My homelab has been mostly on autopilot for a while. Synology 6 bay running most lighter weight docker stuff (arrstack, immich, etc) and an Intel nuc running heavy stuff (quicksync transcodes for Plex+jf, ollama). Both connected to digitalocean via WG for reverse proxy due to CGNAT.

I had my router SSD either die or get corrupted this past week, haven’t looked much at the old SSD besides trying to extract the config off of it. I ended up just fresh installing opnsense because I didnt have any recent backups (my Synology and nuc back up to rsync.net, but I haven’t gotten around to automated backups for my router since it’s basically a plain config, and my cloud reverse proxy which is just a basic docker compose + small haproxy config). Luckily my homelab reaching out to the cloud reverse proxy means there’s basically no important config on my router anymore, they just need DHCP and a connection.

Besides that the arrstack just chugs along on its own.

I recently figured out I can load jellyfin playback URLs into vrchat video players, either direct stream or through the transcoding pipeline as an m3u8 that live transcodes based on the url parameters you set. This is great because the way watch parties in VRChat works is that everyone in an instance loads the same URL pasted into media players and syncs the playback. That means you need to have a publicly accessible url (preferably with a token of some sort) that can be loaded by an arbitrary number of unique IP addresses simultaneously, which I don’t think is doable with Plex.

I’m now working on a little web app to let me log into Jellyfin, search/browse media, and generate the links with arbitrary or pre-set transcode settings for easy copy/pasting into VRChat. The reason it’s needed is that Jellyfin only provides the original file without transcoding when you use the “copy stream” option, so I believe the only way to get a transcoded stream url currently is to set the web interface to specific settings and grab the URL from the network. But that doesn’t let you set arbitrary stuff like codecs and subtitle burn in and overriding what it thinks you support. So a simple app to construct the URL will make VRChat watch parties a lot easier.

Fwiw Anubis is adding a nojs meta refresh challenge that if it doesn’t have issues will soon be the new default challenge

deleted by creator

Imo that’s perfectly fine and not idiotic if you have a static IP, no ISP blocked ports / don’t care about using alt ports, and don’t mind people who find your domain knowing your IP.

I did basically that when I had a fiber line but then I added a local haproxy in front to handle additional subdomains. I feel like people gravitate towards recommending that because it works regardless of the answers to the other questions, even their security tolerance if recommending access only over VPN.

I have CGNAT now so reverse proxy in the cloud is my only option, but at least I’m free to reconfigure my LAN or uproot everything and plant it on any other LAN and it’ll all be fine.

This is 99% my setup, just with a traefik container attached to my wifeguard container.

Can recommend especially because I can move apartments any time, not care about CGNAT (my current situation which I predicted would be the case), and easily switch to any backup by sticking my boxes on any network with DHCP that can reach the Internet (like a 4G hotspot or a nanobeam pointed at a public wifi down the road) in a pinch without reconfiguring anything.

Immich is pretty good for this if you take pictures at each location. It has a global map that shows all your photos with a heatmap-style display and a drawer that shows a grid of the photos within your viewport as you can and zoom around. It doesn’t seem like you can view a specific album on the map currently but you can at least filter the map to favorites or a date range.

I use a .dev and it just works with letsencrypt. I don’t do anything special with wildcards, I just let traefik request a cert for every subdomain I use and it works. I use the tls challenge which works on port 443, so I don’t think HSTS or port 80 matters, but I still forwarded port 80 it so I can serve an http->https redirect since stuff like curl and probably other tools might not know about HSTS.

Gotcha thanks for the info! It looks like I would be fine with ocis or opencloud, but since my main use case and pain points are with document editing which is collabora, it probably wouldn’t change much besides simplifying the docker setup (I had to make a gross pile of nginx config stuff pieced together from many forum help posts to get the nextcloud fpm container to work smoothly). But it already works so unless it breaks there’s little incentive for me to change.

Ah I see, I guess at least that would help with the main UI, but I’m already using collabora through the collabora code server in next cloud so it sounds like I’ll probably have the same document editing experience with OCIS/opencloud. I used to use onlyoffice but after I tried out their mobile app, it started blocking me from editing documents using the next cloud app (which seemed to use the only office web UI) so I was forced to switch unless I started paying for onlyoffice.

What are the apps that you would miss? I basically only use my NC as a Google drive and docs replacement, so all it has to do is store docx files and let me edit them on desktop or mobile without being glitchy and I’ve really wanted to consider OCIS or similar.

That second requirement for me seems hard because of how complex office suites are, but NC is driving me to my wit’s end with how slow and error prone it is, and how glitchy the NC office UI is (like glitches when selecting text or randomly scrolling you to the beginning).

