I like it, it was released a couple of days ago so something might require a bit more polishing but overall it looks better to me.

As you wish, indeed the only free offer without credit cards is the one of azure for students. In any case you are not anonymous.

Considering the small audience and purpose, I would not have any problem using the always free offerings of either Oracle or Google (the latter especially if located in the US).

I don’t know, wouldn’t the Hypervisor be able to track resources usage by itself without anything else?

Thanks for the suggestion, but my 24 GB are well employed already. I wanted at least to outsource the VPN manager to a smaller VPS.

The one managing my VPS, controlled solely by Oracle corporation

I am experimenting with ZRAM, it is indeed better than ZSWAP, that’s why i am asking if any other kernel features can help.

Yes, this is a possibility. the ARM VPS is already running something else, but if I manage to run netbird behind a reverse proxy I can also move it there. BTW there are also 1 GB free VPS on azure (for students) and Google Cloud, but you guessed right.

If postmarket os works on that device maybe you can go full Linux (alpine), there will be no systemd which might be a problem and I am not even sure about docker compatibility. You can look it up though.

Relays have become a pro feature in the last release. I tested them on netmaker.io SaaS version and they work but it defeats the purpose of selfhosting my VPN manager. You also need to have a good relay, for instance among GCP, Azure, Oracle and Vultr only the latter works because their VPS are not behind a NAT.

Netbird first of all is extremely resource hungry. In some occurrences completely hanged a 1 GB RAM VPS when I was testing. Even without trashing I had issues connecting many of my peers. It has to be said that it was surely my fault in some ways as netbird.io SaaS worked fine.

Tailscale just works, I recently tried netbird and netmaker. I did not manage much with the first but netmaker instead seemed even easier to manage than tailscale, being faster at the same time. Unfortunately it failed with peers behin my corporate NATwhich tailscale can bypass with its own relays. But for others it can work very well.

Hi, to check attacks you should look at the logs. In this case auth.log. Being attacked on port 22 is not surprising neither really troublesome if you connect via key pair.

My graph was showing egress traffic, on any kind of server the traffic due to these attacks would have been invisible but on a backup server which has (hopefully) only ingress you can clearly see the volume of connections from attackers from bytes teansmitted

ssh -p 12345 would leave your boxes accessible from anywhere too. Other blocks of IPs receive 10 times or more requests, as scanners can focus on blocks of ips from major providers.

Next time

Sorry, it’s the built-in console of Google Cloud. But there are so many monitoring solution around that you can probably find one of your liking. Look on awesome-selfhosted for “monitoring”

In all the cases for me is sufficient to backup the folder which host the volume for persistent data of each container. I typically do not care to stop and reload containers but nothing prevents you to do so in the backup script. Indeed if a database is concerned the best way is to create a dump and backup that one file. Considering tools, Borg and restic are both great. I am moving progressively from Borg to restic+rclone to exploit free cloud services.

So it seems. Do you think this was from the detected user activity? A colleague reported it was using it and it stopped working from one second to the next. Maybe some of his traffic looked suspicious? I am opening a ticket in any case today.

Now it’s pretty clear, I am mistaken for a malicious site (probably because many different computers in the lab started to exchange data with this obscure freedns subdomain) by this software from Palo Alto Networks https://www.gavstech.com/palo-alto-firewall-dns-sinkhole/ which rewrites the DNS response

Nice, I am routed to sinkhole.paloaltonetworks.com I am a malicious domain apparently.

What does it mean?

nslookup my.domain.com
Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
Name:    my.domain.com
Addresses:  ::1
          xx.x.xx.xxx (wrong IPV4 address from the other side of the world)

If I use 8.8.8.8 at home addresses is first of all “address” and is correct.