The Disposable Server
Jun 1, 2025
Spin up, share, nuke. We each build a throwaway server, and then rate each others' setups.
Sponsored By:
- Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!
- 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.
Links:
- 💥 Gets Sats Quick and Easy with Strike
- 📻 LINUX Unplugged on Fountain.FM
- TUI Challenge
- TUI Challenge Scorecard
- Self-Hosted 150: The Last One — Before hitting the road, we test the limits of local-first file sharing, debate what self-hosting really is, and share our all-time favorite apps.
- Pick: ws4kp — A web-based WeatherStar 4000
- Pick: ytdl-sub — Lightweight tool to automate downloading and metadata generation with yt-dlp.
Transcript
WEBVTT
00:00:00.005 --> 00:00:03.645
All right, here we go, boys. It is time for episode 116.
00:00:04.185 --> 00:00:04.545
100?
00:00:05.665 --> 00:00:06.985
Oh, my God, what's wrong with me?
00:00:07.445 --> 00:00:08.165
Oh, God.
00:00:08.645 --> 00:00:11.005
Going back in time. Look how youthful we are.
00:00:23.385 --> 00:00:28.085
Hello, friends, and welcome back to your weekly Linux talk show. My name is Chris.
00:00:28.225 --> 00:00:28.785
My name is Wes.
00:00:28.825 --> 00:00:29.585
And my name is Brett.
00:00:30.145 --> 00:00:34.785
Hello, gentlemen. Coming up on the show today, we're getting ready for the TUI
00:00:34.785 --> 00:00:38.945
challenge by locking in to a disposable server mini challenge this week.
00:00:39.065 --> 00:00:40.305
We'll tell you all about that.
00:00:40.485 --> 00:00:45.165
Plus, because we love doing this for some reason, we're going to do a live update
00:00:45.165 --> 00:00:49.305
of our extremely precious production-grade NextCloud server.
00:00:49.485 --> 00:00:53.705
We didn't tell Drew about this beforehand. He's just finding out if it worked and he got the files.
00:00:53.705 --> 00:00:56.445
Then we're going to round the show out with some great boosts,
00:00:56.445 --> 00:00:57.985
some picks, and a lot more.
00:00:58.625 --> 00:01:01.825
So before I go any further, let's say good morning to our friends at Tailscale.
00:01:02.245 --> 00:01:06.645
Tailscale.com slash unplugged. Tailscale is the easiest way to connect your
00:01:06.645 --> 00:01:11.405
devices and services to each other, wherever they are, whatever they might be.
00:01:11.545 --> 00:01:15.165
I'm talking VPSs across multiple providers, your mobile device,
00:01:15.265 --> 00:01:16.165
your machines on your LAN.
00:01:16.345 --> 00:01:20.565
It is modern networking that connects devices directly to each other over a
00:01:20.565 --> 00:01:22.125
mesh network protected by...
00:01:22.125 --> 00:01:22.645
Wow.
00:01:24.605 --> 00:01:30.665
Nice one. I mean, we're talking really fast, secure remote access that you can
00:01:30.665 --> 00:01:32.285
get up and running in just a few minutes.
00:01:32.465 --> 00:01:36.685
It is a intuitive, programmable way to manage a private network.
00:01:36.885 --> 00:01:40.285
It kind of fills in the gaps that the Internet never quite delivered.
00:01:40.285 --> 00:01:44.085
Back in the day when I got my first public IP on a land that I managed,
00:01:44.305 --> 00:01:47.365
every single node was on the public Internet.
00:01:47.525 --> 00:01:51.365
And that's how you just move files between each other. That's crazy today,
00:01:51.365 --> 00:01:55.285
but on a tailscale mesh network, which we call a tailnet,
00:01:55.485 --> 00:02:00.425
you can have all of your nodes across complex networks with ACLs that are defined
00:02:00.425 --> 00:02:04.185
by the admin console that tie into your existing authentication infrastructure.
00:02:04.485 --> 00:02:08.565
When you go to tailscale.com slash unplugged, you can try it for free on 100
00:02:08.565 --> 00:02:11.825
devices for three users, no credit card required.