Isn’t the iMX 8M in the Liberty phone still made overseas? In which case it won’t be exempt from the tariffs.

Wow, this can only be a disaster. People on the Plex experience preview forum are pissed. The android build hasn’t been updated in a month, I didn’t think it would be rolled out for another 3-6 months.

So many features are missing, the only way to remove Plex rentals/free is by going into your account settings, performance is shit even just scrolling your media.

In case you haven’t realized, the user and pass in the docker compose are for setting the user/pass that you will enter on windows to access the share. It doesn’t have to be the same as the Linux server user account - though mine is the same because it’s easier to remember.

This very community seems to be the largest by far - around 45k followers if I’m seeing it correctly. It feels a lot more active than the average Lemmy community as well.

Hmm, well it doesn’t seem to be any problem with the docker compose then as best as I can tell. I picked a random ext4 flash drive and replicated your setup with the UID and GID set and it seems to work fine:

# /etc/fstab
/dev/sda1       /home/<me>/mount/ext_hdd_01  ext4    defaults 0 2

~/mount % ls -an
total 12
drwxr-xr-x  3 1000 1000 4096 Mar 27 16:22 .
drwx------ 86 1000 1000 4096 Mar 27 16:31 ..
drwxrwxrwx  3    0    0 4096 Mar 27 16:26 ext_hdd_01

~/mount/ext_hdd_01 % ls -an
total 6521728
drwxrwxrwx 3    0    0       4096 Mar 27 16:26 .
drwxr-xr-x 3 1000 1000       4096 Mar 27 16:22 ..
-rw-r--r-- 1 1000 1000 6678214224 May  5  2024 PXL_20240504_233345242.mp4
drwxrwxrwx 2    0    0      16384 May  5  2024 lost+found
-rwxr--r-- 1 1000 1000          5 Mar 27 16:27 test.txt

# ~/samba/docker-compose.yml
services:
  samba:
    image: dockurr/samba
    container_name: samba
    environment:
      NAME: "Data"
      USER: "user"
      PASS: "pass"
      UID: "1000"
      GID: "1000"
    ports:
      - 445:445
    volumes:
      - /home/<me>/mount:/storage
    restart: always

I was able to play the PXL.mp4 video from my desktop and write back the test.txt file

Have you checked the logs with docker logs -f samba to see if there’s anything there?

Also you could try to access the HD from within the container, using docker exec -it samba bash and then cd into /storage and see what happens.

I would suggest adding “UID” and “GID” environment variables to the container, and set them to the numeric values for user and group numbers that show in place of your name when you use “ls -an” inside of the “mount” folder (they will probably be the same number).

For example, if inside your mount folder you see:

ls -an
total 12
drwx------ 2 1001 1001 4096 Mar 27 13:54 .
drwxr-xr-x 3 1000 1000 4096 Mar 27 13:51 ..
-rwx------ 1 1001 1001    0 Mar 27 13:54 hello.txt
-rwx------ 1 1001 1001    4 Mar 27 13:54 test.txt

Then set UID: 1001 and GID: 1001

I get the same error as you when I copy your docker-compose and try to access a folder owned by my user. When I add the UID and GID of my user id to the docker-compose (1001 for me), the error goes away.

What did you set UID and GID to and what is the output of “ls -an” when run inside of the shared directory? You can remove the file names for privacy. I just tested the docker container and it seems to work between my Linux laptop and my windows 11 desktop using this docker compose:

services:
  samba:
    image: dockurr/samba
    container_name: samba
    environment:
      NAME: "Data"
      USER: "samba"
      PASS: "secret"
      UID: "1000"
      GID: "1000"
    ports:
      - 445:445
    volumes:
      - ./samba:/storage
    restart: always

The files in my shared folder are owned by UID/GID 1000/1000 which is why I put those as my UID/GID, and when I logged in from Windows I entered samba and secret as the password and I was able to access and modify the files in the shared folder.

Have you done the steps under “How do I modify the default credentials?” and “How do I modify the permissions?” from the readme?

I think this is the tool you are looking for: https://github.com/luigi311/JellyPlex-Watched

I haven’t used it myself but I plan on it eventually when I do make the switch.

Gotcha, I’ve never actually considered the bandwidth limits. It looks like digitalocean includes 1TB per month and I used 242GB last month. If I ever get close to the limit I will just spin up another droplet. I don’t think I would even need to load balance unless the first one is struggling since the bandwidth allowance across all droplets is pooled together.

If you aren’t already using a reverse proxy, then do you currently just port forward or use the Plex relay? The only reason I use one is because of CGNAT. Before I moved to a place with only CGNAT I port forwarded for both Plex and Jellyfin.