/thread
This is my go-to setup.
I try to stick with libvirt/virsh
when I don’t need any graphical interface (integrates beautifully with ansible [1]), or when I don’t need clustering/HA (libvirt does support “clustering” at least in some capability, you can live migrate VMs between hosts, manage remote hypervisors from virsh/virt-manager, etc). On development/lab desktops I bolt virt-manager on top so I have the exact same setup as my production setup, with a nice added GUI. I heard that cockpit could be used as a web interface but have never tried it.
Proxmox on more complex setups (I try to manage it using ansible/the API as much as possible, but the web UI is a nice touch for one-shot operations).
Re incus: I don’t know for sure yet. I have an old LXD setup at work that I’d like to migrate to something else, but I figured that since both libvirt and proxmox support management of LXC containers, I might as well consolidate and use one of these instead.
I see, agree with you that it should be supported by the terraform provider if it is at the VM .conf
level… maybe a new attribute in https://registry.terraform.io/providers/Telmate/proxmox/latest/docs/resources/vm_qemu#smbios-block? I would start by requesting this feature in https://github.com/Telmate/terraform-provider-proxmox/issues, and maybe try to add it yourself? (scratch your own itch, fix it for everyone in the process). Good luck
I was under the impression that cloud-init could only really be used to run commands inside the guest?
Yes that’s correct, I didn’t realize you had something to do outside the guest to enable it. What exactly? How do you solve it manually for now?
I would have liked for this to be possible directly through Terraform
Is it this proxmox provider? It does allow specifying cloud-init settings: https://registry.terraform.io/providers/Telmate/proxmox/latest/docs/resources/cloud_init_disk. So you can use runcmd
or similar to do whatever is needed inside the host to enable Intel SGX, during the terraform provisioning step.
AppArmour support for VMs, which is a secure enclave too (if I understand correctly).
Nope, Apparmor is a Mandatory Access Control (MAC)) framework [1], similar to SELinux. It complements traditional Linux permissions (DAC, Discretionary Access Control). Apparmor is already enabled by default on Debian derivatives/Ubuntu.
I would check enabling it from cloud-init and/or during an initial provisioning step using ansible
You can probably use it by templating out https://github.com/nodiscc/xsrv/blob/master/roles/homepage/templates/index.html.j2 manually or using jinja2. basically remove the {% ...%}
markers and replace {{ ... }}
blocks with your own text/links.
You will need a copy of the res directory alongside index.html (images, stylesheet).
You can duplicate col-1-3 mobile-col-1-1
and col-1-6 mobile-col-1-2
and divs as many times as you like and they will arrange themselves on the page, responsively.
But yeah this is actually made with ansible/integration with my roles in mind.
So much server-side code :/ I wrote my own in pure HTML/CSS which gets rebuilt by ansible depending on services installed on the host. Basic YAML config for custom links/title/message.
Next “big” change would be a dark theme, but I get by with Dark Reader which I need for other sites anyway. I think it looks ok
Lemmy/Reddit feeds, Yotube channels and other video hosting sites, IT/technical blogs and websites, software releases, newspapers, personal blogs… Currently there are 651 feeds in my feed reader. Actually found this post in my RSS feeds.
I think Shellhub might do the trick
Disk I/O always been the weak point of RPi, with slow USB being the only way to attach drives, and the USB port sharing the same bus as the network controller. A requirement for a frequently used Network-Attached Storage is… well… decently fast network and storage access. The Pi will not cut it for this specific task (moving external USB drives around your house would be faster and more practical).
But other sites, like Instagram, don’t provide feeds directly. To get those feeds, you’ll need some kind of service that scrapes content from Instagram and creates a feed from that. I’m sure there are selfhosted options for this
Do I have to use a special NAS-specific OS to make use of the NAS hardware? Like to do snapshots and stuff?
No, these features are provided by various components, which are available in any modern OS. Snapshots for example can be provided by LVM or ZFS. Disk fault tolerance (RAID) is typically provided by LVM-RAID, ZFS, or plain old mdadm
, or a hardware RAID card.
Kinda related: what if I install something like Debian/Ubuntu on it? Can I still use the NAS hardware in the same way?
You can, provided you set up these components yourself. Pre-made NAS OS like OpenMediaVault or TrueNAS will have these set up out-of-the-box. Web-based configuration interfaces are often specific to these pre-made distributions, so if a Web UI is a must-have, you will have to find suitable alternatives (for example cockpit, web-based file managers, web-based user management tools, etc)
TrueNAS is FOSS.
I don’t think it is? https://www.truenas.com/docs/core/gettingstarted/useragreements/coreeula/
I use netdata badges to display the current status of services/HTTP checks to my users.
how do I check?
SFTP mountpoint + rsync (or grsync GUI) or unison (or unison-gtk GUI)?
In my experience and for my mostly basic needs, major differences between libvirt and proxmox:
virt-clone
andvirt-sysprep
.virt-install
and a Debian preseed.cfg to provision new templates, on proxmox I do it… well… manually. But both support cloud-init based provisioning so I might standardize to that in the future (and ditch templates)