Also posted it because unraid is not moving solely to annual subscriptions as your title and others have indicated. Previous pro and other fully included lifetime subs are just increasing in price and a lower tier is coming in to place.
Grafana, fronting information from Prometheus, Loki and Telegraf/influxdb since I’m used to that from work and has been a bit more set and forget compared to node_exporter. Easier to add in plugins as well instead of a new container/service to scrape.
I have rokus and use a pihole plus NAT routing rules to force them to not use hard coded DNS so they can’t reach their APIs and most ad domains and while not perfect I don’t see many ads. Maybe the odd poster scrolling around to get to Plex or Netflix
I think the simplest setup is keeping all the apps and services on the local network and doing something like this guide so they are always behind a VPN. Then setup another VPN on unraid or another device to access from outside the local network. There are plenty of other guides for unraid and Plex and the arr stack out there, unraid is just what I use but can use whatever OS you would prefer.
https://unraid-guides.com/2021/05/19/how-to-route-any-docker-container-on-unraid-through-a-vpn/
I use Kavita and KavitaEmail to organize and have a frontend for my books, and the latter to email them to my kindle if it’s not on there yet. My kavita container is stopped most of the time because I already know what I’m going to read next and just need it up to sync or send new books.
Used to just have my library I exported from Amazon and ebooks com on a single folder on my NAS, kavita helped clean it up a bit.
I also tried audiobookshelf but mostly for audiobooks and podcasts and didnt quite fit my workflow I already had and liked using kavita and Antennapod.
Fair, I was more thinking from the server side not the client side where cloudflare certs are the ones seen first.
I have a cloudflare tunnel setup for 1 service in my homelab and have it connecting to my reverse proxy so the data between cloudflare and my backend is encrypted separately. I get no malformed requests and no issues from cloudflare, even remote public IP data in the headers.
Everyone mentions this as an issue, and I am sure doing the default of pointing cloudflared at a http local service but it’s not the ONLY option.
Anything that is actually helpful and useful helps to keep better in touch with aunts and cousins and my parents who all have iPhones and I miss out on group chats since they wont install or use anything else. Apple isn’t going to get rid of their garden unless forced so I’m glad someone is trying something.
My work environments use Prometheus and node-exporter and grafana. At home I use telegraf, influxdb and grafana (and Prometheus for other app specific metrics) but the biggest reason I went with telegraf and influxdb at home is because Prometheus scrapes data from the configured clients (pull), while telegraf sends the data on the configured interval to influxdb (push) and starting my homelab adventure I had 2 VMS in the cloud and 2 pis at home and having telegraf sending the data in to my pis rather than going out and scraping made it a lot easier for that remote setup. I had influxdb setup behind a reverse proxy and auth so telegraf was sending data over TLS and needed to authenticate to just the single endpoint. That is the major difference to me, but there are also subsets of other exporters and plugins and stuff to tailor data for each one depending on what you want.
I selfhost kavita for about 30 ebooks and use KavitaEmail to send epubs to my kindle. I also tried out audiobookshelf only for podcasts and wasn’t quite up to my current workflow that antennapod running only on my phone exceeds at. I also recently saw audiobookshelf can host epubs and send them via SMTP via one container so once the android app for the latter comes out of beta and has better local file and androidauto support I may give that a shot again.
I use kavita and tried audiobookshelf a bit after and all kavita requires is a specific folder of “Last, First” for authors and can toss any jpgs or epubs in those folders and that’s how I have mine structured. I didn’t have any structure setup before so adopting this one made sense to me.
I appreciate the thoughtful reply but my issue with their explanation is not in the concepts or how it operates but in the fact they stated that Cloudflare tunnels were not an option to choose despite proving they have no knowledge in how they are used or operate.
I’m self hosting cloudflared right now, the TLS from cloudflare terminates in a container in my network and then goes to my reverse proxy container for my local network. I’m definitely going to poke around tailscale and their funnels for the future, I’m just playing devils advocate for those replying not knowing anything about cloudflare tunnels yet saying they’re the wrong choice.
Got any info on how cloudflare MITM and decrypts all traffic but tailscale doesn’t? Playing devils advocate and pointing out how not much you’re saying is making sense.
Just my two cents I’d prefer my traffic going through Cloudflare vs Tailscale if it’s all the same, since I’ve heard a lot about Tailscale but know nothing. I’ve interacted on Github threads with people from cloudflare and they’re all super nice and their blog posts and post-mortems are very insightful. Was curious to see if people had actual insight but appears it’s just auto cloudflare = bad.
I’m curious how if they’re functionally the same, one has all the data and the other “shouldn’t be getting your data anyway”. Was mostly curious to hear about informed differences in the products but clearly not going to get that, cheers.
Thanks for the info. Though I fail to see how it’s much different than cloudflare tunnels, I’ll probably stick with that for the near future but will try out tailscale funnel in the future.
Is there a specific reason tailscale having all the same traffic opposed to cloudflare is a better option? I use cloudflare tunnels right now and figured them handling some of the data is better than me by myself.
I have Samsung and crucial ssds across 3 systems and only 1 Samsung has failed after 3 years of almost 24hour uptime across those 3 years.