I wanted to move some services that only I access out from being publicly accessible but I wanted to use a domain name and Let's Encrypt SSL certs. I'll describe how I made everything work. I'll include the specific software I'm using but most, if not all, could be replaced …

I run a couple of servers with PiHole on them for local DNS and I wanted to host another webserver on one of the boxes running PiHole. You can't assign two services to the same port on the same interface, and I only had one physical interface.

How I accomplished …

I've been upgrading my storage server's main disks from hard drives to SSDs. The disks are a software (MDADM) raid 1 with LVM on top to partition out storage to each VM.

I wanted to ensure I had a good copy at all times, so I set up the new …

I spent way too long bashing my head why my firewall rules weren't allowing traffic to my pihole. Turns out, it wasn't my firewall rules.

I finally used tcpdump to figure out that the rules were working and that it was a pihole configuration.

Here's the command I ran to …

MDADM (when devices are in the configuration):

mdadm --monitor --scan --test --oneshot

Smartd:

Add the following to your smartd.conf at the end of the "DEVICESCAN" lines you want to test:

-M test

After that, restart your smartd service.

Be sure to remove the "-M test" line afterwards so you …

Lets say you wanted to auth any HTTP connections outside your local lan. You can totally do that with nginx. Here's the configuration bit that does it:

satisfy any;

allow 192.168.1.0/24;
deny all;

auth_basic "Restricted";
auth_basic_user_file htpasswd;

I just saved that as …