Illuminated_Humanoid

joined 1 year ago
 

Okay, before you downvote me, hear me out.

I self-host quite a bit of services and am knee-deep in this hobby, like many of you are. I try my best to analyze what makes sense to self-host and what doesn't just so that I don't jump the gun and switch everything over to self-host just for the sake of doing it. I try to focus on what brings value to the table and what doesn't, and I just cannot see the value in self-hosting YouTube front ends. I tried my best to like it and force it on myself for several weeks, but it seems to hinder and ruin the YouTube experience rather than enhance it for me.

I find extensions on desktop such as YouTube Enhancer paired with uBlock Origin is a more enjoyable experience, and on mobile I prefer to use ReVanced. I feel these options are superior to piped/invidious etc.

So tell me, I'm curious. Why do you bother to self-host YouTube when there subjectively appears to be better options?

 

I have owned my Synology NAS and enjoyed self-hosting with it for about 2 years now. I never self-hosted before owning it, so this is all I know. The only reason I purchased one in the first place was because of my discovery of Plex media server. Plex was great on PC for the first little bit until I realized I was outgrowing my ability to reliably host it for myself and family to enjoy and that's what forced me to find a dedicated solution, which led me to the Synology NAS.

I wonder to myself sometimes if I would be better off building my own system with my own parts. What has stopped me I think mostly is sacrificing the Synology DSM OS, which I really do like and find good value in. I know there are Linux distros for specific NAS needs, but I haven't had any experience with them to know if it's a good choice for self-hosting.

Is Synology NAS the way?
What do you have?
How do you like it?
Are you planning to change your setup?

So essentially the last step where you create a virtual subnet is going to be the same CIDR notation as the IP range. Well, I'll be damned, it seems like I lucked out on that one and got it right.

Thanks again. Your method worked great and for some weird reason the other methods out there such as this one and also this one did not work for me. One of the guide creators was also trying to help me, and it just wouldn't work.

God bless ๐Ÿ™๐Ÿผ

[โ€“] Illuminated_Humanoid@alien.top 1 points 1 year ago (2 children)

Looking at your example. Your original settings are:

docker network create -d macvlan \
-o parent=eth0 \
--subnet=192.168.2.0/24 \
--gateway=192.168.2.1 \
--ip-range 192.168.2.200/27 \
--aux-address="host=192.168.2.201" \
dockervlan

Why did you use 192.168.2.200/29 for your route? This is the last part I dont quite understand. How does it play into the settings you chose above?

My setup is ip range 192.168.87.96/30 which is ip range 192.168.87.96 to 192.168.87.99 . I chose 192.168.87.99 as my auxillary and my Nginx was automatically given IP 192.168.87.96 . Now my question is how do I go about knowing what to use for route? I blindly first tried 192.168.87.98 from some bad info ChatGPT gave me and then I changed the route to the exact same CIDR notation I use for my IP range which is 192.168.87.96/30 and that seemed to work. Im asking because although it works I have zero clue why it works. My brain doesnt understand this final part.

๐Ÿ™๐Ÿผ

[โ€“] Illuminated_Humanoid@alien.top 1 points 1 year ago (4 children)

I presume you're talking about this one ?

sudo ip addr add 192.168.2.201/32 dev macvlan0

I guess I didn't explain properly but that is your auxiliary host's IP. If you look at command 2 you'll see

--aux-address="host=192.168.2.201"

. Basically the CIDR notation

/32

is the same as the subnet mask

255.255.255.255

, only one IP address can be served in macvlan0.

I was actually referring to 'sudo ip route add 192.168.2.200/29 dev macvlan0' for #3

This one has me stumped. I hope you're not one of those who deletes his Reddit posts because I may need to come back to this post one day ๐Ÿ˜

[โ€“] Illuminated_Humanoid@alien.top 1 points 1 year ago (6 children)

I think I am about 99% of the way there. Seems like I got it mostly figured out, but I do have a couple questions for you. And thanks again for your time, you have no idea how much I appreciate you and your assistance in this.

