Ebby

Bitwarden/vaultwarden is a popular option for selfhosters.

That’s good news! It would be great if relays made it difficult to be targeted. I last tinkered with TOR almost… Jeez!.. 20 years ago haha!

I ran a relay too way, way back in the day and I remember almost a third of the sites I used blacklisted my IP address within days. It wasn’t cool.

I ended up shutting it down, resetting my cable modem, and spoofing a new MAC address on my router to get a new IP address to get everything working again.

Using a VPN is smarter. I wouldn’t run that on IPv6 whatsoever.

Every Plex client is a little different, but there is usually a video details or “playback info” button that will give you stream info such as direct play, transcode, or transcode (HW) for hardware support.

I just did something sort of like what you are doing and after a few hiccups, it’s working great. My Synology just couldn’t handle transcoding with docker containers running in the background.

Couple differences from your plan: I chose a N100 over the N150 because it used less power and I wasn’t loading up CPU dependent tasks on the thing. The N150 is about 30% faster if memory serves, but draws more power. Second, do you really need a second m.2 SSD BTRFS volume? Your Synology is perfectly capable of being the file storage. I’d personally spend the money you’d save buying a smaller N150 device on a tasty drive to expand the existing capacity then start a second pool from scratch.

Finally, I wouldn’t worry about converting media unless you are seriously pinched for space. Every time you do, you lose quality.

Ditto to your comment except power usage. I moved my Plex/Jellyfin (and hopefully Immich soon) docker containers to an N100 for the hardware acceleration. TDP is 6 watts on some of these devices and CPU use sits around 2% unless Plex is doing DB optimizations (about 60% for a bit). I haven’t measured consumption or my older server, but I feel moving some CPU intensive services to hardware GPU is saving a few watts.

There is M.2 on the mobo so I’d probably go with NVMe over SSD.

I second the RAM recommendation. I have 32GB in my Synology and it needed it for all those docker containers and VM’s.

As for the mobo, not thrilling, but could work. If you have to add a PCIe card for more drives, 10G network, or more NVMe, you’ll max out pretty quick with a GPU in there too.

Totally get it. And if you find a cool solution, let us know.

I’ve been slowly, very slowly, migrating away from Synology stuff, but everything you mentioned are my holdouts because they have been rock solid for decades. Even the cheap used products can swing those apps.

I hate to be the bad influence (no, who am I kidding, not really) and suggest more servers, but if you can find something cheap, I’d maybe give it a try.

I tried to update my lemmy instance and it all went so horribly wrong. DB never came up, errors everywhere, searching implied I updated to a dev branch sometime in the past (not a dev, don’t think I did) and it’ll be console and DB queries for a fix.

Ran out of time and overwhelmed, I restored backups and buried my head in the sand. Nope, not now. Future, yes, but oh not now.

Same here. I don’t like some of the recent decisions, but I remember the time I looked at the value and thought “yeah, this is working, valuable, and I can get behind it”, and bought the lifetime pass.

And I used the hell out of it! I don’t regret supporting the developers at all.

But features like plugins disappear, rolled to in-house teams. They work better, but cost more to maintain.

It’s ambitious, and gives developers plenty of work, but I feel the new redesign bit more than they can chew and overran budgets. They may be trying to balance budgets.

Jellyfin certainly took off. Great for them. It just wasn’t polished or an option when I set things up way back then.

Same boat here. I chose Plex because the apps were everywhere. Smart TV’s, phones, web…

I can switch, no problem. I don’t want to have to teach my parents a new app. OMFG!

I can understand new features being behind a fee, but this is putting old, old capabilities behind a paywall. Hmmm…

This with a recent decision to remove watch together sort of eliminates the whole reason I would have tried Plex so many years ago.

I’m a fan of Plex (it’s worked for me) and understand the Jellyfin crowd too. I’m worried about who is calling the shots at the moment. They aren’t aligning with their users.

Heck yeah! Old desktops or laptops are how most of us got started.

Things to consider:

• Power- this will be on 24/7 probably. That adds up
• Speed- not just CPU, but RAM, disk access and network interface can limit how much data you want to move.
• Noise- fans can suck (pun intended). Laptops tend to run quieter

I’m sort of looking to upgrade and N100 or N150’s are looking good. Jellyfin can do transcoding so that takes a little grunt. This box would work well for me. It’s not a storage solution, but can run docker and a handful of services.

I use smokeping just for fun. It doesn’t measure throughput, just latency, but they are loosely linked.

I have a cheap ZigBee thermostat and some automations to control temp. Works ok, but I’m trying to smarten it up a bit in the next few weeks.

Those emails have warned me something was pooched in advance many times. I do find them useful.

Sad to see them go, but nice they mention an alternative.

There are some really efficient systems out there, but power requirements depend a lot on what is run.

A simple website is very different that a photo gallery running content ID for example.

Should I worry?

I’ve had this stuff in logs since the late 90’s. It was concerning at first, but port scanning and scripts are the internet’s background static now.

Is this normal internet behaviour?

Yup. Welcome to self hosting!

Should I expect even worse kinds of attacks?

Not that it will happen, but good security expects attacks. I like to say “Obscurity is not security.”

What can I do to improve security on my website and try to block these kinds of requests/attacks?

As these scrips are targeting code you don’t run, they can be ignored relatively safely.

You can take a couple steps to lock things down like not responding to ping on WAN (less enticing to port scanning) locking down firewall settings, geolocation blocking, authentication, etc.

That said, if the script changed to something you DO host, you may be in for a bad day. Good to stay on top of security patches in that case.