I use Promtail + Loki + Grafana to monitor application logs. Promtail scrapes logs, Loki stores and indexes them and Grafana can query Loki with LogQL and also send alerts.
Apparently Promtail is superseded by Grafana Alloy, which I don’t have experience with.
Anyway, I set this up mostly for fun and to preserve logs of terminated pods in my kubernetes cluster. I don’t have any alerts in place, but I probably could.
No, it’s permanent. They call it “VPS XS”, here (in german). Sadly a initial one-time payment of 10€ required, I forgot about that.
On ionos.com the same VPS costs $2/month. No one-time payment though.
The unique selling point of this VPS for me was the low price combined with unlimited traffic. Sometimes my nebula lighthouse needs to proxy traffic for peers that can’t talk to each other directly. It’s nice not to worry about traffic then.
Ha, that’s a good question: I don’t. I chose a rather long time for the certs validity and then promised to myself that I will extend my ansible playbook when I need to.
I’m not using Pangolin, but a 1€/month VPS from IONOS serves as my nebula lighthouse.
The question you’re asking is too broad. Every tool somehow differs from the others, but listing all differences requires in-depth knowledge of each tool and a lot of time.
At the end of the day, every tool somehow backs up your data. CLI interfaces, encryption algorithms, deduplication logic, supported backends, underlying programming languages and a lot more may differ. Identify what’s most important to you, test different solutions and then use the tool that works best for your use-case.
My server rack is located in an uninsulated attic with two tiny windows. I haven’t measured the ambient temperature but I think it’s over 40°C. Yesterday one drive in my storage server reached 65°C - so for today I have shut it off until the rain comes. Fun times.
Obligatory: RAID is not a backup.
Security in software is about implementation, not different programming languages. Security as a whole is also not something you can achieve just by installing “secure” software - every software has bugs and vulnerabilities. Some of them are known, others are unknown and not every one of them automatically poses a security risk to you, this depends on the bug, your usage and environment. You can try to harden your system, but you need to do this in layers and the application code is just one of them.
For example, you could geoblock IP addresses so their requests never even reach your application. This does not mean that you’re automatically safe from attackers from e.g. Russia, but you make yourself a less easy target.
There are many other defense mechanisms like request limiting, dynamically blocking malicious requests with something like Fail2Ban, strong authentication, frequent patching, network segregation, virtualization, and so on. I hope you see where I’m going. Security is complex and depends a lot on your personal threat model.
That being said, if you need to know how secure the code of a given software is, you need to find something that has recently been audited or audit it yourself.
It’s also not available yet with a planned release in 2026.
I might be cynical, but moving away from Synology and Plex because of the writing on the wall and then choosing Unraid probably won’t end well.
Don’t get me wrong, I understand the love for Unraid even though I don’t use it. It looks nice and newbie-friendly and you can throw all your random disks at it regardless of size. But enshittification will come for Unraid and I personally think that it has already begun.
Thanks for your response!
What made you switch from TrueNAS Scale to Unraid, if I may ask? Is it just the ability to mix different drive sizes? I’m currently using TrueNAS Core and thinking about migrating to TrueNAS Scale.
I’ve had great success with restic. It will handle your 4TB just fine, here’s some stats of mine:
Total File Count: 78374
Total Size: 13.324 TiB
and another one, not as large but with lots of files
Total File Count: 1295210
Total Size: 2.717 TiB
Restic will automatically deduplicate your data so your duplicates won’t waste storage at your backup location.
I’ve recently learned about backrest which can serve as a restic UI if you’re not comfortable with the cli, but I haven’t used it myself.
To clean your duplicates at the source I would look into Czkawka as another lemming already suggested.
I have an offsite NAS where I run the Restic REST server as a docker container. I connect to it over Nebula but you could also use a traditional VPN, Tailscale, Headscale, Pangolin or whatever.
Works like a charm.
Interesting, I didn’t know that. Thanks!
Uhhh, I have always used Docker for Home Assistant with no issues? That being said, I’m no HA power user at all - so maybe you could elaborate about the limits you’ve encountered?
I was recently reading a lot about these because I wanted to use three Lenovo M920x for my homelab as virtualization hosts with Proxmox.
The really cool thing about them is their low power usage, that you can easily buy them used/refurbished and that you can fit a small PCIe expansion card into them.
I didn’t use them in the end because sadly 22110 M.2 SSDs don’t fit and I wanted to use enterprise SSDs for Ceph.
However, your use case seems simpler, so I’d think a M720q or maybe even M710q (without PCIe slot) would do, for less money than the M9xx series (which support vPro).
There’s a really nice forum thread on ServeTheHome with loads of information about these units.
No, it isn’t.
EDIT: I quickly want to add that Jellyfin is still great software. Just please don’t expose it to the public web, use a VPN (Wireguard, Tailscale, Nebula, …) instead.
This is what I’m doing for the most part. A TrueNAS server provides the NFS shares and periodically backs them up with restic.
Some apps don’t like NFS very much, especially those that require SQLite. If you’re running Jellyfin over NFS you probably know what I mean. For those apps I use Ceph instead, which is highly available and a lot faster but also more complicated. Those PVCs I backup from within kubernetes to S3 storage with velero.