Find me on Mastodon too.
Backblaze is a great backup solution. They publish drive stats and even show you the hardware they use.
https://www.backblaze.com/cloud-storage/resources/hard-drive-test-data
https://www.backblaze.com/cloud-storage/resources/storage-pod
Try using 1.1.1.1 or 8.8.8.8 as the external DNS in your router for testing. Does it work then?
Also, you may have DNS cached somewhere. You can flush your Windows DNS cache by typing ipconfig /flushdns in a command prompt.
spawn(newTimer, 1000)
You can host overseas and use a proxy for hosting. I mostly don’t worry about it though because I don’t do anything illegal.
Use encryption if you are concerned.
I’ve used Hyper-V and in fact moved away from ESXi long ago. VMWare had amazing features but we could not justify the ever-increasing costs. Hyper-V can do just about anything VMWare can do if you know Powershell.
Not really cybersecurity-related but I have spent the better part of the week trying to get MS Config Manager working properly.
Here’s a quick method:
Get the IP and set up the dns for the new server. Get a cert via Let’s Encrypt or self sign to get ssl working, and then start your prep.
On the new host create the new directory structure. Note your folders, paths, and permissions. Set the permissions on the pictrs folder as 991 (sudo chown 991:991 /path/to/pictrs/folder even if that user doesn’t exist on your system. It’s for the container.
You’ll need to edit your yml files, docker compose file, and make sure that the paths are updated, the instance name is correct, and federation is disabled (until testing is done).
Copy pictrs and db folders from old host to new. You can skip pictrs if space is a concern, but you’ll lose your instance pics.
Once done, copy over the containers and bring them up.
Check for errors and diagnose as necessary.
Once set, change the federation to on, switch your dns from old server to new, and then perform another sanity test.
I’m doing what you want to do now. I’m running lemmy.fan on a NAS with really good hardware on a fiber connection. My ISP provides symmetric bandwidth and doesn’t block anything, though emails can’t be sent with a local smtp server since most places don’t trust the IP addresses of residential subscribers.
I learned a ton, I’m enjoying running things, and though it’s an open instance I don’t advertise it. I say go for it. Experiment and have fun. If it sucks and you hate it you just stop the containers.
My man, that ruleset looks beautiful.
Create service groups and host groups, then assign the appropriate host groups the proper service(s).
So if you have a web server only, it gets the webserver host group containing http and https tcp ports.
But if you have an application that uses web ports plus another port, just add the appropriate service group.
Essentially, think additive permissions: start restrictive, then add ports/service groups as necessary.
I hope that makes sense.
TIL, thanks. I wonder why they chose to do it this way.
The maple tree just outside of the large window in our home office is bright red and orange, casting a kaleidoscope of colors on the white walls and the wood floor. The wind is gently changing the colors, shapes, and outlines on the reflections, almost like a gentle rain shower of color and leaves. It’s absolutely gorgeous, and I took a few minutes to soak it all in.