31 branches? uh… okay.

It’s in their docs. https://docs.nextcloud.com/server/latest/admin_manual/installation/index.html

Follow the pages one by one, (ie install php modules etc, edit settings, install apache2, edit settings, etc etc). Follow the recommendations (eg. PHP8.2, don’t try to use bleeding edge).

You’ll be running in no time, and have a properly updatable system using apt, and the nextcloud ./occ command.

I would recommend using Debian 12 over Ubuntu variants. There are other guides, like this: https://www.digitalocean.com/community/tutorial-collections/how-to-install-and-configure-nextcloud But you may have to “convert” some of the Ubuntu specific stuff to Debian, but actually there is probably no difference (php module naming convention maybe? Is that still a problem today?)

Well, yeah true it started like that. But still Jellyfin followed the open source path. I’d expect that under the hood there would be very little left of what was Emby, it was just a starting point. (https://github.com/MediaBrowser/Emby , before they changed the licensing and removed any further work to the GPL 2 version).

Also Emby is at 4.8.1 now and has been making leaps and bounds in changes lately.

As I said, licensing was the issue for Emby, and the easiest solution was to change their license. It wasn’t just to make money, it was about being able to handle licenses from other software, such as Fraunhofer

no. Jellyfin aims to be totally open source.

Emby is not, and the reason it works better. They pay the licenses for mp4 etc. earn it back from those who support, but it never was truly open source.

Jellyfin is open source, and that is the reason they have “problems” (licensing issues, that you have circumvent if you look hard enough).

For set and forget, Emby and Plex are the choices. Emby does not have a bullshit money making agenda, and is the better option - currently.

“obscure Emby”… You don’t get out much, do you.

Emby is a direct competitor to Plex, and its better. It doesn’t require and internet connection to work, doesnt force signup, its completely self hosted if you want. The dev is responsive, bugs are fixed quickly.

It does have subscription options if you want, none are required for full functionality.

Emby is not FOSS, but neither is Plex.

I find Joplin perfect for my needs. Markdown, embedding images, links etc. I sync to my selfhosted nextcloud.

I like tags, I would like them to add a “directory tree” type of view to help sort “folders” (the thing they call “notebooks”) but only because I am more used to just filesystem type structured filing. But the notebooks and tagging idea works for me too.

I strictly use it for notes/note keeping, in particular “HOWTO’s” and specific topic notes. So I dont even do a great deal of markdown in my notes, but I love the ability to add screen captures etc to them for clarity.

And being on nextcloud, I can access those notes anywhere on any device, PC, Android, Raspberry Pi!! Joplin has an app for all of them

Heimdall

https://youtu.be/GXnnMAxPzMc

Thats not how it works.

You have a LAN and hopefully you have a firewall that shields your LAN from WAN. Your fw is probably handing out DHCP lease IP (like 192.168.x.y)

When you “bridge” your VM looks like an independant device on you LAN. Nothing at this point has allowed it to the public. Your dhcp can even give it an IP (but its probably better to set a static ip). In bridge mode, a "fake mac is spoofed alongside you nic’s real mac, and only for said VM)

At that point the VM id accessible likr any other device on the LAN.

if you then want to use vpn, just connect to your LAN however that works(vpn to computer or vpn to firewall/vpn server) and access.

if you want to access from WAN without vpn, then you need to understand reverse proxying and youll need a full proper firewall\gateway device at the front of your network (like OPNsense).

dont know about traditional board games, but if you have a 3D printer look for “3d printer [game name] pieces”

connect 4, mouse trap to name a couple.

I bet boggle and stuff like that are out there as well.

As I have said in the past, there are plenty of good free ones, and there are also spotweb (spotnab) sites that are great as long as your a fast (ie dcma).

Also the “arrrs” were designed with usenet first, its not an afterthought.

if you want to get access to good indexers, then yeah you may need to wait until you get am invite or an invite period opens, but you have to do this, its just how they operate.

you can do torrents and usenet in your arrr, at the same time. So nothing stops you from having both.

but the SPEED AND RELEASES youll see on usenet are unsurpassed and probably at least a week earlier than on your torrent sites.

