I was pondering on building my own spin of Arch. Have a look at this: archiso
I was pondering on building my own spin of Arch. Have a look at this: archiso
I tried using Bazzite since I didn’t want to fuss with Wayland on Nvidia with Arch.
I had more gripes and more issues with an immutable distro than I ever did with my Arch install.
Stuck it out with Arch. It has taught me a lot.
The problem many folks have with Arch is the fact they don’t want to read or learn; well, newsflash, if you read and learn Arch isn’t exactly all that hard to use, setup, or maintain. It has better documentation than Bazzite and other newer distros. In fact, Arch Wiki has saved me hassle for other distros.
Your mileage may vary. However, I wouldn’t recommend an immutable distribution nec3ssarily to someone coming from Windows unless they want to shift from one paradigm to another.
Switching from Windows to something with such a vastly different approach in many cases will turn users away from using Linux. Their experience can dictate they switch away because of lack of knowledge and then proced to conflate every distro as just one “Linux” experience and not want to look back at it.
I still stand by one thing you will always hear me say: use the right tool for the job.
There are very few games I have I can’t play on Linux.
Cant get the Crysis Remastered trilogy (epic games variants) working. Can’t get Alan Wake Remastered working above 16fps. And a few more, but guess I don’t need to play them.
Glad to hear another success story of someone who dropped Windows.
I dropped Windows on all of my machines over a month ago. My 2 desktops and 1 laptop I own are on Arch. I can’t fully escape Windows completely due to music production software I use due to lack of support for the hardware on Linux. (Thanks Line6…) So I run a Windows VM in QEMU with USB passthrough, but with no network access.
I wrote an alias to count days its been since I switched to Linux full time.
It wasn’t a difficult switch for me. Even with the learning curve. I actually enjoy the tinkering and learning aspect.
I took a similar approach. I just used a different drive. And actually reinsertrd the drive that had windows on it so I could wipe it and use it as extra storage.
I will always recommend people to research their choice of distro. Use the right tool for the job.
What one person needs may differ from what another person needs. Take into account what the use case is for the machine you are using.
I use Arch BTW but I don’t run Arch for any of my servers. I use Arch where it makes sense for me.
I wouldn’t tell someone switching from Windows to just go balls to the wall and go for something blerding edge and arguably more maintenance or manual intervention needed.
I will give my suggestions but always implore them to research what theyt3 looking for.
I understand that. I didn’t call FUTO FOSS…
I wasn’t meaning to conflate the two, as I see your point. I didn’t claim it was FOSS, just that the source was available.
I know for me, I don’t mind using software that is licensed so that it doesn’t directly fall under FOSS. I just like the availability to view the source vs closed source software being a total black box.
I have no plans to monetize their work, nor fork it, only use it.
I haven’t gotten around to setting it up yet, but for a google photos type self hosted setup there is Immich which looks promising!
I know I don’t want to open up any more ports than I have to, but you’re right, that does sound like another alternative to setting up VPN.
Since I access more than just my pihole when connected to my home network. And because I want access to my home services, and don’t want to open up access to the public, opening one port and connecting to VPN is the way to do it. I have one port opened up for my VPN, and in order to connect you have to have my IP or my domain pointed at the IP, and you have to have a Wireguard profile setup, and know what port is open. So that does help a tad bit with my security concerns.
Edit: how would I go about that if I felt so inclined? Any tips?
I want to self host more, but power draw is a concern.
So I have gone the route of running to Pi 4 8gb models as my hosts of choice.
So far I am hosting:
Non-Docker:
Docker:
There are a few other services I want to get up, but I haven’t gotten around to it:
As to why:
You can still use PiHole as your DNS when not home if you setup a VPN. For me that was the route I went.
I will likely have to do some tinkering, and more reading up on this from the documentation I am thinking. I am getting HTTP 200 statuses basically across the board. When going to the FQDN it doesn’t redirect to the PiHole admin page like I was expecting. Again, likely some configuration that I have wrong.
Begrudgingly 2 of the 3 are Google email addresses, and 1 is a Microsoft email address. I will however be ditching both of those providers for something a bit more privacy focused soon and making those addresses burner addresses.
Shows in traefik, no errors there.
I hate to report back, but something isn’t quite working for pihole behind Traefik.
running “docker logs traefik” returns no error, and yet no certificate was presented to my pihole.
Not sure what else I might be missing or that I might have wrong.
I will give this a shot! Thank you for the help. I will report back, in hopes that between your knowledge and my fumbles that someone else too can learn from this!
so in my traefik.yml file I have cloudflare set as my certresolver as follows:
certificatesResolvers:
cloudflare:
acme:
email: email@example.com
storage: acme.json
caServer: https://acme-v02.api.letsencrypt.org/directory # prod (default)
# caServer: https://acme-staging-v02.api.letsencrypt.org/directory # staging
dnsChallenge:
provider: cloudflare
#disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all aut>
#delayBeforeCheck: 60s # uncomment along with disablePropagationCheck if needed to ensure the TXT record is ready before verification is attempted
resolvers:
- "1.1.1.1:53"
- "1.0.0.1:53"
And I had to get the secret mounted via the docker-compose file.
So where you have:
tls:
certResolver: examplecom-dns
Do I have to redefine all of the same information I did in my Traefik yml but in this separate config.yml?
(I did set it up in my traefik.yml and docker-compose.yml to mount and use this config, which I had commented out for later use.
Thank you so much for the help!
Edit:
Essentially I am trying to get my PiHole which is hosted on another pi setup with an SSL cert for local use only:
So in looking at your config I tried using:
http:
routers:
pihole-rtr:
entryPoints:
- https
service: pihole-rtr
rule: "Host(`ph.local.domain.com`)"
tls:
certResolver: cloudflare
services:
pihole-svc:
loadBalancer:
servers:
- url: "http://<ip>/admin"
However when doing this error logs returned:
2024-07-08T15:04:27-04:00 ERR error="the service \"pihole-rtr@file\" does not exist" entryPointName=https routerName=pihole-rtr@file
2024-07-08T15:04:28-04:00 ERR error="the service \"pihole-rtr@file\" does not exist" entryPointName=https routerName=pihole-rtr@file
I am doing something very wrong… And feel a little lost.
I am not sure if there is a good way to do it without scripting, and a router that would allow for taking variable input from an external script. But theoretically if the router would support it, you could script a port change at times there are no one on the server.
Essentially the server port is in a text file, you could use some command line utilities, and write a script leveraging something like sed to change the port in place.
But I am overcomplicating it. lol