About 500W. 1 self build server 1 Dell R510 and one dell R710. This also includes a bit of network gear like a 48 port switch.

deleted by creator

deleted by creator

I in fact run a AD domain controller *and *a rhel IDM controller. For me other then it is fun to play with, makes it a load more simple to manage the user accounts of my famalie. Also auto mounting network shares and setting a few policys for updates and security is great to from a central location. having SSO for many if my services also makes it more easy to use for the fam. The rhel IDM controller I use to manage a few user accounts. I also use it to manage the ssh keys and set sudo rules on all my servers.

From my understanding is that Proxmox is one of the more easy platforms to learn. I must say iI never used it personally.

Alright thank you! good to hear

Fail2ban might not be a good thing. You can flood the blacklist.

You just have to run a continous attack with spoofed source addresses. use IPv6 addresses and just wait until the whole ipv6 space is in the blacklist. by then that file will be huge. might even crash some servers

deleted by creator

Unifi is simple to use but you can hit its limitation. A other brand I can highly recomend is Mikrotik. They have some small and cheap devices to some fairly high end gear 100gb gear. No licensing cost or anything.

A few actually.

Rocky Linux 9, XCP-NG, Windows server 2022 datacenter

Different usecasses.

What? No warranty covers the product with ITs serial number most of the time. I have bough seagate exos drives seccond hand. One was broken and kept failing tests. Send a RMA to seagate and got a new one. They did want some proof of the test failing.

Maiby this depends on the counrry you are living in?

I am already using this for publick services i have things jellyfin.publick.com domains. Which works fine for that usecase. What I am looking for here is to make SSL work properly for services that are part of the 2 local domains. where the 2 controllers are authoritative of those 2 domains.

Arnt GPOs on Linux very limited? Anyway to get some form of “policys” working I was thinking of using Ansible and playbooks to manage that portion anyway. (Next project).

you can still use sudo and all the other good stuff while only having one source of truth for identity.

I am aware that linux devices can join the AD domain. The reasons i setup up FreeIPA/IDM is the linux specific rules I can make. Like the Sudo rules for example. As far as i am aware you can not do this with a windows domain controller.

What can also be a good option is urbackup. it supports different operating systems full image backups of windows clients. Not entirely sure if it supports image backups of a linux clients how ever.

Not the intended usecase but fogproject can be used to pull images. Then later you can just PXE boot and place a image back on to a differen system.

Still i think borg would be better for actual backups.

Snapahots are not backups!

Snapshots are near instand in ZFS or BTRFS. Also they do not consome much CPU to make them.

Backups are not stored in the same device. What i use to make backups is a combination of borg and urbackup.

Perhaps because the curent lease has not expired yet. Remove the lease in the router or force the client to get a new lease

This is corect. You need too use a bridge for VMs to communicate with the host. Been doing it like this for about a year. Also i added a special bridge gave the bridge a static IP so i can connect VMs to things like network shares without any fysical network connectivity.

Didnt know these services where that light. So running the domain controller and rhel IDM controller in a VM on the R710 is fine then. I can probably even run a few other things on the system as well then. Thanks for your input!