Dran

If caddy is acting as a proxy for anything, you should not need to forward that port externally. Local host firewalls allowing traffic on your local network is sufficient.

Depending on your physical host layout you may be looking at an issue with nat reflection.

You have not given us enough about your topology to assist in troubleshooting.

What is the context here? What was the original inquiry?

It definitely can be disabled post-install but is much simpler to install without it at install-time, and has the added benefit of not pulling 2-5gb of other things that won’t be relevant to your use case. It’s not that the disk waste is that big of a deal, but any issues you run into will be that much easier to troubleshoot with fewer moving parts.

That wasn’t quite the takeaway I was going for. You can get a lot done on 8gb of ram. I was just trying to point out that it would probably be your first bottleneck as you started to scale out, and that you should consider using the server headless to make the ram you have go that much further.

All of those would be perfectly cromulent nodes for small containers. The first issue you’ll run into is the low ram. Some homelab projects would cause you to exceed 8gb, but the good news is if you’re using an external backend via NFS, you can always scale out (more nodes) or up(more compute per node,) later with minimal headache.

If you’re going to be memory constrained, don’t waste 1-2gb on a gui, install Ubuntu/Debian/whatever headless

CGNAT does have a designated range by spec. 100.64.0.0/10, which covers addresses from 100.64.0.0 to 100.127.255.255. Technically they could be using any other private address space but it would be very uncommon in a modern ISP.

What issues were you having with hyperland? I’ve been running awesomewm for about a decade and I know my days on x11 are numbered. Hyperland was going to be my next trial.

Live sports is what Disney is betting on.

Unattended-upgrade does security-only patching once every 4 hours (in rough sync with my local mirror)

Full upgrades are done weekly, accompanied by a reboot

I find that the split between security patching and feature/bug patching maintains a healthy balance knowing when something is likely to break but never being behind on the latest cve.

What if the booby trap had AI though?

(I’m joking please don’t hurt me)

If you ran a raw Ubuntu/fedora/whatever, you can use qemu/libvrt to run small virtual machines as required. You start and stop them with virsh, define them with simple xml files, and can easily automate the creation/destruction of them if desired.

if you’re automating the creation and deployment of vms, and the downstream operating systems, and not doing some sort of HA/failover meme setup… proxmox makes things way more complicated than raw libvirt/qemu/kvm.

Maybe for the initial setup, but nothing is more repeatable than automation. The more manual steps you have to build your infra, the harder it is to recover/rebuild/update later

Don’t get me wrong, I use libvrt where it makes sense but why would anyone go to proxmox from a full iac setup?

I do 2 at home, and 3 at work, coming from 4 at both and haven’t looked back.

Please do

Generally power supplies are the most electrically efficient at 20-60% utilization, so there’s no issue with over-provisioning power, other than the (generally minor) upfront extra cost, which might very well pay for itself in the first months/years of usage. I’ll take a look and see what I can find on those sites.

Edit: okay, trying to shop through google translate / currency calculator is actually aids so I’m gonna teach a man to fish instead. This is what I should have done from the start anyway.

Power supply: Anything from a decent brand, at basically anything >450W. a 650W or 850W is totally fine if it’s at a decent price. They only draw the power they need, they don’t just constantly pull 850W if the downstream components aren’t calling for it.

CPU: 12400 is a fine cpu for what you’re doing. You’ll transcode at 720p no problem, 1080p maybe a single stream in real-time. I wouldn’t bank on more than that. Only downsides here are the relatively shallow core counts if you ever expanded into other workloads. Without access to used xeon boards/cpus, it might be a reasonable choice though. What I would say is look for something older but with more cores/threads if you can. For example, a 10900 or even 10700k would probably be a better server cpu than a 12400.

Memory: DDR4 platforms are a great way to save money, as long as you aren’t planning on expanding to inferencing on cpu. Get as much as you can. 32-64gb of ddr4 should be dirt cheap, especially if you find a cheap motherboard with 4 memory sockets.

Motherboard: If you want this thing to be versatile, you want 2x pci-e slots. Old gaming full-sized ATX boards are the way to go here. 1 slot for an HBA, 1 slot for a GPU, and that should be all you need. Bonus for as many open sata sockets as possible. 6-8 is pretty typical on 10th-12th gen gaming ATX boards.

GPU: gpus will be much more efficient at transcoding than an igpu, especially from older intel CPUs. A 1050, 2060, 3050, basically anything from the 10-series onward has a decent nvenc encoder that would work well with plex/jellyfin. My goto is generally old workstation cards, I use a p620 myself and it handles a single 4k encode job no problem. I’m not sure if they’re viably purchasable anywhere in your area, but I’d definitely look out for a P620, P1000, or T400. Great value in those cards.

Drives/HBA: there are inexpensive LSI HBA cards to expand how many drives you can attach to a system if you need them, all you need is a spare pci-e slot and a place to physically mount the drives. The cheapest way to start here is to look for a motherboard with 4-6 sata slots and use those. Hardware raid is functionally dead these days in the real world, just use zfs or mdadm under linux to create an array with your desired level of resiliency/capacity.

Once you’ve priced out what it would cost to buy all of this new, look for prebuilt gaming PCs and office PCs that might be able to be expanded to fit these requirements. Prices look kind of steep on those markets you listed, but I’m sure something exists if you look hard enough.

Remote assistance is not rdp, it’s Microsoft’s support hook over the Internet, which requires telemetry to function. It is distinctly separate from, and not a prerequisite for RDP.

The rest of that I’ll have to look into, but disabling remote assistance seems sane in that context.

I wonder if other parts of the shutdown dialog or hover context menu have phone home functions that can only be disabled in roundabout ways; it wouldn’t be the first time. It would not surprise me to learn that the “which apps are preventing shutdown” dialog would be something that triggers a call to phone that data home.

I must be really old then!

Was backtrack before or after whoppix?

I’d say that the ctt winutil does a pretty good job. I’ve been running installs cleaned by it for a good year now without major issues