Lead admin for https://lemmy.tf, tech enthusiast

  • 0 Posts
  • 17 Comments
Joined 1 year ago
cake
Cake day: June 10th, 2023

help-circle










  • From what I’ve seen and read, server to server traffic is less taxing on instances than client to server. So even if your instance is JUST you, it would be your instance talking to everything else so it would have some net benefit on the federation. But it would take a lot of users self-hosting solo instances for this to help in any noticeable way, I’d think.

    There is certainly no downside to running a solo instance, if you’re even slightly interested I would say go for it!


  • I’m one of the other Lemmy.tf admins and I’ll share a bit. We’re currently on the docker-compose deployment from the repo, running on a VM with 4c/8gb ram/256gb disk. It’s on a baremetal VMware box at OVH with loads of resources to expand as needed.

    I’m hoping we get enough users on here to force me into converting to a Helm chart and moving this to my Kubernetes cluster. Pod scaling would help address some of the issues larger instances are starting to run into, and it seems like a fun project.

    As for Unraid, your best bet is to see if you can install docker-compose on it. This thread from 2020 suggests it should be possible, but the binary may not persist restarts. If you can’t use compose you would probably have to strip it apart and deploy one container at a time, and potentially work around the need for the Docker networks.

    I may be interested in helping with an Unraid deployment guide if there’s heavy interest- I’m running it on my NAS at home and can tinker a bit. Feel free to DM me if you’ve got questions or need any assistance.

    Edit: That Unraid forum post has a reply about using a bash alias to run docker-compose in Docker, this is the route I’d go rather than having to do jank stuff to make the binary persistent. Should be able to follow the normal docker-compose install from your root user once you have compose ready. Make sure to do your port forwarding or use Nginx Proxy Manager since SSL is mandatory to federate.



  • Yes, I’ve got separate subnets & vlans for a few things. My PCs/phone/tablets/etc, homelab, IoT devices (i.e. loads of Govee bulbs/ropes, gaming consoles, oven, etc), Guest (all isolated from everything else internal) and one for my roommate. I’m on a Unifi Dream Machine Pro so setting up traffic rules to allow certain traffic from PC vlan to homelab (and the other way) was pretty straightforward.

    As for the VPN, yes a full tunnel would force all traffic over the VPN, but for all but my *arr stuff that’s overkill. I just join all my VMs to Zerotier and force traffic from the public LB in via their VPN IP, but the VMs can still pull yum updates and anything else they want over my WAN link.



  • I run all my lab servers/services/etc in their own /16 on my home net. Nothing is publicly routed in over my WAN IP- if I want to expose a service, it goes through Nginx Proxy Manager to my local service via a ZeroTier tunnel.

    I would strongly encourage you to not expose any of the *arr services (particularly your download node) to your WAN IP. PIA’s desktop app does a pretty good job of forcing a full tunnel with a VPN kill switch, so you never have to worry about your ISP catching onto what you’re doing.