I was a little unfair in my post towards Proxmox. It really is a great solution and I can’t really complain, but it sucks in comparison to ESX where many “custom” items are still hidden in the cli or custom configuration items,. Many of these things are available in the GUI in ESX which is a pretty rough translation for some that have worked in ESX for many years like myself. ESX isn’t without it’s CLI moments but they are rarely ever needed, and if needed only for drastic measures.

The UI is not very intuitive and really looks quite dated too. ESX, Nutanix and XCP-NG have much better interfaces imo, and if Proxmox could throw some of that extra money they’ve earned from the VMware exodus in their UI it would be worthwhile.

Again, I shouldn’t complain but as I get older there’s not much “tinkering” time anymore, and the less time I have to sift through forum posts or official documentation on why something isn’t working as intended, the more easily frustrated I get.

Don’t go Podman. When I started years ago I installed Fedora with the “containerization” option. This installs podman, not docker as I’m sure most know. I did not.

Podman works great for the most part, but it’s slight differences from docker will have you fighting tooth and nail for certain services to work correctly. And not many (if any at all) have any documentation on getting their containers working with Podman of they don’t start. If you make a GitHub issue asking why or how to get things running in Podman because their docker stack doesn’t work flawlessly like it will in docker, good luck getting help (Mailcow comes to mind specifically here).

Looking back, this decision really shoehorned some very fundamental ideals about containers in my mind, but it was a long fought road I would not choose again. The knowledge I gained about containers with docker would have come soon enough on the easy road.

And yes, you can install Docker on Fedora, but I was much too far down the Podman track before finding out. My environment has changed drastically as of late and most things have been migrated to docker apps in Truenas now, living directly next to their storage as intended (the arr stacks really take a performance hit running their databases over NFS once you have a lot of media for example).

Quick note about Proxmox after coming from ESX myself - it sucks compared to ESX. I’ve tried to move away from it and Nutanix was the closest I could find to ESX, but after my server started complaining it’s drives were not compatible I jumped ship to avoid any write damage to them. I’m downsizing my lab now, I have proxmox running in 3 small NUCs with CEPH storage share and it’s working pretty good. Would love to run ESX or Nutanix instead, but they require a loaf of bread in resource requirements where proxmox only needs a slice of bread in comparison.

The 1TB version came with a completely different screen is what he meant though. A screen protector won’t be able to replicate a physical display difference.

Easily the 90s when Clinton wiped the USA debt away to a clean slate, and Bush immediately made it worse with Iraq in his next term. I’m speaking loosley, but assume that’s when this all started based on your question.

You can’t DPI a VPN tunnel because it will break the tunnel connection.

I’ve been having the same thoughts recently. Your mention of carrier pigeon and smoke signals now has me thinking that embedding data inside a birds sing like the recent jpeg someone tested could be our future soon.

As of the last update released on August 1st, the “old” VMs are now visible again. The latest Electric Eel chain also merged all Core features into Scale, so the jump should not be as drastic any longer. I’ve always lived on Scale, but I assume you could try backing up your config and spinning up a new Scale VM and restoring the backup to it. No matter how you dice it though, it will be spicy!

What type of disk (HDD or SSD) and how many disks in the pool?

RAIDZ1 configuration will bring your write speed down some due to data having to write to multiple disks at a time. This is true for most any RAID. Once written, your read speeds should remain the same or improve a bit though.

So you’ve acknowledged the same issue, and instead of offering a solution to their issue, you decide to criticize them. They even said they’ve used Arch for 5 years. That’s not a small amount of time to be using an OS. You are what’s wrong with the Linux community, not OP.

I think he means HyperTerminal. It was the predecessor to Putty basically for serial connections.

You need to set up a DKIM record to validate your domain. If you are using proton free without your own domain, there’s nothing you can do.

deleted by creator

Have you modified the default unbound config at all? This sounds like increasing the cache size limits and timeframes in the unbound config could help.

I’m actually chasing an issue I’ve always had where everything works great in my environment, but on mobile certain domains take ages to finally load up for me. I think it’s a combination of my Pihole blocking and the amount of domains tied to a page (advertisements and tracking), but would love to figure it out. I work around it right now by flipping wifi off and on again in those instances.

Instead of port 53, I need to run unbound on 5335 (or another obscure port).I believe I also had to make some host level changed for DNS to operate correctly for incoming requests.

Here’s my podman run commands. These might have changed a bit with Pihole v6, but should still be ok AFAIK.

#PiHole1 Deployment/Upgrade Script podman run -d --name pihole -p 53:53/tcp -p 53:53/udp -p 8080:80/tcp --hostname pihole --cap-add=CAP_AUDIT_WRITE -e FTLCONF_REPLY_ADDR4=192.168.0.201 -e PIHOLE_DNS_=“192.168.0.201#5335;192.168.0.202#5335” -e TZ=“America/New York” -e WEBPASSWORD=" MyPassword" -v /var/pihole/pihole1:/etc/pihole -v /var/pihole/pihole1/piholedns/:/etc/dnsmasq.d --restart=unless-stopped --label=“io.containers.autoupdate=registry” docker.io/pihole/pihole:latest

#UnBound1 Deployment/Upgrade Script podman run -d --name unbound -v /var/pihole/pihole1/unbound:/opt/unbound/etc/unbound/ -v /var/pihole/pihole1/unbound/unbound.log:/var/log/unbound/unbound.log -v /var/pihole/pihole1/unbound/root.hints:/opt/unbound/etc/unbound/root.hints -v /var/pihole/pihole1/unbound/a-records.conf:/opt/unbound/etc/unbound/a-records.conf -p 5335:5335/tcp -p 5335:5335/udp --restart=unless-stopped --label=“io.containers.autoupdate=registry” docker.io/mvance/unbound:latest

I just went through my setup to verify dnssec settings in unbound to troubleshoot strange latency when removing random names while browsing. Did you verify the unbound certificate file was created and had the proper permissions? There are also a couple other configuration items in unbound related to dnssec that can be tweaked to improve the implementation.

I do exactly the same thing for all three of these services! My implementation is on podman rather than docker, but basically the same deal.

Apologies, you mentioned specifically your network drive. Interesting article but they give several work arounds for containers that may require host mode, and it appears the non Plex pass image is one of them to resolve this specific issue.

I would go around them and go directly to the source of categorization. It looks like this is the Symantec categorization website in case it’s different from what you’re workplace provides - https://sitereview.bluecoat.com/#/

You’ve likely given it full control to whatever storage you’ve mounted in the container anyway, unless you’ve given it the :ro flag, which in that case would operate the same regardless of networking mode. If someone gains access to your internal host, you have bigger problems. Some things just play better under host mode and all bridged mode is doing is creating a virtual switch on your host and passing allowed traffic through it at a base level. The best way to protect is by running a load balancer in a DMZ and proxying all of the traffic through it which is how I have my instance running. I funnel everything external --> TCP\UDP 443 in DMZ vlan load balancer --> internal LAN IP:docker port. I run a mix of host network or bridged mode depending on the container.

Are you running in docker? Change from bridged mode to host mode on your container which should resolve this.