vault backup: 2025-02-05 14:38:06

.stversions/2 Personal/Home Lab/NAS/Backup Strategy~20250203-093650.md

@@ -0,0 +1,5 @@
+# Tools
+1. [restic](https://www.reddit.com/r/emacs/comments/q0i2nb/what_personal_system_do_you_have_to/)
+
+## Hyperbackup
+- Setup my raspberry pi at home with a 5TB hard disk and use [this](https://www.reddit.com/r/synology/comments/sdpptz/using_an_ubuntu_server_as_a_backup_target_for/).

.stversions/2 Personal/Home Lab/NAS/External Access~20250203-063555.md

@@ -0,0 +1,41 @@
+---
+Owner: Claudio
+---
+# DS-Lite
+
+My ISP (Salt) uses DS-Lite which basically shares a few IPV4 addresses between a lot of customers and internally route traffic using IPV6 addresses. This means that I only have a static IPV6 address and nothing else.
+
+If you want to access your home network you will need to either use IPv6, which does not always work (old devices use IPv4) or have a port-mapping service that translates IPv4 traffic to your static IPv6 address.
+
+  
+
+# Other Methods
+
+## Zerotier
+
+Zerotier is an amazing tool to do a peer to peer network, it will however not allow anyone to access a service.
+
+## VPS Forwarder
+I'm using [[nginx]] to forward ipv4 requests to my static ipv6 address of the NAS. It acts as a reverse server using different ports for different applications and I'm using A-records on my hosting provider to differentiate subdomains into different applications:
+- [photos.claudiofritsche.com](https://photos.claudiofritsche.com)
+- [drive.claudiofritsche.com](https://drive.claudiofritsche.com)
+- [kino.claudiofritsche.com](https://kino.claudiofritsche.com/)
+
+The nginx subsite has the following config in `sites-availble`:
+```xml
+server {
+
+       server_name drive.claudiofritsche.com;
+       location / {
+            proxy_pass https://[2a04:ee41:3:c45c:211:32ff:fec0:4372]:5555;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+       }
+}
+```
+
+then I used certbot to add the ssl: ` sudo certbot --nginx -d drive.claudiofritsche.com`
+
+and finally reload the nginx service: `sudo systemctl reload nginx`

.stversions/2 Personal/Home Lab/NAS/Jellyfin Installation~20250203-063543.md

@@ -0,0 +1,19 @@
+---
+title: Jellyfin Installation
+created_date: 2024-12-02
+updated_date: 2024-12-02
+aliases:
+tags:
+---
+# Jellyfin Installation
+## Install Script for Scheduled Task
+```bash
+docker run -d --name=jellyfin \
+-v /volume1/docker/jellyfin/config:/config \
+-v /volume1/docker/jellyfin/cache:/cache \
+-v /volume1/video:/media \
+--user 1026:100 \
+--net=host \
+--restart always \
+jellyfin/jellyfin
+```

.stversions/2 Personal/Home Lab/NAS/NAS Projects~20250203-063554.md

@@ -0,0 +1,7 @@
+Self Hosting
+1. Bitwarden vs Vaultwarden
+2. MonicaHQ CRM
+
+# Tasks
+- [ ] Proper backup solution to an offsite location: https://www.wundertech.net/backup-your-synology-nas-using-hyper-backup-to-a-raspberry-pi-on-site-or-off-site/
+- [ ] syncthing setup to backup my obsidian vault and then back it up together with the nas

.stversions/2 Personal/Home Lab/NAS/NordVPN Setup~20250203-093653.md

@@ -0,0 +1,8 @@
+---
+Owner: CClaudio
+---
+I followed this article here: [https://support.nordvpn.com/Connectivity/NAS/1047411072/How-to-Set-up-a-VPN-on-Synology.htm](https://support.nordvpn.com/Connectivity/NAS/1047411072/How-to-Set-up-a-VPN-on-Synology.htm).
+
+This worked well.
+
+I stored the required files on the drive.

.stversions/2 Personal/Home Lab/NAS/Photo Apps~20250203-093651.md

@@ -0,0 +1,10 @@
+- [ ] Immich
+- [ ] Synology photos
+- [ ] photoprism
+# Library Apps
+## Immich
+[Immich](https://immich.app/) is a fast changing app that apparently has better face recognition than Synology Photos.
+
+# Photo Organization
+## [Phockup](https://github.com/ivandokov/phockup)
+This command line tool allows to sort photos in a date based folder structure.

.stversions/2 Personal/Home Lab/NAS/Ports Opening~20250203-063555.md

@@ -0,0 +1,20 @@
+---
+title: Ports Opening
+created_date: 2024-12-09
+updated_date: 2024-12-09
+aliases:
+tags:
+---
+# Ports Opening
+
+## What Ports are Okay to Open?
+This is from the [video from SpaceRex](https://youtu.be/eq_T075hImk).
+
+| Port | Application               |
+| ---- | ------------------------- |
+| 5001 | DSM Login Page            |
+| 6690 | Synology Drive Share Sync |
+| 6281 | Hyperbackup               |
+| XXXX | Open VPN server           |
+What Ports not to open?
+- SMB Port

.stversions/2 Personal/Home Lab/NAS/SSH~20250203-063554.md

@@ -0,0 +1 @@
+I changed the port to 1717.

.stversions/2 Personal/Home Lab/NAS/Virtual Machine Hosting~20250203-063559.md

@@ -0,0 +1,19 @@
+---
+Owner: CClaudio
+---
+# vDSM to run it through a VPN
+
+- [https://www.reddit.com/r/synology/comments/ee1hdc/docker_transmissionvpn_vs_virtual_dsm_download/](https://www.reddit.com/r/synology/comments/ee1hdc/docker_transmissionvpn_vs_virtual_dsm_download/)
+- [https://www.reddit.com/r/synology/comments/dtxzo6/comment/f6zljpg/](https://www.reddit.com/r/synology/comments/dtxzo6/comment/f6zljpg/)
+
+> [!info] Download Station over VPN  
+>  
+> [https://www.reddit.com/r/synology/comments/qsfhf5/download_station_over_vpn/](https://www.reddit.com/r/synology/comments/qsfhf5/download_station_over_vpn/)  
+
+  
+
+## Todos
+
+- [ ] add daily cron job to move movie downloads from downloads to video folder
+- [ ] Change firewall settings for vDSM to allow only VPN traffic
+- [ ] Enable external access through my main nas

.stversions/2 Personal/Home Lab/NAS/Zerotier Installation~20250203-063543.md

@@ -0,0 +1,10 @@
+---
+title: Zerotier Installation
+created_date: 2024-12-05
+updated_date: 2024-12-05
+aliases:
+tags:
+---
+# Zerotier Installation
+I just followed the installation guide of the official zerotier website.
+The only problem that I might encounter in the future is that I have not moved the tun to a shared folder and thus it might be overwritten by an update.