If I had equipment that would run AI locally, I’d be on it.

Hello! I’m new to self hosting and networking stuff.

Welcome to the club! Explore, learn, have fun on your selfhosting journey.

But I’m very afraid of exposing the server to the internet and it being hacked or such. I know there’s something called Tailscale but I’m not sure if that’s what I need.

What I have done is use Cloudflare Tunnels/Zero Trust free tier and Tailscale as an overlay on the server. With Cloudflare Tunnels/Zero Trust, you don’t need to fiddle with NAT, UFW, or any of that. You install it on your server and it punches through all of that and creates a tunnel between your server and endpoint. You will need a FQDN that you can change the nameservers on to the ones Cloudflare will assign you. Cloudflare will sell you a domain name, but I know a lot of folks use NamesCheap or Pork Bun.

As far as consulting AI for help, and at the risk of being down voted, I would utilize it for basic things you might need some clarification on. I would be very cautious of copying and pasting code generated with AI as sometimes it can be in error. Plus, you should really never rip code from the internet and deploy it on a production server until you really get some experience and time under your belt in order to be able to spot problems with AI code. Claude is good, Grok and Lumo are decent.

As far as the arr stack, I’ll leave that to others.

ETA: Get in the habit of documenting everything you do on your server. All the commands, everything. It will save your butt in the long run. I usually open Notepad ++ and write everything there. Afterwards, I clean up the notes and transfer them to Obsidian for archival and future reference. Do not get suckered into the idea that you will remember everything you’ve done 6 months down the road. You probably won’t and it will be frustrating troubleshooting.

As others have mentioned, Tailscale would be about the easiest to do, imo. However, I would still walk her through installing RDP. That way you can administer whatever may happen in the future, which is very likely to happen.

I really like n8n. It appeals to my visual sense which makes up for a lot of hard programming experience. I don’t run it full with the AI aspect. Not because I have some agenda against AI, but that my equipment is not good enough to run AI efficiently. I use it for a lot of automation around the lab.

Nobody ever knows. There’s never an explanation if the commenter gave inaccurate information, which would be super helpful. It’s just ‘here, have some down votes.’

Very nice. Simple, straight forward. Could be used as a homepage. Thank you!

Lots of good, solid information. Thanks for sharing, and thanks for making it available to the selfhosted community.

Right, but if you have the ability to block wireguard coming out of Russia, wouldn’t it make sense to block Wireguard or any other VPN protocol into Russia? I mean, China is rather notorious for blocking VPN usage but citizens still use them to access the internet. I would imagine Chinese citizens would use something like a combination of WireGuard with obfuscation like stunnel, cloaking, domain fronting-like setups, and proxy chains.

WireGuard is blocked by DPI in 10+ countries now.

So, explain this to me. I hear people talk about blocked VPNs, and it’s true that some websites do block most, if not all, VPN. However, you mentioned Russia, and I use Wireguard, and I have no issues accessing Russian sites. I just visited government.ru. So, is the problem getting out of Russia, or getting in?

It is worth noting that docker firewalling and ufw don’t play well together

This. It took me a little fiddling to get it right

Please do report back. I am always down to learn new tricks.

I run about 70 containers. I really don’t find it that difficult. I do run a Watchtower fork, but I run it with --run-once --cleanup. I do that once a month after I feel confident that everyone else has done all the beta testing on the new updates for me. So hats off to all you guys who just yolo your updates. You are an invaluable resource to the selfhosting community. Thank you.

As far as Linux updates, I’m running Ubuntu Jammy so those updates don’t usually introduce breaking changes and I complete them as they become available. I use Portainer, but I am unaware of any auto—update features for Docker containers. You can feed it a new yaml and it will replace or recreate the container based on that yaml, but it doesn’t do it automatically. Portainer is just a handy way to consolidate all your container administration in one place in lieu of using the terminal.

There are other options to updating your containers like WUD, or similar. They will alert you that there is an update, but you have to manually initiate the update. Anecdotally, I’ve only encountered one breaking change and that was when Portainer updated, but was incompatible at the time with the current version of Docker, or something like that. Memory is foggy this morning. It took about an hour to find a fix, and implement it, so it wasn’t an excruciating change up.

Tugtainer

I always giggle

Good call.

What constitutes a documentation-worthy action to you?

For me…everything. I’m 71, and the brain doesn’t recall as well as it once did. So, my mantra is: If you didn’t write it down, it didn’t happen. Even if you are a young buck, don’t get sucked into thinking ‘yeah…I can remember all this shit 6 months down the road. No worries’. That’s the devil talking Bobby Boucher. LOL

Welcome to the club. Enjoy the journey. Learn and explore.

Honestly, unless you are just hardcore with a lot of disposable income, or you do remote administration for a company from home, a rack full of enterprise equipment is a bit of overkill. Not throwing shade at all, and I drool on them too when I see selfhosters with them. Thing is, modern, consumer grade equipment with some minor modifications like a dual nic, larger HDD/SSD, etc will get you very far down the road. Now days, it doesn’t take a lot to get a lot out of your equipment.

my manga doesn’t really play well with Calibre-Web

Yeah I had that problem with all my tentacle porn. /s

Dude! Welcome to the club. That’s an awesome set up. For the total price, you’ve done very well.

a total of 1,25TB storage.

Wow! That will hold a lot of Linux ISO’s

in order to not have to work with the terminal at all times, I installed Casa OS

Pretty solid platform. Admittedly, I am a sucker for a good UI, but don’t neglect learning the terminal tho. One thing that helps me is documentation. I document everything I am doing at the time. All the terminal commands, etc. That way, I can always go back to any point of administration, especially when the wheels fall off. There are so many commands and multiple commands to do the same. I’ve had a computer in front of me since the mid 70s and I still feel like a noob when it comes to my terminal game. Documentation helps me out a lot.

Nice! Rock on with yo’ bad self.

I may be hallucinating. It’s kind of hard to keep up with everything sometimes. I’ll see if I can dig up something. I wasn’t throwing shade on your suggestion, or trying to inject doubt. It just triggered a light in my brain, but unfortunately, my brain has no recollection except that there was something. Thanks pos brain!

Grimmory

Since you use Grimmory, what does it have that Calibre Web doesn’t