#1. After creating the docker network, you suggest creating the macvlan and the command for creating the macvlan involes 'macvlan0'. I cannot use macvlan0 and instead am forced to use macvlan1 because macvlan0 is taken by the docker network we created just before creating the macvlan. Seems to be a conflict. I checked and there's nothing else conflicting other than the already created macvlan0 from the step before.

#2. After completing the steps, I can access my NAS as usual, the Nginx proxy manager is accessible via it's macvlan IP, but I can also connect to the NAS and the Nginx from the auxillary host IP. What's the deal with that?

#3. Once all is said and done. Should my Nginx be connected to both the bridge network and the new macvlan or just the macvlan? It's always connected to the bridge by default, but when I add the container to the new macvlan, am I supposed to disconnect it from the bridge?

[โ€“] Illuminated_Humanoid@alien.top 1 points 1 year ago (8 children)

3.Create the macvlan on your Synology

sudo ip link add link eth0 name macvlan0 address XX:ZZ:AA:BB:00:YY type macvlan mode bridge

I follow your instructions carefully. When I get here I get the terminal response :"XX" is invalid lladdr.

[โ€“] Illuminated_Humanoid@alien.top 1 points 1 year ago (1 children)

Okay, so here's where I'm confused. From my understanding you say all I did is create a docker network and I need to create a macvlan but the 'npm_network' that I created literally says macvlan beside it in the network tab of either container manager or portainer. Even the command literally says 'create macvlan' so I am confused why you say that's not a macvlan and only a docker network.
Am I making sense? Also, two other outdated guides ive seen on this describe it the same way. The way you describe it is a first that I've seen. Not saying you're wrong, but there's certainly a difference I'm noticing.

[โ€“] Illuminated_Humanoid@alien.top 1 points 1 year ago (3 children)

Here, let me show you what I did and you tell me where I went wrong.

  1. SSH into Synology NAS and Create macvlan network with modified command below to my system:sudo docker network create -d macvlan \-o parent=eth0 \--subnet=192.168.1.0/24 \--gateway=192.168.1.1 \npm_network

  2. Install Nginx Proxy Manager docker container

  3. Assign NPM to use the new macvlan network and assign it an IP on the subnet that's not already in use with the following command:docker network connect --ip 192.168.1.99 npm_network nginx_proxy_manager

  4. Go into portainer and under container settings for NPM, ensure the container is connected to both the new macvlan with the info we used and also connected to the default bridge network.

This is where I hit a wall. I still cannot connect to my web interface at this point when I feel like I should be able to with the macvlan ip 192.168.1.99

What am I doing wrong?

 

Hi,

Has anyone managed to install NPM on their NAS with a macvlan IP that works? I have been trying to set this up for a few days now and I can't seem to figure out what I am doing wrong.

I know that Synology NAS has port 443,80 always in use so my understanding is that since I am using a macvlan IP, it doesn't conflict with the NAS. Because of that, I think the issue and where I am screwing up is setting up the container so that a bridge can connect my macvlan and my host network.

Again, has anyone managed to get this to work?

[โ€“] Illuminated_Humanoid@alien.top 1 points 1 year ago (14 children)

What's the main kicker here? Reading this over, it sounds like you're saying to create two macvlans, but I only see an execution of one? I am confused brother

What happens if you use bridge networt and manually map the port 80 and 443 port to a random one on your synology like 8888 and 9999? Can you then access these ports?

Not exactly sure how to do that. Yes, you're right, I created a whole new container and for some reason it doesn't load. Without macvlan IP it loads fine, with the macvlan it just refuses to load.

I appreciate the heck out of you for trying, but my god this confuses the crap out of me even more lol. I've read it over several times, and I am just not connecting the dots โ˜น๏ธ

[โ€“] Illuminated_Humanoid@alien.top 1 points 1 year ago (2 children)

I'm not sure, but there certainly must be a conflict with the built-in DSM Nginx.

