@bordam Personally I would suggest, take so much Ram as you have money available.
If you have services relying on databases like Nextcloud (Valkey / Redis, MariaDB / PostgreSQL) more RAM could be helpful.
My current not finished setup with podman containers already takes 2 GB Ram.
Also prices for Ram and SSDs are predicted to rise or are already rising, so if you buy now, I would suggest to buy maximal large hardware parts.
db_geek
joined 3 years ago
I don't know the exact agreement with your friends, but to avoid security issues I personally would use following way:
- deny usage of all ports by firewall
- allow only necessary ports by firewall
- enable privileged ports by sysctl
So it reduces additional layers and complexity.
If one of your friends would provide a service on a specific port it has to be discussed with you.
And if this is a privileged port, it is also possible.
Or you can handle e.g. a web request with a rule in caddy.
@SinTan1729 Thank you, now I can better understand why you want to avoid to open the privileged ports for non-root users which makes sense for your scenario.
I'm in the easy situation, that I don't have to think about such a scenario, because my selfhosting system is exclusive for me.
@SinTan1729 How many user do you have on your machine, which could open and run a service on a privileged port?
And when there is no application, which is providing a service on a privileged port, then there is no security issue from my point of view.
And if you want to get absolutely secure, then you can restrict the access only to specific ports based on firewall rules.
https://www.digitalocean.com/community/tutorials/ufw-essentials-common-firewall-rules-and-commands#how-to-allow-all-incoming-http-and-https
@SinTan1729 Using privileged ports can be activated with a sysctl setting:
https://access.redhat.com/solutions/7044059
@filister I don't have an arr stack running, but I'm using several podman quadlets for running successfully e.g. PostgreSQL, Nextcloud, HomeAssistant and some more.
Did you checked the journal with
journalctl --identifier=\<container name\> for possible errors?
@Darkassassin07 Did you already considered https://pdfgrep.org/?
With pdfgrep --ignore-case --recursive "text" **/*.pdf for example you can search a directory hierarchy of pdf files for "text".
@GreatAlbatross Unfortunately I can't say anything about the given Shelly clamp meter.
But I'm using several of Shelly Plus Plug devices in german version.
https://shellystore.co.uk/product/shelly-plus-plug-uk/
I'm a big fan of Shelly, because it can be configured and used completely without sending data to the cloud.
The integration in Home Assistant is very good and my data is only local at my self hosted Home Assistant instance.
@bordam As far as I noticed, related to AI boom the prices for RAM and SSDs could be get more higher.
Also, the end of Windows 10 could also trigger more selling of PCs and Notebooks, which also would make pressure on RAM prices.
So I think, it is better not to wait and to buy, when it is possible.
There are some articles from a german computer publication about RAM and Flash prices, unfortunately in german only.
https://heise.de/-11066715
https://heise.de/-11073558