[Build Log] New Home, New Network and Server Configs

SD has been a hot market forever. Idk if there was even a recession there in 08 lol

There was. Parents house lost 25%. I wasn’t moved out at the time. (Luckily)

When they bought in 05, the lender didn’t ask for any income evidence for a 750k mortgage. And they pre approved 1500k.

Subprime was horrifying and blatantly irresponsible to the point of malicious intent.

My wife is from SD and the only way that we will live there is if her parents will us the house when they die because otherwise there is no we we will spend the money to live there

I feel bad for her because she really wants to move back but we can’t afford the cost of living or the taxes.

Bro, nobody can afford it. It’s just dummy expensive.

@ucav117 I second this, as my wife is from SD too.

Lmaoooo so many things make sense now

So, going through my books to take, got side tracked… looking through contents of a few manuals. I hope I can find some good info on automating processes in my server. I still haven’t been able to do this. I think cron is referenced alot. I have NO IDEA where to start… is it scripting? programing? I hope I can figure this one out. Sure I’ll find it somewhere in my books. I think at least find a way to keep security packages up to date. I have pi-hole to play with at this time running a base rasbian install. I may mess with this. I dont think Pi-hole does it on its own, or the distro… I’ll try to get the block lists to update automatically as well.

Think of cron as running scripts or shell commands on some schedule. It’s been around forever and is good for cleaning up old log files and other simple tasks like that.

This looks like a decent tutorial on how to get started.

They’re using nano as the default editor. You can set that in the profile for your shell which I’m guessing is bash.

For more complicated stuff, you’ve probably seen some people here mention Ansible. That’s on my list also, but as always there’s other stuff which has been a distraction.

Cron is used for scheduling tasks, like at an exact minute / hour / day / week / day of the week / month, or every n {min / h / d / w / m} or at reboots.

Anarcron does the same thing that Cron does, but it doesn’t assumes the OS will run 24/7, so if you have a job that had to be run yesterday at 12:00am, but your laptop or server was shut down, it will immediately run the task upon startup, which cron doesn’t do, it only works when the computer is powered on. You’d use Anacron mostly on laptops or PCs, because they are the ones that don’t always run for extended periods of time (unless you’re insane like me). And even then, I mostly just use crontab anyway (my only task on my PC is to refresh newsboat every 15 minutes and I don’t really need to refresh it upon startup). You can also use anarcron for somewhat mission critical stuff, like backups in a home environment that has lots of power outages (so if power goes down when you had a backup in progress or right before a backup schedule, when power goes back on, the backup would start when computers get powered on).

There’s also Entr, which you can use to execute certain commands upon a file change.

You would use this for example, if you have a make file or some code, whenever you save something new to the file, you could have Entr automate a compilation of the code. Or whenever you save something to the file, you can have git automatically push the changes to a remote branch. I would advise against this and doing things manually, because you’d just fill the changelog with junk, but it can be done (for git, if you work collaboratively, it’s best to have an automated git push of everything once the PC shuts off, or you exit the session if you edit on a remote machine).

You can also write Markdown documents and every time you save and want to see how they would look like, for example in PDF format, you’d have Entr compile them in PDF using Pandock and just reopen the document with $your-pdf-viewer.

The most obvious automation would be auto-updates. I don’t like auto-updating, because sometimes you may need to reboot your PC, or in case you building things yourself, you’d have dependency conflicts, so you’d need manual intervention. Of course, you can still automate updates with Cron and if it exits 1 (error exit) or any other custom exit codes, you can be notified (via email is preferable, but when you deal with hundred or even a few dozen stuff daily, you’d have a NMS check everything for you and show which computers / VMs are misbehaving).

I would personally start with shell scripting. Avoid Bash, or if you use it, at least test to see if your script runs with Dash - Dash is the default shell for Ubuntu, Debian and Void Linux, it’s lighter than Bash and POSIX compliant. If you used any command line tools, like apt, you basically now shell scripting, as scripting is more or less just making a file that runs commands sequentially, just like you would in a terminal (and with some logic operators, you can run them in parallel, also how you could in a terminal).

Your limit is your imagination. Ansible or other automation tools are just meant to make it easier to automate tasks, but if you know your shell scripting very well, you can use just pssh to massively remote into servers and run commands and pscp to mass transfer files to them. That’s how I administered hundreds of VMs at some point (split between different OS major versions and depending on the case, VM purposes, like db or web server).

If you do start learning to do shell scripting, learn git, it will save you some headaches. You could run a Gitea server, or just do git locally, without push/pull.

Your first task could be to auto-update Pi-Hole’s OS and restart the service if Pi-Hole gets updated. I’ll point you in a few directions if you use Ubuntu or Deb/Raspbian: apt list --upgradable, grep, 2>/var/log/auto-update-error.log, VAR=$date, 1>/var/log/auto-update-output-$VAR.log. The rest, you’ll have to figure out yourself. Of course, you can ask for help if you can’t make it, or some tips on what certain commands do.

Fantastic! Thank you so much. I do still have to look up a few terms/programs when I read your messages as I am just starting, BUT it always makes sense after I do. I have used cli, but I’ve been trying really hard to not just “script kiddie” it and understand what each variable is, and what it does. That’s what’s nice about linux is it can all be read by a human and make sense vs proprietary os’s you can’t see everything.