There are zero error logs.

 

Hi

Stock nginx built into Synology DSM won't cut it, so I decided to install Nginx Proxy Manager. Before doing so, I created a macvlan and assigned the NPM container to use the assigned IP. Once install is finished, and I try to launch NPM, it fails to load. I tried the same install without macvlan, and it works and loads just fine. I have installed many other containers on macvlan, so I know what I am doing and have the knowledge and experience, but I have never run into this before where there seems to be a conflict I am not aware of.

Help? Anyone?

 

Hi,

I am wondering if anyone knows of a self-hostable container that specifically only manages and issues SSL certs via lets encrypt? I know NPM does this, but I am hoping to find a container that doesn't have all the extra stuff I don't need.

 

Hi friends,

I have been trying to sort this out for many days now, and I am stuck on what is most likely a small issue I am overlooking. I have read many guides and previous posts on this, but I still haven't figured it out. I will explain what I have done and hopefully someone can spot the error. Scroll all the way down to read all details.

โ€‹

  • I have my FQDN on Cloudflare. I set its DNS entries, as you can see below, to point to my PUBLIC IP where my stuff is hosted.

https://preview.redd.it/8484seuxw1vb1.png?width=1308&format=png&auto=webp&s=ae30061796e3cc296116e344283d1fc918757a67

  • Next, I went into Nginx Proxy Manager and clicked add certificate. I got the API token from Cloudflare site and filled it in as you can see below. The certificates are successfully granted.

https://preview.redd.it/czhf5g3ux1vb1.png?width=495&format=png&auto=webp&s=47f48fea68eb315565617da4c9108cc86befde53

  • Next, I added a reverse proxy entry in Nginx. I want this entry to point to my NAS homepage, so I set it, as you can see below. I also applied and forced SSL that was issued.

https://preview.redd.it/46pcp0h8y1vb1.png?width=496&format=png&auto=webp&s=5fbba6cc0cc8d1e424ec49e733fea51952e8eaf9

https://preview.redd.it/um8wtfbiy1vb1.png?width=498&format=png&auto=webp&s=16d77305e91dbf98c22f87b99df2f46ffe39fe82

Now, I would expect after this step that I could just go into my browser and type the FQDN, and it will route me to the LAN IP I set the proxy entry to, but it's not working. Keeps taking me to a "this page cannot be found" .

What am I missing here?
Are any of the steps above unncessary?
The guide I originally followed is this one right here

Important notes:
- I have port 443 forwarded in my router to my NAS IP.
- I have adguard home with Unbound setup in my network on a separate Raspberry Pi.
- I use tailscale on all my devices.
- My home router and my NAS are both firewalled.
- My self-hosted containers are all in docker on my Synology NAS (minus adguard)

 

Hi,

I am planning to switch from Plex to Jellyfin all in the name of supporting FOSS. I am wondering if anyone knows whether Jellyfin has a built-in proxy just like Plex? I am not talking about the Plex relay that limits your streaming speed when port forwarding is not setup correctly. I am talking about a normally functioning Plex server that still by default hides the IP of the server. Does Jellyfin do this too, or will it expose my IP externally to those who connect to my server?

Edit: If you are unsure what I am talking about, open a desktop browser and connect through the browser to a Plex server. If you have any extensions in your browser that show the IP of the website you're connected to, like I do (flagfox), then you'll see what I mean about Plex hiding the server IP. I honestly would've never known Plex did this had it not been for my browser extension.

 

Hi,

I just recently setup tailscale for accessing all my self-hosted fun stuff while I am away from home as securely and conveniently as possible. It dawned on me today that it's entirely possible that tailscale can have an outage one day, and at that time I would need a backup. So I searched around and the best open source alternative with the same concept I could find was zerotier. So, I have a few questions for you.

#1. Can I use zerotier alongside Tailscale for backup connections in the scenario I described? If so, should I?

#2. What is your backup method you currently have set up?

view more: next โ€บ