Richard Applegate Richard Applegate

Linux Server

Posts in the Linux Server category

How to Fix VMware Module Errors When Secure Boot Is Enabled on Linux

If you've ever tried to start VMware on a Linux machine and hit an error about vmmon or vmnet modules failing to load, there's a good chance Secure Boot is the culprit. This guide walks you through exactly what's happening and gives you two ways to fix it — the quick-and-easy way and the cleaner lon

Watchtower Fork: Fixing Abandoned Docker Auto-Update Tool

If you've ever relied on Watchtower to automatically update your Docker containers, you may have noticed something alarming: the project was officially abandoned in late 2024. The maintainers posted a deprecation notice and walked away, leaving thousands of homelab enthusiasts and self-hosters witho

Speed Up AppImages on Ubuntu: GPU Acceleration Guide

If you are running a powerful Linux setup with an Intel Core Ultra 9 (Evo Edition) paired with an NVIDIA RTX 5050, you expect your apps to open instantly. Yet AppImages often feel surprisingly sluggish — even on high-end hardware. The reason is straightforward: by default, AppImages are compressed S

Move Docker to Separate Drive on Ubuntu

Every Linux server failure I’ve witnessed from disk issues starts the same way: the root filesystem slowly fills up. No alarms. No drama. Just creeping usage until something breaks.

ERPNext v15 Slack Notifications for Stock Movements

If you are running ERPNext v15 and want real-time Slack notifications whenever stock movements occur, this step-by-step guide shows you exactly how to set up webhook-based alerts for Material Issues, Material Transfers, and Purchase Receipts. You will also learn how to avoid the common Jinja templat

UFW Firewall: Allow TCP Port 8123 from Specific IP

Firewalls are a foundational component of any secure Linux server environment. On Ubuntu and other Debian-based distributions, UFW (Uncomplicated Firewall) provides a straightforward yet powerful interface for managing iptables rules without requiring deep knowledge of low-level networking syntax. I

Secure WireGuard Homelab: Complete Setup Guide

This page documents the complete, final configuration of a secure homelab environment built around WireGuard, Raspberry Pis, UFW, AdGuard Home, Fail2Ban, n8n workflow automation, and Uptime Kuma. It is structured as a top-to-bottom technical reference, covering design intent, implementation details,

WireGuard Split-Tunnel VPN: Secure Setup Guide

This document is the final, stable Standard Operating Procedure (SOP) for a small production homelab built on WireGuard, AdGuard Home, Docker monitoring, and UFW. It reflects all configuration decisions, corrections, and lessons learned through implementation and testing. It is intended to serve as

Mailu Behind Caddy: Complete Email Setup Guide

Self-hosting email is one of those projects that sounds straightforward until you actually attempt it. Between TLS configuration, reverse proxy behavior, Autodiscover requirements, and the expectations of modern mail clients, it is remarkably easy to end up with redirect loops, broken SMTP connectio

WordPress on Portainer with Caddy: Auto HTTPS Guide

Running WordPress behind a modern, automatic HTTPS reverse proxy is more accessible than ever with Docker, Portainer, and Caddy. What used to require manual certificate management, complex nginx configurations, and careful coordination between services can now be accomplished with a single Docker Co

Install Inkscape AppImage on Ubuntu: Step-by-Step

If you want to install Inkscape on Ubuntu using an AppImage, this step-by-step guide covers everything you need — from installing the required FUSE dependency to creating a fully integrated desktop shortcut that appears in your application menu with the official Inkscape icon. Whether you are runnin

Deploy Nextcloud with Cloudron in 30 Minutes

Want to break free from Google Drive and Dropbox without drowning in server administration? This step-by-step guide walks you through deploying Nextcloud using Cloudron — a powerful server management platform that handles TLS certificates, automatic updates, and backups on your behalf, making self-h

Install Cloudron & WordPress: Complete Setup Guide

This guide walks you through deploying a self-hosted WordPress site using Cloudron — a powerful server management platform that handles TLS certificates, automatic updates, and backups, so you can focus on building your site rather than maintaining infrastructure. By the end, you will have a fully o

Arista Edge Firewall 7.0.0-7.1.1 Upgrade: Fix Realtek Kernel Panic

If you are upgrading from Arista Edge Firewall 7.0.0 to 7.1.1 and your system uses Realtek Ethernet devices, you may encounter a critical issue: Linux Ethernet drivers trigger kernel panics when Energy-Efficient Ethernet (EEE) is enabled. This guide walks you through every step to apply the official

Migrate Google Drive to Nextcloud: Self-Hosted Guide

I recently migrated all of my Google Drive data to my own self-hosted Nextcloud server—and I haven’t looked back. Now, I have complete control over my personal data. Everything is stored securely on my own hardware, rather than on third-party platforms like Google Drive, OneDrive, or iCl

Build Hardware Firewall: BOSGAME Mini PC + WireGuard

Server security is something I take seriously. I recently upgraded my entire network protection setup by deploying a dedicated hardware firewall using a BOSGAME E1 Mini PC. This compact machine handles multi-server firewall duties with ease, and I also installed WireGuard VPN directly on the firewal

Set Up DNS-over-HTTPS on TP-Link Omada with AdGuard

I finally got DNS-over-HTTPS (DoH) working with Cloudron AdGuard Home. The key issue is that AdGuard Home will not accept connections on the encrypted DNS port until you add an IP address or Client ID to the Allowed Clients list. In this guide I use a Client ID. Follow the steps below to configure D

Secure SSH with Fail2Ban on Ubuntu: Stop Brute-Force

Fail2Ban is a free Python tool that helps protect Linux servers from brute-force attacks. It’s especially useful for securing SSH. With Fail2Ban, you can automatically block IPs that try to guess passwords on your server.

