how to set up a remote managed node for mom
from nagaram@startrek.website to selfhosted@lemmy.world on 26 May 03:20
https://startrek.website/post/23770829
from nagaram@startrek.website to selfhosted@lemmy.world on 26 May 03:20
https://startrek.website/post/23770829
I run my production Jellyfin server and a few other services on a Optiplex sff computer with a thicc hard drive and a low profile GPU.
I want to build two more of these with thicc Hard drives so that my parents and my in-laws can have a local Jellyfin instance that I manage remotely and they just need a box plugged in somewhere at their homes.
Is it possible to make Proxmox build a VPN tunnel on boot so I can just have it in my cluster dash. Like using tailscale or openvpn.
Or am I going to have to go with my original plan and put that on the same box as the Jellyfin server and then just VNC in?
Any tips or ideas?
threaded - newest
You can do this easily with Tailscale or a similar wiregaurd vpn.
Is it pretty easy to set up on a CLI?
I’d want to do that if possible.
Yes. Tailscale is surprisingly simple.
Hell yeah
Yes its CLI based
Yep, you can install it directly on the proxmox host too.
Just make sure you test it and also test upgrades so you can avoid having to be on-site for those.
Or run the docker container if you’re going that direction (hub.docker.com/r/tailscale/tailscale).
I run my Jellyfin on a Synology NAS and it connects to Tailscale on boot. (Doesn’t require any of their cloud stuff to be active, either). Maybe a cheap/used NAS is your answer?
I already have a stack of Optiplex 30XX SFF PCs. It would be cheaper spending the $100-$200 for a high capacity HDDs TBH. And the idea is that I manage the content on it from my own 30tb store.
12-16tbs of TV and movies is kind of a lot lol.
wg-quick creates a systemd service for each wireguard config you have. So if you set up a tunel called wg0, you should be able to run ‘sudo systemctl enable wg-quick@wg0’ This will make your tunnel connect on every boot. I have the same setup on my proxmox, so i can reach certain services of my homelab proxied through a root server (the other end of the wireguard tunnel)
Wait, why not create them an account on your instance ?
Yeah even if you’re someone who is super concerned about Jellyfin’s API safety, it’ll likely be less maintenance setting them up on tailscale than duplicating the streaming hardware. But that’s assuming OP’s family are as tech illiterate as mine
I would guess shitty internet in one or both places making local streaming a better option
That’s me! Gotta love Spectrum baby!
I actually got into this because I used to have sporadic hour+ long Internet outages when I was trying to watch all of Star Trek.
Are you ready to be tech support for when the “weird box in the corner” stops working?
And there’s no mention of how far away these people live; the further away the less likely I setup something like this. I have no desire to try and fix a bootloader issue from 1,000 miles away just to waste several hours and have to ship them a new X.
I know this because I’ve done it, and I wouldn’t do it again. If someone doesn’t specifically ask for a home hosted solution (and have some sort of technical knowledge), I never offer a home hosted solution.
15 minutes drive to my MIL and 4 hours to my own Mom.
My dad used to do tech support and wants to learn some of this stuff while he’s recovering from surgery and I’m at my MILs several times a month anyways. So it all works out. Also it’s only fair as the FIL has helped me do so much with my car over the years I wanted to pay them back and he likes movies more than me.
Just making sure you know what you’re in for.
Speaking as someone who has recently taken on a far-remote (e.g. about 22 hour drive away) support for a MIL, the best thing you could do is set up a VPN.
For me, I’m still on Plex with a very old lifetime account with my MIL using a dedicated user account - that access is over the Internet. The VPN is to provide access to Overseerr so that she can do things like request specific movies/TV shows without having to email/call.
It’s not perfect - one day I woke up to 26 seasons of “Into the Country”, but it works fairly well.
I sat down with her one day while visiting about a year or so ago and walked her through connecting to the VPN, then getting to the hosted site, then disconnecting from the VPN - basically running drills and making her take notes until she felt she could do it by herself.
That’s not a bad call.
There’s fortunately pretty tech literate people at both locations. I can walk them through most of it with very little a long the lines of finger puppets and crayons.
We were visiting for about a week and I think it took three separate days, about 20 minutes each day before she felt comfortable doing the VPN stuff herself.
It was definitely painful, but if you’re patient, it’s doable.
Good luck with whichever option you choose!
If you wanna mirror the movies: syncthing
Remote: Depends on if you want to install a jump station you VNC/RDP/Teamviewer in or directly access it.
I like to leave ssh over tor hidden service on remote boxes. It’s pretty resilient and can serve as emergency access for when something happens to the VPN. Not a great primary access method because of the latency.