-
-
Notifications
You must be signed in to change notification settings - Fork 0
Home
the main aosus server which hosts all main aosus websites and services:
CPU: Ryzen 5 3600x, 6 Cores, 12 Threads.
Arch: AMD64
Ram: 64 GB
Host: Hetzner
Location: Finland
OS: Debian 11 Bullseye
curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up --ssh
Then login from the main Aosus account
Debian auto updates have been setup to apply upgrades at 12AM UTC+3, which is 21:00 in UTC.
https://wiki.debian.org/UnattendedUpgrades
steps to setup upgrades at 21:00 UTC time:
- sudo systemctl edit apt-daily-upgrade.timer
add this between the comment lines
[Timer]
OnCalendar=
OnCalendar=21:00
RandomizedDelaySec=0
- sudo systemctl restart apt-daily-upgrade.timer
- sudo systemctl status apt-daily-upgrade.timer
check when the services is going to be activated
then follow this guide:
https://linuxiac.com/how-to-set-up-automatic-updates-on-debian/
add "Docker:${distro_codename}" and "Tailscale:${distro_codename}" to allowed origins to update docker and Tailscale
https://docs.docker.com/config/containers/live-restore/
https://docs.docker.com/config/daemon/ipv6/#use-ipv6-for-the-default-bridge-network/
/etc/docker/daemon.json
{
"ipv6": true,
"fixed-cidr-v6": "fd00::/80",
"experimental": true,
"ip6tables": true,
"default-address-pools": [
{ "base": "172.17.0.0/16", "size": 16 },
{ "base": "172.18.0.0/16", "size": 16 },
{ "base": "172.19.0.0/16", "size": 16 },
{ "base": "172.20.0.0/14", "size": 16 },
{ "base": "172.24.0.0/14", "size": 16 },
{ "base": "172.28.0.0/14", "size": 16 },
{ "base": "192.168.0.0/16", "size": 20 },
{ "base": "fd8b:8e20::/104", "size": 112 }
],
"live-restore": true,
"userns-remap": "1000"
}
i disabled userland-proxy because native iptables networking should be much faster, without too many issues. https://franckpachot.medium.com/high-cpu-usage-in-docker-proxy-with-chatty-database-application-disable-userland-proxy-415ffa064955 https://github.com/moby/moby/issues/14856