Auto-Update Docker Containers with Watchtower & Ntfy

Maintaining Docker containers is easy—in theory. In practice, keeping your stack up-to-date with the latest images can be tedious and time-consuming. Here’s a solution: Watchtower can update containers automatically, and with Ntfy, you get real-time notifications right on your phone or desktop whene

Ntfy Push Notifications: SSH Alerts & Docker Updates

I am using Ntfy for my SSH alert and watchtower update. It is pretty cool to have this feature, so I can know who is accessing my server without my authorization. And know my docker needs to be updated as well.

DNS DDoS Attack: How Port 853 Saved My Servers

What a wild ride! As someone who cares deeply about keeping ads and trackers away, I run not one, not two, but three Adguard Home DNS servers for my network and my work and a few trusted friends. Things were smooth…until today’s wake-up call.

Prevent DNS Amplification Attacks: Secure AdGuard Home

Today, I turned off the DNS port 53. Since we have been cutting off our store's DNS server, it has been a DNS amplification attack. So I found out that my Router does have a DNS Proxy, My DNS Server does have HTTP over TLS and DNS-over-HTTPS. Everything is working and attacking is currently stopped

Comcast Business Free Speed Upgrade to 500 Mbps

Indeed, it was the correct decision. Comcast Business has recently upgraded our plans to 250 MBPS, automatically upgrading with download speeds reaching 500 MBPS and upload speeds at 200 MBPS. I have decided to relocate my server from medical to another location that offers the highest upload speeds

Deploy MariaDB with Portainer Stacks & Docker

If you’re looking to run a robust relational database in your Dockerized environment, MariaDB is an excellent open-source choice. With Portainer, managing your databases and application stacks becomes super easy—even with little Docker experience. In this post, I’ll walk you step by step through dep

phpMyAdmin MariaDB Setup on Portainer with NGINX

PhpMyAdmin is easy to set up for any app and fix the table database or troubleshoot. So, we will set up PhpMyAdmin with NGINX SSL secure for our HTTPS. Due to the possibility of a grabber username and password exploit, we would prefer not to expose this on HTTP.

Set Up Baserow on Portainer With Nginx Proxy Manager

This baserow is my absolute favorite, it's more like a spreadsheet with more options and an easy-to-use database. It also had a Grid and Form and a Gallery and a Calendar! It's great for our list of things to do.

Docker Compose Backup & Restore: Safe Data Recovery

When you're running apps with Docker Compose, your data is the heart and soul of your services—databases, media files, configurations, and more. Without a solid backup and restore plan, a simple mistake (or disk failure!) can lead to a world of pain. Here’s a step-by-step guide to properly back up a

Deploy Immich v1.99.0 on Docker with Portainer

This document presents Docker compose version 3.8 for Immich Latest (1.99.0). I just changed the volume to the correct path because I want them to save in our large storage data and permission user so that any users can't see our file except root.

Fix Nextcloud 28 Log Errors on Portainer

Delete Nextcoud.log to fix the error, but it will come back again and make sure you fix the error, so it won't pop up again. This is similar to the engine light.

Ed25519 SSH Keys: Secure Server Access Guide

If you are looking to remote your server from home, you can, but you cannot simply install OpenSSH with a password, which is very insecure. I strongly recommend using type Ed25519 ssh, which is the most secure and fast access to ssh. I recommend checking out this website. Follow the instructions on

Network Cabinet Installation at Anthem Coffee & Tea

Just wrapped up a much-needed network upgrade at Anthem Coffee & Tea! We’ve moved from a basic shelf to a secure, professional cabinet. This isn’t just about looks—it’s about reliability and maintenance.

DNS Amplification Attack: How to Prevent Server Compromise

This attack trigger was found on October 16, 2023, when I received an email that my server was nearly full. This is not a typical occurrence. Therefore, I discovered that my AdGuard Home DNS Server had been compromised, and that a significant number of IP addresses exceeding 20K were targeted specif

Self-Host LanguageTool API: Deploy with Portainer & Nginx

I have been using Grammarly for my work and to strengthen my writing skills. I was looking for something cheaper and more affordable, and I found this LanguageTool, which offers an API on Docker, and it works great. We won't get premium, though… they're not yet available for self-hosted premium.

Self-Hosted Collabora Office: Setup with Portainer & Nginx

My goal to make my Nextcloud to become Google Workspace because my goal is our data most important to privacy with our data sensitive. And I would like to purchase free instead of paid Google Workspace because we have our server, and we use it for IT documents and resources.

Deploy Redis on Portainer Stacks for Nextcloud

If you’re self-hosting Nextcloud using Docker, integrating Redis as a caching and file locking service is a must for better speed and reliability. Portainer makes managing Docker super easy, especially with its user-friendly "Stacks" feature. In this post, you'll learn step by step how to:

VaultWarden Docker Setup: MariaDB, Portainer & Nginx

VaultWarden is a lightweight, open-source Bitwarden server. Deploying it on Docker with Portainer and securing it via Nginx Proxy Manager ensures easy access, security, and maintenance for your password manager. While MariaDB isn’t officially supported instead of SQLite, experienced users can try it