The month of March has been very eventful. At first, I was looking into whether I should split the Windows Server VM into 2-3 different VMs instead:
https://forums.servethehome.com/index.php?threads/windows-vm-split-up.43482/
During this brief period, I was also reviewing some security policy changes/software patches that were suggested in ManageEngine Endpoint Central. One of the software patches were for MariaDB, which would require me to check version compatibility with each app/service accessing it. Knowing my luck, things were bound to get complicated on day 5.
I then found multiple pages from iXsystems, stating that it's safe to virtualise TrueNAS Scale. I'd already spent money on the DL380 Gen9 for that, but I guess there's no use getting peeved about that. This simply means that I can get away with one less physical server in my rack (and less power draw), so there is a plus side to it. Most of the monetary loss is still there, but I can at least use the SSDs (and the discrete HBA) planned for it elsewhere.
On that same day, the VM for Project:ArcZ also threw warnings related to deprecated options/hooks in image build config file (initcpio). The older Artix OpenRC VM did not give the same warning. I got help from a contact on Discord, to correct the deprecated config parameters. Two days later, I was installing a service pack for Endpoint Central.
The next day, I was testing the Nextcloud Social app, and found out that I finally had to configure .well-known/webfinger (CardDAV/CalDAV related) for the instance. I started looking into how to edit the Nextcloud container's config for it. Attempts for this concluded on the 21st. I committed changes to the .htaccess file in Nextcloud itself, and the subdomain > custom location(s) in NGINX Proxy Manager (reverse proxy). Both methods did not work, leaving me with no clear path forward. I'll have to leave self-hosting federated services for later.
Five days later, I was reviewing FreePBX extension configs when I decided to buy more DID numbers to use in FreePBX. I also attempted to install Sunshine gamestream server via MacPorts, only for it to fail at the installation step. I'll have to look into that later as well.
Four days later, I was advised to move /boot/efi to its own dedicated partition (/efi) while updating GRUB on Project:ArcZ. I spent the next 2 days working on it, with help from the same Discord contact. At this point, if you couldn't tell, they're pretty amazing Still need to write a pacman hook for auto-generating GRUB configuration whenever GRUB gets updated. I then started work on a dedicated VoIP VLAN for FreePBX the next day. Work for this concluded on the 22nd.
After that, I was applying and testing more security policy changes through Endpoint Central. On the 25th, I decided to remove the * (wildcard) user from SoftEther VPN, due to the rapid increase in reported software vulnerabilities. Now, each VPN user has to be explicitly defined with an AD-linked account. On the 26th, I started clearing out TimeShift backups on the Artix OpenRC VM (backup partition ran out of space for new backups).
This morning, the Windows Server VM reported an unexpected shutdown from the previous night -- even though I had issued the last shutdown command myself. I checked the Event Logs, and found multiple warning/error events from yesterday and today. Investigation and remediation for it is ongoing...