I don't know, wouldn't the Hypervisor be able to track resources usage by itself without anything else?
I forgot to mention, I had plenty of swap available, now I disabled swap to force zram usage. I still need to see what happens running with both, it's hard when each trial takes 12-24 hours to show its result.
Yes, this is a possibility. the ARM VPS is already running something else, but if I manage to run netbird behind a reverse proxy I can also move it there. BTW there are also 1 GB free VPS on azure (for students) and Google Cloud, but you guessed right.
The server is clearly overloaded, as soon as I start using some 10% of CPU frequently for some minutes (due to swap operations), the Hypervisor starts to throttle my instance and this of course makes the thing worse with an avalanche effect. When this happens steal time displayed from top can go literally as high as 90%.
If postmarket os works on that device maybe you can go full Linux (alpine), there will be no systemd which might be a problem and I am not even sure about docker compatibility. You can look it up though.
Hi, to check attacks you should look at the logs. In this case auth.log. Being attacked on port 22 is not surprising neither really troublesome if you connect via key pair.
My graph was showing egress traffic, on any kind of server the traffic due to these attacks would have been invisible but on a backup server which has (hopefully) only ingress you can clearly see the volume of connections from attackers from bytes teansmitted
ssh -p 12345 would leave your boxes accessible from anywhere too. Other blocks of IPs receive 10 times or more requests, as scanners can focus on blocks of ips from major providers.
I disagree, you'll have your backups, so even if everything breaks you will have a failsafe. If you get compromised it's still not an issue: Everything server side is encrypted, the safety is in the clients and your master password length.
So, I see no particular differences with other services. Considering I hear of some issues with bitwarden servers that are constantly under attack, selfhosting could even increase the availability.
Next time
In the past two weeks I set up a new VPS, and I run a small experiment. I share the results for those who are curious.
Consider that this is a backup server only, meaning that there is no outgoing traffic unless a backup is actually to be recovered, or as we will see, because of sshd.
I initially left the standard "port 22 open to the world" for 4-5 days, I then moved sshd to a different port (still open to the whole world), and finally I closed everything and turned on tailscale. You find a visualization of the resulting egress traffic in the image. Different colors are different areas of the world. Ignore the orange spikes which were my own ssh connections to set up stuff.
Main points:
there were about 10 Mb of egress per day due just to sshd answering to scanners. Not to mention the cluttering of access logs.
moving to a non standard port is reasonably sufficient to avoid traffic and log cluttering even without IP restrictions
Tailscale causes a bit of traffic, negligible of course, but continuous.
I see your point, but now I do not think it is FreeDNS fault. DNSChecker.org shows my domain name properly resolved worldwide, and so it has been for months. I also created a second subdomain just now, exactly as the non-working one, and was properly resolved within seconds at my work pc. So I do not blame FreeDNS, I think it is our internal DNS server that is messed up or even hijacked.
Here the answer
I’ve got a hacked pyqt5 script that does this, I doubt it’s what you want. Adding mysql support and eventually want to be able to have something like limited math functions so you can add all the values in a tree for stuff like total cost.
If you find something better I’d be real interested, I really want web and preferably app support.
Considering the small audience and purpose, I would not have any problem using the always free offerings of either Oracle or Google (the latter especially if located in the US).