SirMaple_

Notesnook

I’d give Hetzner a try. The VPS they offer come with 20TB of bandwidth and they only count outgoing traffic(bottom of this page is the source -> https://docs.hetzner.com/robot/general/traffic/) One thing to note with Hetzner VPS is the port speed is not guaranteed to be 1G only on their dedicated servers is 1G guaranteed. In my experience with their VPS I always got over 500M so is wasn’t an issue. I’ve since moved to a dedicated server in Finland for the horse power and the flexibility of running my own VM platform(Proxmox)

There’s also Netcup but I’ve never used them so can’t speak to quality but I’ve heard good things about them.

Edit: totally forgot to mention BuyVM. I have one of their 1GB VPS in Luxembourg. Speed is good to Finland but not so great to Canada but that’s not their fault. More to do with latency which is to be expected given the distance.

Mandos and wireguard inside initramfs.

Wireguard connects to a cloud VPS that acts as the mandos server and then grabs the key from mandos.

All my systems are protected by LUKS aside from /boot which in my case simply holds the wireguard config and what’s required to get the key from mandos. Yes this leaves the wireguard keys exposed but I’m not concerned since in my case they’re only good for this purpose and it’s easy to disable a peer. Plus the VPS has nftables rules that only allow traffic on the wireguard interface to a single port that the mandos server listens on.

Hetzner or Netcup

I like Hetzners bandwidth limit of 20TB outbound and the per minute billing. The specs on their VPS are also decent in my mind.

Note that Hetzner can be a bit of a pain to open an account. They’re picky about verifying identity.

draw.io for diagrams, netbox for cables and IP addresses, and mediawiki for notes and guides on how it all works.

deleted by creator

I moved all my domains to Porkbun for registrar and desec.io for DNS. I like to keep the 2 separate.

Data caps on home internet services should be illegal. They should also be much higher on mobile, but that’s a whole other topic.

I have 940/940 Unlimited FTTH for $93.45(Canadian).

Try changing your NAT rule to

“iptables -t nat -A POSTROUTING -s 10.11.13.0/24 -o eth1 -j MASQUERADE”

Also try changing your AllowedIPs to 10.11.13.0/24

The other issue may be the ability of the host/server to reach the IP address of the pihole macvlan interface. Have a look at this page, it’s helped me out before -> https://adventurenotvacation.com/2020/12/01/docker-macvlan-and-debian/

I use Porkbun as my registrar. Excellent support and low prices.

deleted by creator

Porkbun for registrar and desec.io for DNS

Use ddclient for dynamic DNS updating

deleted by creator

I use mailrise which is apprise under the hood for anything that doesn’t have Pushover support built into it. Mailrise converts any email it receives to a push message. It supports a ton of different services like Pushover.

https://github.com/YoRyan/mailrise

I use LibreNMS and Healthchecks.io. I also use Grafana to display all the important data in a dashboard on a portrait mounted monitor on my desk.

I use draw.io for diagrams. Netbox to keep track of devices, IP addresses, and cables. MediaWiki for how to articles. Both Netbox and MediaWiki live on a VM both at home and offsite and they sync nightly.

I’ve been using it for a few months now and love it. I have it on 2 VMs. 1 at home and 1 on my dedicated server in the cloud.

I have a horribly written script that stops the vaultwarden container on the home VM, it copies the db.sqlite3 files to the VM in the cloud using SCP, copies everything inside the attachments folder using SCP and then starts the container again. I then have the same type of script on the cloud VM that stops the container, grabs the db and attachments from the temp folder and moves them to the correct directories and starts the container.

I only use the instance on the VM at home, the cloud VM is only used if something has happened to the VM at home. I do the same with my netbox instance.

I also don’t expose anything to the internet. Everything is behind WireGuard. I have my phone setup with Tasker to automatically connect the tunnel when my phone disconnects from my home WiFi SSID.

First they’d need a reason which they won’t find or have.

Secondly in my 20+ years working in IT and using the internet I’ve never once heard that statement about it being “generally advisable to avoid using friends and family for offsite storage”. Needed a good laugh. Thanks.

I have a 2 x 8TB in RAID1 NAS at a family members house and I also have an OVH dedicated server with 2 x 480GB in RAID1 and 2 x 8TB in RAID1. I use rclone for my backups and keep deleted files for 30 days on the NAS and 120 days on the OVH dedicated server. Both the NAS and server connect back to my home network using WireGuard.

The OVH dedicated server also runs numerous virtual machines that host websites as well as backups of my netbox and mediawiki instance I run at home(they sync nightly).