Skip Navigation
Jump
How to use Android Tablet to shut down + restart applications on the Windows server on the internal network?

  • You are talking about a manual watchdog timer system. There are low cost and free systems to do things like this - a search for network and application monitors will turn them up.

    Its way better to try to address why the core program dies that patch around it this way but as that's not always easy (or cost effective if the code is out of maintenance) then just create a small program that checks if the core app is running and restart it if its not. This can be run from the system scheduler every few minutes.

    If you have no way to tell the program has died (other than users shouting) then you could look to send an email to a mailbox that's monitored by a background program and restart when it gets one.

    Another way is to create a simple web page that is hosted on a box and use that to trigger the reset.

    2
    • Jump
    NTFS seems really sensitive?

  • Which ntfs software are you using?

    IIRC there are three options now (inc one in the kernel that's supposed to be a bit rough still) but the most stable seems to be the older fuse option of ntfs-3g.

    I moved to getting none Linux boxes reading Ext4 drives using https://www.paragon-software.com/ drivers.

    Have you tried using wsl mount on Windows to access Ext drives (may depend on your Windows version)...

    Bit baffled by u/ajnozari comment on share security issues - SMB via SAMBA is well documented as to how to set things up...

    1
    • Jump
    Can't get SSL certificates

  • IIRC Getting the LetsEncrypt certificate for NGINX Reverse Proxy requires direct access to the web site on port 80 - you are behind CGNAT and stuffed...

    Possibly have a look at Cloudflare tunnel (Cloudflared in Docker) - this gives you http / https access with certificates. I used these instructions and it took less than an hour to get up and running https://www.crosstalksolutions.com/cloudflare-tunnel-easy-setup/ Note my TTL on the domain was set low to speed up transfer of name servers.

    This also lets me access the sites directly using the full DNS entry even though my router does not handle hair pinning - no need for a local DNS server anymore.

    Note the above are slightly out of date to the screen layout but in principal they work fine.

    There is a small security concern - Cloudflare can intercept all traffic (even to/from https sites) internally - that does not worry me but your use case (or principals) may differ :-)

    1
    • Jump
    Selfhosted Knowledge Base

  • I've stopped using my wiki as I discovered https://www.bookstackapp.com/

    The advantage is it forced me to organise my notes rather then the mess I had before while still maintaining the ability to link between scribblings...

    1
    • Jump
    Interested in starting a homelab

  • If power / noise is a concern then look at the small form factor PC options on eBay.

    Some of these will take two or three drives if you remove the CD / DVD drive and can handle a fair number of tasks if memory is increased.

    I've been using my old Mac mini (late 2012) under Debian and Docker - maxed it out to two drives and 16GB - these pop up for £40 - £50 now and then and about take as much power in idle as my Pi boards but way more CPU abilities when running.

    1
    • Jump
    ssh and port forwading guide

  • Not a router I know so I can only give general advice.

    You need to find out if your ISP allows incoming connections on port 22

    You will need to find out if you are on CGNAT or equivalent for your internet connection - look at the external IP address of your kit.

    You will need to set your Pi up to have a fixed IP address internally (based done on the router / DHCP server rather than on the PI)

    Get fail2ban and ssh keys working first (I would also look to add UFW - do it with a keyboard and screen set up just incase you lock down port 22 in error).

    Then you will need to find your router manual and look at that for port forwarding, It can be called a few things:

    1. Application / web services
    2. Port Forwarding
    3. NAT forwarding
    4. Incoming Port Triggering

    Avoid anything that is setting up DMZ - you only want to to open one port to the Pi and keep it on your network.

    Normally port forwarding will need to know the source and destination port (port 22 in both cases for SSH by default) and the internal IP address or destination (the PI) - some routers will need the MAC address of the PI instead of the IP address. You can normally find this from the router / DHCP server or from the Pi using ip a and looking for the MAC details. Some folk will recommend moving ssh from port 22 - two minds over this as a port scan will show the new port up BUT you do stop the stupid attacks that try to brute force 22 using pi / raspberry

    Testing is best done with a different network - use your mobile or a different house as lots of routers do not allow a loop back (hair pinning) into the same network as your originate the connection.

    If you find yourself on CGNAT or not able to open port 22 then there are a few things you can look at:

    • Zeroteir or Tailscale have a free offering for a VPN that originates inside your network so no ports need to be open
    • Cloudflare tunnels allow web (HTTP / HTTPS) and ssh tunnels to be set up

    All of these require a small client program to be running on the Pi or other machine.

    1
    • Jump
    Exposing services

  • Have a look at Cloudflare tunnels.

    Easiest way would be to run it on the server (either Docker or direct command line) and this will give you http / https / ssh access to the server with an option for different types of authentication.

    There is a walkthrough https://www.crosstalksolutions.com/cloudflare-tunnel-easy-setup/ - a bit out of date for screen shots (Cloudflare change the screens frequently it seems to me) but lots exist on the net / YouTube if you get stuck.

    1
    • Jump
    ssh and port forwading guide

  • Please tell me you plan to use ssh keys and preferable fail2ban and a firewall on your machine if you are not using a VPN / Cloudflare tunnel.

    https://www.tomshardware.com/how-to/use-a-secure-key-for-ssh is one starting point but u/flaming_m0e nailedit - what actually is your problem?

    I would also ask - what do you aim to do?

    Some clue as to your network kit (esp the router and if you are on CGNAT) would also help.

    1
    • Jump
    BOUGHT A DOMAIN AT NAMECHEAP. NOW WHAT?

  • Domain does not equal email...

    You also need an email server and they should tell you how to set up the MX records for your domain. As you are using Namecheap, you will find it easy to use their email service at https://www.namecheap.com/hosting/email/

    Using Outlook as the mail server for your domain is possible BUT it depends on your MS contract and some, e.g. 365 Personal have changes coming up at the end of this month - start at https://support.microsoft.com/en-us/office/get-a-personalized-email-address-in-microsoft-365-75416a58-b225-4c02-8c07-8979403b427b

    You used to be able to use Outlook on the web to pull from SMTP or IMAP servers so you had everything in one inbox but I honestly do not know if that exists now and still requires the external email server.

    1
    • Jump
    Looking for simple set up DNS server suggestions

  • Try https://github.com/gitbls/ndm

    It's command line driven but takes very little in the way of memory / processor.

    1
    • Jump
    1u chassis for Raspberry Pi

  • Not cheap but excellent quality https://lincolnbinns.com/shop/internet-of-things-iot/raspberry-pi-enclosures.html

    I used them for a pair of bespoke Pi 4B 10" rack mounts and was very happy with everything from the project management to delivery time. The face plate cutting and coating was excellent - no rough edges or smudge 'paint' in site.

    The HAT may cause an issue for their standard enclosure (it's a total wrap around providing cooling) but drop them an email and see if they can help.

    1