00:02:12.105 --> 00:02:15.625
That's the plan I'm on for my personal account, and I've used it for a few years
00:02:15.625 --> 00:02:19.685
now, and I have no inbound ports on any of my firewalls, and I realized we need
00:02:19.685 --> 00:02:21.205
to do this at Jupyter Broadcasting, too.
00:02:21.345 --> 00:02:24.165
Thousands of other companies, thousands of listeners are using Tailscale.
00:02:24.425 --> 00:02:29.965
Go try it out for yourself or your business. Just start at tailscale.com slash unplugged.
00:02:32.780 --> 00:02:38.020
Well, the Terminal User Interface Challenge kicks off next week in episode 618,
00:02:38.020 --> 00:02:41.500
which will be coming out on June 8th. And we'd love to have you join us.
00:02:41.640 --> 00:02:45.220
I have in the show notes linked the TUI Challenge rules, which are the final
00:02:45.220 --> 00:02:47.580
edition after incorporating everyone's feedback.
00:02:48.040 --> 00:02:50.260
The idea is for this to run seven days.
00:02:50.920 --> 00:02:55.360
The objective is to complete some common computing tasks using only terminal
00:02:55.360 --> 00:02:58.820
applications. So no GUI apps like Firefox, LibreOffice, Thunderbird,
00:02:58.920 --> 00:03:01.100
etc., other than your terminal emulator, of course.
00:03:01.900 --> 00:03:06.260
So you can use your terminal emulator, Wes. We have a point system for completing
00:03:06.260 --> 00:03:10.780
the challenges. There's also some bonus points in there for some creative solutions.
00:03:10.920 --> 00:03:13.980
We also have outlined how you should share your progress.
00:03:14.260 --> 00:03:19.300
And I've created a scoreboard so people can have a little scorecard.
00:03:19.700 --> 00:03:24.580
Ooh, okay. So it's like the rules digested into a little table? What do we got here?
00:03:24.840 --> 00:03:28.320
Yeah. So you can track your progress as you complete the challenge.
00:03:28.320 --> 00:03:32.180
And I don't know, I don't know my GitHub's, but I think people could take this
00:03:32.180 --> 00:03:38.140
and they could post it on their GitHub's and then they could link it to us either
00:03:38.140 --> 00:03:39.820
in a boost or on the contact form.
00:03:40.140 --> 00:03:42.400
And Bob's your uncle, we could see their score.
00:03:43.260 --> 00:03:47.700
So there's a total of 170 points available. And so we're going to total up how
00:03:47.700 --> 00:03:52.340
we all did and see who comes out on top. I think it's going to be.
00:03:52.340 --> 00:03:55.280
I'm getting nervous because I know you've been doing homework and a bunch of
00:03:55.280 --> 00:03:58.660
listeners have like been building apps and stuff to get ahead on this.
00:03:58.980 --> 00:04:03.340
There are some easy low hanging fruit points. So like easy stuff is like 10 points.
00:04:03.600 --> 00:04:06.660
Stuff that's a little bit harder is 20 points. And then things that are a little
00:04:06.660 --> 00:04:08.740
more complicated are worth 30 points.
00:04:08.860 --> 00:04:12.280
So you could knock out a few things and get some big points or you could do some of the easy stuff.
00:04:13.140 --> 00:04:16.240
And all the challenge tasks, there's a day one task, a day two,
00:04:16.520 --> 00:04:20.320
all the way to day seven are all outlined in the challenge rules,
00:04:20.340 --> 00:04:21.840
which we will have linked in the show notes.
00:04:22.420 --> 00:04:25.980
and we will officially begin at the start of next episode.
00:04:27.960 --> 00:04:30.220
So I guess figure out your web browser solution.
00:04:30.620 --> 00:04:32.240
Yeah, we're going to need to be able to look at the dog.
00:04:33.900 --> 00:04:38.820
Yeah. So 618 is when it kicks off Sunday, June 8th. We will stream that episode
00:04:38.820 --> 00:04:41.480
live over at jblive.tv and jblive.fm.
00:04:41.620 --> 00:04:45.260
If you want to have fun with us and join us live or just listen on the download
00:04:45.260 --> 00:04:49.500
and participate and let us know how you did, or I suppose just kick back and
00:04:49.500 --> 00:04:51.660
enjoy the ride. It should be a fun seven days.
