lsof is a good tool would recommend it whenever something weird is happen, tho you gotta be root for it

another roart of the thread suggested using the Celeron box as an OPNsense router

OPNsense is a gateway/firewall/DHCP/router my network looks like this

optical to Ethernet conversion (the isp’s things) -> opnsense box -> network switch -> all other device (including wifi APs)

all traffic gets routed thru the opnsense box as it is the gateway to my network, runs the ipv4 nat and DHCP server

router in their comment refers to the the one that actually touches the Internet

what do you mean? they’re fine unless you want to read or write to them… wait a minute

one of those pi kvms or the like could turn on any system even if it doesn’t support wake on lan

ram matters because the CPU will use the worse speeds and worse timings of all the sticks, drive reads and rights are buffered so it doesn’t really matter

ah, classic isp dumbassery

wdym except Verizon? I have a whole section of /56 for me in ipv6, tho the Verizon website is ipv4 only

screenshare audio, it just doesn’t on Linux. not the voice chat part

discord doesn’t do audio on Linux

matrix clients that support pipewire should do fine

ram is really the limiting factor for most servers

if you’re gonna have less than 5 users on the services they’re probably not all going to be used at the same time so cpu usage will depend on which are being hit at the moment

none of the services you’ve listed are particularly heavy so you’ll be good for those and a bunch more no problem

no no internal: true mans the network is isolated from the outside and is irrelevant to needing port mapping or not, poet mapping is only needed to bring traffic into the docker virtual network

for my setup I have only one container with port mapping running traefik reverse proxying to my other sevices which use the external:true network because it is managed by the traefik docker compose file, in the traefik compose I do not say external: or internal:

so in socker compose external tetwork is a network created outside of that compose file, for example on setup I have traefik running in a container which defines the traefik network, in another compose file you can reference that network by name and mark it as external to connect containers to it

I’ve not set up a pixelfed instance before so I can’t help with the folder perms but I’d think they would work themselves out

ah ok, I got it working now, guess I have to use an nginx container anyway to host static stuff tho, the config being attached to a container is def a nice thing

man, how did I not find that, that was just what I was looking for.

I use cloudflare as my DNS and registrar and ddclient to set up addresses dynamically

I use either .home or an actual domain that I own (makes it easy for https certs and not having to go out of the network and back in)

there are 3 main steps depending on what OS is being run, but it basically goes like this

port forward some port to a maching on your home network,

create a wireguard config through network manager if you’re using that or the wg-quick command, make sure it auto connects

3 mess with the firewall so that your devices on the wireguard network can see your home network

there are tons of easy to follow guides out there, this is the one I followed

I can vouch for wireguard it’s super easy to setup

I’d put my storage in a proper nas machine rather than having 25tb strewn across 4 boxes