Makes sense, yeah it definitely takes more system resources vs storage for a personal server. I host for myself and some friends, so it’s really just thumbnails that take up space.
For reference, I’m hosting on an r220 w/ a proxmox VM allocated as above. I think you could probably get away with less, but not too sure. Your idea with the mini PC would probably work, or you could get a cheap dell Optiplex on eBay and see if it runs well
FWIW, it doesn’t need much. I’ve been running since June 2023 on a VM with 12 gigs of ram, like three cores, and a 1tb ssd (previously I was hosting the DB on my unraid server, but the performance was absolutely horrendous). When i started it i had less RAM, i think as time as gone on its started requiring a bit more (maybe now because of the db migration)
Its really funny because lemmy is one of the most rewarding things to selfhost
Is this a selfhostable instagram proxy?
Just perspective, look at the curtain rod, it also slants downward
It would probably be mail.x[.]com
Is the implication here that its annoying to expect pet owners to be responsible for waste they leave behind?
Can you provide an example? I’m a little confused by what you mean.
Here, I cleaned it up
Once the port is open, you should be able to access it via the tailscale IP just as you would locally on your network
Ahhh i gotcha, so basically it forwards traffic through the pi so that you can send traffic through tailscale on devices that don’t support it? Sounds like a cool idea tbh
Good on ya for the tailscale/syncthing though, off-site backups are super important! If Jellyfin supported federation you could merge your library and your parents library and have it all accessible through each of your local instances. Maybe one day they’ll add it, i think it would be a killer feature.
Glad the write-up helped though, it should at least help you move towards single instances (at least for immich) since you can just backup on tailscale via the dns entry!
Glad to help, yes that is a perfect example of how you could use this to your benefit. Much easier to just tell people to enable VPN (tailscale) and navigate to an easy to remember URL.
I’m somewhere in the middle, I do cybersecurity professionally so i work a lot with technical stuff but my hobbies are much deeper in it so theres a lot of stuff i don’t know. But, thanks to these communities i was able to learn how to do a lot of things and have now levelled up into doing the research on my own and trying to give back :)
In your dream scenario, is that each family member would be hosting immich/jellyfin on their pi zero? Or is the pi zero somehow routing traffic for them back to your server for jellyfin and immich?
Happy to help!
Side note, if you want to make publicly available services, you could use cloudflare tunnels. They work in a similar way – letting your services be accessible over the Internet without needing to open ports. Some other people in the comments have mentioned that Tailscale funnel can also work for this, but i haven’t used it so I can’t really advise on that front
Just looked it up, seems to pretty cool. Does it only work with one service though? You proxy one port to your tailscale domain name, but does it do routing for additional ports at the same time?
I’ve only done surface level research into it, and honestly didn’t come across this when i was doing the research for NGINX Proxy Manager, but it seems a little limited in comparison.
Happy to be proven wrong though, any easy solution is a good solution :)
Let me know how it works out for you. If you want to do that, then you could just have your dns point to your VPS and then have NGINX Proxy Manager route through tailscale (you’d have to install it on the VPS) on the backend.
That solution would work well for making your services public. If you want everything to be locked down a bit more, then id say to set it up as in the main post
That does work great, but when I’m on mobile i find it a lot easier to just go straight to the service rather than using a dashboard (although i have one set up)
Interesting, i didn’t know that but that is definitely something worth looking into if you need it for your usecase:
https://tailscale.com/kb/1223/funnel
Personally, I use a cloudflare tunnel for that. I’ll probably end up checking out tailscale funnel at some point for fun though
To my understanding, yes! I touched on it in the post but since tailscale is a VPN that doesn’t require open ports to access other devices in the tailnet, you don’t need to worry about CGNAT
Same thing,
CNAME: * -> @
Which translates to: * -> example.org
* Is a wildcard DNS character, basically meaning any subdomain will get forwarded to the root domain
Awesome!! This is a really great step towards secure publicly available services :) For a monitoring solution, you could probably use something like ELK to GrayLog if they’ll fit your use case, but really depends on what you’re trying to do.
Glad you were able to get it working