00:04:56.013 --> 00:04:59.013
Now we're going to do something that you should never do, and we're going to
00:04:59.013 --> 00:05:02.613
live update our production Nextcloud instance on the air.
00:05:02.733 --> 00:05:07.153
And this is the instance we use to upload this very show to Editor Drew and all of our productions.
00:05:07.533 --> 00:05:11.273
We use it for all kinds of things, but we like to run these things in production
00:05:11.273 --> 00:05:14.333
and then report back to you how they've actually done.
00:05:14.513 --> 00:05:17.573
And part of that is updating them live on the show. And if it blows up,
00:05:17.713 --> 00:05:21.033
we have to own it live on the show. How are you feeling, Wes Payne?
00:05:21.033 --> 00:05:26.673
About as good as one can i've at least got the docker compose file updated and
00:05:26.673 --> 00:05:29.953
pre-pulled the images so now we just gotta you know down and up.
00:05:29.953 --> 00:05:34.073
All right can we get a little reminder of how old this box is.
00:05:34.073 --> 00:05:39.233
Surprisingly not that old um i don't remember the last time we updated it but
00:05:39.233 --> 00:05:42.513
apparently not that far in the past yeah we're like a version.
00:05:42.513 --> 00:05:43.733
And a half behind or something.
00:05:43.733 --> 00:05:46.073
Yeah about that not too bad for us actually.
00:05:46.073 --> 00:05:50.393
All right let's give it a go,
00:05:54.333 --> 00:05:58.273
now best case scenario pulls down everything just fine starts a new container
00:05:58.273 --> 00:06:01.853
and there isn't anything you have to do like in the past where you've had to
00:06:01.853 --> 00:06:05.033
enter the container and do some osc commands or ocs.
00:06:05.033 --> 00:06:08.533
I do sometimes do that anyway you know um but you're right hopefully there's
00:06:08.533 --> 00:06:12.113
nothing and like it just automatically applies any needed database migrations
00:06:12.113 --> 00:06:16.633
yeah let's take a look at the logs yeah starting up okay uh we're updating a
00:06:16.633 --> 00:06:19.513
bunch of apps so that's probably good okay yeah that's.
00:06:19.513 --> 00:06:20.313
Always part of this dude.
00:06:20.313 --> 00:06:22.313
Files pdf viewer to 4.0.
00:06:24.533 --> 00:06:27.633
I'm gonna get a tab ready so when you tell me to check it it'll be ready uh-oh.
00:06:29.693 --> 00:06:30.953
Starting integrity check.
00:06:30.953 --> 00:06:33.673
Okay integrity check is good,
00:06:37.813 --> 00:06:39.693
still going uh-oh update.
00:06:39.693 --> 00:06:43.313
Successful turning off maintenance mode resetting log level initialization finished.
00:06:43.513 --> 00:06:45.573
Notice, ready to handle connections.
00:06:45.813 --> 00:06:46.513
Let's go find out then.
00:06:48.773 --> 00:06:49.133
Okay.
00:06:49.433 --> 00:06:50.433
I'm seeing activity in the logs.
00:06:50.613 --> 00:06:50.753
Okay.
00:06:51.113 --> 00:06:52.013
Get indexed on PHP.
00:06:52.393 --> 00:06:55.593
That's me. I'm going to see if I can log in. Are you ready, Wes Bay? I am.
00:06:56.373 --> 00:06:59.653
This is the final test. This would be really great. This would probably be one
00:06:59.653 --> 00:07:00.973
of our smoothest ever, I think.
00:07:04.113 --> 00:07:06.833
Except you probably have to log into your password manager several times.
00:07:07.053 --> 00:07:08.933
Yep. Okay, here I go. Okay, here I go.
00:07:13.813 --> 00:07:14.573
I'm seeing 200.
00:07:14.793 --> 00:07:18.053
Hey, there it is, Wes! You got it!
00:07:18.433 --> 00:07:21.533
Now, the real test is can you actually upload a file, but I suppose that can
00:07:21.533 --> 00:07:22.433
wait till the end of the show.
00:07:22.493 --> 00:07:24.653
Hey, if they're hearing this episode, I think it means it worked.
