@scottalanmiller said in Local Storage vs SAN ...:
It's taking a long time to upload
You know, there are no issues with plugins on my nodebb systems. You should really look closer at what your errors are.
@scottalanmiller said in Local Storage vs SAN ...:
It's taking a long time to upload
You know, there are no issues with plugins on my nodebb systems. You should really look closer at what your errors are.
@SenseiWilliams said in ZeroTier rules to limit freelancer access:
I'm currently doing a POC on ZeroTier for my company to replace an aging Fortinet solution. I have ZeroTier setup on a couple servers and a couple test machines. So far everything is great and working well - at least until I started looking at flow rules. Here is the problem I'm looking to solve with a flow rule...
I have 50 Employees, 15 servers (server1 thru server15) and 10 Freelancers. The employees should be able to access all 15 servers. The freelancers should only be able to access servers 2-7. Can someone give me an idea of what the ruleset would look like? Thank you in adavance.
This has nothing to do with ZeroTier.
Let's walk back. What do you mean by access to a server?
RDP? SSH?
Because once a user is in said server, via any secure method, you need to have a solution inside the network to prevent access to any other server from inside.
@Obsolesce said in How to use different accounts on the same website/service with profiles:
Similar to Chrome...
Because it is basically chrome.
@scottalanmiller said in Fedora 33 SSH Access Denied But Webmin Works Fine:
Root is disabled by default in SSH configs most of the time.
Not until the last couple years. Sure we always disabled it, but it was not default that way until recently.
@JasGot said in What to use for new Windows network domain:
No need for split DNS this way.
That is a huge reason.
I did go with ad.domian.com
. Just been so long sent I set one up new, I figured I would run it by everyone.
Thanks for the feedback.
@NashBrydges said in Fedora 33 SSH Access Denied But Webmin Works Fine:
@Pete-S No external access so they are golden. Password has been changed to a 20 character one as well.
Make a new user for this and disable root in ssh
again anyway.
@Pete-S said in Proxmox hates security:
Interesting observation.
If you think about it, using a web UI on the hypervisor increases the attack surface substantially.
What I'm trying to say is that Proxmox was clearly not designed with security as it's primary focus.
You realize that 100% of the hypervisors out there use a remote interface? web or proprietary desktop app doesn't change anything.
I don't know if any of you try to use Proxmox with a user other than root
, but it is a pain in the ass.
First they do not make it easy to even add users and grant them permissions.
Then even if once you do, there are so many things that do not work.
Here is one I found today. Adding a USB passthrough device.
Creating a VM is an easy enough task that can be left to defaults a lot of the time. But if you want the best performance/options under Proxmox, you will have to go through a few minor hoops as Windows Server 2022 (or prior) does not have the drivers needed for everything built in.
Click on Create VM to get the dialog box. First click on Advanced if it is not already checked.
Give the VM a name (2), ID (1), Start on boot (3), and order/delay (4) as desired. Then hit Next.
Choose your ISO and Guest OS Type, then hit next.
Since you specified a modern version of Windows, Proxmox automatically uses UEFI and you will need to specify EFI and TPM storage locations.
By default, it will use VirtIO for storage, you want this, but will have to add a driver during the Windows install itself. Also enable the Qemu Agent, again the guest agent will have to be installed after Windows setup completes.
Change the default IDE disk to SCSI (1), set the storage location (2), and your desired disk size (3).
Assign the number of cores you need.
Set your max memory (1), minimum memory (2), and ensure Balooning device (3) remains checked.
Change the network adapter model to VirtIO (1). You will not have a working network on boot up. The VirtIO drivers will need installed first.
Review and hit finish. Do not check Start after created.
Select the VM and click on Hardware (1) and then Add (2)
Choose CD/DVD
Add the virtio-win ISO, you will need this mounted to add the storage driver during install.
You can verify your boot order if you want, but it should still be correct.
Open the Console
Click Start Now
Click in the window and press a key, because Microsoft still thinks all of us are fucking stupid.
Set your options and hit Next.
Hit install now.
Choose your OS options and hit next.
Accept the license and hit next.
Choose Custom since Microsoft thinks a new install is an advanced task.
Finally, you can load the VirtIO driver (1)
Click Browse.
Expand the virtio CD Drive
Expand amd64 folder (1), click on 2k22 (2), and click OK (3)
Click on Next and it will rescan for the disk, no need to click on rescan yourself.
Now the disk is available, click next
Windows will finish the install like normal and reboot.
wait for it..... It will reboot again
Create a password for the account you will delete anyway and click Finish. Because you don't leave Administrator do you?
This example uses the Desktop Experience, so login and wait for the desktop. Close Server Manager and the WAC pop up.
Open Device Manager
You will see three things to fix.
Right click and choose update driver for the Ethernet Controller.
Choose Browse
Browse again
Expand the virtio ISO disk (1), expand netkvm (2), and select 2k22 (2), then click OK.
