NGL, it’s scary! I still haven’t put anything of consequence on the VPS. Right now, I have everything on 1 system going through swag. I’ve long been a proponent of not fixing what isn’t broken, so I might look for a way to scale my current setup to more than the one system.

I host a couple of small services for more than just me, but I have no plans to provide any cloud services to anyone else but my wife (if she wants).

Thanks for the story, though. Sorry you went through that. I’ve been lucky so far. I’m hoping things stay that way, but obviously trying to plan for when they don’t!

That N Korea story was wild!

Hadn’t heard of voidauth. Will check it out. Thanks!

Careful, I had a post like this locked almost a month ago.

FWIW, I went with purelymail, and it’s been pretty good. Basic, but solid.

Well, not really po-tay-toh/po-tah-toh. They’re 2 different utilities that do 2 different things. If you ask the wrong question, you’re not going to get the answer you’re looking for.

What you’re asking about is an antivirus. It’s been awhile since I messed with this on my Linux systems, but last I looked, ClamAV was most commonly recommended. You can probably search for “Linux antivirus” and find some recommendations.

Generally speaking, the earlier recommendations to stick with official repos is excellent. When you venture outside of that, you increase your administrative overhead because those manually installed apps won’t stay patched with a simple “apt upgrade.” That said, a well written cron job could keep them up to date for you.

As for where to install things, it’s personal preference. I prefer using my home directory. If that doesn’t work, my fallback in /usr/local, which is either its own partition or symlinked to the /home partition). I mention the partitions because having separate /home and possibly /usr/local makes it easy for these customizations you install to survive a reinstall. Backups will also help with this.

You have to ask yourself what this system will be used for. If it’s a daily driver that you want to “just work” I would stick to official repos, and minimize customizations. Windows makes a lot of choices for you. Linux expects you to know what you want to do.

Removed by mod

I know autofs will work with nfs. Never used it with SMB. I’ve used it on a share of /home to specifically mount /home/user as needed (e.g., at login).

So I got back to my server, and here’s what I do:

gluetun settings:

services:
  gluetun:
*snip*
    ports:
*snip*
      - 8090:8090 # port for qbittorrent
*snip*

qbittorrent (in the same compose.yml):

  qbittorrent:
    image: linuxserver/qbittorrent:latest
    container_name: qbittorrent
    environment:
*snip*
      - WEBUI_PORT=8090
*snip*
    network_mode: service:gluetun # run on the vpn network
    depends_on:
      gluetun:
        condition: service_healthy
*snip*

Also, in qbittorrent settings you can bind it to a network device. In my case it’s “tun0.” This same thing can probably be done w/ a docker network in a gluetun container and separate containers that rely on that network being up, but I haven’t looked into it. Right now, I have 2 other services that require VPN, and I’m looking at possibly 1 or 2 more. That’s pretty manageable as a single stack, I think.

This was my thought as well. Anything by that requires VPN is added to that stack and if I can bind it to the “tun” device I do - but the container requires gluten to be up.

I picked one up on eBay earlier this year.

I thought HA stopped selling Yellows awhile back.

What distro is the toaster running?

Trash is a great place to start. There was another guy I found helpful, too. Dr Frankenstein, I think? Also, I can’t remember where I found the swag write-up I used for my current setup, but swag/dockerproxy are awesome. No open ports on the router, and automatic subdomain/SSL setup w/ Cloudlfare by adding 1 label to the compose file.

Only 2 notes I have about Trash guides are:

1. Include some kind of ingest directory for qbittorrent. Helpful when you want to d/l a torrent that’s not managed by one of the arrs. Just save it there and thy will be done!
2. Pay close attention to the quality settings. Most don’t have a fallback quality. So if you say you want 4k for movies, it will often fail to find something, especially if it’s older, and you have to go see why, change the quality to 1080, etc. Instead, use the quality guide to understand how it works, and set up what you want with appropriate fallback. For example, I prefer to get 720p for TV. Especially w/ long running shows they can take up A LOT of space, even at 1080! BUT sometimes 720 just isn’t available. 1080 is usually the first thing that comes out, so I add 1080 as second choice. For older shows, I add DVD quality as third choice, HDTV next, and 480p last (probably have those last two backwards). This way, it will pretty much always get something decent, and if the quality I want is ever released, I have it configured to continually search. Looking over the Trash guides definitely helped me dial this in, but I’m not using the stock version of any of their presets.

One thing I need to figure out is identifying shows that have hearing disabled tracks as their default/only. I’ve been watching Taskmaster, and lots of the episodes in more recent seasons have the descriptive voice-over that’s annoying to me since I don’t need it.

I want to say Dreams of Code (or his other channel Dreams of Autonomy?) did a video on VOS setup where he secured the connection between VPS and home. I think he used Tailscale. I’ll see if I can find the video.

It’s a throwaway address I use for online vendors. Most of those get an addy.io address nowadays, but Reddit still goes to the original address.

TL;DR: I’m aware, thanks.

AFAIK, it actually doesn’t require modification of the original file at all. It can be done with a metadata change in a sidecar file.

Yes you can do all of that, but it’s saved as a separate asset that is not related in any way to the original. That’s the issue. Also, it would be nice to be able to do these things in the web app as well.

As for syncing, if all your phones are logged into Immich as the same user, you wouldn’t have any issues syncing photos. I don’t thing Immich currently allows sharing assets between users. That can be troublesome for family albums.

I don’t think so. I think for any kind of editing, they’d need to implement some kind of asset versioning.

I think this highlights the difficulty with “basic” image editing. For example, with G Photos or Mac Photos, or others, you can edit, and the edited version is what you’ll see by default going forward, but the original is still there. This is why I highlighted rotation. That’s strictly a metadata change, AFAIK. Last thing I read on their site was they were hung up getting it to work properly with HEIF.

I believe Piwigo had the first feature you mention. Actually, there are quite a few things from Piwigo I’d love to see implemented in Immich. One that was pretty unique was designating an image as the back of another one, for scanned files. Niche, but really useful in those cases.