00:07:24.933 --> 00:07:27.793
That is the smoothest NextCloud upgrade we've done yet.
00:07:33.156 --> 00:07:35.976
Live right here on the air. Well done. That's gotten a lot smoother.
00:07:36.176 --> 00:07:39.296
That used to be a process where you'd have to go in and then manually do some of those upgrades.
00:07:39.716 --> 00:07:39.856
Yeah.
00:07:40.196 --> 00:07:43.896
It's nice to see that smooth out. So that's on theme with this week's episode.
00:07:44.096 --> 00:07:46.376
Don't necessarily do as we do.
00:07:47.856 --> 00:07:54.176
And we, with that disclosed, wanted to try out a little mini challenge this episode.
00:07:54.336 --> 00:07:57.876
While we were recording the last episode of Self-Hosted, episode 150,
00:07:58.196 --> 00:08:00.676
we were remarking in the episode about a common problem.
00:08:01.576 --> 00:08:07.016
Some of our favorite self-hosted apps are just not that easy to share with friends and family.
00:08:07.676 --> 00:08:11.696
You know, Audio Bookshelf, I think, is a good example of this.
00:08:12.676 --> 00:08:16.816
Mealy is another example of this. LubeLogger is another example of this.
00:08:16.936 --> 00:08:20.336
And the one that we were talking about in self-hosted, especially when you compare
00:08:20.336 --> 00:08:21.976
it to the alternative, is Jellyfin.
00:08:22.796 --> 00:08:26.376
Plex really solves this problem. They make it easy to share media with friends
00:08:26.376 --> 00:08:28.836
and family if everybody has a Plex account and you're all in.
00:08:29.236 --> 00:08:32.296
But if you're trying to live the jellyfin lifestyle, but maybe you want to watch
00:08:32.296 --> 00:08:35.396
a season of TV with your friends, this is hard.
00:08:35.536 --> 00:08:38.116
Either you have to come up with a VPN or you have to come up with some sort
00:08:38.116 --> 00:08:41.736
of VPS router that basically is just putting your jellyfin server on the internet.
00:08:41.996 --> 00:08:44.016
Or, you know, holes in your firewall.
00:08:44.356 --> 00:08:44.536
Yeah.
00:08:44.776 --> 00:08:49.016
Or a shared, maybe for like your close friends or family, you can have them
00:08:49.016 --> 00:08:51.696
on your tail net or do like a, you know, tail net share thing.
00:08:51.856 --> 00:08:56.236
But that gets difficult quickly. And it's one more thing people have to use.
00:08:56.336 --> 00:08:58.696
They can't just like pull up the jellyfin client in a hotel.
00:08:58.696 --> 00:09:02.476
well, you're going to have to explain how to do all the stuff that is sometimes even tricky for us.
00:09:02.596 --> 00:09:05.836
And maybe they want to watch on their TV and they can't install a VPN client.
00:09:05.996 --> 00:09:06.176
Right.
00:09:06.756 --> 00:09:11.536
So this is where we started thinking about the concept of a disposable server,
00:09:11.716 --> 00:09:14.416
which is an idea that I think all three of us have played around with a little bit.
00:09:14.476 --> 00:09:18.096
Brent, I know that you've kind of done the disposable server thing on and off
00:09:18.096 --> 00:09:19.196
as different projects have come up.
00:09:19.676 --> 00:09:24.216
Yeah, there's one that I created to just basically create an on-demand VPN that
00:09:24.216 --> 00:09:26.096
I connect to in various countries.
00:09:26.096 --> 00:09:34.296
So the last time I went to Germany, I think I spun one up on a VPS in Germany using NixOS Infect,
00:09:34.396 --> 00:09:40.196
I think it was, with a nice little NixOS configuration that I could just pop
00:09:40.196 --> 00:09:41.756
up in whichever country I happen to be in.
00:09:41.896 --> 00:09:45.236
So that's a nice little ephemeral VPN endpoint that I could create.
00:09:45.356 --> 00:09:49.236
I think for that I used just a tailscale exit node, but I don't need it to be
00:09:49.236 --> 00:09:53.516
running all the time. So I could just boot it up when I need it and then tear it down after that.
