If you ever tried to setup ZFS replication between 2 TrueNAS instance, you might have been very surprised by how easy it is.
But what if you don’t want or don’t need a dedicated TrueNAS instance for your backup ? Maybe you want it to replicate to a Linux machine that does other type of backup for example ?
In this post, I’ll show you how I’ve done it in a secure and reliable way, and hopefully make it way easier for you to do the same.
A couple of years ago, I made this DIY add-on to my gate controller to manage it through Home Assistant. It’s Wi-Fi enabled, can warn me if it’s stuck, allows me to check its state, and control it reliably through Home Assistant, and didn’t cost much more than 15€.
Because the gate controller was provided with the house, I didn’t want to replace or damage it in any way, so I needed to make something that works in harmony with what I had.
If you have a homelab or a small web server for your tool, you probably know the Fail2ban software. It’s a tool capable of taking input from another software (usually log) to flag the IP doing bad stuff and block them for a defined amount of time (usually using iptables). It’s really not a tool for big production-grade projects, but for small personal stuff, it does the job quite well!
But as long as you have multiple VMs running for different tools or projects, having all of them individually fully exposed to the internet isn’t a good idea. It costs some extra IPv4 allocation (assuming you aren’t IPv6 only), and securing them may require more time and effort. Most people end up with some kind of proxy. It can be a single Nginx/Apache2, a haproxy, or a traefik… it doesn’t really matter. What does matter is that now, all of your requests will come from the IP of that proxy and no longer the one trying to mess with your stuff. Does this make Fail2ban useless? Dropping the ban hammer on your own proxy IP isn’t a good idea, but how can you selectively ban something that comes from a single server?
I’ve spent the last 3 Week with a steam deck, and i think it is a good idea to talk about the hardware, the software, and for whom this device it.
Why a new laptop, and why a framework ?
So, I bought a new laptop !
Actually, it’s not for me. My mom have a 7Y old 17" XPS laptop, Good i7 CPU, 16GB of DDR3 ram, a new SSD and a new battery (they were swappable at the time). She only do lite word processing, email, web browsing and file management on it…
So it was and still is quite enough for here. It should have lasted another 5y easily and everyone would have been happy about it.
But no… the BMS
on the motherboard died 4Y ago and there is no repair program from dell whatsoever…
This left my mom with a laptop unable to charge, tethered to the wall. Plus it was bulky, at the time she insisted on getting a numpad, but 17" was too big to carry.
Breaking out of SSH
We’ve all been there. You are working on your remote server though ssh, and suddenly a colleague restart openvpn, or your ISP crapy modem restart… You end up with a frozen ssh prompt, and no ctrl+c or ctrl+d give let you break that.
If you aren’t too familiar with this issue, you probably don’t know how to fix this, and quickly end up closing the terminal and opening another one. This work but there is a “better” way.