Tailscale/headscale/wire guard is different from a normal vpn setup.

VPN: you tunnel into a remote network and all your connections flow through as if you’re on that remote network.

Tailscale: your devices each run the daemon and basically create a separate, encrypted, dedicated overlay network between them no matter where they are or what network they are on. You can make an exit node where network traffic can exit the overlay network to the local network for a specific cidr, but without that, you’re only devices on the network are the devices connected to the overlay. I can setup a set of severs to be on the Tailscale overlay and only on that network, and it will only serve data with the devices also on the overlay network, and they can be distributed anywhere without any crazy router configuration or port forwarding or NAT or whatever.

Honestly, that sounds like a keepalived replacement or equivalent. I went with keepalived because I’m also using the IP for the proxmox cluster itself so it had to be outside kube, but the idea is the same. If all you’re using the IP for is kube, go with kube-vip! But let us know how it works!

You’ll want to look into “keepalived” to setup a shared IP across all worker nodes in the cluster and either directly forward, or setup haproxy on each to do the forwarding from that keepalived IP to the ingresses.

I’m running 6 kube nodes (running Talos) running in a 3node proxmox cluster. Both haproxy and keepalived run on the 3 nodes to manage the IP and route traffic to the appropriate backend. Haproxy just allows me to migrate nodes and still have traffic hit an ingress kube node.

Keepalived manages which node is the active node and therefore listens to the IP based on backend communication and a simple local script to catch when nodes can’t serve traffic.

Have it sync the backup files from the -2- part. You can then copy them out of the syncthing folder to a local one with a cron to rotate them. That way you get the sync offsite and you can keep them out of the rotation as long as you want.

Judging by that picture, I think they’re all in on that color scheme and likely just bought multiple pairs of the same socks.

There’s a normal docker image, If this is all you want. However in all honesty, kubernetes is so nice to work with compared to running multiple docker compose things on the same host or the nightmare of a multi-host docker only lab. Just depends on how much homelab/selfhosting you’re doing. I know I’m grateful they included a helm chart here and I wish more self hosted software projects did as well. Options are always nice to have.

Current homelab+desktop+laptop host count here is 22. All anime characters or references. It’s a fairly large pool to pull from, so it’s worked for me for 20+ years now. Mobile devices (phones, tablets, etc) and game consoles aren’t really as clever though.

All of them are in a piHole DNS though so no host files keeps it easy to track. Services have names that mostly are just what they are though and cnames to the matching host that hosts them (or load balancer, whatever)

Got a plex lifetime sub like 7 years ago… As soon as Jellyfin allows downloads for offline viewing, I’m jumping ship. I know I’ll have to figure out TV listing data for OTA recordings, but that seems like a small price to pay. I’ve already got Jellyfin setup and running in my Kubernetes cluster for my video backups, but plex thus far “just works”.

I just tell it to back up my laptops every hour anyway. If it’s not on, it just doesn’t happen, but it’s generally on enough to capture what I need.

Nobody should be switching TO Wordpress in 2025… or 2023 or 2020 even. But definitely not 2025.

Nice, we’ll all look out for an update in a year!

I try to mix brands and lots (buy a few from one retailer and some from another). I used to work for a storage/NAS company and we had many incidents when we’d fill a 12 or 24 drive raid with drives right from the same order and had multiple drives die within hours of each other. Which isn’t usually enough for replacement/resilvering.

Mine are 3x 27k and 1x 47k. I just started replacing them… not because they’re old or have any issues, just because they’re becoming too small. Going from 4 to 8 tb disks and transferring the old ones to an external raid enclosure for backups.

Actually brings up a question I had… what do people think about refurbished drives for a NAS?

Close, it’s German. Basically an LLC.

https://en.wikipedia.org/wiki/GmbH

Finish my migration to my local Kubernetes cluster. Tired of running a mix of vms, docker, and bare metal. I got it setup and a few things, just have to power through.

I also need to bump the drive size in my NAS as I’m running low and want to leverage it more, not less. (Pods use PVs hosted on the NAS over NFS or iSCSI).

And get my offsite backups going again, I had to move this last year and it put a real damper on my goals for last year so there’s a lot of “got the stuff just have to make it work”.

Edit: the UDM Pro is pretty nice. That, a rack and a 2.5G enterprise switch were last year’s acquisitions.

I would argue that win 10 that’s been working on there for a long time will also run like a charm. Or enough of a charm that they won’t care to change it. And if it starts throwing errors, preventing the from doing things they want, or breaking down, they’ll just think it’s the machine and replace it. Most people don’t think of OS and Machine as separate, independent things.

For most non-tech savvy people, the OS is part of the computer. It comes with win 10, that’s just the way the computer works and it will stay with 10 until the hardware fails or is too slow and they need a new PC. They’re not separate. And if a PC costs more, they’re just going to deal with it longer or give up on a desktop/laptop and do more on their phones.

I remapped my CapsLock key to Escape. The only time I ever hit CapsLock was a mistake, so this works out a lot better… and yes, I’m a Vim user so having that Escape close by saves my pinky.

I’d rather have one with no window manager than one with no terminal.

It’s because you need a cloud based account for a local device that should be able to run without internet access using a local only account. I don’t need a cloud based account to log into my local Linux machine… or previous Windows machines.

Now, if I want to log into a cloud service then I’ll need an account for that service, but not for the device itself.

I still don’t know how people manage to fray those things. I used my 2013 for 10 yrs and the cable is still like new. They’re built pretty well. However, I do appreciate that the new ones are just usbc cables that plug into the brick so you can swap the cable if it does start to wear. Or so you can use MagSafe cables on non-apple power supplies.