I am also trying to learn how to view and interpret logs for errors so I can understand what’s happening, and what part is breaking down.

I have to admit “coding”/scripting (don’t know if there is a difference yet) seems a bit scary or daunting, but I really want to learn how to make my computer do what I want when I want it to.

I know there is a way to “hold” packages so they don’t update (I would have to do this for plex with the pcie pass through to a lcx container, a difference in driver breaks the pass through), so that’s something I will have to learn to…

Also Nginx is a total mystery to me, but I know I need to use it to do a recursive dns with pihole… I’m not sure what that all means, but know it’s more secure, which is my goal.

Again, thank you for the advice, and I will be playing with it in my free time.

It might also be worth looking at systemD timers, and converting cron jobs to systemd units, so that you are up to date with current Linux distro’s…

True, but I started to get annoyed by systemd lately. I had my Proxmox hosts use systemd-timesyncd, just because systemd does so much stuff and I was thinking exactly this:

Big mistake. After the Proxmox 7 upgrade, I read the changelog and there’s something wrong with it and it’s recommended to switch back to chrony or openntpd. I also got burned lots of times when I tried using systemd-resolved in the past. gummiboot worked out ok a few years back when I used it on Arch, so nothing to complain about systemd-boot so far. I don’t recall if I tried using systemd-mount, but I know for certain I stuck with fstab and autofs for a reason. And systemd is even doing containers (systemd-nspawn). Just how much will systemd decide to do? It really is becoming an underlying OS of its own.

I’m not really a systemd hater, but systemd had me annoyed in the past (mostly during shutdown / reboot, when processes would take 1min 30sec to 3min to timeout and kill, when setting up 10 sec timer, I’d get another 1min 30sec timer for something else, and then for something else - at one time systemd wouldn’t want to unmount my /home partition and I left it to timeout for 30min twice and for 40min once, all 3 times I had to force shutdown my PC).

Hope systemd gets better, but for beginners, I still recommend doing things the old way. Also, not all mainstream distros use systemd (Gentoo and Alpine are pretty popular, Void less so). And then, there’s *BSD, so it’s better to just understand how the OS works, before understanding how systemd works IMO.

I think I’m lucky in that being new to Linux, Systemd already had it;s tentrils in places.

I’ve not used the -logind or -homed, nor the -resolved yet, but setting up an AP was easier than a few of the guides using hostapd.

Funily, cockpit doesn’t (yet) work with -networkd, even though it come from the same place as systemd…

So now that I am downsizing for the apartment, I think I have new goals or ways I will utilize my computers and equipment to learn.

I have the pi4, but I also have the Protectli FW4B with the 4 core intel chip… from what I have read it seems I can put Proxmox on here or some other derivative (Possibly another distro and use QEMU and oVirt [may be wrong terms here] to manage VM’s- suggested by @SgtAwesomesauce and @PhaseLockedLoop previously). This would cut out a dedicated machine for OPNsense while I learn how to use and implement a firewall properly, but allow me to run it as a VM and dedicate 2 of the 4 1G ports to that VM giving me some experience at either passthroughs or internal or virtual network set ups. I could also then set up NGINX? I honestly have no idea where to start with that software and my domain, but I keep reading and researching. I believe I will have to have a NGINX server for DNS or recursive DDNS…

Either way I think having that machine with the ability to run VM’s would be a good solution while the larger servers are in storage.

Just my thoughts for the time being… I have also messed around some with Manjaro… but I updated it and now its freezing on boot. This is also the MSI Mortar B550M Matx mobo that gave me fits with other older kernel versions of linux that dont like the cheap 2.5G NIC on the motherboard. At least I think it’s because of the kernel I may be wrong.

I may try arch on that system, but man… it seems a bit complicated to get running. I’m probably going to try that next if the NIC works and I have internet access, if not I’ll have to try on another machine at a later date.

Perhaps I haven’t read this correctly but you want to run your firewall on the same virtualization machine as all of your other appliances That seems like a non-standard practice

Yeah I’m sure it’s not. I guess the hope was to use the protectili as a vm machine to test OPNsense and run a NGINX instance to learn how to use my domain name for useful things and rely on the security of my current router while I work out the firewall… if it’s a bad idea tell me I still don’t have a clue what I’m doing I just thought it might help because I won’t have access to my servers while in the apartment, and I may have to sell some more gear till the wife is completely happy.

The b550 machine has arch now, but I couldn’t activate the network tools…and now I can log into the interface as root, but it won’t update, connect to the internet, and I can’t open a console to input any commands so I may have miss typed somewhere or it doesn’t like the hardware… Manjaro also doesn’t like the hardware… so I thought an older intel chip may be what the doctor ordered to have another machine to mess with (ie the protectili…) then again I changed the bios so that might make installing something besides a firewall difficult?

What are the specs on your protectli box again? I can’t imagine it’d have enough CPU to run that many VMs very well.

Also, the more VMs and stuff you pack into a single machine the more annoying it is when that machine requires a reboot.

It’s a 4 core intel cpu 3.2 I belive… I think I only need nginx and opnsense…

Correction 1.6 ghz lol maybe not a good option…

Ok, but is that an atom? Or something else? Not all four core chips from Intel of a given clock speed are going to behave the same.

J3160 cpu and only 8gb of ram… I’ll have to find another solution… maybe repurpose the asus mini x300 with the 4650g pro…???