I know this is not the best answer since you would probably like me to talk about Nebula, but I have to say that the best solution I have found for setting up a mesh VPN is Zerotier.
It is a very complete solution. Multisystem, very simple but very configurable, fast, etc.
You simply start by creating a network on the public controller (which will generate an ID for that network) and then join the rest to that network and everyone can communicate with everyone (by default, then you can create subnets if you want).
Using the public controller is completely optional (I personally use it because it is convenient for me and because I have few hosts) but if you want you can set up your own controller, I have an article (the bad thing is that it is in Spanish, but if you run a translator you can understand it perfectly) where I explain how to do it without any requirement. If not, you can use ztncui for it.
Take a look at it, you might find it more attractive than Nebula.
By the way, for me one of the great advantages of ZeroTier is that I don’t have to worry about certificates and keys, the controller takes care of everything for you and security is guaranteed from the point of view that each node has a unique identifier.
restic without any doubt. I use it with S3 backend and SSH copy and it has an excellent performance (with copies of years).
Borg I was using it for a while (to compare) and I do not recommend it, it is not a bad product, but it has a lousy performance compared to restic.
Kopia I didn’t know it, but from what I have read about it it seems to be very similar to restic but with some additions to make it pretty (like having ui).
Some people say that Kopia is faster in sending data to the repository (and other people say it’s restic), I think that, unless you need ui, I would use restic.
I know you said you’re against rack mounting, but JUST in case:
I love the look and tidiness of a nice rack mount system. So I got a Chenbro 4U case. It’s perfect for reusing my old components, and it has a standard size area on the front to install a hot swap HDD cage.
It’s just the cheapest type of drive there is. The use case is in large scale RAIDs where one disk failing isn’t a big issue. They tend to have decent warranty but under heavy load they’re not expected to last multiple years. Personally I use drives like this but I make sure to have them in a RAID and with backup, anything else would be foolish. Do also note that expensive NAS drives aren’t guaranteed to last either so a RAID is always recommended.
Make that RAID Z2 my friend. One disk of redundancy is simply not enough. If a disk fails while resilvering, which can and does happen, then your entire array is lost.
Hard agree. Regret only using Z1 for my own NAS. Nothings gone wrong yet 🤞but we’ve had to replace all the drives once so far which has led to some buttock clenching.
When I upgrade, I will not be making the same mistake. (Instead I’ll find shiny new mistakes to make)
That tracks with my experience as well. Literally every single Seagate drive I’ve owned has died, while I have decade old WDs that are still trucking along with zero errors. I decided a while back that I was never touching Seagate again.
I actually had my first WD failure this past month, a 10tb drive I shucked from an easystore years ago (and a couple moves ago). My Synology dropped the disk and I’ve replaced it, and the other 3 in the NAS bought around the same time are chugging away like champs.
For sure higher but still not high, we’re talking single digit percentage failed drives per year with a massive sample size. TCO (total cost of ownership) might still come out ahead for Seagate being that they are many times quite a bit cheaper. Still drives failures are a part of the bargain when you’re running your own NAS so plan for it no matter what drive you end up buying. Which means have cash on hand to buy a new one so you can get up to full integrity as fast as possible. (Best is of course to always have a spare on hand but that isn’t feasible for a lot of us.).
if I close the 8123 port and remove my cache, firefox will warn me, if I click on forward anyways it will forward to a website from my router for some reason saying that the DNS-Rebind-Protection has blocked my attempt and that there is some issue with the host-header.
Instead of forwarding ha.yourdomain.com to 192.168.178.214 (which I assume is the lan ip address for your machine), you should forward it to a hostname called homeassistant (which is the hostname for the home assistant instance inside your docker compose network).
selfhosted
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.