HDD has 100x the storage capacity vs SSD. What are you talking about?

If you’re set on TrueNAS, then just build a box to do that.

If you want a low power solution, go with Synology or Qnap.

Well again, that’s not how the Internet works.

Well that’s how the Internet works, bud. You’re opening a port for WG to start. Either make that work and correct your routing, or find another solution.

You’re not going to be stealthy by making this overcomplicated. You’re just adding extra steps. You don’t want to use DHCP to its benefits locally, and you don’t wantbto open ports…what magic do you want to happen here?

So then just open the Unbound server to the internet, assign a hostname to it, and use it. Simple.

Those could impact larger groups of things, but right now you’re just interested in making this work. I’m pretty sure this board is negotiating a faster connection than it’s capable of, so maybe try it out and see if it works.

There you go. That’s a good entry point to figure this out.

Identify which port you’re plugging this card into and turn it’s settings to the slowest option. I’m almost certain the speed is being negotiated on auto incorrectly.

If this works to get the firmware loaded, then you can go back and step the speeds up until it breaks, and then you know where the limit is.

Damn y’all, stop using similar aliases for fuck’s sake.

Cursory glance tells me these boards have timing issues for loading firmware.

I would search for an updated version of this firmware that may be solves this, but this is potentially an issue with the PCI slot you have as well. Did you look through your BIOS settings and see if that slot has any settings?

Okay, let me just clarify some stuff here because your language has been confusing.

You’re using a “VPN”, but on a local network. When you say “VPN”, people assume mean you’re using a client to a remote location. That’s super confusing.

For what you’re trying to do you don’t even need WG unless you mean to use your DNS server from elsewhere.

Please clarify these two things, but I think you’re just complicating a simple setup for an ad blocking DNS server somehow, right?

Yes, but what is it? Run uname -a

Also, which firmware packages do you believe have installed to sort this?

What’s your current kernel version?

1. This is the most complex way of simply sharing files between containers I’ve ever heard. That sure sounds like bad advice to me. You have a link to that?

All I’m saying is that if you’re sharing files between two containers, giving them both volumes and using the network to share those files is not the best practiced way of doing that. One volume, two containers, both mount the same volume and skip the network is the way to do that.

2. Samba maps users in its own DB to users that exist on its host. If you’re running it in a container, it’s likely it’s just going to default to root with uid=1000. So if you start a brand new Samba server, you need a fresh user to get started, right? So you create a user called ‘johndoe’ with uid=1100 and give it a password. Now, that user is ONLY a samba user. It doesn’t get created as an OS user. So if your default OS user is ‘ubuntu’ with uid=1000, you’re going to have permissions issues between created files for these users because 1100 is not equal to 1000.

To solve for this, you create user mapping in the samba configs that say “Hey, johndoe in samba is actually the ubuntu user on the OS”, and that’s how it solves for permissions. Here’s an example issue that is similar to yours to give you more context. You can start reading from there to solve for your specific use-case.

If you choose NOT to fix the user mapping, you’re going to have to keep going back to this volume and chown’ing all the files and folders to make sure whichever user you’re connecting with via samba can actually read/write files.

Ah, okay. If this is Android, just setup your Unbound host IP under ‘Private DNS’ on your phone then.

Note: this will cause issues once you leave your home network unless your WH tunnel is available from outside. Set the secondary DNS to Mullvad or another secure DNS provider if that’s the case and you shouldn’t have issues once leaving the house.

Depending on your router, you can also just set a static DHCP reservation for your phone only that sets these DNS servers for you without affecting all other DHCP devices.

The biggest thing I’m seeing here is the creation of a bottleneck for your network services, and potential for catastrophic failure. Here’s where I forsee problems:

1. Running everything from a single HDD(?) is going to throw your entire home and network into disarray if it fails. Consider at least adding a second drive for RAID1 if you can.
2. You’re going to run into I/O issues with the imbalance of the services you’re cramming all together.
3. You don’t mention backups. I’d definitely work that out first. Some of these services can take their own, but what about the bulk data volumes?
4. You don’t mention the specs of the host, but I’d make sure you have swap equal to RAM here if youre not worried about disk space. This will just prevent hard kernel I/O issues or OOMkills if it comes to that.
5. Move network services first, storage second, n2h last.
6. Make sure to enable any hardware offloading for network if available to you.

I’m…totally lost here. You’re trying to use two different VPNs on your local network? If you want your Unbound device to be a VPN exit node for your network, why wouldn’t you just setup routes to make it your default gateway?

Using two different VPN tunnels like this is going to just cause routing issues all over the place if you’re already unfamiliar with how to setup the routing to begin with.

Maybe explain what your intended use is here to help us understand what you’re trying to accomplish.

Two things:

1. This is the most inefficient way of sharing files between containers. Use the same volume mount between containers if you just want both to have access to the same files
2. In order for SMB to work properly, and not cause file access violations, you need to have unique users for auth that map to a UID on the filesystem. If the files and folders you’re mounting are owned by root with uid=0, and SMB maps to another user you’ve created with uid=1000, then your SMB user won’t be able to read or write anything.

It may be easier to explain exactly what you’re trying to achieve here so someone can offer a better way of setting this up for you.

You don’t really need to worry them at all, because they won’t be actively affecting anything, but the process would be like this:

• Install different kernel packages to take over for these surface ones
• Reboot
• Verify surface kernel is no longer active and everything is working fine
• Run dnf autoremove and see if that will remove these extra kernel packages. If not, use rpm -qa | grep kernel to find all the surface kernel packages to remove.

But again, and let me stress this because it sounds like you’re not super experienced with this: there is no benefit to removing these packages versus just switching the running kernel, only risk.

So you just want a Wireguard server at home which is connected full-time to a VPN, and then you want to port-forward from that VPN back to your home Wireguard server? Dynamic DNS for your IP seems a lot more convenient and stable.

I’m not understanding what you’re asking.

Why would you need gluetun?