"Domain name needs at least one dot". What did you enter?
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Show posts MenuQuote from: meyergru on September 25, 2024, 09:59:36 AM
1. Wenn man die Zusatzanwendungen unter Proxmox braucht und dafür keine andere Hardware hat, kann man das machen - allerdings möchten viele Leute eine dedizierte Hardware für die Firewall.
Quote from: meyergru on September 25, 2024, 09:59:36 AM
2. Ist das Ding teurer als die geforderten 250€.
Quote from: meyergru on September 25, 2024, 09:59:36 AM
3. Sind die Folgekosten wegen der TDP des Prozessors höher (45 Watt statt 6 Watt). Jedes Watt mehr kostet bei 24/7 und aktuellen Strompreisen ca. 2€ im Jahr, das macht dann ca. 40€, wenn ich davon ausgehe, dass die Leistungsaufnahme im Schnitt nur 20 Watt höher ausfällt.
Quote from: meyergru on September 25, 2024, 09:59:36 AM
4. Es sind wieder Realtek-Adapter: https://androidpctv.com/wp-content/uploads/2024/09/Beelink-EQR6-review-t001.jpg und nur 1 Gbps, wobei Ersteres keine Rolle spielt, wenn man Proxmox fährt. Man kann dann allerdings den Netzwerk-Adapter nur als Bridge, nicht nativ an die VM durchreichen (LAN muss man ja sowieso sharen, weil nur zwei NICs vorhanden sind).
Quote from: Patrick M. Hausen on September 17, 2024, 10:42:06 PM
By the book that's a full mesh, not a hub and spoke topology. In the latter everything goes through the hub.
Quote from: luckylinux on September 18, 2024, 06:56:36 AM
Good to know that's also a Feature Netbird provides :). If only it would work in my case :(.
As for Zitadel, that's the third Attempt I did back then on my Hetzner VPS (after Authentik and Keycloak) and it would NOT work at all. Zitadel was such a Memory Hog that I believe it triggered the OOM Killer due to excessive RAM Usage. Anyways, not an Option on a low CPU/RAM VPS. I have a dedicated Server now with several KVM Virtual Machines, so I could try that.
But I really liked Authentik, it's just an absolute PITA to interface with Netbird. And Netbird Debugging / Troubleshooting Capabilities are quite bad in my View, when something does not work (at all), it's not very clear (at least to me) as to why. And when it works, it's probably fine (until it breaks). I never managed to even get something to show up on the Web GUI so it's really frustrating to be honest :(.
export NETBIRD_DOMAIN=netbird.example.com; curl -fsSL https://github.com/netbirdio/netbird/releases/latest/download/getting-started-with-zitadel.sh | bash
Quote from: luckylinux on September 18, 2024, 06:56:36 AM
Granted, it could also be due to the Reverse Proxy (Traefik) Setup and possibly some Firewall Rules (I added exceptions based on Netbird specifically mentioning Hetzner Stateless Firewall although that did NOT make any Difference).
As to Wireguard breaking down ... I see that as a MUCH less likely Risk. Yes, it might be more of a PITA to set up Manually 100 Instances of Wireguard (Ironically in my Homelab, Gitlab and Nextcloud kinda forced my Hand on this one, since I HAVE to use NFS since their Update Script doesn't work with Samba/SSHFS Permissions and I don't have the Time to setup a Kerberos server for NFS - so I just do NFSv3 TCP over Wireguard UDP).
But compare generating a Keypair, setting up one small Config file for each Point-to-Point Connection with a System that might very easily break between Updates (either on Netbird side, or on Authentik/Keycloak/Zitadel side). I'd say Wireguard is very Reliable in that Regards.
Netbird should begin having some Consistency in their config File ... Depending on the Guide you Follow some Config/Environment Variables are NETBIRD_AUTH_XXXX and others are AUTH_XXXX and it's not always clear which Direction they are moving towards (I kinda had to duplicate quite a few of them in Order to suppress some Warnings in the Logs, although that did not solve my Problems).
Quote from: luckylinux on September 17, 2024, 07:37:40 PM
KISS with Wireguard only or Wireguard + Netbird at the "Price" of having a bigger ecosystem that can break more easily ? Uhm ...