These are the Watchtower logs so far. https://pastes.io/watchtower

I didn’t see anything remarkable other than the error for Netdata but I got that fixed:

NFO[30906] Found new netdata/netdata:latest image (6376ffeda44a) 
INFO[30940] Stopping /NETDATA (a18a3e3409f3) with SIGTERM 
INFO[30942] Creating /NETDATA                            
ERRO[30942] Error response from daemon: the container-wide MAC address must match the endpoint-specific MAC address for the main network, or be left empty 

The end result is that people understood common sense that it’s not admirable to be pathetic and weak. You should have been beaten as a kid by other kids, and weren’t.

Ahh yes. Violence always helps. I come from an entirely different timeline myself being 70 years old. I didn’t like bullies then, and I don’t like them now.

I was thinking more along the lines of Morty’s sex robot purchased at a intergalactic pawnshop.

Hmmm, well, I’m not one to judge a person’s proclivities, but I don’t see it as being much different than porn, assuming you are selfhosting a girlfriend for sexual release/companionship. I’m not sure I’d disclose this on a public forum, but maybe you feel a bit more comfortable than I.

The other consideration is that AI generally takes a pretty good chunk of resources to use effectively. I have selfhosted a couple of LLMs like GPTFree, Automattic111, and a couple more, however, as I mentioned, they take a lot of resources.

Might want to stock up

This is a good point. I know there are a handful that my ISP blocks right off the bat. For me it’s 25,135,137, 138, 139, 445, 6666, 6667.

She sure has a lot of domains tho. That’s not that unusual, just notable. I hope she finds inner peace.

One man’s dream VPS is another man’s nightmare VPS.

I do business with Contabo. They did raise my monthly by $1. I’m still with them, I have had no real issues with their service. I also do business with Ethernet Services. They are bare bones, no frills, hosters. I pay $25 per year with them so I don’t really expect that much in return except for keeping everything online and they do a fairly good job of it. Their service tickets are slow, but they’ll get around to you.

LuxVPS is my latest host. I get more bang for buck from them:

• Black Luxury Deal #1

• 4 vCores (Xeon Gold 6150)
  

• 26 GB DDR4 RAM
• 150 GB Raid 1 NVMe
• 1 Gbit internet speed | 40 TB Traffic
• 1x IPv4
• 1x /64 IPv6
• 3.2Tbit Premium DDoS Protection
• 24/7 Ticket Support
• 4 Backups
• For ONLY 10€/Mo (recurring)

Their only caveat is that you have to pay extra for mail ports.

If it was free, I’d say go for it. If it’s $100, you’re halfway to a much more capable machine

This very line of reasoning is why I cannot build cheap desktops. I’m always thinking ‘well you know, if you add another $100 you could have all of this’

Tailscale Healthcheck looks interesting.

If I understand you want iptables to be persistent across reboots? Would the following be useful?:

apt-get update -y && apt-get install iptables-persistent -y
service netfilter-persistent save

I have no clue about ansible as I have not explored that region of selfhosting yet. It’s on the list tho.

Don’t forget to make a backup before any changes.

Well, I had a time wrapping my old head around Caddy. It took me an embarrassingly long time to get it, and one day the clouds cleared, and the sun shone through, and it made sense. I had no clue about the formater, but you can bet I’ve made some notes so I don’t do that shit again. LOL

Dude. Awesome blog.

Ok my brother, I’m back with great news. It is as easy as everyone in this thread has said it was. Honestly, it wasn’t the set up that I was concerned with. My question was more concerned with any additional security considerations I may have to deploy before setting Tailscale up as an exit node and thus using it as a traditional VPN.

First, I am going to assume you already have Tailscale deployed on your server & laptop or desktop. That’s going to make it a lot easier…hurr hurr.

So fire up your terminal and point it at your server. You can run sudo tailscale status to check the current status of Tailscale. After which you will need to issue this command: tailscale up --advertise-exit-node. This does what it says and tells Tailscale to use the current server as an exit node.

Having done that, in the Tailscale console online click the [Machines] tab. Click the […] option at the far right of your server listing and select [Edit Route Settings]. This brings up a dialogue box. Check [Use As Exit Node].

Assuming a Windows laptop/desktop, click the Tailscale tray icon. You should see your server listed under [Recommended]. Choose that one.

You should now be connected to the server exit node. Check your IP Check your speed. Not too shabby. Conduct a DNS Leak Check

There you go. Jack’s a doughnut, Bob’s your uncle. To put your server back, use sudo tailscale up --advertise-exit-node=false

Somebody fact check me. LOL

How about I do the set up first, take my normal notes as I do, and then report back to you. That way I’ll have a firmer grip on what needs to be done.

Nah, it’s good. I do have a knack for asking silly, basic questions. I certainly don’t have the networking prowess and certifications that some of the group here has, and I just want to be cautious, perhaps overly cautious when implementing what I have proposed. I know what an overlay vpn does, and I know what a traditional vpn like say, PIA, does. I just want to proceed with caution because the end use has serious implications if improperly deployed. At the very least I want to make myself confidant that I have covered all bases.

I’m sorry…I’m just asking all the stupid questions up front.

I run a hybrid: 3 VPS and a rack in the closet. I don’t get hung up about labels. I leave that to others who obsess about that sort of stuff.

sugar_in_your_tea @sh.itjust.works

It’s nice to be commented by someone famous.

Open up the window, let some air into this room I think I’m almost chokin’ from the smell of stale perfume And that cigarette you’re smokin’ 'bout scare me half to death Open up the window, sucker, let me catch my breath

I have tried on numerous occasions to get freedns.afraid.org to work for me. I would be interested in how you got it going when you do get it all worked out.