It’s pretty simple to set up. Generate CA, keep key and other private stuff stored securely, distribute public part of CA to whoever you want and sign all the things you wish with your very own CA. There’s loads of howtos and tools around to accomplish that. The tricky part is that manual work is needed to add that CA to every device you want to trust your certificates.

And given how “fast” IPv6 adoption has been, switch to something non-IP based is not going to happen any time soon.

Also, while I kind of get the idea author is talking about, pulling random addresses out of thin air and managing routing for that, even on a small scale, is going to have a crapload problems. Without subnet hierarchy with routes, gateways and stuff would mean something like globally broadcasted ARP packets and absolutely massive routing tables on endpoints. Plus with that approach the reslience of IP-networks would be lost (or routing tables would need to grow even more).

Also there’s some pretty big issues with malicious actors on the network, incompatibility with every router on planet and a ton more. What that kind of approach working globally would need is some scifi-level networking without latency or bandwidth limitations.

RTT is just ‘a bit’ slower than via usual transfer channels.

because it’s fun to gamble as to how many seconds it will take to pull up the start menu this time.

I also like how it randomly brings up some random website first instead of an installed application I’m looking for. Corporate policy says windows, so I get paid to deal with it, but it helps only so much.

Thanks. Unfortunately, even if ddrescue reported that it got all of the data, the situation didn’t change after writing that to a known good card. I’ve been busy with other stuff so new server is still missing z-wave stuff, but at least everything else was nicely restored from a backup.

RPi came before Proxmox and I just kicked the migration further down a road a bit too long. Also, specially at the start, I didn’t want to have anything ‘quality of life’ critical stuff running on proxmox since it is (was) kind of my own sandbox to mess around with.

I didn’t know raspberry supports that. Searching for ‘atv remote’ just brings up androind apps, so maybe I misunderstood. Neat thing, but the hardware I have doesn’t support it and seems like usb-cec adapters are more expensive than usb-hid remotes.

I’d rather have a physical remote which acts as a keyboard so it’ll support waking the system up from suspend. Plus I prefer a dedicated device for that instead of a phone as I’m not a only user for the thing. There’s plenty of those around, only problem is to find one that works reliably and local stores don’t seem to have a lot of options so I might need to dig one up on ebay even if it’s a bit of a PITA to order from China to EU today with customs.

I installed Jellyfin on my server and threw kodi on a minipc I dug out of dumpster pile at work. Works pretty well, but my server needs more RAM and the minipc needs either a wireless keyboard or a USB-HID remote controller to finalize the setup. Also ran some wiring in the house and added two network sockets to a room where the whole kodi-tv-gamingpc-whatever-pile is going to live.

On the server RAM I found some on ebay, but if anyone is interested on 64G DDR4 ECC DIMMs I have a few. I thought they were supported on my server motherboard when I took them out from a old server at work but it supports only up to 32G ECC dimms.

How you imagine things send messages to reset your passwords, sending notifications and whatever is currently managed via email than some piece of code creating and sending messages, managing possible errors with them and potentially also monitoring/logging the message traffic for statistics or debugging?

User adoption matters if you want your thing to be actually useful for the actual users. And supporting any messaging system requires effort, so it makes sense to spend limited resources on a thing which has the biggest userspace. If you want to run matrix server which has you and your dog using it, go ahead, but don’t be surprised if you want to contact your neighbor and he’ll look like you have two heads when you start to explain how to reach you.

It’s a crapload more work to support XMPP/Matrix/whatever messaging on any platform than…SMTP

It’s absolutely not.

And you know this since you’ve written code to manage both on different environments, right?

Also, whatsapp supports all kinds of “bots” and it has absolutely massive userspace compared to pretty much any other instant message application. It doesn’t matter if you create the perfect protocol and platform for this kind of thing if there’s 7 people globally using it.

It’s a whole lot less work than configuring email.

It’s a crapload more work to support XMPP/Matrix/whatever messaging on any platform than just using a robust, reliable, resilient, widely supported good old SMTP. For you it might be easier to input your account (which at least on XMPP resemble quite a bit of email address) but for the developer it’s totally different thing. Also practically everyone accessing a website has an email address and if they’d decide to support some mesaging platform it’d make more sense to use whatsapp than XMPP since it’s vastly more popular.

Self hosting is not just one thing. You are system adminstrator, network engineer, security specialist, service architect and many other things, specially if you expose anything to anyone outside your very private network. And to get anything even running on that complex mess requires some knowledge on a lot of things. Making them run securely with proper backups requires even more knowledge on things.

Sure, you can just throw some docker images on your old desktop and be happy, even forward ports from the public internet to your things if you like. But that exposes your stuff to quite a lot of dangers and if you just click buttons without any understanding you’ll soon be a part of a botnet or lose your data or lose money if someone decides to mess around with your home automation or something else.

