Nighthawk's Home Use Setup

Hi guys,

Maybe it’s interesting to see how fellow users are setting PS up resp. using it. Here is mine:

  • Fibre modem (1gbit symmetric)
  • IPfire (Firewall & OpenVPN)
  • NAS, QNAP TS-877
  • Linux VM with PS (sitting on the NAS)

The NAS and the VM with PS have no access to the Internet. PC/Phone/tablet connect from outside through OpenVPN (sits on the Firewall) to Linux VM’s IP address to access photos. Inside the home network you can access without OpenVPN, of course.

Please let me know if you have any questions or comments.

I’ve got Photostructure running as a container on my Unraid server. Mostly I use it while home, and mostly on a desktop. When I need to access it while I’m out, I’ll VPN (OpenVPN) into my pfsense router.

Just curious, why did you choose to do a full VM instead of Docker on your QNAP?

No real specific reason. I kind of prefer to keep things separated and when I tried Docker on a VM (not on QNAP directly) I faced some challenges and it seemed not worth the trouble. The overhead is in my case so small I don’t really care, plus I have, should I need it, a full Linux Desktop available, too. Overall I didn’t really see the benefit, but might be totally ignorant, too. :slight_smile:

If it works for you, that’s all that matters! For me, Docker is just so convenient… it’s super easy to deploy (and re-deploy), I never have to worry about dependencies or any install issues, and of course the low overhead.

It really depends on how and what you’re virtualizing.

At least on my test rigs, docker’s bind-mount filesystems incur a 5-25% performance hit, CPU and I/O wise, compared to the host OS. Virtualbox will incur similar (or even worse) performance hits, depending on your CPU and BIOS config.

If you run Ubuntu Server in a VM, make sure you set up automatic security updates (this post might be helpful).

If you run Ubuntu Desktop in a VM, there will be a metric crapton of additional services that spin up. Those should be idle most of the time, but do chew up RAM, and some CPU. You should also be sure to set up automatic updates, as well.

That’s why I really appreciate that you are providing your software in different versions. That way everyone can make use of it according to their environment, use cases and security principles/needs.

QNAP’s VM is based on QEMU. My VM is completely isolated and has read-only access to the source (NFS). Although I get automatic updates if I let the VM through my firewall I don’t really need to care. The overhead is in my case neglect-able (8/16 core, 32GB RAM, NVMe).