Unraid and Proxmox
- 0 Posts
- 10 Comments
Joined 1 year ago
Cake day: October 20th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
1·1 year agoIt’s not cheap to operate a business in Canada
Really depends on the gear. Some of it you can, some you can’t.
Check IPMI and see if you can adjust it there. For mine, I use the IPMI plugin that you can get for Unraid. So some OS’s do have solutions. But depends on your OS and hardware.
You can replace fans, usually. But need to make sure you still have enough airflow for the equipment.
I did replace my server grade fans with the Noctua Industrial. They are still a bit loud for being in the same room, but quiet one room over. Where before you could hear it in any room of the house.
My goal was quiet one room over.
I do this with ZFS using a Keyfile and a script that runs at boot to unlock/mount.
I put the keyfiles on a USB drive. (Make sure you have backups!) This USB drive is hidden, I won’t go into details on how I did that, several ways to do that, you can get pretty creative.
If someone steals my server, they need to know where I hid my USB, or they won’t be able to get to any of the encrypted datasets.
That sounds easy enough, but it creates a situation where I don’t know what updates are important (security) and what updates are minor. So I have to read the release notes for each update and then decide if I need it to patch a security vulnerability.
Where with the other method, I know the update is likely critical.
For some those frequent updates are a +, for me it is not. So use what works best for you!But right now I couldn’t use opensense even if I wanted to, as it’s FIPS non-compliant due to them still using the depreciated EOL OpenSSH 1.1.1, and no date set to move to v3
chuckle, butthurt downvotes but not one comment to dispute anything I said. Enjoy the depreciated OpenSSL without security updates.
No, I like pfsense because it has less frequent updates and is better documented.
Here is one of the better guides that helps you config much of what you are talking about:
https://nguvu.org/pfsense/pfsense-baseline-setup/
Plus, opensense gets most of their code from the work done by pfsense, and often have to wait on them to push the code. Just look at what happened with TLS 1.3
and a big part of the reason is taxes and regulations. People with $$ don’t care, but everyone in the bottom 75% really takes a big hit compared to their income.
Storage