Using Mediawiki here.

I have obsidian and tried using it, but my personal workflow for my homelab just doesn’t…work with it? Idk, it’s just easier to throw it into a private wiki.

I still use obsidian but for personal life stuff.

This is what I was looking into recently. I just want to replace my shitty Spectrum router.

I was looking at Topton N150s on AliExpress, but $250+(tax/shipping) is terrible, with no RAM.

I saw people using the Lenovo m720q/m920q with a pcie 4 port, so I’m leaning towards that.

We’re about to get fiber in the next year or two, so I want to get something that can handle 1g up and down.

There’s a lot of options, none perfect, but none terrible.

I run my webservers behind a pfsense firewall with ssl offloading(using a wildcard cert) with a static IP and use Haproxy to have sub-domain’s go to individual servers. Even though I’ve seen my fair share of scans, I only ever expose port 443 and keep things updated.

Recently though someone on here mentioned routing everything over Tailscale via a VPS. I didn’t want to pay for a VPS and frankly can’t even find one that is reasonably priced in the US(bandwidth limits mainly), so I threw Tailscale onto my pfsense, setup split-dns on Tailscale’s admin panel with my domain name, and then reconfigured Haproxy to listen on my Tailscale interface. Even got IPv6 working(huge pain due to a bug it seems). Oh and setup pfblocker.

My current plan is I’m going to run my webservers behind Tailscale and keep my game servers public and probably segment those servers to a different vlan/subnet/dmz/whatever. And maybe just have a www/blog landing page that is read only on 443 and have it’s config/admin panel accessible via my tailscale only.

Anyway, back on topic. I run my game servers and I don’t advertise them out anywhere(wildcard cert) and do whitelist only, yet I still see my minecraft servers get hit constantly on port 25565.

So not much you can do except minimize exposure as much as possible.