Also you can run your own indexer for usenet (wont be as good as some because it wont deal with obfuscated posts, but as a backup it will be fine)

Id suggest you go down the rabbit hole and decide for yourself if you like it, you can always cancel.

oh and usenet is encrypted (if you enable it, ie port 563) so not much chance of knowing what your are doing. No more than a VPN company letting on to what a user was doing.

i should give jellyfin another shot, its been some years. When i tried it last, it was not a nice experience. But i refused to use plex after it required login for even offline access (i wonder how many people remember that. If you lost internet access, you couldnt watch plex)

so i switched to Emby, which is still closed source, but didnt have the bullshit plex requirements. The advantage was [sic] that being closed it could offer proprietary stuff like codecs or DTS. (dts and similar were only available on plex and on nVidia TV device)

Everything i do (as much as possible) is oss, but some things just cant.

Ill try jellyfin again in the next month or so and see how its doing.

Welp, their threat doesn’t affect me. I have no care for that barbaric country.

Besides, I’ve blocked everything geo-labelled as Russia anyway, it makes for much easier firewall logs. Honestly “the West” as russians say, should flat out block the entire country to our internet.

This would stop a lot of hacking and exploiting, and they’re basically dictating everything to their people at this point, so let them just become a new N.Korea.

They want our tech, they don’t want to co-op or collab with the West and everything they have/do is inferior. Cut them off at the neck.

(Im biased, my mother’s parents were Polish and Ukraine, and I’ve been to both places many times and russia is an arsehat in general)

you why can join be the a navy pirate when?

Free Download Manager is okay for me for the occasional torrent i grab, otherwise its great for just downloading in general. (window only i think)

however most of my activity is in usenet/nzb and ive settled on nzbget for this work. I ran sabnzbd for a long time (and concurrently), but it seems that nzbget works for everything no probs.

Ive been out of the torrent game for a long while, and dont know the current status of projects like qtorrent.

It dropped today! I would not recommend rolling out to production immediately without testing first. There are some known issues that do need thought.

I’d also like to make those who use opnsense aware that there is a community that specifically targets it. Of course we are here in Selfhosted to help, and wouldn’t stop.

KMSPico still works, but take care of where you get it from.

Stay safe.

Im watching it rn, and WTF!! its a SNW and a crossover with Lower Decks!!

I mean its amazing, but shit this is weird!!

I need to know if this is really real or something else…

I replied to a nginx plugin question years ago on Reddit. Simple fact is, the plugin is really just designed to host a simple-ish webpage. https://www.reddit.com/r/OPNsenseFirewall/comments/klauwb/setting_up_a_web_server_on_my_opnsense_box_with/

I recommend you serve whatever you want to serving on vm’s/whatever on your internal network, and then use HAProxy (Built-in) to do the forwarding via opnsense. HAProxy is a High Availability and Performance proxy and load balancer, it does what nginx proxy manager does and more.

Mine is ~300w @ 230v most of the day. It varies only on what is being used.

when power fails and i have to switch to generator, the servers stay about the same but I can add about 250w to that for my PC, modem(nbn) etc . (which is why i know this info!)

This is a different problem. But when you configure a competent DHCP server, you tell it to give out a bunch of information to the client, not just an IP address. It should tell it IP, subnet, gateway, DNS server IP and default domain name. (in opnsense most of this is default so you dont have to actually configure it - hit the (i) button and it will tell you. Example for domain name: “The default is to use the domain name of this system as the default domain name provided by DHCP. You may specify an alternate domain name here.”)

Then on top of that google devices are notorious for ignoring DNS (ahem chromecast, etc) and want to use 8.8.8.8. This is because google does all sorts of non-DNS buggery on those devices, for example checking and pushing updates). Chrome on you PC could well be doing this as well, but it shouldnt it should be honouring your NICs config. However I don’t for a second doubt that Chrome is preferring DoH to somewhere like 8.8.8.8 first.

You will need to create a rule to enforce your local DNS server and block all other outgoing attempts.

To do this create a NAT rule port forward -> set the interface to LAN ,set the destination to LAN net and INVERT. Then destination port to DNS. Finally redirect target to your DNS server (127.0.0.1 for your opnsense) and DNS port (53).