00:09:53.516 --> 00:09:58.196
Yeah I've definitely done the Jellyfin on a quick VPS sync some files over for
00:09:58.196 --> 00:10:01.396
friends especially because for a long time I was running Jellyfin on like an
00:10:01.396 --> 00:10:05.456
older box where you know with my devices for the most part I didn't need to
00:10:05.456 --> 00:10:09.436
be transcoding dynamically like my stuff worked and it could really support
00:10:09.436 --> 00:10:13.296
at least one transcode but if I was trying to like watch with a friend or like really share it
00:10:13.376 --> 00:10:16.816
just wasn't going to work but if we I was specifically doing that like especially
00:10:16.816 --> 00:10:20.176
when maybe some Star Trek was coming out or something yeah just sync a couple
00:10:20.176 --> 00:10:23.856
seasons over stand up at Jellyfin share it with them and tear it down when we're done.
00:10:24.476 --> 00:10:26.296
And that's almost a perfect solution.
00:10:27.593 --> 00:10:33.053
But it has, I think, one major flaw, and that is every time you did this,
00:10:33.233 --> 00:10:34.373
you had to upload the media.
00:10:34.893 --> 00:10:35.053
Yeah.
00:10:35.473 --> 00:10:38.793
So we were thinking, wouldn't it be pretty neat if you could have a disposable
00:10:38.793 --> 00:10:42.913
server, like, say, a Jellyfin instance, maybe to watch a season of a show with
00:10:42.913 --> 00:10:45.613
a friend, and once you're done, you could totally destroy the server,
00:10:45.633 --> 00:10:48.753
but the storage would be persistent.
00:10:49.613 --> 00:10:52.933
So you could quickly start up this ready-to-go self-hosted app,
00:10:53.073 --> 00:10:57.033
and you would have it auto-connect to remote storage, and then you would just
00:10:57.033 --> 00:10:59.073
finish the final bits of setup, and it'd be good to go.
00:10:59.813 --> 00:11:03.793
But the trick is, is how do you do that? And so we made an attempt.
00:11:03.993 --> 00:11:08.333
We set out to solve this in our own ways. Chris, myself, using,
00:11:08.453 --> 00:11:12.593
yeah, that's me, using a new Podman workflow that's still new to me.
00:11:12.793 --> 00:11:15.613
I was taking advantage of Podman Desktop and solving this.
00:11:16.213 --> 00:11:19.813
and then Wes took more of a Nix workflow route to see how he could solve this.
00:11:19.993 --> 00:11:23.873
So what we thought we would do is we'd present our setups to Brent and he could
00:11:23.873 --> 00:11:26.693
score them on a few areas like a point for cleverness of the setup,
00:11:26.953 --> 00:11:30.513
a point for easy for others to replicate like those of you in the audience,
00:11:31.053 --> 00:11:34.993
a point of everything needed to work is included and then five points if it
00:11:34.993 --> 00:11:37.673
actually works, which Brent can be the determinant of.
00:11:37.793 --> 00:11:43.113
So that's what we thought with the disposable server and ideally you could apply
00:11:43.113 --> 00:11:46.593
this to all kinds of self-hosted apps like I mentioned, audio bookshelf and others.
00:11:47.153 --> 00:11:50.253
And if nothing else, even if this isn't something you'd necessarily want to
00:11:50.253 --> 00:11:55.413
do, it's a really fun way to explore some of the really powerful technologies built into Linux.
00:11:58.690 --> 00:12:03.110
1password.com slash unplugged. Take the first step to better security for your
00:12:03.110 --> 00:12:06.530
team by securing credentials and protecting every application,
00:12:06.770 --> 00:12:08.250
even unmanaged shadow IT.
00:12:08.450 --> 00:12:13.470
You can learn more at 1password.com slash unplugged. That's 1password.com slash
00:12:13.470 --> 00:12:15.610
unplugged, and it's all lowercase.
00:12:15.990 --> 00:12:20.490
If you're a security or IT professional, you've got a mountain of assets to
00:12:20.490 --> 00:12:23.710
protect. Devices, identities, and applications.
00:12:24.330 --> 00:12:28.810
It's a lot, and it can create a mountain of security risk too.
