Should be fine as long as they have different domain names and your virtual hosts are setup to route to the correct services.

I’ve got Lemmy and Matrix sharing the same app and database servers without issues; just make sure the servers are sized and tuned to handle both applications’ loads.

NFS, SMB, and/or sshfs

• NFS for my media shares between servers (Emby, MPD, etc)
• SMB for accessing from workstations
• sshfs when I need a quick, one-off file session (or if I’m accessing remotely)

I don’t know if that’s the failure case for them all, but I did read that on a forum and successfully recovered data from one of them by soldering on a temporary 3v3 regulator from my parts box.

Go big or go home 🤷‍♂️

Go buy a lottery ticket and use the winnings to replace it, lol. Because you are lucky (based on my experience with that brand).

I mean, if I DM’d you saying I won the lottery and wanted to share it with you, would you even read the whole message before reporting it as spam? 😂

You must be the luckiest person alive.

Can you please pick 5 numbers between 1 and 69 and then another number between 1 and 26? I’m going to buy a Powerball ticket with those numbers.

Both batches from Amazon (months apart). I also bought one of that brand a few years ago (2017?) that ultimately failed within 2 years as well.

I said this in another comment, but best I can tell, the actual flash chips seem to be fine and it’s the support circuitry (power regulator, SATA controller, etc) that seems to be failing.

Lol, yep. I’ve got a 32 GB Kingston SATA SSD (first one I could afford back in 2014) still going strong 24/7. I think it’s either in my router or my HomeAssistant box.

Oh, the warranty is 5 years. The Amazon return period was 30 days, and they failed outside of that window.

For their warranty claims, they make you jump through a lot of hoops to even get started on an RMA, plus I had to pay shipping. Ultimately, I figured they’d just send another piece of junk, so I cut my losses and bought Samsungs to replace them.

I’ve been buying Samsung (both SATA and NVMe), though I’m sure someone will tell me they went to crap too. At least the ones I have are on track to hit the 3 year mark.

For less critical things, I’ve used PNY pretty successfully (haven’t hit 2 years yet, but haven’t had any failures either). They’re less expensive, and I usually stick to the 120-240 GB ones (basically they’re boot drives)

Best I can tell, the actual flash memory chips are fine. It’s the support circuitry around them that seems to be failing.

That said, the data could probably be recovered if I was so inclined and wanted to spend time/money on it. I have backups, so I’m content never buying or looking at one of these pieces of junk ever again haha

At least make sure you have good backups and definitely plan for it to fail (if you can’t replace it immediately). These seem to be “when” they fail rather than “if”. Of the 6 I had fail, only one gave any warning signs; the rest just disappeared from the bus and never came back.

This is the only brand of SSD where I’ve experienced a 100% failure rate (I rate my drives over 3-5 year spans). Lol, for comparison, I’ve got a Kingston one from 2014 and an Intel one from 2015; both are still kicking and in daily use.

I use SnappyMail (a fork of Rainloop) for my IMAP webmail client.

With IMAP, everything stays on the server, so the client doesn’t have to worry about the inbox size. Searching is also done server-side, so the client just needs to send a query.

The performance will ultimately come down to the performance of your IMAP server.

Their IP address is already “exposed to the world.” I keep seeing people recommending this pattern in this community for the same reason. But I genuinely don’t understand it. It sounds like one of those VPN ads frankly.

Your IP address is not private.

I did state “beyond their normal traffic”. And you do realize there’s a significant difference between exposing your IP as a client and exposing your IP as one that has servers hosted behind it, right? It’s not about protecting that or keeping it secret. It’s about not putting a target on their friend’s IP address for all the bots and script kiddies to hit.

Are any of your services public facing? If so, you might want to make the VPS your reverse proxy and VPN server and have your stack at your friend’s house connect to the cloud server via VPN. The reverse proxy on the VPS would connect back over the VPN to the equipment at your friend’s house.

This would prevent your friend from having to open ports in their router and from exposing their IP to the world (beyond their normal traffic, that is).

Plus, it would allow you to VPN-in to manage as well as have a “kill switch” should you need it (cyberattack, etc)

I would not run any of the *arrs on a network that is not yours (even if you have them routed through a VPN). It puts a liability on your friend and may eat up their bandwidth.

And definitely make sure your friend knows what they’ll be hosting for you and how it may impact their network.

I use Authelia, and my users are backed by my LDAP server. I basically managed my users directly in LDAP through Apache Directory Studio. If you want something with built-in user management, I believe Keycloak might be a good place to start.

Also, you can use Nextcloud as an OIDC provider and let it be your SSO provider. For apps that don’t support OIDC, you may be able to put them behind OAuth2Proxy and point that your Nextcloud.

It depends on the protected app. Some let you delegate to external auth and will create the account (e.g. Nextcloud) and others may expect some kind of HTTP header containing an identifier to associate with an existing local user (e.g Calibre Web). Most apps I’ve worked with that support OAuth2 usually handle creating the account in the app automatically - the app takes care of that, not the SSO provider.

You’d need to read the docs for the apps you want to have behind SSO to see how each works with external users.

I use the version packaged by linuxserver.io:

https://docs.linuxserver.io/images/docker-calibre-web/

Unfortunately, that’s about as good of docs as I’ve been able to find for it.

To configure external auth, go to its web interface at /admin/config and then expand “Feature Configuration”

There’s a checkbox for “Enable reverse proxy authentication” and below that a field to specify the header name that will contain the email address of the authenticated user. In my case, it’s REMOTE_EMAIL.

That header will vary depending on what you have setup for authentication, but it needs to provide an email address that determines the user.

My version is a little old, but from skimming the current docs, it may support OAUTH now.

I use Calibre-Web and external auth. The auth headers are added by Authelia + Nginx which sit in front of it.

Not exactly turn-key, but since I was already using Authelia, it was simple enough to switch from local accounts to external.

deleted by creator