This NAT rule says any DNS NOT headed to the LAN network must be redirected to the DNS server in your LAN.

Holy crap. Burn it with fire and make the switch.

A few weeks ago, I purchased a TP-Link AX53 for $200 AUD. Not the absolute bleeding edge for speed, but its WIFI6 does WPA3, mobile devices typically get 1Gb/s. More than enough for most use cases (Yes, you can get much faster but expect $$$$$)

Well yes. Normally you would put opnsense on 192.168.1.1/24 and then the wifi device on say 192.168.1.10/24. Then you allow opnsense to do the DHCP and disable DHCP on the wifi (they like to offer these services which can be nice for really simple setups).

What you are realistically running into is a DHCP war, and google will probably win over opnsense for wifi devices.

If what you actually want is to separate the devices to different subnets, then you really need to create a LAN / WAN and WIFI interfaces. And plug the wifi devices in the the WIFI interface (another network port on your opnsense box).

Then doing this, you can create a firewall rule(s) that allows data LAN <-> WIFI etc however you please. (or not even, maybe only WIFI <-> WAN and not let wifi devices access your LAN net).

Alternatively if you have a smart enough switch you could isolate with VLANs. But for a simple network, this isnt really necessary.

Well in Interfaces -> LAN go to where you set your static IP for opnsense and change that to 192.168.1.1/16. That should get you running. But the google device would probably need to be told that it is 192.168.866.0/16 as well so it can see the 192.168.1.0 subnet.

However it would probably be better to disable DHCP on the google device, but I don’t know anything about them. (I read that on some you cannot disable it, so set the DHCP pool to 1 and then assign that IP to some mac address. Essentially stopping the google device from handing out that address).

If this is what you need to do, then on opnsense set up your DHCP pool to say 192.168.1.100-250. Then set the google device pool to 192.168.1.251-251 and then set a static lease in the google 192.168.251 to MAC: de:ad:be:ef:ca:fe.

(That wifi sounds like a shit device - maybe consider a tp-link or something more configurable)

Can you selfhost? Does you ISP allow you to host a mail server? (and there is a difference between what they say, and what they actually do.)

I use iRedMail as a complete solution which is a mailserver, complete with server management and webclients sogo and icube.

The problem you may run into is if your ISP actively submits its customer email subnets to sites like Spamhaus. But if you dont get IP changes very often this might not be a problem. However you do also need to have a domain in your control and know how to do DKIM and SPF

I have used several distros on RPi4 8GB. This is what I learned: If you want some type of desktop, then RaspiOS is the most responsive out of the box and can be made even better. If your doing pure server stuff, I found Vanilla Debian, or even Ubuntu server are well done for RPi4 and just work. However their desktops are not optimised and way slower than RaspiOS.

Oddly, I have not tried Arch on RPi4, but since mainline 6(.1) kernel, I believe everything is supported including UEFI.

I have several RPi 3’s and 4’s (automated sprinkler systems and mini desktops like I’m using now in my lounge) all running UEFI, booting direct off USB disks (no sd card needed), no fsckery needed. (I do keep UEFI updated from github, but its honestly not necessary now - just how those devices originally were installed.)

I know this is not the answer you are looking for, but if they happen to have a spare Windoze license laying around (or willing to shell out) then all that stuff can be done on an OS they are probably comfortable with. Yes, it still means learning some stuff, but there is no overwhelming need to learn an entire OS to do it.

Another option is to use a Synology NAS. All those things you are talking about are packages, point and click install and setup from the NAS browser. Again pricey, but far more intuitive for non-techos. This also has an advantage of being able to upgrade as their media store gets larger.

(I don’t do either of these things, but I know we support a lot of people radarr/sonarr/lidarr/nzbget/plex/emby/HA/openHAB etc in a win environ.)

But I would teach them how to git gud, and learn FOSS and read HOWTO’s to install all that stuff (without the need for Docker, so they actually learn). Honestly after the first 5 installs on a VM (which can be deleted and recreated if fscked up) running sudo apt update && sudo apt upgrade and git clone … etc. with you looking over their shoulder while reading the HOWTO with them. That would be quite rewarding for them, probably make you feel good too.