I get what you’re saying, not all of us are very polite and answers can be pretty harsh, but more often than not the generic idea behind those answers is not trying to be an asshole or gatekeep anything. It’s just that there’s a skillset you need to build things safely and if it’s clear from the start that someone looking for answers is way over their head it’s better for everyone to get them take a step back and learn instead of trying to create a meaningful answer since there’s too many variables or it’d just take immense effort to write down comprehensive guide on what to do, why and how for everything from the ground up.

I know for a fact that in my area there’s a bunch of surveillance cameras, home automation stuff and even some farm equipment directly open to the public network just because someone just plugged things in without any idea on the whole picture. Sometimes the correct answer is ‘stop shooting yourself on the foot and learn the basics first, then come back’.

Just for the sake of conversation, I recently did some crude math on this. I have few friends around who are well capable of running a backup server for me (hardware maintenance and stuff is always needed anyways) and at first it seemed like a good plan. Just get a 4TB SSD/NVME and throw that on a Raspberry Pi (or something small to keep electricity consumption low and setup silent), set up encryption, connect that to my network with wireguard or some other VPN and let it do it’s thing.

But I’d need to purchase everything as setting up a remote location with old hardware is just asking for trouble. The drive alone is 300€ (give or take) and the rest is easily another 100€. Currently my storagebox costs ~10€/month for 5TB. Even if I scored a fantastic black week offer and got everything for -50% discount that hardware with multiple single point of failures would cost nearly 2 years worth of cloud backups. And I’d still owe at least few beers to the friend for the trouble.

Your mileage may obviously vary, there’s a million different scenarios, but for me with my current setup it just makes sense to pick couple cloud providers and let them store my bits instead of getting more hardware to maintain and upgrade.

With backups two is one and one is none, so you are very much in a right track. Personally I have my stuff running on proxmox VMs with a proxmox backup server (VM as well) storing backups to Hetzner Storagebox. I’m planning to set up a another host in garage to have “local” backups too, as mine is detached as well the risk of both going up in flames in event of fire is pretty low. However, a voltage spike due to lightning on the grid or something else might blow up both hosts so that’s a threat model to be aware of. Also if your connection to garage is over copper it can cause other problems, fibre or wireless is highly recommended.

With backups it’s largely about the bandwidth available. I personally have enough so uploading to cloud is not an issue, but backing up a terabyte of data over 10Mbps connection might not work out at all.

For more info search for 3-2-1 strategy, that should give you plenty of ideas what you need to think about and what are industry best practises about making sure backups are in order.

I’m also looking to learn about esp32 and I’m just sanity checking that this is a reasonable thing to do with one.

It sure can do what you’re after. Most likely not on it’s own, you’ll need a mosfet or a transistor as esp32 likely can’t handle the current your light uses. There’s plenty of tutorials on how to do the electronics, but cat least you need a mosfet with gate voltage below 5V and a resistor, both are very cheap. Just be careful with the esp32, it’s pretty easy to accidentally kill it with a short circuit or miswire.

And while you’re at it, esp32 can manage a ton of stuff beyond just blinking an led. You can add light/temperature/movement/whatever sensors, a button to manually toggle the light and whatever else you might think is useful and/or fun to have. It’s pretty much a generic purpose computer after all.

If I browse a piece of software from play store and click ‘install’ it’s “installing” and if I do the very same with F-droid it’s suddenly “sideloading”. Fundamentally every language is just made up, but on this occasion the newly coined term is used to obfuscate things and attempting to paint things something they are not.

I can claim all day that grass is blue and sky is green, but no one will take me seriously. Same thing should happen with ‘sideloading’ vs 'installing. Or if you really insist, sideloading might be something like injecting code to a system in a way which is not normally possible, like how some rootkits for devices work. But ‘sideloading’ is very different from ‘installing’ and installing anything on a general purpose computer doesn’t include any particular tool (like play store). I can install things on my workstation with ‘apt-get install’ or from source via ‘make install’, but the end result is still that a piece of software was installed.

Give users that choice

That’s the one thing they want to get rid of. Security and other bullshit is just a theater around it to get validation for even bigger walls for their garden.

Whole thing is well worth a read, but just from the title alone I was ready to write a long rant about the term ‘sideloading’. Gladly that’s covered on the text too:

It bears reminding that “sideload” is a made-up term. Putting software on your computer is simply called “installing”, regardless of whether that computer is in your pocket or on your desk.

Where in the FUCK in Outlook currently is an option to use preformatted text? It’s not a style I could pick nor I could find an option to make my own. I send copy-paste from terminal every now and then and if it’s formatted like normal text it’s nearly useless. It used to be a text style I could pick, but this new-new-new-classic-new outlook doesn’t have it anymore.