+1 for Proxmox, has been a fun experience as there are plenty of resources and helper scripts to get you off the ground, jellyfin was the first thing I migrated from my PC, hardware encoding may give you a bit of a tussle but nothing unsolveable. Also note Proxmox is Debian under the hood, so you may find it easy to work with. I looked into unraid, it seems great if all you’re doing for the most part is storage, if you want Linux containers and virtual machines, proxmox js your bet.

I got a small 4 bay 2U server from a friend on the cheap, 1000$ should get you relatively nice new or slightly older used hardware. Even just a PC with a nice amount of drive bays will get you started. And drives are cheap, a raid 1 setup was one of the things I did.

In the end I’ll likely get a separate NAS rack server just to segregate functions, but as of now I simply have a Proxmox LXC mounted to my NAS drives and runs samba to expose them.

Tailscale is a nice set and forget solution for VPN access, I ended up going the route of getting an SSL certified domain and beefing up my firewall a bit. The bit I’ve messed with it it certainly has a learning curve greater than openvpn, but is much more hardened and versatile.

As for pihole, I’ve found AdGuard Home to be just about a suitable replacement, and can be installed along openwrt, though I have a bit of an unconventional router with 512MB of RAM so YMMV

I got a 1U 32GB and a 4 core Xeon for 20$, you just have to make at least 3 more posts

Appreciate the further reading! It’s been a fun rabbit hole and as I see it just keeps going.

Being newer to all this, I’m very hesitant to fully open to the public, especially security wise, as I don’t think too cautious is a thing. What are maybe a few things you had wished you’d known from the start? And pardon me if you have a good read I haven’t gotten to yet 😅

Edit: just read your importance of security post, that’s quite a fright! Thank you for posting of such an incident, it’s invaluable to have mistakes to learn from

Just getting started in my first year of having a homelab running, I really appreciate little insights like these as I am still fairly without direction in the field.

I’d love to hear your thoughts on activitypub and how that may affect personal networking and connectivity in the future, as I see you have your blog tied to your instance, maybe a general guide for some footsteps to follow. Cheers!

Hey yes, add a person for each person you want to have access, only have yourself as admin that way they wont have direct access to entities.

Now you can use either conditional dashboards, or conditional cards to control what utilities are available to users. For example, my dashboards home screen shows general controls for everyone, but conditionally shows light controls to each user on the same page. I then have myself an admin dashboard with server controls, etc.

For the garage, that was an issue I sought to avoid, a simple automation that closes the garage if it has been opened for too long, and a toggle for that function as well as garage notifications seem to be plenty.

Only one incident where my jerry-rigged Shelly relay remote had the sensor switch miss, and the auto close - thinking the garage was open - opened the garage. I added an error state so that it would attempt to close again and notify if the garage is open after autoclose, which works if its blocked as well. All of this because MyQ doesnt provide local or API access lol

Edit: turns out I may be wrong about entity access, which is a bit of a shame, hopefully we can see that in a future update.

I was attempting this, but TP link doesnt actually care to tag their different SSIDs to vlans and don’t provide the configuration to, I only found that their guest may be tagged on some models. Just a word of caution, I think I’ll have to use IP range filters to achieve this

I was genuinely concerened I had a skill issue with NC, glad I’m not alone

Its so weirdly addictive, started with proxmox, then to home assistant, now I have frigate handling PoE cameras, every bedroom has a morning alarm light automation, the vacuum starts itself, its ridiculous

Thats actually a brilliant idea, a little Macgyver, but certainly what I’m needing, thank you!

Not that its necessary but I would assume I would need per user automations and templates to be able to append a name and add that to a main message todo, a little over what I have time for

Hey don’t mean to hijack, I know tailscale isnt necessarily a tunnel (correct me if I’m wrong) but does it provide the typical issues with apps like android auto not working while connected to a VPN?

Hey I just went through google hell, make sure you are the Nest owner account, the project ID from the cloud page and the project ID from the nest page are whats needed on the last step, and at this part for me it still errored out after the redirect but did integrate nest.

You also as far as I am aware need external access with HTTPS set up, Porkbun was a breeze and I got myself a 10$/y .dev domain, and for that you will need to be able to open ports on your router. Honestly everything networking was easy compared to getting Google to play nice.

Also also its easiest if your browser session only has one Google account logged into it, good luck!

Thank you very much for that final note, I just love misleading marketing tactics and actually may not have noticed. Cheers!

Issue is assigning static IPs to devices like nest cameras and the dubiously branded vacuum cleaner, NAT alone should be enough to restrict connection even if the adapter its on is configured as lan then? Im a little in over my head as far as routing goes, wanting to self host some web server and I want to take as many precautions as necessary (maybe even overkill)

For me what is most ironic is I probably would’ve never went out of my way to start downloading some emulators and ROMs until hearing about all these kerfuffles

Laws written before the digital age regulating digital age things are the best.

Feels like a good part of the reason for Usenet to begin, I would like to try but I feel some bit obliged to provide for as long as I’m able. Thanks for your rundown, internationally differing laws are confusing

And lets be honest, a lot of us were once in the boat of at least not being able to seed back. With the content I seed I see it more as a preservation service…

Family and friends requesting even couple years old shows that just arent available in this region or what be it like come on, its the digital age, I can message someone halfway around the world but I can’t watch some movie because someone wants the most nickel and dime. /rant

I don’t expect any of them to know what bittorrent is, if it brings them joy when there may be no other option, that is what this is for afterall

You’re doing the Lord’s work, thank you for your service o7

Yessir, and frankly I’m caring a lot more for the torrents that are barely breathing on public trackers, its made me a little sad seeing how inaccessible some content can tend to get, but to be fair I haven’t sailed the deep end with private trackers or anything yet

I inadvertently quoted Starship Troopers (which I should download…) which seemingly poked one of nutsacks neurons wrong. My apologies

Thank you very much, until I start getting thin on content from public trackers I think I’ll stick to torrents, especially if the bar of entry is lower, I’m in a good situation to seed so I might as well bring that to others

I am curious over the legality, is it in a way that the provider is storing the whole file just obfuscated? My (rather poor) understanding is that torrents work because the file pieces are distributed