script, can I generate certificates for a made up domain within my network (eg *.homelab), or do I need to use a domain I actually own?