*Hit next and it will install the driver.
Before you hit cose, you will want to hit yes on the Network discoverability screen for most use cases.
Repeat the process for the remaining two items.
Now you have all the drivers for the ssytem devices.
Finally, browse to the CD drive in Windows Explorer and install the guest agent
You will know the guest agent is properly installed is you see the IP addresses on the Proxmox Summary screen.
Shut down the VM
Remove the extra CD drive
Unmount the Windows ISO.
Start the VM back up and setup the server for the task you installed it for
@Pete-S said in Recommended storage setup for Proxmox VE homelab:
@JaredBusch said in Recommended storage setup for Proxmox VE homelab:
Proxmox requires ZFS if you are going to use the built in replication.
Don't you need more than one server to have any use for replication?
I have the specified setup at two clients. Dell hardware RAID with a ZFS RAID 0 on top of it to get replication working.
@gjacobse said in E-Fax with page-by-page verification:
Have him link to specific regulation, then verify.
@JasGot Do this ^
Because this request is not something that is not required per the ITU T.30. There is a function for a PPS (partial page signal), but it is optional in the standard. That means there is no way to know if any one manufacturer built their unit to use that bit of the standard or not.
@Pete-S said in Recommended storage setup for Proxmox VE homelab:
@JaredBusch said in Recommended storage setup for Proxmox VE homelab:
@Mario-Jakovina said in Recommended storage setup for Proxmox VE homelab:
with 4 non-hotplug 1TB HDD drives on HPE's B120i RAID controller
This means you need to just use the controller. Why waste it? I mean I am not as familiar with HP's lineup as I am with Dell, but as long as that is a real RAID controller, just use it.
From what I can gather B120i is not a real RAID controller. It just a SATA HBA with LSI chipset. It needs OS software drivers to do RAID.
Okay, if this is not real RAID on the controller, then I would pass the disk through and use ZFS. I have no issues with ZFS itself. I have issues with the Cult of ZFS asshats.
@Mario-Jakovina said in Recommended storage setup for Proxmox VE homelab:
@JaredBusch said in Recommended storage setup for Proxmox VE homelab:
For home use, assuming you have your backups, and such as if real production, go ahead and use WTF ever you want.
Do you mean, it's OK to use RAID 0, so I have more space, and I can normally use ZFS on it?
I mean it is home use and you have backups, so you decide what your risk level is and design appropriately.
@Mario-Jakovina said in Recommended storage setup for Proxmox VE homelab:
I would like to install on it: Nextcloud, Meshcentral, maybe Photoprism, maybe Kodi, some Docker apps...
@Mario-Jakovina said in Recommended storage setup for Proxmox VE homelab:
Edit: Size of storage is not so important now - 2TB in RAID10 is enough for now, I think
I think these two statements are at odds with each other. 2TB is not as much as your think once you add images and docker creep (oh it is jsut one more app).....
@Mario-Jakovina said in Recommended storage setup for Proxmox VE homelab:
Would you recommend that I setup disks as RAID10, or to use ZFS on non-RAID disks (or something else) for my non-production use?
For home use, assuming you have your backups, and such as if real production, go ahead and use WTF ever you want.
But this:
@Mario-Jakovina said in Recommended storage setup for Proxmox VE homelab:
with 4 non-hotplug 1TB HDD drives on HPE's B120i RAID controller
This means you need to just use the controller. Why waste it? I mean I am not as familiar with HP's lineup as I am with Dell, but as long as that is a real RAID controller, just use it.
@Mario-Jakovina said in Recommended storage setup for Proxmox VE homelab:
Neither ZFS nor Ceph are compatible with a hardware RAID controller.
This is bullshit. Yes, a RAID controller defeats the purpose of most of the features of ZFS, but it works just fine.
Proxmox requires ZFS if you are going to use the built in replication. So I simply setup ZFS on top of my RAID controller.
Had a need to deploy a brand new Windows AD network.
Administrator
account and set a passwordRename-Computer -NewName dc
Restart-Computer
New-NetIPAddress -IPAddress 10.101.0.21 -DefaultGateway 10.101.0.1 -PrefixLength 24 -InterfaceIndex (Get-NetAdapter).InterfaceIndex
Set-DNSClientServerAddress -InterfaceIndex (Get-NetAdapter).InterfaceIndex -ServerAddresses 10.101.0.21
Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
Install-ADDSForest -DomainName ad.domain.com -DomainNetBIOSName AD -InstallDNS
@dbeato said in What to use for new Windows network domain:
@JaredBusch I have been using ad.domain.com since it is up to code based on Microsoft's recommendation.
That was what I used last time I did a greenfield Windows AD deployment. But that was like 6 years ago.
New site going in clean. All old stuff getting pitched.
It will be a local Windows DC.
What are people using today for the domain?
Is ad.domain.com
still in fashion?
Something different?