Chrisputer
Cadet
- Joined
- Aug 16, 2022
- Messages
- 5
I'm really looking for some solid advice since I'm tired of endlessly tweaking my setup. I want to get it right and stop the adjustments. Currently, I'm on Rocky Linux 9.3 and feeling that RHEL isn't keeping up in certain areas. A major issue for me is replacing my Nvidia P2000 with an Intel Arc A380 for AV1 Encode/Decode functionality. I just can't make it work, and it seems Intel only supports Ubuntu, not RHEL.
-TL;DR-
I've found that TrueNAS 24 (Dragonfish) supports Intel Arc with its kernel. However, I'm wondering if encoding pass-through is possible. Also, if I assign a physical interface exclusively to my containers, is it feasible to set static/DHCP addresses for these containers based on the VLAN of the physical network?
What is my use case?
I've got a FortiGate firewall with the latest updates, SSL, and application inspection, etc. Everything must go through my firewall for inspection before gaining access, and all permissions are explicitly defined. Crowdsec is active on all my devices and integrated with FortiGate. My reverse proxy is on a separate computer in a DMZ, managing access to the containers. Plus, I have a dedicated XCP-NG server for smaller tasks like PiHole.
You can tell I take security very seriously. I've been hacked before when I was just starting to learn all this, and it's something that has stayed with me over the years.
-TL;DR-
I've found that TrueNAS 24 (Dragonfish) supports Intel Arc with its kernel. However, I'm wondering if encoding pass-through is possible. Also, if I assign a physical interface exclusively to my containers, is it feasible to set static/DHCP addresses for these containers based on the VLAN of the physical network?
What is my use case?
- Container Host
- Emby + Media Fetching and services
- Immich + Photoprism
- Minecraft Servers
- Graylog Server
- AMD Ryzen 5 5500
- 48GB ECC-DDR4
- 516gb NVMe for
- Boot, OS and Container Data
- 1TB NVMe for
- scratch space (Downloads, unpacking, transcodes, etc.)
- 8x8TB HDD (Raid5)
- LSI 9300-8i HBA in IT Mode.
- Only replaceable media go here
- 8x 256gb SATA SSD (Raid6)
- Home Photos and Videos
- Wasabi for Off Site Backup
- Onboard SATA
- Nvidia P2000
- (Want to replace with Arc A380)
- Goal is to convert all movies & shows to AV1
- specific subnets, and I want everything to be Layer3 routed with dedicated interfaces. Host management should be through a separate interface. Also, I'm looking to minimize my attack surface since much of this setup is internet-facing.
- I'm looking to run the containers without tying them to a local user. Thinking of switching from Docker to Podman or TrueNAS with containerd.
- AV1 Encode/Decode support for containers?
I've got a FortiGate firewall with the latest updates, SSL, and application inspection, etc. Everything must go through my firewall for inspection before gaining access, and all permissions are explicitly defined. Crowdsec is active on all my devices and integrated with FortiGate. My reverse proxy is on a separate computer in a DMZ, managing access to the containers. Plus, I have a dedicated XCP-NG server for smaller tasks like PiHole.
You can tell I take security very seriously. I've been hacked before when I was just starting to learn all this, and it's something that has stayed with me over the years.
