Dillon, you son of a bitch you piece of shit!

Yeah honestly Eternal should’ve been a Quake reboot using the new engine rather than a Doom sequel. Everything about it felt like Quake.

Meh. I was really hoping they’d go back to the sci-fi aesthetic of 2016 but instead they’ve doubled down on the weird high fantasy with guns thing.

It’s like they actually wanted to reboot Heretic/Hexen but they couldn’t get the license for it so they’ve just shoehorned it into Doom instead.

I can’t stop chuckling. Needed that, thanks!

Unless you’re hosting VHDs and need maximum throughput (in which case use NFS), SMB is going to be the easiest to setup and maintain across those 4 platforms.

The Linux SMB implementation is decent and supports the latest version of the protocol (or close to, at least) whereas NFS in Windows ain’t so great and is a bit of a pig to get working in my experience.

Thirded. It’s helped me a lot with picking up the compose syntax, to the point that I’m now comfortable combining disparate services into their own stacks. And I can spin something up from an example compose in less than a minute.

Thanks, I’ll muse over this when I next get the chance!

Was looking into Docker volume backups just yesterday so this is perfect timing!

Yes please, I might revisit it with a fresh pair of eyes.

Thanks for the suggestion. I spent a good hour or two trying to make Wireguard work for me last night but failed. If I set it to only apply to Immich, nothing else would have Internet access at all. Likewise if I set the peer IP range to just my LAN subnet.

After pulling my hair out for a while I gave up and uninstalled.

Hmm I must be doing something wrong then because it doesn’t work for me.

If it was just me, or if Tailscale wasn’t such an insatiable battery leech then I’d absolutely do that but the wife (and kids) acceptance factor plays a big role, and they’re never going to accept having to toggle a separate service on and off to get to their photos.

Maybe I’m being overly paranoid but I work in IT and see the daily, near constant barrage of port scans and login attempts to our VPN service and it has an effect!

Very useful insights, thanks.

I do currently have external stuff running via a Cloudflare tunnel (which is why I need DNS based LE certs for the internal proxy) but I don’t know if it’s setup correctly (beyond doing basic reverse proxying) and the admin backend for it feels like massive overkill for a home setup. Plus with Immich I run into the issue of a) dire warnings about it being in active dev and potentially insecure and b) filesize limits making away-from-home backups difficult.

I could well be over thinking the whole thing.

Yeah I’m running a Cloudflare tunnel for external access (which is why I need DNS based LE certs), but that’s another thing that I don’t really know what it’s doing beyond basic reverse proxying.

I have a country-based whitelist for where my Immich instance can be accessed from but I find the Zero Trust admin backend to be massive overkill for my needs, and it doesn’t help that they’ve recently moved everything around so none of the guides out there point to the right places anymore!

Ah, that’s useful thanks!

it will either be underpowered or power hungry.

Or both!

Make sure to add The Wrong Guts to your list.

This looks neat, will definitely give it a go, cheers!

I just recently put in an N100 mini PC to run as a Plex server. Cost me about £160, pulls all of 6W when idle, and it doesn’t break a sweat when transcoding no matter what I throw at it. As a media server I can’t recommend them highly enough.

Very little. I have enough redundancy through regular snapshots and offsite backups that I’m confident enough to let Watchtower auto-update most of my containers once a week - the exceptions being pihole and Home Assistant. Pihole gets very few updates anyway, and I tend to skip the mid-month Home Assistant updates so that’s just a once a month thing to check for breaking changes before pushing the button.

Meanwhile my servers’ host OSes are stable LTS distros that require very little maintenance in and of themselves.

Ultimately I like to tinker, but once I’m done tinkering I want things to just work with very little input from me.