• 3 Posts
  • 13 Comments
Joined 1 year ago
cake
Cake day: June 24th, 2023

help-circle

  • LVM is just a way more flexible partition table. It gives you the possibility to grow partitions at a later date. You probably not think you can do that with MBR or GPT too. Well yes, but only when the spare room is adjacent to the partition you want to grow. With LVM you can grow partitions even if the free space is somewhere else on the disk.

    So you can grow any disk ‘partition’ at any time as long as you have some free space in the group.

    Another advantage is that you can encrypt logical volumes easily. Usually that’s supported when you install the OS.

    You can also stack LVM on top of a software RAID, so you can create a mdadm from a disk partition of several disks and create a VG on that with LVs to spilt it into pieces.

    I usually use LVM on every server. There is no need not to and gives you options for the future.


  • Ok, so it is not that hard then I guess. Install proxmox on the appliance, then install two vm’s, HA and pfsense. Deal with further segmentation of your lan and the bridge to the router in pfsense.

    But if you ask me, drop the idea of vlans for appliances and keep it simple. Only make a guest network on WiFi, but using vlans is a pita, people want to stream to tv’s, use the app to control heating, etc. If you are concerned about appliances connecting to internet, just block internet access in OpenWRT or pfsense.







  • Check if the router has the possibility to isolate the lan port. That way the port on the router can not talk to other devices in different ports or wlan.

    Second possibility is to check if the router supports VLAN. If so you can put the TV or a port on a separate VLAN.

    If all that is not possible, consider removing the cable and connect the tv wireless. That way you can put the tv on the guest WiFi network. That should come with isolation by default.

    If you don’t want that either, you can resort to extra hardware. Any device with two lan ports could do. Make one port a dhcp based wan port connected to the current network and the other port goes to the tv. Run a dhcp server and nat and you have the tv isolated.


  • You can use Bind or any other nameserver-server.

    But this is one of the things you might want to reconsider. Setup errors might slip in silently and might be hard to diagnose. Complying to the standards like DNSSec and IPv6 on the nameserver might be a challenge without experience.

    Next to that, you probably can’t register the domain itself without a third party, and I always advice to not use a different party for nameservers than the party that registered the domain.

    Laat point I want to bring up, I would advise against combining name servers with other services, as it is crucial for operating the services, you are creating one giant point of failure. Keep it separated. Seperate hardware

    That said, if you accept all these dangers, it’s technically doable. Open the right ports, configure the zone, setup master and slave, read up on glue records, register the name server if needed, setup DNSSec and set the correct name servers in the domain at the party you registered the domain.



  • You probably tried to do to much in one day :)

    Netatmo has a delay indeed. There is an option to get a developer account at Netatmo so changes get pushed to HA. But still, it has some quirks.

    Advice is to work on one integration at a time, read the documentation, search for your problems. After the integration works, setup your dashboard. After that start with the automatons.

    Good luck, HA it’s really worth it, invest a bit more time in it.


  • You can look at backuppc, it has served us well for years now. Offsite, manages incremental and full back ups, file deduplication, etc.
    So on your Minecraft server do a daily backup and add the day off the week to it (whatever.7.gz), this way you always have 7 backups on the server and it auto rotates. Add that for folder to backuppc and the backup server will automatically decrease the amount of backups if they get older.