00:12:29.250 --> 00:12:34.190
Fortunately, you can conquer that mountain of security risk with 1Password extended access management.
00:12:34.550 --> 00:12:39.090
You know, over half of IT pros say that securing SaaS apps is their biggest challenge.
00:12:39.690 --> 00:12:42.290
Well, with the growing problem of SaaS sprawl and shadow IT,
00:12:42.590 --> 00:12:44.590
it's not hard to see why, really.
00:12:44.950 --> 00:12:50.310
So thankfully, Trileca by 1Password can discover and secure access to all your apps, managed or not.
00:12:50.750 --> 00:12:54.350
Trileca by 1Password inventories every app in use at your company.
00:12:54.350 --> 00:12:58.650
Then, pre-populated app profiles assess the SaaS risks, letting you manage,
00:12:58.870 --> 00:13:04.810
access, optimize, spend, and enforce security best practices across every app your employees use.
00:13:05.310 --> 00:13:08.830
Treleka by 1Password provides a complete solution for SaaS access governance,
00:13:08.910 --> 00:13:12.930
and it's just one of the ways extended access management helps teams strengthen
00:13:12.930 --> 00:13:14.570
compliance and security.
00:13:14.970 --> 00:13:18.210
My friends and family have been using 1Password for years. I couldn't imagine
00:13:18.210 --> 00:13:19.950
their online life without it.
00:13:20.230 --> 00:13:23.930
And now 1Password's award-winning password manager that's trusted by millions
00:13:23.930 --> 00:13:28.550
of users from IBM to Slack, now they're securing more than just passwords with
00:13:28.550 --> 00:13:30.670
1Password Extended Access Management.
00:13:30.870 --> 00:13:34.670
So take the first step to better security for your team by securing credentials
00:13:34.670 --> 00:13:38.410
and protecting every application, even unmanaged shadow IT.
00:13:38.610 --> 00:13:42.230
You need to learn more by going to 1Password.com slash unplugged.
00:13:42.270 --> 00:13:44.070
That supports the show. It's all lowercase.
00:13:44.270 --> 00:13:47.270
It's 1Password.com slash unplugged.
00:13:50.477 --> 00:13:53.917
Well, Chris, as we heard in last episode, you're now living the cloud native
00:13:53.917 --> 00:13:58.357
lifestyle. So I'm curious if you took that route to build your little disposable server.
00:13:58.517 --> 00:14:05.177
You know, I did. I'm embracing this. And this actually gave me a vast,
00:14:05.697 --> 00:14:10.677
complex, somewhat confusing world of opportunity and options.
00:14:11.477 --> 00:14:18.777
So I could start with a universal UBI image of RHEL 10, which they have micro,
00:14:18.937 --> 00:14:19.977
minimal, and a base image.
00:14:20.517 --> 00:14:23.657
that'd be pretty neat and i saw i kind of started there because i thought hmm
00:14:23.657 --> 00:14:28.277
maybe i could build this on a long-term base so then you know i wouldn't really
00:14:28.277 --> 00:14:29.637
have to mess with this for years,
00:14:30.357 --> 00:14:33.437
and this would be great for this style thing so i could have one for audio bookshelf
00:14:33.437 --> 00:14:37.597
one for jellyfin and you know but things
00:14:37.597 --> 00:14:42.817
like jellyfin need modern ffmpeg amongst many other things so i could sit there
00:14:42.817 --> 00:14:48.037
and kind of ram it in to rel but i scratched that idea because what i saw was
00:14:48.037 --> 00:14:54.297
there's a plethora of images based on Fedora and often just straight up upstream Fedora 42.
00:14:54.777 --> 00:14:57.857
This is nice because you get in there, you got DNF, so you can actually install
00:14:57.857 --> 00:15:00.217
stuff. The rel images didn't have DNF.
00:15:00.737 --> 00:15:05.597
So that meant super easy to get FFM Peg and friends going, easy to get our clone
00:15:05.597 --> 00:15:06.677
going, which I'll talk about more.
00:15:06.797 --> 00:15:07.977
And you are a Fedora fan.
00:15:08.497 --> 00:15:08.897
But...
00:15:10.091 --> 00:15:14.471