• 0 Posts
  • 12 Comments
Joined 1 year ago
cake
Cake day: August 8th, 2023

help-circle
  • It would help to be explicit yeah. If only for the reason that sometimes your issue could be caused by the way you set things up.

    For reference, I have some LXCs with docker as an experiment( a privileged container with nesting=1 (also fuse=1 and keyctl=1, not sure if those help) and I haven’t had problems, but they’ve never needed a restore. I think unprivileged is where you will run into problems.

    For doing what you want, you’ll want to bind mount your external drive. I’d recommend not using drive letter mounts (“/dev/sdc” for example) as those can change across reboots. Instead, use /dev/disk/by-id/<find-your-disks-id-and-put-it-here> which is the same no matter when the disk is mounted on the host. To make a bind mount, you have to edit the .conf file for your container on the host at /etc/pve/lxc/<vmid>.conf where the <vmid> is the container is number and then start the container back up. The disk will then appear in the container mounted at the path you specify. Check out the Proxmox docs for LXC bind mounts for info on how to configure that.


  • Besides lots of other cool stuff it can do (including monitoring for a lot of your self hosted stuff), HomeAssistsnt has the Feedreader integration, which lets you poll RSS feeds. You can then create automations to send notifications to you through the HomeAssistsnt companion app.

    Feedreader defaults to polling once per hour, but you can change this in the configuration.



  • Proxmox is great but if you are happy on unraid then it does make a lot of things simple that may or may not (depending on what we’re talking about) be as easy on PVE. For example, PVE is not a storage solution first; sure you can do lots of storage stuff but you should not host shares directly off it for example (set up a container or VM to host the shares passed through from the storage pool on the host box).

    You get more control and customization (which is where I was very happy; I have a cluster and my network shares are a service I manage within that) but if you are looking for a NAS-first solution for a single server, give something like TrueNAS Scale a good look before you take the plunge.





  • If an attacker wants your encrypted data that bad, they will attack the running machine and use it to access the data, they will not steal a key and then attempt to physically remove the drive.

    Drive encryption is for prevention of access when the drive is offline, it doesn’t protect a running system which can access that data.

    If you are worried about the key being accessed while the machine is running, focus on hardening access to the machine via network, etc.